0x9)
r2 = mq_open(&(0x7f00000007c0)='\xc4fdn/\xda\x1ag\x92\x05\xdb\xe7\xf2\xaa5T\xb5\x0e@\xa5\x15M\x1b\xec\xbf\x97\x05\x00\x00\x00\x00\x00\xec\xa6t\xd7\x01\x81\xa7\x81\xc9\x8dNK\x02K\x89\xcc\xfd\xd4n\x06\x8e\xd3{\t\x1d\xf5f\x9e_\xb5sF\x90\xe0\xf4\xfc\xa7\x9a\x16{\x87K<\"\xb9\xea\xb3\xefh\xfd\v$\xda\xe8x\x1e\xe1\x97S)0q\xd3\xa0|\xe5\xd1\xd88\xfcZK.t\xe9\x831\xc9\xd9K\x9a\xfe\x14\x14yu\x86\xb2O\xffOO\xe4/\xb0\xc9\xbbB\x99\v\x19\x06\x95\xb5\xd3r\r\x91d0\x9b\xb8-\xbbx\xaf\x051*\x01\xa7\xfb\\\xc4\x1f\x1f\x81\x98\x9b\x1dz\xbc\xd2\xcdc\xa3\xda\xa0\x85\xccb\xe2\'\x04\xf3>\xc1f\xf0\xc5R\x04C\xbb\x9a\x94\xb6Si\x80\xf9\x02\xcans\xee(\x8f\xf8\xfb\xcf$YhQ\b\xa1:.\xc1O\xc8\x885\xf6V\xb8\xb3\x00}\xe4\x11`[\xda(\x94\xd7\r\x1eJ\xeb\x1f\xa4\xde\xd0\x9bo\x94y\x0e&\x01\x90#\xe2\xb3\b\xb0-\n\x90\xb8\x8a\xca\x95\xd2\xf7f\xbf\xdb\xcb~i\"\x98\xa24\xb4*;\xbb\x9f\xea\xf0}^\x16|5\x7fi\xc8\xb4t<s\xe3`\xb0q\xab\xe3[\xda\xc2@\xe0_H`o#\xbbe\xa8,U\xfaR-\xcb\xc4\v\x19vJ\xd8\xe1\xa0[\xd2\xc6\xe4\x84\x1f\xb1?\x01\x1b\xff\x11P\xc0I\x1b\x80\xfe(\x06\x82\xda\xd5SnH\xae\x94\xba%\x06\xbe\xc1\xe8\xb5\xb7-{\x89v\r$c\xc0l\xd2\x96q\xfa*?\x8c\xa7~[j3\x80e U/L_\x97\x0e\x80\x15R\xb5XM\x8b\xde\xcc\xcb\xfc&\x8e\xab\xa7\x14\xf3\xeb\x93\xcc\x0e\x8eo\xda\x99W\xa5\xb3JF\x98\xa7b\xc7\xbe\xb0\xea\xf4\xc0\x9c\x1d\x18\xc9whq\xf7S\f5\xc9/\xb8\x8ad\xbc\x8f]>\xfbv:R\xec\x8b\x8d\xa6\a\x8e,\x96\x8f|W@{\x99w\x1fD\x90\xc3k\x925\r\xa4T\x91\x1a}\x14\x87Q\xdd\xac@6XOC5\xa5\xdcj\xddG\x16w\xbc\xe1\xb7\x19\xd6n1\x84m\xc5\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x40, 0x83, &(0x7f0000000200)={0x6, 0x4, 0x4, 0x1})
write$binfmt_elf64(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="7f454c460104000100000000000000c0030003008c01000009010000000000004000000000000000a70300000000000000800000040038000200070001010500000000700000000008000000000000000900000000000000010000000000000001000000000000003d00000000000000090000000000000051e57464010000000400000000000000000000000000000000000000000000000300000000000000010000000000000006000000040000004f96338ba86e73dfe44ee0f43ab046f63282228a899c796de403b7cdc51e00bd5222da942c52349e338c9f38cf00864cec4c272653ef65cfc48b4a049be7f0e33406e7c056006b104e6bd0d9b03d1734627bcf5e67a9bbda831e1dd7d8ae93c8038162605cd2ad2e5d9e7bc449c8b941d8f05aa7544be2f4c333ce52065cc196dffa62f6265d5d8cda213114f428de04e2404de639d40ea3a405e66db71b4aaf5f52c8152fb492d4f94fd9027300d931185efd044aee2b9937b6cf911e1fd0a2b3f1761c2274e0899b33cde9a27706f7a33304ac5188604c684acdc763a8795c537bef3a5ee28d49bd280b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100"/658], 0x299)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000240)={'ip6tnl0\x00', &(0x7f00000001c0)={'syztnl2\x00', 0x0, 0x2d, 0x4, 0x1, 0x7ff, 0x0, @local, @private1, 0x8000, 0x20, 0x1f}})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000040)={@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}, 0x7})
inotify_init1(0x0)
ioctl$BTRFS_IOC_SCRUB_CANCEL(r0, 0x941c, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0)
pipe(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'ipvlan0\x00'})
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, &(0x7f0000000080)=0xc0)
r5 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$HIDIOCINITREPORT(r5, 0x550c, 0x20000000)
ioctl$PERF_EVENT_IOC_PERIOD(r4, 0x40082404, &(0x7f0000000000))
mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}})

[ 1848.026007] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1848.026007]    program syz-executor.6 not setting count and/or reply_len properly
[ 1848.051310] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1848.051310]    program syz-executor.5 not setting count and/or reply_len properly
01:19:34 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 38)

01:19:34 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x80}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$urandom(0xffffffffffffff9c, &(0x7f0000002ec0), 0x0, 0x0)
r0 = socket$inet(0x2, 0x3, 0x6)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r0, 0x84009422, &(0x7f0000000180)={0x0, 0x0, {}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}})
connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000000), 0x400000d, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$TCPDIAG_GETSOCK(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)={0x4c, 0x12, 0x501, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, {0xffff}}}, 0x4c}}, 0x0)
ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r1, 0x4008941a, &(0x7f0000000000)=0x2)

01:19:34 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r6=>0x0, &(0x7f0000000300))
setresuid(0x0, r5, r6)
fork()
setreuid(r4, r4)

01:19:34 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400300021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:19:34 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000020010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:19:34 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x6, 0x1, 0x5, 0x0, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:19:34 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02430030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 1861.927559] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1861.927559]    program syz-executor.4 not setting count and/or reply_len properly
[ 1861.935791] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=6 sclass=netlink_route_socket pid=23298 comm=syz-executor.2
01:19:34 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0005abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 1861.948216] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1861.948216]    program syz-executor.1 not setting count and/or reply_len properly
[ 1861.960499] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1861.960499]    program syz-executor.6 not setting count and/or reply_len properly
[ 1861.965081] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 1861.973053] FAULT_INJECTION: forcing a failure.
[ 1861.973053] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1861.976083] CPU: 1 PID: 23294 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 1861.977706] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1861.979654] Call Trace:
[ 1861.980172] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1861.980172]    program syz-executor.5 not setting count and/or reply_len properly
[ 1861.980282]  dump_stack+0x107/0x167
[ 1861.980312]  should_fail.cold+0x5/0xa
[ 1861.985380]  __alloc_pages_nodemask+0x182/0x600
[ 1861.986497]  ? __kmalloc+0x16e/0x390
[ 1861.987398]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 1861.988853]  ? trace_hardirqs_on+0x5b/0x180
[ 1861.989948]  alloc_pages_current+0x187/0x280
[ 1861.991000]  sg_build_indirect.isra.0+0x2f5/0x710
[ 1861.992164]  sg_common_write.constprop.0+0x992/0x1a30
[ 1861.993432]  ? sg_build_indirect.isra.0+0x710/0x710
[ 1861.994647]  ? vprintk_func+0x93/0x140
[ 1861.995599]  ? printk+0xba/0xf1
[ 1861.996391]  ? record_print_text.cold+0x16/0x16
[ 1861.997515]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 1861.998739]  ? trace_hardirqs_on+0x5b/0x180
[ 1861.999802]  sg_write.part.0+0x69e/0xaa0
[ 1862.000804]  ? sg_new_write.isra.0+0x770/0x770
[ 1862.001934]  ? find_held_lock+0x2c/0x110
[ 1862.002953]  ? __might_fault+0xd3/0x180
[ 1862.003915]  ? lock_downgrade+0x6d0/0x6d0
[ 1862.004940]  ? _cond_resched+0x10/0x30
[ 1862.005885]  ? inode_security+0x107/0x140
[ 1862.006892]  ? avc_policy_seqno+0x9/0x70
[ 1862.007887]  ? selinux_file_permission+0x92/0x520
[ 1862.009063]  ? iov_iter_advance+0x23b/0xec0
[ 1862.010137]  sg_write+0x87/0x120
[ 1862.010966]  do_iter_write+0x4f0/0x700
[ 1862.011928]  ? import_iovec+0x83/0xb0
[ 1862.012863]  vfs_writev+0x1ae/0x620
[ 1862.013647]  ? vfs_iter_write+0xa0/0xa0
[ 1862.014483]  ? __fget_files+0x2cf/0x520
[ 1862.015320]  ? lock_downgrade+0x6d0/0x6d0
[ 1862.016200]  ? find_held_lock+0x2c/0x110
[ 1862.017060]  ? ksys_write+0x12d/0x260
[ 1862.017879]  ? __fget_files+0x2f8/0x520
[ 1862.018732]  ? __fget_light+0xea/0x290
[ 1862.019569]  do_writev+0x139/0x300
[ 1862.020330]  ? vfs_writev+0x620/0x620
[ 1862.021149]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1862.022274]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1862.023379]  do_syscall_64+0x33/0x40
[ 1862.024172]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1862.025270] RIP: 0033:0x7f04ef0deb19
[ 1862.026079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1862.030039] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 1862.031679] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 1862.033220] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 1862.034775] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 1862.036318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1862.037875] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:19:34 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000030010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:19:34 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0006abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:19:34 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400b60021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:19:34 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02448030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:19:34 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000080010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 1862.178359] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1862.178359]    program syz-executor.5 not setting count and/or reply_len properly
[ 1862.206944] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1862.206944]    program syz-executor.6 not setting count and/or reply_len properly
[ 1862.210783] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1862.210783]    program syz-executor.5 not setting count and/or reply_len properly
[ 1862.290685] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 1862.293211] raw_sendmsg: syz-executor.7 forgot to set AF_INET. Fix it!
01:19:47 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 39)

01:19:47 executing program 7:
sendmsg$NL80211_CMD_JOIN_IBSS(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000140)={&(0x7f0000000040)={0xd8, 0x0, 0x800, 0x70bd27, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_IE={0x92, 0x2a, [@random_vendor={0xdd, 0x75, "e0eff9b17e307a912ec510b862859fc9b3b04bf6aa0c4fa3db25108d91f60924277856da70846bca300b4f8e9378e4d29fa235175f5bec9c138da238156d7da7a096ab1ab0ecbdb7dfaf4568b5897d4324f9642ef28380f59feb238bb5752a1fa0ea332f0d87119819eab5d0cb72138d006f2dfc4b"}, @link_id={0x65, 0x12, {@from_mac=@device_b, @broadcast}}, @supported_rates={0x1, 0x1, [{0x36, 0x1}]}]}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_BSS_BASIC_RATES={0x1e, 0x24, [{0x9}, {0x48, 0x1}, {0x60}, {0xc, 0x1}, {0x5}, {0x18, 0x1}, {0x18}, {0x5}, {0x70}, {0x60}, {0x30, 0x1}, {0x6, 0x1}, {0x18}, {0x2, 0x1}, {0x1}, {0x48, 0x1}, {0x3c}, {0x24}, {0x60, 0x1}, {0x60, 0x1}, {0x24}, {0x4, 0x1}, {0x4}, {0x24}, {0x9}, {0x1, 0x1}]}, @NL80211_ATTR_CONTROL_PORT={0x4}, @NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, @random=0x3f}]}, 0xd8}, 0x1, 0x0, 0x0, 0x2000c000}, 0x8000)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)

01:19:47 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030009206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:19:47 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CLOSE={0x13, 0x1, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syz_tun\x00'})
stat(&(0x7f0000000280)='./file0/file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
setresuid(0xffffffffffffffff, r5, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r7=>0x0, &(0x7f0000000300))
setresuid(0x0, r6, r7)
r8 = fork()
setreuid(r5, r5)
prlimit64(r8, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

01:19:47 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c045503000200000000fffffff5010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:19:47 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x7, 0x1, 0x5, 0x0, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:19:47 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0007abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:19:47 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe0244c030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 1874.571041] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1874.571041]    program syz-executor.1 not setting count and/or reply_len properly
[ 1874.573325] FAULT_INJECTION: forcing a failure.
[ 1874.573325] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1874.574781] CPU: 1 PID: 23440 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 1874.575572] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1874.576524] Call Trace:
[ 1874.576839]  dump_stack+0x107/0x167
[ 1874.577258]  should_fail.cold+0x5/0xa
[ 1874.577709]  __alloc_pages_nodemask+0x182/0x600
[ 1874.578244]  ? __kmalloc+0x16e/0x390
[ 1874.578674]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 1874.579368]  ? trace_hardirqs_on+0x5b/0x180
[ 1874.579868]  alloc_pages_current+0x187/0x280
[ 1874.580379]  sg_build_indirect.isra.0+0x2f5/0x710
[ 1874.580941]  sg_common_write.constprop.0+0x992/0x1a30
[ 1874.581539]  ? sg_build_indirect.isra.0+0x710/0x710
[ 1874.582138]  ? vprintk_func+0x93/0x140
[ 1874.582588]  ? printk+0xba/0xf1
[ 1874.582969]  ? record_print_text.cold+0x16/0x16
[ 1874.583523]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 1874.584106]  ? trace_hardirqs_on+0x5b/0x180
[ 1874.584624]  sg_write.part.0+0x69e/0xaa0
[ 1874.585103]  ? sg_new_write.isra.0+0x770/0x770
[ 1874.585646]  ? find_held_lock+0x2c/0x110
[ 1874.586145]  ? __might_fault+0xd3/0x180
[ 1874.586611]  ? lock_downgrade+0x6d0/0x6d0
[ 1874.587105]  ? _cond_resched+0x10/0x30
[ 1874.587561]  ? inode_security+0x107/0x140
[ 1874.588048]  ? avc_policy_seqno+0x9/0x70
[ 1874.588524]  ? selinux_file_permission+0x92/0x520
[ 1874.589098]  ? iov_iter_advance+0x23b/0xec0
[ 1874.589609]  sg_write+0x87/0x120
[ 1874.590020]  do_iter_write+0x4f0/0x700
[ 1874.590478]  ? import_iovec+0x83/0xb0
[ 1874.590929]  vfs_writev+0x1ae/0x620
[ 1874.591361]  ? vfs_iter_write+0xa0/0xa0
[ 1874.591827]  ? __fget_files+0x2cf/0x520
[ 1874.592293]  ? lock_downgrade+0x6d0/0x6d0
[ 1874.592782]  ? find_held_lock+0x2c/0x110
[ 1874.593266]  ? ksys_write+0x12d/0x260
[ 1874.593731]  ? __fget_files+0x2f8/0x520
[ 1874.594204]  ? __fget_light+0xea/0x290
[ 1874.594661]  do_writev+0x139/0x300
[ 1874.595075]  ? vfs_writev+0x620/0x620
[ 1874.595522]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1874.596147]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1874.596754]  do_syscall_64+0x33/0x40
[ 1874.597191]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1874.597802] RIP: 0033:0x7f04ef0deb19
[ 1874.598239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1874.600410] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 1874.601310] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 1874.602155] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000008
[ 1874.603001] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 1874.603850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1874.604691] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
[ 1874.613939] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1874.613939]    program syz-executor.5 not setting count and/or reply_len properly
[ 1874.617605] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=7 sclass=netlink_route_socket pid=23448 comm=syz-executor.2
[ 1874.625930] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1874.625930]    program syz-executor.5 not setting count and/or reply_len properly
[ 1874.632085] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1874.632085]    program syz-executor.4 not setting count and/or reply_len properly
[ 1874.637241] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1874.637241]    program syz-executor.6 not setting count and/or reply_len properly
01:19:47 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0009abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 1874.680268] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=7 sclass=netlink_route_socket pid=23454 comm=syz-executor.2
[ 1874.690383] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1874.690383]    program syz-executor.5 not setting count and/or reply_len properly
01:19:47 executing program 7:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0)}, 0x102e0, 0x0, 0x800400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x100000)
r1 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r1, &(0x7f00000000c0)=@IORING_OP_STATX={0x15, 0x1, 0x0, 0xffffffffffffff9c, &(0x7f0000000280), &(0x7f0000000040)='./file1\x00', 0x0, 0x100}, 0x4)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r4, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r5=>0x0, &(0x7f00000000c0)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x0, 0x0, 0x0, 0x0, 0x12345}, 0x7)
copy_file_range(r3, 0x0, r2, 0x0, 0x10001, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r2, r7, 0x0, 0x20d315)
syz_io_uring_submit(0x0, r1, &(0x7f0000000100)=@IORING_OP_WRITE={0x17, 0x2, 0x6000, @fd=r2, 0x6, &(0x7f00000003c0)="7882ed7de42f5f9075bee8569d058bfb64df222d247691da772d71394d2669afef19043cdfdc169a520df0003564c6746941f7ab911fd66567b603a244c2a7444bea646c570d127e90bfd816ab63bb19a8aa510b651f6f95938f4551d7069e17a6683c0088afae069c8d8c48e14b5cd78623ee6d078e0a87352138bdcb948b559fadc368c1e06b356055a3252008bfe2f1d49f7234b1", 0x96, 0x1}, 0x0)

01:19:47 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c045503000200000000ffffefff010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 1874.720918] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1874.720918]    program syz-executor.5 not setting count and/or reply_len properly
01:19:47 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 40)

01:19:47 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030221206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:19:47 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x8, 0x1, 0x5, 0x0, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:19:47 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02468030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 1874.797711] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1874.797711]    program syz-executor.1 not setting count and/or reply_len properly
[ 1874.805705] FAULT_INJECTION: forcing a failure.
[ 1874.805705] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1874.807173] CPU: 1 PID: 23545 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 1874.808009] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1874.808959] Call Trace:
[ 1874.809269]  dump_stack+0x107/0x167
[ 1874.809694]  should_fail.cold+0x5/0xa
[ 1874.810137]  __alloc_pages_nodemask+0x182/0x600
[ 1874.810673]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1874.811293]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 1874.811986]  alloc_pages_current+0x187/0x280
[ 1874.812498]  sg_build_indirect.isra.0+0x2f5/0x710
[ 1874.813059]  sg_common_write.constprop.0+0x992/0x1a30
[ 1874.813652]  ? sg_build_indirect.isra.0+0x710/0x710
[ 1874.814233]  ? vprintk_func+0x93/0x140
[ 1874.814681]  ? printk+0xba/0xf1
[ 1874.815059]  ? record_print_text.cold+0x16/0x16
[ 1874.815593]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 1874.816173]  ? trace_hardirqs_on+0x5b/0x180
[ 1874.816679]  sg_write.part.0+0x69e/0xaa0
[ 1874.817147]  ? sg_new_write.isra.0+0x770/0x770
[ 1874.817685]  ? find_held_lock+0x2c/0x110
[ 1874.818157]  ? __might_fault+0xd3/0x180
[ 1874.818613]  ? lock_downgrade+0x6d0/0x6d0
[ 1874.819098]  ? _cond_resched+0x10/0x30
[ 1874.819546]  ? inode_security+0x107/0x140
[ 1874.820021]  ? avc_policy_seqno+0x9/0x70
[ 1874.820487]  ? selinux_file_permission+0x92/0x520
[ 1874.821043]  ? iov_iter_advance+0x23b/0xec0
[ 1874.821544]  sg_write+0x87/0x120
[ 1874.821947]  do_iter_write+0x4f0/0x700
[ 1874.822395]  ? import_iovec+0x83/0xb0
[ 1874.822834]  vfs_writev+0x1ae/0x620
[ 1874.823257]  ? vfs_iter_write+0xa0/0xa0
[ 1874.823720]  ? __fget_files+0x2cf/0x520
[ 1874.823792] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8 sclass=netlink_route_socket pid=23574 comm=syz-executor.2
[ 1874.824178]  ? lock_downgrade+0x6d0/0x6d0
[ 1874.824187]  ? find_held_lock+0x2c/0x110
[ 1874.824201]  ? ksys_write+0x12d/0x260
[ 1874.824220]  ? __fget_files+0x2f8/0x520
[ 1874.828581]  ? __fget_light+0xea/0x290
[ 1874.829032]  do_writev+0x139/0x300
[ 1874.829443]  ? vfs_writev+0x620/0x620
[ 1874.829891]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1874.830492]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1874.831088]  do_syscall_64+0x33/0x40
[ 1874.831517]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1874.832105] RIP: 0033:0x7f04ef0deb19
[ 1874.832534] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1874.834664] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 1874.835538] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 1874.836350] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 1874.837165] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 1874.837991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1874.838812] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
[ 1874.851631] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1874.851631]    program syz-executor.6 not setting count and/or reply_len properly
01:19:59 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x9, 0x1, 0x5, 0x0, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:19:59 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="000dabe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:19:59 executing program 7:
socketpair(0x2, 0x2, 0x3f, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_RELOAD_REGDB(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r2, 0x1}, 0x14}}, 0x0)
sendmsg$NL80211_CMD_DEL_PMKSA(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x3c, r2, 0x8, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x401, 0x17}}}}, [@NL80211_ATTR_PMK={0x14, 0xfe, "b815aec6e65150f62f7100ae9bf506ef"}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
unshare(0x28020600)
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4317, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdad, 0x0, @perf_bp={&(0x7f0000000300), 0xe}, 0x3024, 0x0, 0x0, 0x0, 0xfffffffffffffff9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r4 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r4, 0x408c5333, &(0x7f0000000000)={0x7f, 0xffffffff, 0x1, 'queue0\x00', 0xffff0001})
unshare(0x48020200)
ioctl$int_in(r3, 0x5452, &(0x7f00000000c0)=0x2890796d)
unshare(0x60500)

01:19:59 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030321206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:19:59 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe0246c030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:19:59 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080)={0x0, 0x0, 0x10}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
bind(r4, &(0x7f0000000240)=@pppoe={0x18, 0x0, {0x1, @local, 'hsr0\x00'}}, 0x80)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
setresuid(0xffffffffffffffff, r5, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r7=>0x0, &(0x7f0000000300))
setresuid(0x0, r6, r7)
r8 = fork()
newfstatat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', &(0x7f0000000340), 0x4000)
setreuid(r5, r5)
prlimit64(r8, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setresuid(0xffffffffffffffff, r9, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_SPLICE={0x1e, 0x3, 0x0, @fd, 0x4f, {}, 0x9, 0x1, 0x1}, 0x7fffffff)
setresuid(r7, r9, r7)

01:19:59 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c045503000200000000ffffffff010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:20:00 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 41)

[ 1887.474588] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1887.474588]    program syz-executor.1 not setting count and/or reply_len properly
[ 1887.479328] FAULT_INJECTION: forcing a failure.
[ 1887.479328] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1887.481006] CPU: 1 PID: 23590 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 1887.481868] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1887.482924] Call Trace:
[ 1887.483256]  dump_stack+0x107/0x167
[ 1887.483709]  should_fail.cold+0x5/0xa
[ 1887.484190]  __alloc_pages_nodemask+0x182/0x600
[ 1887.484765]  ? __kmalloc+0x16e/0x390
[ 1887.485239]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 1887.486003]  ? trace_hardirqs_on+0x5b/0x180
[ 1887.486541]  alloc_pages_current+0x187/0x280
[ 1887.487090]  sg_build_indirect.isra.0+0x2f5/0x710
[ 1887.487695]  sg_common_write.constprop.0+0x992/0x1a30
[ 1887.488339]  ? sg_build_indirect.isra.0+0x710/0x710
[ 1887.488957]  ? vprintk_func+0x93/0x140
[ 1887.489437]  ? printk+0xba/0xf1
[ 1887.489852]  ? record_print_text.cold+0x16/0x16
[ 1887.490426]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 1887.491054]  ? trace_hardirqs_on+0x5b/0x180
[ 1887.491594]  sg_write.part.0+0x69e/0xaa0
[ 1887.492098]  ? sg_new_write.isra.0+0x770/0x770
[ 1887.492663]  ? find_held_lock+0x2c/0x110
[ 1887.493169]  ? __might_fault+0xd3/0x180
[ 1887.493658]  ? lock_downgrade+0x6d0/0x6d0
[ 1887.494187]  ? _cond_resched+0x10/0x30
[ 1887.494666]  ? inode_security+0x107/0x140
[ 1887.495176]  ? avc_policy_seqno+0x9/0x70
[ 1887.495675]  ? selinux_file_permission+0x92/0x520
[ 1887.496270]  ? iov_iter_advance+0x23b/0xec0
[ 1887.496803]  sg_write+0x87/0x120
[ 1887.497225]  do_iter_write+0x4f0/0x700
[ 1887.497708]  ? import_iovec+0x83/0xb0
[ 1887.498187]  vfs_writev+0x1ae/0x620
[ 1887.498634]  ? vfs_iter_write+0xa0/0xa0
[ 1887.499136]  ? __fget_files+0x2cf/0x520
[ 1887.499625]  ? lock_downgrade+0x6d0/0x6d0
[ 1887.500134]  ? find_held_lock+0x2c/0x110
[ 1887.500640]  ? ksys_write+0x12d/0x260
[ 1887.501113]  ? __fget_files+0x2f8/0x520
[ 1887.501608]  ? __fget_light+0xea/0x290
[ 1887.502106]  do_writev+0x139/0x300
[ 1887.502543]  ? vfs_writev+0x620/0x620
[ 1887.502899] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1887.502899]    program syz-executor.6 not setting count and/or reply_len properly
[ 1887.503020]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1887.507072]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1887.507725]  do_syscall_64+0x33/0x40
[ 1887.508184]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1887.508813] RIP: 0033:0x7f04ef0deb19
[ 1887.509274] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1887.511529] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 1887.512453] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 1887.512609] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=9 sclass=netlink_route_socket pid=23602 comm=syz-executor.2
[ 1887.513318] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000008
[ 1887.513325] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 1887.513331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1887.513338] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
[ 1887.530122] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1887.532610] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1887.532610]    program syz-executor.5 not setting count and/or reply_len properly
[ 1887.564220] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1887.564220]    program syz-executor.5 not setting count and/or reply_len properly
01:20:00 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030421206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:20:00 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000004000046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:20:00 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030521206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:20:00 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02474030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 1887.668121] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
01:20:00 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0xa, 0x1, 0x5, 0x0, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:20:00 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="000eabe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 1887.692026] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1887.692026]    program syz-executor.6 not setting count and/or reply_len properly
01:20:00 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 42)

[ 1887.714132] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=23662 comm=syz-executor.2
[ 1887.734920] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=10 sclass=netlink_route_socket pid=23675 comm=syz-executor.2
01:20:00 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe0247a030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 1887.777138] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1887.777138]    program syz-executor.5 not setting count and/or reply_len properly
[ 1887.794496] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1887.794496]    program syz-executor.6 not setting count and/or reply_len properly
[ 1887.806927] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1887.806927]    program syz-executor.1 not setting count and/or reply_len properly
[ 1887.810758] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1887.810758]    program syz-executor.5 not setting count and/or reply_len properly
[ 1887.815544] FAULT_INJECTION: forcing a failure.
[ 1887.815544] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1887.816921] CPU: 1 PID: 23693 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 1887.817703] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1887.818664] Call Trace:
[ 1887.818968]  dump_stack+0x107/0x167
[ 1887.819385]  should_fail.cold+0x5/0xa
[ 1887.819827]  __alloc_pages_nodemask+0x182/0x600
[ 1887.820353]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 1887.820965]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 1887.821659]  alloc_pages_current+0x187/0x280
[ 1887.822169]  sg_build_indirect.isra.0+0x2f5/0x710
[ 1887.822723]  sg_common_write.constprop.0+0x992/0x1a30
[ 1887.823312]  ? sg_build_indirect.isra.0+0x710/0x710
[ 1887.823879]  ? vprintk_func+0x93/0x140
[ 1887.824324]  ? printk+0xba/0xf1
[ 1887.824697]  ? record_print_text.cold+0x16/0x16
[ 1887.825226]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 1887.825800]  ? trace_hardirqs_on+0x5b/0x180
[ 1887.826309]  sg_write.part.0+0x69e/0xaa0
[ 1887.826773]  ? sg_new_write.isra.0+0x770/0x770
[ 1887.827297]  ? find_held_lock+0x2c/0x110
[ 1887.827763]  ? __might_fault+0xd3/0x180
[ 1887.828216]  ? lock_downgrade+0x6d0/0x6d0
[ 1887.828696]  ? _cond_resched+0x10/0x30
[ 1887.829145]  ? inode_security+0x107/0x140
[ 1887.829622]  ? avc_policy_seqno+0x9/0x70
[ 1887.830092]  ? selinux_file_permission+0x92/0x520
[ 1887.830641]  ? iov_iter_advance+0x23b/0xec0
[ 1887.831134]  sg_write+0x87/0x120
[ 1887.831520]  do_iter_write+0x4f0/0x700
[ 1887.831967]  ? import_iovec+0x83/0xb0
[ 1887.832403]  vfs_writev+0x1ae/0x620
[ 1887.832820]  ? vfs_iter_write+0xa0/0xa0
[ 1887.833271]  ? __fget_files+0x2cf/0x520
[ 1887.833721]  ? lock_downgrade+0x6d0/0x6d0
[ 1887.834194]  ? find_held_lock+0x2c/0x110
[ 1887.834657]  ? ksys_write+0x12d/0x260
[ 1887.835091]  ? __fget_files+0x2f8/0x520
[ 1887.835545]  ? __fget_light+0xea/0x290
[ 1887.835989]  do_writev+0x139/0x300
[ 1887.836396]  ? vfs_writev+0x620/0x620
[ 1887.836827]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1887.837422]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1887.838016]  do_syscall_64+0x33/0x40
[ 1887.838438]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1887.839020] RIP: 0033:0x7f04ef0deb19
[ 1887.839443] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1887.841517] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 1887.842391] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 1887.843196] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 1887.844004] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 1887.844812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1887.845618] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:20:13 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030621206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:20:13 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020002000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:20:13 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400300021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:20:13 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x8d}, 0x12204}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r4, &(0x7f00000000c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2b}}, 0x10)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmallocinfo\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0xffe3)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x8, 0x40, 0x8, 0x1, 0x0, 0x4, 0x48004, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0xfff, 0x2, @perf_bp={&(0x7f0000000100), 0xb}, 0x2109, 0x3, 0x40, 0x5, 0x1, 0x9, 0x800, 0x0, 0x3, 0x0, 0x3}, 0x0, 0x10, r5, 0xa)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
setresuid(0xffffffffffffffff, r6, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r7=>0x0})
getresuid(&(0x7f0000000380), &(0x7f00000002c0)=<r8=>0x0, &(0x7f0000000340))
futimesat(r5, &(0x7f0000000300)='./file0\x00', &(0x7f00000003c0)={{0x77359400}, {0x0, 0x2710}})
setresuid(0x0, r7, r8)
fork()
setreuid(r6, r6)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x7, 0x7}, &(0x7f0000000400))

01:20:13 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0030abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:20:13 executing program 7:
keyctl$chown(0x4, 0x0, 0xee01, 0xee00)
r0 = add_key$keyring(0x0, &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
r1 = add_key$fscrypt_v1(&(0x7f0000000200), &(0x7f0000000500)={'fscrypt:', @desc4}, &(0x7f0000000680)={0x0, "51bab78fbede0eb5fae9c09d1193a258a2e3125ffdcd424c2f8cf56e277a15201fa83a9d96dbd58e991ffb9e07a1638e07a037807e7786eb446cd80e9a5867be", 0x3b}, 0x48, r0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f0000000700)='id_legacy\x00', &(0x7f0000000740)=@keyring={'key_or_keyring:', r0})
r2 = add_key(&(0x7f0000000280)='blacklist\x00', &(0x7f00000002c0)={'syz', 0x1}, 0x0, 0x0, r0)
r3 = add_key$fscrypt_v1(&(0x7f0000000300), &(0x7f0000000380)={'fscrypt:', @desc2}, &(0x7f0000000480)={0x0, "e776948c30407f746b4bce4fe1dfd22cfc491372bfef696cb8114417300486c7dc67510f255163554a8b1c56f99015cff18dde6bfd24cab6fc6fe129421a032a", 0x10032}, 0x48, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, 0x0, &(0x7f0000000400)=@chain={'key_or_keyring:', r3})
add_key$keyring(0x0, &(0x7f0000000800)={'syz', 0x3}, 0x0, 0x0, 0x0)
add_key$keyring(&(0x7f0000000100), &(0x7f00000003c0)={'syz', 0x3}, 0x0, 0x0, r1)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='wchan\x00')
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='wchan\x00')
add_key$keyring(&(0x7f0000000240), &(0x7f0000000340)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffff8)
preadv(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000840)=""/106, 0x6a}], 0x1, 0x0, 0x0)
add_key$fscrypt_provisioning(&(0x7f0000000640), &(0x7f0000000780)={'syz', 0x0}, &(0x7f00000009c0)=ANY=[@ANYBLOB="7b73de17a03623d2aa3e915d13ca2bb79124c4f51b18d7256797f0377eb8b2c23f677966077ad39e2d3dbfc29e0a0fbd58653a45f9eae0921a2becd7af22fcb2554f917d00884861aa61a0ff99f9eb559dbbcfc4591239d5033998ad0c078b3fb4e3bfa35e768709cdfbf8726bfc60d2e5", @ANYRESOCT, @ANYRES64=r0, @ANYRESOCT, @ANYRESOCT=r5, @ANYRES32, @ANYRES64=r2, @ANYRESHEX, @ANYRESOCT], 0x29, 0xfffffffffffffff9)
r6 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$invalidate(0x15, 0x0)
keyctl$KEYCTL_PKEY_QUERY(0x18, r6, 0x0, &(0x7f0000000380)='\x00', 0x0)
add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x0}, 0x0, 0x0, r6)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000540)}, 0x3040, 0xffff, 0xffffffff, 0x8, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone3(&(0x7f0000000ac0)={0x17412e500, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r4}}, 0x58)

01:20:13 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 43)

[ 1900.695849] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1900.695849]    program syz-executor.5 not setting count and/or reply_len properly
[ 1900.698703] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=11 sclass=netlink_route_socket pid=23758 comm=syz-executor.2
01:20:13 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0xb, 0x1, 0x5, 0x0, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

[ 1900.711784] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1900.711784]    program syz-executor.6 not setting count and/or reply_len properly
[ 1900.711851] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1900.711851]    program syz-executor.5 not setting count and/or reply_len properly
01:20:13 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030721206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 1900.734691] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1900.734691]    program syz-executor.1 not setting count and/or reply_len properly
[ 1900.741571] FAULT_INJECTION: forcing a failure.
[ 1900.741571] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1900.743110] CPU: 1 PID: 23764 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 1900.743972] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1900.745007] Call Trace:
[ 1900.745337]  dump_stack+0x107/0x167
[ 1900.745791]  should_fail.cold+0x5/0xa
[ 1900.746281]  __alloc_pages_nodemask+0x182/0x600
[ 1900.746857]  ? __kmalloc+0x16e/0x390
[ 1900.747327]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 1900.748085]  ? trace_hardirqs_on+0x5b/0x180
[ 1900.748631]  alloc_pages_current+0x187/0x280
[ 1900.749191]  sg_build_indirect.isra.0+0x2f5/0x710
[ 1900.749798]  sg_common_write.constprop.0+0x992/0x1a30
[ 1900.750493]  ? sg_build_indirect.isra.0+0x710/0x710
[ 1900.751116]  ? vprintk_func+0x93/0x140
[ 1900.751608]  ? printk+0xba/0xf1
[ 1900.752029]  ? record_print_text.cold+0x16/0x16
[ 1900.752616]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 1900.753255]  ? trace_hardirqs_on+0x5b/0x180
[ 1900.753803]  sg_write.part.0+0x69e/0xaa0
[ 1900.754327]  ? sg_new_write.isra.0+0x770/0x770
[ 1900.754906]  ? find_held_lock+0x2c/0x110
[ 1900.755420]  ? __might_fault+0xd3/0x180
[ 1900.755914]  ? lock_downgrade+0x6d0/0x6d0
[ 1900.756441]  ? _cond_resched+0x10/0x30
[ 1900.756923]  ? inode_security+0x107/0x140
[ 1900.757443]  ? avc_policy_seqno+0x9/0x70
[ 1900.757947]  ? selinux_file_permission+0x92/0x520
[ 1900.758556]  ? iov_iter_advance+0x23b/0xec0
[ 1900.759097]  sg_write+0x87/0x120
[ 1900.759521]  do_iter_write+0x4f0/0x700
[ 1900.760003]  ? import_iovec+0x83/0xb0
[ 1900.760478]  vfs_writev+0x1ae/0x620
[ 1900.760932]  ? vfs_iter_write+0xa0/0xa0
[ 1900.761428]  ? __fget_files+0x2cf/0x520
[ 1900.761928]  ? lock_downgrade+0x6d0/0x6d0
[ 1900.762462]  ? find_held_lock+0x2c/0x110
[ 1900.762970]  ? ksys_write+0x12d/0x260
[ 1900.763452]  ? __fget_files+0x2f8/0x520
[ 1900.763965]  ? __fget_light+0xea/0x290
[ 1900.764452]  do_writev+0x139/0x300
[ 1900.764892]  ? vfs_writev+0x620/0x620
[ 1900.765370]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1900.766040]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1900.766690]  do_syscall_64+0x33/0x40
[ 1900.767166]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1900.767810] RIP: 0033:0x7f04ef0deb19
[ 1900.768268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1900.770546] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 1900.771483] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 1900.772361] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 1900.773237] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 1900.774137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1900.775020] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
[ 1900.788321] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=11 sclass=netlink_route_socket pid=23770 comm=syz-executor.2
01:20:13 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020003000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:20:13 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0048abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:20:13 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400b60021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 1900.840852] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1900.840852]    program syz-executor.5 not setting count and/or reply_len properly
01:20:13 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a)
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
io_setup(0x5, &(0x7f0000000000)=<r1=>0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
io_submit(r1, 0x1, &(0x7f0000000800)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, r2, 0x0, 0x800000}])
io_uring_enter(r2, 0x6003, 0x22a8, 0x3, &(0x7f0000000080), 0x8)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000380)=ANY=[@ANYBLOB="00000000fffffdfd020100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d47cdc8e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000c3460571aa5fc76300000000000000000000000000000000000000000000000000000000000000000000ec00000000008f84158e66f57946271acf69220bc43185f54423f543d654959c611bb55b7c16262871f91384c528836b9faec3f8b07d16e9bf78837fadddde1c5e840fc8bc000000"])
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="3c000006000000a9cd685676972493fb5de5288c2a367df5f13900ea53d200030000000220000001dee8fc131fc92b570000000100008068fb93f20624d998bb2382fbef2e605d20efd13ad8"]})
ioctl$SCSI_IOCTL_STOP_UNIT(0xffffffffffffffff, 0x6)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x4, 0x0, 0xffffffffffffffff, &(0x7f0000000340)={0x20000004}}, 0x81)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan1\x00'})
close(0xffffffffffffffff)
syz_io_uring_setup(0x1c28, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000180)=<r3=>0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1, 0x10}, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_READ_FIXED={0x4, 0x2, 0x0, @fd_index=0x8, 0x100000000, 0x0, 0xffff, 0x0, 0x0, {0x3}}, 0x4)
syz_io_uring_submit(0x0, r3, &(0x7f00000005c0)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x1, 0x0, 0x0, 0x0, 0x23456, 0x0, 0x0, 0x1}, 0x6)
unshare(0x48020200)

01:20:13 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="004cabe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 1900.915654] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1900.915654]    program syz-executor.5 not setting count and/or reply_len properly
01:20:13 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030921206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:20:13 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0xc, 0x1, 0x5, 0x0, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

[ 1900.965317] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=12 sclass=netlink_route_socket pid=23802 comm=syz-executor.2
01:20:26 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400040021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:20:26 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020009000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:20:26 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0xd, 0x1, 0x5, 0x0, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:20:26 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r1, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(0xffffffffffffffff, r2, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r4, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$TCPDIAG_GETSOCK(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="4c00000012000105000000000000000007000000ffff000000000000000000000000e01000", @ANYRES32=0x0, @ANYBLOB='\x00'/16], 0x4c}}, 0x0)
ioctl$F2FS_IOC_RESIZE_FS(r4, 0x4008f510, &(0x7f0000000100)=0x3)
getresuid(&(0x7f00000001c0)=<r5=>0x0, &(0x7f00000002c0)=<r6=>0x0, &(0x7f0000000300))
r7 = syz_mount_image$tmpfs(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0xf17, 0x0, &(0x7f00000003c0), 0x3000, &(0x7f0000000400)=ANY=[@ANYBLOB='nr_inodes=57,huge=never,euid=', @ANYRESDEC=r5, @ANYBLOB="2c736d61636b66736861743d002c666fc8bab9f187", @ANYRESDEC=r2, @ANYBLOB=',fowner=', @ANYRESDEC=r2, @ANYBLOB=',\x00'])
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000540)={r7, 0x5, 0x4})
setresuid(0x0, r3, r6)
r8 = fork()
setreuid(r2, r2)
prlimit64(r8, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

01:20:26 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 44)

01:20:26 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030d21206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:20:26 executing program 7:
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$TCPDIAG_GETSOCK(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)={0x4c, 0x12, 0x501, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, {0xffff}}}, 0x4c}}, 0x0)
fcntl$setlease(r1, 0x400, 0x1)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mknod$loop(&(0x7f0000000400)='./file0\x00', 0x6000, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000740))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x101982, 0x0)
fallocate(r2, 0x1, 0x76, 0x0)
ioctl$LOOP_SET_STATUS(r2, 0x4c00, 0x0)
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f0000000440)={0x0, {}, 0x0, {}, 0x0, 0x0, 0x1d, 0x0, "6e60147ae2fcdc3f1d52584aebeafaa0edd69266edf29bbff612a7a730c97b72b322d0b8aff13a679593d52a3c987ef7c88e49e70f44c10f719a7c0f41774981", "f8258a6ec00c2423b3415e80f5dcc6b04bdfa5322086b2c40bc141347fe2216a", [0x100000001, 0x9]})
r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000280), 0x220000, 0x0)
mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000, 0x0, &(0x7f0000ffb000/0x3000)=nil)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r3)
sendmsg$NL80211_CMD_TDLS_OPER(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x20, r4, 0x400, 0x70bd26, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa}]}, 0x20}, 0x1, 0x0, 0x0, 0x11}, 0x40004)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x7}, 0x0, 0x4e2e}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)

01:20:26 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0068abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 1914.147963] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 1914.156885] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 1914.159157] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=13 sclass=netlink_route_socket pid=23915 comm=syz-executor.2
[ 1914.168184] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1914.168184]    program syz-executor.1 not setting count and/or reply_len properly
[ 1914.170786] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1914.170786]    program syz-executor.6 not setting count and/or reply_len properly
[ 1914.174553] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1914.174553]    program syz-executor.5 not setting count and/or reply_len properly
[ 1914.193812] FAULT_INJECTION: forcing a failure.
[ 1914.193812] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1914.197091] CPU: 1 PID: 23908 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 1914.198955] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1914.201186] Call Trace:
[ 1914.201903]  dump_stack+0x107/0x167
[ 1914.202912]  should_fail.cold+0x5/0xa
[ 1914.203946]  __alloc_pages_nodemask+0x182/0x600
[ 1914.205219]  ? __kmalloc+0x16e/0x390
[ 1914.206266]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 1914.207647]  ? trace_hardirqs_on+0x5b/0x180
[ 1914.208632]  alloc_pages_current+0x187/0x280
[ 1914.209837]  sg_build_indirect.isra.0+0x2f5/0x710
[ 1914.210970]  sg_common_write.constprop.0+0x992/0x1a30
[ 1914.212114]  ? sg_build_indirect.isra.0+0x710/0x710
[ 1914.213207]  ? vprintk_func+0x93/0x140
[ 1914.214074]  ? printk+0xba/0xf1
[ 1914.214814]  ? record_print_text.cold+0x16/0x16
[ 1914.215847]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 1914.216962]  ? trace_hardirqs_on+0x5b/0x180
[ 1914.217934]  sg_write.part.0+0x69e/0xaa0
[ 1914.218847]  ? sg_new_write.isra.0+0x770/0x770
[ 1914.219864]  ? find_held_lock+0x2c/0x110
[ 1914.220767]  ? __might_fault+0xd3/0x180
[ 1914.221643]  ? lock_downgrade+0x6d0/0x6d0
[ 1914.222583]  ? _cond_resched+0x10/0x30
[ 1914.223438]  ? inode_security+0x107/0x140
[ 1914.224353]  ? avc_policy_seqno+0x9/0x70
[ 1914.225248]  ? selinux_file_permission+0x92/0x520
[ 1914.226318]  ? iov_iter_advance+0x23b/0xec0
[ 1914.227273]  sg_write+0x87/0x120
[ 1914.228023]  do_iter_write+0x4f0/0x700
[ 1914.228886]  ? import_iovec+0x83/0xb0
[ 1914.229725]  vfs_writev+0x1ae/0x620
[ 1914.230538]  ? vfs_iter_write+0xa0/0xa0
[ 1914.231411]  ? __fget_files+0x2cf/0x520
[ 1914.232281]  ? lock_downgrade+0x6d0/0x6d0
[ 1914.233190]  ? find_held_lock+0x2c/0x110
[ 1914.234085]  ? ksys_write+0x12d/0x260
[ 1914.234933]  ? __fget_files+0x2f8/0x520
[ 1914.235812]  ? __fget_light+0xea/0x290
[ 1914.236666]  do_writev+0x139/0x300
[ 1914.237442]  ? vfs_writev+0x620/0x620
[ 1914.238286]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1914.239437]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1914.240565]  do_syscall_64+0x33/0x40
[ 1914.241376]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1914.242505] RIP: 0033:0x7f04ef0deb19
[ 1914.243319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1914.247048] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1914.247048]    program syz-executor.5 not setting count and/or reply_len properly
[ 1914.247376] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 1914.247397] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 1914.247408] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000008
[ 1914.247419] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 1914.247430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1914.247441] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:20:26 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c0455030002000d000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 1914.300757] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.7'.
01:20:26 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030e21206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:20:26 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 45)

01:20:26 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400300021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:20:26 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0xe, 0x1, 0x5, 0x0, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:20:26 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="006cabe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 1914.465792] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1914.465792]    program syz-executor.6 not setting count and/or reply_len properly
[ 1914.474958] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=14 sclass=netlink_route_socket pid=24044 comm=syz-executor.2
[ 1914.499825] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1914.499825]    program syz-executor.5 not setting count and/or reply_len properly
[ 1914.525702] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1914.525702]    program syz-executor.1 not setting count and/or reply_len properly
[ 1914.526847] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=14 sclass=netlink_route_socket pid=24048 comm=syz-executor.2
[ 1914.536172] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1914.536172]    program syz-executor.5 not setting count and/or reply_len properly
[ 1914.545279] FAULT_INJECTION: forcing a failure.
[ 1914.545279] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1914.548700] CPU: 0 PID: 24046 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 1914.550362] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1914.552318] Call Trace:
[ 1914.552953]  dump_stack+0x107/0x167
[ 1914.553834]  should_fail.cold+0x5/0xa
[ 1914.554757]  __alloc_pages_nodemask+0x182/0x600
[ 1914.555865]  ? __kmalloc+0x16e/0x390
[ 1914.556754]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 1914.558205]  ? trace_hardirqs_on+0x5b/0x180
[ 1914.559241]  alloc_pages_current+0x187/0x280
[ 1914.560313]  sg_build_indirect.isra.0+0x2f5/0x710
[ 1914.561483]  sg_common_write.constprop.0+0x992/0x1a30
[ 1914.562740]  ? sg_build_indirect.isra.0+0x710/0x710
[ 1914.563939]  ? vprintk_func+0x93/0x140
[ 1914.564892]  ? printk+0xba/0xf1
[ 1914.565674]  ? record_print_text.cold+0x16/0x16
[ 1914.566790]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 1914.567984]  ? trace_hardirqs_on+0x5b/0x180
[ 1914.569012]  sg_write.part.0+0x69e/0xaa0
[ 1914.569973]  ? sg_new_write.isra.0+0x770/0x770
[ 1914.571055]  ? find_held_lock+0x2c/0x110
[ 1914.572022]  ? __might_fault+0xd3/0x180
[ 1914.572962]  ? lock_downgrade+0x6d0/0x6d0
[ 1914.573954]  ? _cond_resched+0x10/0x30
[ 1914.574884]  ? inode_security+0x107/0x140
[ 1914.575868]  ? avc_policy_seqno+0x9/0x70
[ 1914.576820]  ? selinux_file_permission+0x92/0x520
[ 1914.577989]  ? iov_iter_advance+0x23b/0xec0
[ 1914.579027]  sg_write+0x87/0x120
[ 1914.579834]  do_iter_write+0x4f0/0x700
[ 1914.580752]  ? import_iovec+0x83/0xb0
[ 1914.581674]  vfs_writev+0x1ae/0x620
[ 1914.582545]  ? vfs_iter_write+0xa0/0xa0
[ 1914.583483]  ? __fget_files+0x2cf/0x520
[ 1914.584421]  ? lock_downgrade+0x6d0/0x6d0
[ 1914.585398]  ? find_held_lock+0x2c/0x110
[ 1914.586363]  ? ksys_write+0x12d/0x260
[ 1914.587253]  ? __fget_files+0x2f8/0x520
[ 1914.588187]  ? __fget_light+0xea/0x290
[ 1914.589096]  do_writev+0x139/0x300
[ 1914.589927]  ? vfs_writev+0x620/0x620
[ 1914.590831]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1914.592053]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1914.593264]  do_syscall_64+0x33/0x40
[ 1914.594150]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1914.595358] RIP: 0033:0x7f04ef0deb19
[ 1914.596220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1914.600511] RSP: 002b:00007f04ec633188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 1914.602296] RAX: ffffffffffffffda RBX: 00007f04ef1f2020 RCX: 00007f04ef0deb19
[ 1914.603957] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 1914.605620] RBP: 00007f04ec6331d0 R08: 0000000000000000 R09: 0000000000000000
[ 1914.607286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1914.608931] R13: 00007ffe4eb6835f R14: 00007f04ec633300 R15: 0000000000022000
01:20:41 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 46)

01:20:41 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400033021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:20:41 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0074abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:20:41 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
syz_io_uring_setup(0x350c, &(0x7f0000000240)={0x0, 0xb4f3, 0x8, 0x1, 0xbc}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000100), &(0x7f0000000340))
setresuid(0xffffffffffffffff, r4, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r6=>0x0, &(0x7f0000000300))
setresuid(0x0, r5, r6)
r7 = fork()
setreuid(r4, r4)
prlimit64(r7, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

01:20:41 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @mcast2}, 0x80, &(0x7f0000000840)=[{&(0x7f0000000300)="a63a85", 0x3}], 0x1}, 0x0, 0x4008000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r6 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2b}}, 0x10)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmallocinfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r7, 0x0, 0xffe3)
ioctl$SG_GET_RESERVED_SIZE(r7, 0x2272, &(0x7f0000000340))
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000280)='blkio.throttle.io_service_bytes_recursive\x00', 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, r6, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f00000000c0), 0x1)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000040)={0x0, 0x0, 0x10, 0x0, 0x86}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff1000/0xf000)=nil, 0x0, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x80000001)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ff3000/0x2000)=nil, 0x2000, 0x0, 0x10, r5, 0x8000000)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

01:20:41 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c0455030002000e000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:20:41 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0xf, 0x1, 0x5, 0x0, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:20:41 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400b60021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 1928.643307] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=15 sclass=netlink_route_socket pid=24060 comm=syz-executor.2
[ 1928.662003] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1928.662003]    program syz-executor.5 not setting count and/or reply_len properly
[ 1928.684578] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1928.684578]    program syz-executor.1 not setting count and/or reply_len properly
[ 1928.690120] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=15 sclass=netlink_route_socket pid=24074 comm=syz-executor.2
[ 1928.701641] FAULT_INJECTION: forcing a failure.
[ 1928.701641] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1928.704259] CPU: 0 PID: 24070 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 1928.705706] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1928.707442] Call Trace:
[ 1928.707997]  dump_stack+0x107/0x167
[ 1928.708766]  should_fail.cold+0x5/0xa
[ 1928.709572]  __alloc_pages_nodemask+0x182/0x600
[ 1928.710556]  ? __kmalloc+0x16e/0x390
[ 1928.711341]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 1928.712621]  ? trace_hardirqs_on+0x5b/0x180
[ 1928.713526]  alloc_pages_current+0x187/0x280
[ 1928.714479]  sg_build_indirect.isra.0+0x2f5/0x710
[ 1928.715504]  sg_common_write.constprop.0+0x992/0x1a30
[ 1928.716602]  ? sg_build_indirect.isra.0+0x710/0x710
[ 1928.717644]  ? vprintk_func+0x93/0x140
[ 1928.718473]  ? printk+0xba/0xf1
[ 1928.719173]  ? record_print_text.cold+0x16/0x16
[ 1928.720170]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 1928.721222]  ? trace_hardirqs_on+0x5b/0x180
[ 1928.722137]  sg_write.part.0+0x69e/0xaa0
[ 1928.723013]  ? sg_new_write.isra.0+0x770/0x770
[ 1928.723972]  ? find_held_lock+0x2c/0x110
[ 1928.724817]  ? __might_fault+0xd3/0x180
[ 1928.725658]  ? lock_downgrade+0x6d0/0x6d0
[ 1928.726533]  ? _cond_resched+0x10/0x30
[ 1928.727350]  ? inode_security+0x107/0x140
[ 1928.728218]  ? avc_policy_seqno+0x9/0x70
[ 1928.729063]  ? selinux_file_permission+0x92/0x520
[ 1928.730082]  ? iov_iter_advance+0x23b/0xec0
[ 1928.730992]  sg_write+0x87/0x120
[ 1928.731701]  do_iter_write+0x4f0/0x700
[ 1928.732514]  ? import_iovec+0x83/0xb0
[ 1928.733311]  vfs_writev+0x1ae/0x620
[ 1928.734074]  ? vfs_iter_write+0xa0/0xa0
[ 1928.734894]  ? __fget_files+0x2cf/0x520
[ 1928.735703]  ? lock_downgrade+0x6d0/0x6d0
[ 1928.736561]  ? find_held_lock+0x2c/0x110
[ 1928.737421]  ? ksys_write+0x12d/0x260
[ 1928.738216]  ? __fget_files+0x2f8/0x520
[ 1928.739047]  ? __fget_light+0xea/0x290
[ 1928.739842]  do_writev+0x139/0x300
[ 1928.740563]  ? vfs_writev+0x620/0x620
[ 1928.741333]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1928.742413]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1928.743487]  do_syscall_64+0x33/0x40
[ 1928.744245]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1928.745278] RIP: 0033:0x7f04ef0deb19
[ 1928.746056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1928.749922] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 1928.751108] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1928.751108]    program syz-executor.5 not setting count and/or reply_len properly
[ 1928.751521] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 1928.751532] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 1928.751543] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 1928.751554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1928.751566] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:20:41 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030009206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:20:41 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020030000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:20:41 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x11, 0x1, 0x5, 0x0, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:20:41 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400034821206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 1928.825736] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1928.825736]    program syz-executor.6 not setting count and/or reply_len properly
[ 1928.841617] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:20:41 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="007aabe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 1928.878974] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:20:41 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000030000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:20:41 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 47)

01:20:41 executing program 7:
mknod$loop(&(0x7f0000000300)='./file0\x00', 0x6000, 0x0)
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0xc000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x100, 0xb91})
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000380)=ANY=[@ANYBLOB="23bd58703d44d60607978b634f7c21202e2f66696c65302000202e2da0592d963720f720000ab2c1bec4fc4167de2384df4a7031c840598f4ea218fbed20587fdeb641044c1f5096c542f663af641d983e682505bb400000"], 0xa4)
r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x1261, 0x0)
ioctl$SNAPSHOT_ATOMIC_RESTORE(r1, 0x3304)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100))
r2 = io_uring_setup(0x69ab, &(0x7f0000000540)={0x0, 0x50d8, 0x0, 0x2, 0x3dd, 0x0, r0})
io_uring_enter(r2, 0x3d1c, 0x7846, 0x3, &(0x7f00000005c0)={[0x1]}, 0x8)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000640)}, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x0, &(0x7f0000000180)={0x0, 0x58bb, 0x0, 0xfffffffe}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000140))
creat(&(0x7f0000000440)='./file1\x00', 0x20)
creat(&(0x7f0000000600)='./file1\x00', 0x40)
creat(&(0x7f0000000400)='./file0\x00', 0x180)
syz_io_uring_submit(r3, 0x0, &(0x7f0000000340)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x3938700}, 0x1, 0x1, 0x1}, 0x7)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x4010, 0xffffffffffffffff, 0x8000000)

01:20:41 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030221206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 1928.953618] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1928.953618]    program syz-executor.5 not setting count and/or reply_len properly
01:20:41 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x12, 0x1, 0x5, 0x0, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:20:41 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r6=>0x0, &(0x7f0000000300))
setresuid(0x0, r5, r6)
r7 = fork()
setreuid(r4, r4)
prlimit64(r7, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

[ 1928.992964] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1928.992964]    program syz-executor.5 not setting count and/or reply_len properly
[ 1929.043154] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1929.059786] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1929.059786]    program syz-executor.1 not setting count and/or reply_len properly
[ 1929.083190] FAULT_INJECTION: forcing a failure.
[ 1929.083190] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1929.085930] CPU: 0 PID: 24204 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 1929.087230] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1929.087405] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1929.087412] Call Trace:
[ 1929.087436]  dump_stack+0x107/0x167
[ 1929.087461]  should_fail.cold+0x5/0xa
[ 1929.093117]  __alloc_pages_nodemask+0x182/0x600
[ 1929.094102]  ? __kmalloc+0x16e/0x390
[ 1929.094904]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 1929.096187]  ? trace_hardirqs_on+0x5b/0x180
[ 1929.097110]  alloc_pages_current+0x187/0x280
[ 1929.098053]  sg_build_indirect.isra.0+0x2f5/0x710
[ 1929.099094]  sg_common_write.constprop.0+0x992/0x1a30
[ 1929.100208]  ? sg_build_indirect.isra.0+0x710/0x710
[ 1929.101274]  ? vprintk_func+0x93/0x140
[ 1929.102105]  ? printk+0xba/0xf1
[ 1929.102824]  ? record_print_text.cold+0x16/0x16
[ 1929.103814]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 1929.104884]  ? trace_hardirqs_on+0x5b/0x180
[ 1929.105810]  sg_write.part.0+0x69e/0xaa0
[ 1929.106687]  ? sg_new_write.isra.0+0x770/0x770
[ 1929.107663]  ? find_held_lock+0x2c/0x110
[ 1929.108535]  ? __might_fault+0xd3/0x180
[ 1929.109381]  ? lock_downgrade+0x6d0/0x6d0
[ 1929.110276]  ? _cond_resched+0x10/0x30
[ 1929.111108]  ? inode_security+0x107/0x140
[ 1929.111990]  ? avc_policy_seqno+0x9/0x70
[ 1929.112849]  ? selinux_file_permission+0x92/0x520
[ 1929.113874]  ? iov_iter_advance+0x23b/0xec0
[ 1929.114792]  sg_write+0x87/0x120
[ 1929.115487]  do_iter_write+0x4f0/0x700
[ 1929.116291]  ? import_iovec+0x83/0xb0
[ 1929.117076]  vfs_writev+0x1ae/0x620
[ 1929.117819]  ? vfs_iter_write+0xa0/0xa0
[ 1929.118641]  ? __fget_files+0x2cf/0x520
[ 1929.119461]  ? lock_downgrade+0x6d0/0x6d0
[ 1929.120299]  ? find_held_lock+0x2c/0x110
[ 1929.121128]  ? ksys_write+0x12d/0x260
[ 1929.121910]  ? __fget_files+0x2f8/0x520
[ 1929.122741]  ? __fget_light+0xea/0x290
[ 1929.123533]  do_writev+0x139/0x300
[ 1929.124254]  ? vfs_writev+0x620/0x620
[ 1929.125032]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1929.126094]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1929.127152]  do_syscall_64+0x33/0x40
[ 1929.127911]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1929.128964] RIP: 0033:0x7f04ef0deb19
[ 1929.129722] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1929.133467] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 1929.135016] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 1929.136462] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 1929.137912] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 1929.139370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1929.140813] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:21:00 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
dup(r3)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r6=>0x0, &(0x7f0000000300))
setresuid(0x0, r5, r6)
r7 = fork()
setreuid(r4, r4)
prlimit64(r7, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

01:21:00 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400034c21206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:00 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 48)

01:21:00 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000b6e02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:00 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000090000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:00 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030321206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 1947.855580] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1947.855580]    program syz-executor.5 not setting count and/or reply_len properly
[ 1947.862297] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=47 sclass=netlink_route_socket pid=24330 comm=syz-executor.2
[ 1947.877663] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=47 sclass=netlink_route_socket pid=24335 comm=syz-executor.2
[ 1947.880140] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1947.880140]    program syz-executor.1 not setting count and/or reply_len properly
01:21:00 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x2f, 0x1, 0x5, 0x0, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:21:00 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030421206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:00 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x10, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x6}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setpriority(0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)={0x30, 0x10, 0x200, 0xa, 0x0, {0xe}, [@typed={0x5, 0x58, 0x0, 0x0, @str='\x00'}, @nested={0x11, 0x3ffc, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149f8"]}]}, 0x30}}, 0x0)
fsetxattr$security_ima(r0, &(0x7f0000000280), &(0x7f0000000300)=@sha1={0x1, "9f8ce3fd5eba33278ce4ec989be7aeef64c50e03"}, 0x15, 0x2)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='map_files\x00')
getdents64(r2, &(0x7f00000007c0)=""/176, 0xb0)
getdents64(r2, 0x0, 0x0)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000027bd7000fddbdf2501000000000000000c419bfa00000014001462726f6164636173000000006e6b"], 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x1)
r3 = syz_genetlink_get_family_id$ipvs(0x0, r2)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'geneve0\x00', <r4=>0x0})
lseek(r0, 0x1, 0x4)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000000)={r4, 0x1, 0x6, @local}, 0x10)
sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000400)=ANY=[@ANYRESOCT, @ANYRES16=r3, @ANYBLOB="2dcadbce1e98ace8da0b4dfec1f216461337bcd377ae8319be7dd63193f293a9864d5901d97776f5aea393a769f386f38fdcf7b5cae7ca2d1efcf542964995b5ec193128d1578333cb4d78d81441041bc4cbc14e5e8a001ccada686954329b7ec11f6967b95ff93274f1fdec7205b0f379bca9e23c137f904794ddacb808b5844bf86ac331e67c3bd6c1036702a1e873350d52d3a48437a0a395d0f1c34f6a71aedc6a2fb40409d04523d5a010cda5"], 0x100}, 0x1, 0x0, 0x0, 0x4044084}, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r2)
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000540)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8260500}, 0xc, &(0x7f0000000500)={&(0x7f0000000380)={0x2c, r5, 0x8, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x0, 0x66}}}}, [@NL80211_ATTR_CONTROL_PORT={0x4}, @NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, @random=0x200}]}, 0x2c}, 0x1, 0x0, 0x0, 0xc000}, 0x11)
unshare(0x48020200)

[ 1947.913683] FAULT_INJECTION: forcing a failure.
[ 1947.913683] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1947.916344] CPU: 0 PID: 24319 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 1947.917830] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1947.919642] Call Trace:
[ 1947.920221]  dump_stack+0x107/0x167
[ 1947.921013]  should_fail.cold+0x5/0xa
[ 1947.921838]  __alloc_pages_nodemask+0x182/0x600
[ 1947.922850]  ? __kmalloc+0x16e/0x390
[ 1947.923659]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 1947.924984]  ? trace_hardirqs_on+0x5b/0x180
[ 1947.925911]  alloc_pages_current+0x187/0x280
[ 1947.926870]  sg_build_indirect.isra.0+0x2f5/0x710
[ 1947.927921]  sg_common_write.constprop.0+0x992/0x1a30
[ 1947.929038]  ? sg_build_indirect.isra.0+0x710/0x710
[ 1947.930106]  ? vprintk_func+0x93/0x140
[ 1947.930953]  ? printk+0xba/0xf1
[ 1947.931664]  ? record_print_text.cold+0x16/0x16
[ 1947.932659]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 1947.933741]  ? trace_hardirqs_on+0x5b/0x180
[ 1947.934690]  sg_write.part.0+0x69e/0xaa0
[ 1947.935566]  ? sg_new_write.isra.0+0x770/0x770
[ 1947.936552]  ? find_held_lock+0x2c/0x110
[ 1947.937432]  ? __might_fault+0xd3/0x180
[ 1947.938286]  ? lock_downgrade+0x6d0/0x6d0
[ 1947.939204]  ? _cond_resched+0x10/0x30
[ 1947.940036]  ? inode_security+0x107/0x140
[ 1947.940928]  ? avc_policy_seqno+0x9/0x70
[ 1947.941799]  ? selinux_file_permission+0x92/0x520
[ 1947.942850]  ? iov_iter_advance+0x23b/0xec0
[ 1947.943786]  sg_write+0x87/0x120
[ 1947.944521]  do_iter_write+0x4f0/0x700
[ 1947.945363]  ? import_iovec+0x83/0xb0
[ 1947.946188]  vfs_writev+0x1ae/0x620
[ 1947.946982]  ? vfs_iter_write+0xa0/0xa0
[ 1947.947835]  ? __fget_files+0x2cf/0x520
[ 1947.948687]  ? lock_downgrade+0x6d0/0x6d0
[ 1947.949569]  ? find_held_lock+0x2c/0x110
[ 1947.950446]  ? ksys_write+0x12d/0x260
[ 1947.951282]  ? __fget_files+0x2f8/0x520
[ 1947.952146]  ? __fget_light+0xea/0x290
[ 1947.952990]  do_writev+0x139/0x300
[ 1947.953756]  ? vfs_writev+0x620/0x620
[ 1947.954589]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1947.955717]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1947.956828]  do_syscall_64+0x33/0x40
[ 1947.957629]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1947.958744] RIP: 0033:0x7f04ef0deb19
[ 1947.959546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1947.963518] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 1947.965155] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 1947.966660] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000008
[ 1947.968134] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 1947.969627] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1947.971146] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
[ 1947.988559] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1947.988559]    program syz-executor.5 not setting count and/or reply_len properly
[ 1947.992238] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=95 sclass=netlink_route_socket pid=24348 comm=syz-executor.2
01:21:00 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400036821206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:00 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x5f, 0x1, 0x5, 0x0, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

[ 1948.017871] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=95 sclass=netlink_route_socket pid=24351 comm=syz-executor.2
01:21:14 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030521206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:14 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r6=>0x0, &(0x7f0000000300))
setresuid(0x0, r5, r6)
r7 = fork()
setreuid(r4, r4)
r8 = socket$unix(0x1, 0x1, 0x0)
fcntl$setown(r8, 0x8, 0xffffffffffffffff)
fcntl$getownex(r8, 0x10, &(0x7f00000009c0)={0x0, <r9=>0x0})
pidfd_open(r9, 0x0)
r10 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000100), 0x8a040, 0x0)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x9, 0x80, 0x0, 0x8f, 0x0, 0x5, 0x2000, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x4de, 0x0, @perf_config_ext={0x2, 0x2}, 0x47450, 0x5, 0x2, 0x9, 0xffffffffffffffff, 0x7, 0xc3, 0x0, 0xd5c, 0x0, 0x9}, r9, 0xf, r10, 0x1)
prlimit64(r7, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

01:21:14 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000b6e02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:14 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c045503000200000d0000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:14 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x73, 0x1, 0x5, 0x0, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:21:14 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400036c21206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:14 executing program 7:
sendmsg$DEVLINK_CMD_RATE_NEW(0xffffffffffffffff, 0x0, 0x40811)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4306, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'lo\x00', <r0=>0x0})
ioctl$sock_inet6_SIOCDIFADDR(0xffffffffffffffff, 0x8936, &(0x7f0000000080)={@local, 0x78})
ioctl$sock_inet6_SIOCDIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={@remote})
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000580)={&(0x7f0000002d80)={0x1618, 0x0, 0x100, 0x70bd2c, 0x25dfdbfc, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_macvtap\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}, @ETHTOOL_A_HEADER_FLAGS={0x0, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x250, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x7fff}, @ETHTOOL_A_BITSET_VALUE={0xdc, 0x4, "149f5b97e10f14644669ad0a7e0a33ae00222db1431aa1fd1974c8cfa75d8b3576e885a4db8c12a32736ab486a5d401ffdd17a83762ec0de088db9ea3b710a3a3aac1a4c2f4ff2f36d58c4d7180838b567c4d276ac29ed152c55b2694d5f8a2da316b6c3d48b2c28bfdb6225282f6b6befa133348fcb44d28278a9403d5cd9dd6dbd26c47954986a9117400c8921b6161e6b424ce66dedd0a8b3ae3708b0a11054b25ed0b8c2b2551bf02b09e3886a794415b35bba600f0c7eb901f6ccf3eb29b651abd7207230dfc88f72a4db8a4720f0c90a5c45fc7819"}, @ETHTOOL_A_BITSET_VALUE={0x1b, 0x4, "e7f21ebad901d53155b502ab24bbd6c17a9f95d47e0156"}, @ETHTOOL_A_BITSET_VALUE={0x69, 0x4, "99b7024cc8e6f80eaf8405b0bd85330224344f1ea9e0b8518b4eca28c42537cdd539f6c5f50fb1f969e8779784940b05a61bd51f5a20444da093c42f683aef76ec453e102196de88a042310520406434986c52cd9798daa90448eec3b6291edeb2273e5272"}, @ETHTOOL_A_BITSET_BITS={0x40, 0x3, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, 'lo\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}]}, {0x8, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_MASK={0x89, 0x5, "7d98e11b82ccdabbdc6a1382a2f201087f87240e8a6cf84930dae21c5f2e0433864d673d9a7513995e002f2d30f61f8923ad8a87d9e50dc8fd48244f674a97125078a0e0d50bcbfeeecbf3afac588044359bfb4e4e5fc93b5a8020cdb460f16530ef603af0df4a3b66bde79787190d7b035a9624023fc8a7cd2fa37f93dc132dfe7861fb47"}, @ETHTOOL_A_BITSET_SIZE={0xfffffffffffffdc8, 0x2, 0x6}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x1068, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x1004, 0x4, "c52d4d7290ac1dd934661066c1343ab19f773686f8946b19a5ae94a49aeababbca59ce2be136f3728b135d520a1fd6285dbc5bec52944c7766783a826e1d1bd3eb1da961ab3b2a2793a86048f38b76ba445a5aaf268e35cee3d9ae37ae1634e1b39f039977eff2c28e050f6fa9363f6dfa510d23c5407b3431a786f748d77f43093bf44026b8a8c5dd0bb44cce65cf1d7260464e0b016238c252913ac0121e54d7bbd90c9aee1ce4037845f518f0251a521fff3b6ed28ce3f8be66708888b903069f6d04035eb650fdf84d506a3e8bd21ee2ea9912ca144d1f91fe6db9a9e1410859a8114dd9c4e59c758a76ed91b16c825777c3705ce77072fbf07ab980645a437023462856a60afa6dd73414d038f16187a8ec08642b1e3094937dc11d9ad469a1c4ff6cf0a21a9dab5e522acdeddef01978780c9a887ec0553b217841ecac62538250fb038eb55fdd0fbe167923c1eec03c0482ef88caba57d8c983e3016300826b7b460516d61014dfce78124acc4e066d9a325299f60b7dc8c598c715f19439a37f438b63d9cdb5fc2f494c1b3f61357148e5a870c51482d70817403fcc38028a0308566d0d271bf71ab5b78a4c4c36f81de3104dd2007fb32370aed36eeec07d7be32c570a7cd9d9e83d6344966d19210ff6056736d82107d7bd6288bcac01fe49c816fd9a9a87cf99e2cd4340423786d9076d63e89226fd645bfb5aafb5a7a7de0d076f38e913dbc585857f5325371fcf9ea89bdca6f6bc2594dd0c937181555c4df9c95b0e91cf835d0c59009150394c187a6ba57434cf6191f274ba0e93990b5420c786f622518392e8df46e8b55d1e1d0429ca37deee34d24b04e9ee3c32ccb19fc9bc31cbbe9afdbd94a1db3609640fb11fbc84a5b979b932ce14261c324ed125c4250968cfd2e56ff072aeef25f6148f02ca5107386a4d6420065c0b971d8310cf046e75cacb948efa842792b2b0913e2551e6d653a530e9983eec50d0700cd5d3dcd710ee5d59af1bcec0fce443bc5e6088b103d121c0bca74dd2625947c89fca44418c6dd53d8c80fb1cf24f0a4a2b4fbfec2cc18fac01211afc1b4321c723526660d71b16548015acceb5e215b09aea68f64f83644e3f8885f2933b232e55f998d5f34626641faf2a755b1b67276147e9ec0cfe892d3f4d615a3a618726dd5f081bffaabdf3435ef712855609683b913a82e79c0a03f74223b60bfb8674c40e23370f1202050b3d667096283b31dcbefa51c4497fb79791fd42a0357655b2ccbd67e3f7e347a611bf2d9e943ee85aa3857a458a4814d21b52c5313f21faa24562a761c64ee470250fc79810190c0cdb8a5b463e4dae95f1fa07930ef8b6a8143666c5a5cbb87bb6e64559eb02c2a6ccdf599fd687256ea1af07647b27cf1f372e3ead321a6edcfc098343aa3ff03964dfc6199584157d58b8fda6f65860b83877dbe4477747364e6e51f539273215f553e513fa8bc428ef046d4c30c54107a46741cf38c0c892d6f69f14a33228968cd1b9dccb0489eddb5c2c74a4e47e24fbe270bba5e15670808f98e01468f489c5f12e186305b94df2149fba636410d7737a4d5dad2290834a685bd6db9a2e10a1b41af334a6e0129eaee8c5f37635fb38cc8b2148a78b1098234e7bec4ef0c15740f1374489d5bb611f52c6aae95eb0e09aa7cbc81d31f4180408234f5d25236c7d409695999ae95a144bf965c2b9d6c90c5619e13b0b4336cc3110f71eaad66498db1f3f5ffe878fdd0377a8bc2787cbd6472972bbf715e14f9f2d5b8fb7d2ea893676187f7f8ee258151a602e50c03dd35491e429131001804bb057879686091f4d2e8a7860df753abe216546fd05f1cc63d471543bdff7b000518fec24a290556a12f1f87d6fdfa858f95c6bd1f3dbce5e26b1099009e8f74f7b7eef0fcee4e80e324b52e2778b7dabdc02db8c47f025c84a2eb886cffac1c981cf13fefb3f6acad0c2fb6218083dfb96f909f028a876a8601a99c58f3d130a032d1bd77ce425d989aa76e7d872f25db003132b4fc973409bf537cd34b374a4a9d01225f0ea638244d6cc147317cf0f03a9c4223447a38c52999ba4d74fcaab7435969e78d01bd1a09898d39d40796c66874cd07693cc7cd30286050f46bd7b97b59116cb0c461bd272868e1268a680df4f5531fc3491eafcc5fcf0a59ea9f126346d3b2b4a991a92df92bf040a09135aa90e30abbc70e5f3fa43f317c6bb93a92428eccae44b6c395c96c3dc8fff157c785f0c5bd1cf039c2d5fd4797862eb03394ca536d2a2e7f4abc787e9c2e69d45d3dfa74845c0cc56a9928930e6dd72e40434f1819ad639c3d6f2e176d3670dfa47111ba362813902918b8e380ea8519ec922a07cfa61527464a386a1ec6988afe8ab40d35e55e17f6a00e768680ad37119f79cf040f78ba4a1ae85bf48522e070ee0ea996a37c02f66674f5fdc72a5eb9ed8d4c4e86197c1f979ad4386378f9fea6a91d7455b3c1a4724a96bc08ff559b4770d27b78404c05cd842672f998425801441f766b412e4efa37aa71670cad03d75789e7a742880965fe54ab9eaa356e8ee430438a1b2fbceead5f6d13b190a7853e49443978f2452f8ca83f4c9323c664cafb8a02c75def553aca42c2e2d700c3031f6e507451b1caceeb7d28e7d4c32890ce2092633cb1dbed789690e96f5cd6a65b16793ef57ce0a72fe6aa5ffd82a023ae24efdaaaa1811d2d826d4b99ce76bb4abf8cd942bfb0ffa6de167a1ad0a9a157b4a5888047ef5ac6f983be4069ef87a24bb6c882cd14c7872e514e7d64da53f8d160942ba5d277d7f8011d3fe1b0ddc2a033507832bc97f589cd7099ef58e007d3a91c2b15bbe09ea57903bbdbac1e676fc1fe5e7902ffd1b5e1d3ff86ce0c7d69bf820f9f8290cf5dcd3435438a6042b5ae8f9e9b104179276267473945fa9c04207c7c21c3b363415655ed8ec876614200a414b94a18716703da2a15648c97761c06b92aa580811406f61e8cd7c17bcffbbfee7648466154bad0e7cc53d2d6588cf040b180d518d61c3b4b1ba6db5577c23b9125eddc3e2927c684003fd1521214c86e99ac12139bafe4e230017cc1e2eba370741dbed61d73b5132fcf3c7857bfc6ac28bd08873d0cd6bdafaafd1e81d314c34cc05df6f553680b8e54540c0e588c332bf5a7d5f5058f8eb0a3e27d9634fcd18ad3f9d51e78e0c1b1037b03eab3c37990eb9018e00ed76d2c1950afadf8d052754e260f553df3f2369fa9544ccdd9f50e877976526328f58f009d007ce269cc1a77de955480bdb5135223f6f631b185f500163f3051b11124b69249221d9c9c03bc97ebd6ba50449427e5eac705d2489703e0d48a565975718647081fc6580c76becc037aac595e2fc0f747d7012a0ee8adf2b7c85157d4bf23edba7dab04f9a6afd570b7705199ca0fe72eef92e1f87fd34d4941eac87e093e79259b9b170d8e264451502ec3ab56fafcf6c4ba3982c5aee801a9004ab5d622deaac8dc117866f7a885b014e199d630692da0e51fd6af3a38e497dec2b4d234af7a754d4df913c3159e7044f3023ed442175d70dfae5297f17c426a12af386c5e2a90c406833a80927e3f5a29a816dd61054526892841c0151f83138e5de1be31f50b1540a709d61ea7d7a0d08dcfe2f96e71110e1fae925fc6a671c0af75e114c42a46b9f4328d05900cb0fba06a04be65e24e38b247f45b4d54da762bf0b29f45bcc5544b4b96d5a6c66e55e0437df3b0b791c5e78f177e29c0bed19cd88013acf6669fb51f3a172a1a3fa8912ab9cfe1dafa1726cd6a1326d71d6dd0623071292f83a7ab329854a44d2c04dde295d5ef31925441b31ea75868564d40832866bcf284a8bfdb0c003ccc79f81719b8f92737c91cc2f93c107e91eb6ffd30a195e0efec7645b48b78620c5e52c2e4a386c18f4dbbe79535e6b13e65372303bb96350300e153bc117e0ef0077d327e64e4b5ea57602f304317df8b0607c94313ebe2e869f9c5e89fc71a72fb1f0cb235ca404d97486c9cb1ac03ad572f9131b2508fa36de288e398777e4f873371b2e0e50f87fdb04adfd2a5e5aed42e27b9cab46c6ec2a0ae006df3b08b58dcacbb9a06dc0386ba62d2c50d3809ef53d4f0e08e7093216de06f6dbcc2ba8e73f4ef0c7709dea7ec94c52579578bcb50cd47bd02e20f77862ae35545e9e12761f208482b383ef1cc4eaf136cdf0aa6917664299de5b589aecaf08f122204b1b46d117a604dce1c83916dddb3d89e244eb73b077376d23cc2c362debcc7eee3852a0d27c07573d1d4e61901c4ba4cd4dc6c016dc9226c964b4a0de98736d002008e2df0a26aff4c93b6f29413171f4acd43654d1fad81fbdfc716d8c8c7e46c9fde09bc319cd7f840990021745ef935bff13161a03f8d9b805c3fb2501c5890596e6583d9bdf0730c3520d514c9d852366bee111b75c38e70facb7240d54fc88c35052ad00992e7eae27e158d86c409b6be6afd9f11f1543db438e16cd4d8ea6d23b7ea5eff81a1310c82bf2453347b2de9d603c09140889c1f21cac57608877bcad20622e5304829ce1f4ea2aab4574352a4979dd7fd934d17d584ba334d5086d4e457ea55777b713de26eb8d2e0d65e9cfd252756a46dc1a2cb7507de1836b56970fae95e60f963802d75f583e54cc3e76a7e40eff92b8d078e7da601d641a2bef1d75d0ac4b0d80e58b531ef9d2d4293b694bda4ef97fc6eb302c0ef910751d6fc5e744766aebed90337476aa35469d08fafad21795e4e0524788380bd4c08a4a4c8233f8d3973259216638e719fc35d1a0bc8dcbee1c6c856aee404c15584a4c0c2c6f5cd23bda13dd341dbeb5791df48e11dc8738cbdc372353ff071e31668f4253deca949c0ca75d4f50a3c087baee61879f26d742a24950a2d73ea77ece0dabb03489f00d37be1d7a0645a26af2585866291a7d0f63a3c12ff2e0391040efcab73a16ea7f61fdce2bcc412913577b572d87d76d56be09b9f31635154cb4d99743f060e810286c834dc83a969040d2673ecf8c5e71456e5735fd6bb474edc3f85a67fe1c57a3c2aeb5cb0b867c806e89fcd0294738bd88d6ad736a1519a640e26d27bb173295a4c76db6f03dfbe9cde6fd54684397211a7c00f364e387e66f8401521035e446706e932c06589b80a027dfa9fd5d873810f195d4380822de15dcc76b8194298c95c79c6035f8e98f9e1e06058e1acfad489f6ab36387b359b9b8a7de5b0b425cde4f684292621e457caa464cb783995f08cc5f14daa8566e122bfc67a7569b95b09b9c405c610d3caf1e630c6d7000b9eee32bce03cd66ba450559ff57992b3644fb999b327ba4f6efc8bcd64f59c6c3ef139c785ae8fc4fd6214626a1eb7e1feafcff275de8f4ea1416a158f9eaaa024419dbad50b1523e61359591d30ffb53395882e143dfe99e363cd6da4132edd4fb0d51e9a013f4cbc6ec2e5348e05a17e37363db81cffee8799358d86e98315f4df4454e395c9492f97c7be463ff7b9af97ad53e483121fe8d549301e4c8065c2d4bcfb09120848a9d15f88cf50bdd6cc364108ea70d325d4760b61665005b15bcc2d59570ab15595586627d707a0760e0bd1515e8aa25bb53b38abf7440eb94a36688731753ec6891ffdd3e204fb5f3806f05472dd7de280fceb8c755c4c220ff9edbe855b5ac5a49db8ec0dfa94b13972200e9847ceb5a4956e2e0382275635a98faa1ba64e1333943a6866aec666e203f643f38e1a2eab05dc06cfde48dc86f8dd33ecedcb7"}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_BITS={0x54, 0x3, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfffffff8}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x71}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, 'lo\x00'}]}, {0x4}]}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0xfe}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x110, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0xe4, 0x3, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, 'wlan0\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, 'lo\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '*%\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x13, 0x2, 'bridge_slave_0\x00'}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xa, 0x2, 'wlan0\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '-\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfffffffa}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, 'lo\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '-\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x41a9}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x52}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, 'lo\x00'}]}]}, @ETHTOOL_A_BITSET_VALUE={0x24, 0x4, "dc5b5521cdc3fdc40b1067d65cccb7ed2cd868df42ee2e022e45acdaa74c5949"}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x1c8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_MASK={0x103, 0x5, "8d60bc363eca3ca2959cb21ff9ac1a6e1eead356ea63fab4b3a7d2e824af503d71a288fd9ee579144a29f4a4eb4c82adfd54bbec9e3ab8940d1bbc3170bbf69999d1dbcd5197e20e3751c917bd0e97f22a589cb0a97ed70f22ba3b37f1e0f1413b5dbbbeafaebef7ccde40c88116c6b75f83ce741b2b86b979dc3ff423e64c366242afbaaf61e65d57324c35129fd911bf4092d000d8bf9e744f934fbfe2bff4835347ac2fb3abfaa4c2647ed7161ffbb39f51d518fa7e082d16340fcec339e84e5b394c5e82c4d4a1c5d7df99c9d5e29fc6fb40d9028adb3de88cd72c0e40b4c54398b988be58f6b38db0f0e06b599cfa5c5448afcda192168364403e27cc"}, @ETHTOOL_A_BITSET_BITS={0xbc, 0x3, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x10001}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '\'{@\'\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}]}, {0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}, @ETHTOOL_A_BITSET_BIT_NAME={0x0, 0x2, 'lo\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '\xdd:.\x00'}]}, {0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x20}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8e1}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x80000001}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '\'{@\'\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7f}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, 'lo\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x8, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_VALUE={0x4}]}]}, 0x1618}, 0x1, 0x0, 0x0, 0x4000}, 0x4008010)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(0xffffffffffffffff, &(0x7f0000007280)={0x0, 0x13, &(0x7f0000007240)={&(0x7f0000000300)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="1c010000000000fdffffff0e00000ded39f500b9aaeb7f3b3afe7f8e5dc631ddffe7f4c3ea70a11bf2181223954668435d5e3ed4cf234b9c89693a2989d1bb1823c32016eb3243e8e0efd5f0f6a5a775340c01b623ca662153c032670b6cf54ee7537473d535e453d2c9a3bb032477676a431c561577908128e8a743df4b34be9718cbd87dc5a761a688bf932b9c08b920b9bfced9282f33d72fab052fa92a8e3b16fccf39c58dbef3e626b5dd838fed25b66d36459aa9a37eb2e3eaef92482c422febbdac07c66d0b26e2779d9bed18db28726bbfd37ebf6878d374d863e5bd4a3dce412798bcf6671f9c57eaf69a2667392fdd25737d16d4a7acfe452fc8619e90f02465fef1ea153b8532de17eabc0d8d3dfa93e97acf8280a16c9651fa086561e354d7f70f09fe290d64272d65a12e8d2c2d4e588925d7d683a98a"], 0x14}}, 0x80)
r1 = syz_io_uring_setup(0x4d4f, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_PROBE_MESH_LINK(0xffffffffffffffff, &(0x7f0000000c80)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000c40)={&(0x7f0000000680)={0x5bc, 0x0, 0x400, 0x70bd2d, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0x7, 0x1c}}}}, [@NL80211_ATTR_FRAME={0xe, 0x33, @ctrl_frame=@ack={{}, {0x3}}}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_FRAME={0x576, 0x33, @data_frame={@qos_ht={{{@type00={{0x0, 0x2, 0xb, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1}, {}, @device_a, @device_a, @random="975e88b78f96", {0x5, 0x3}}, {0x3, 0x0, 0x1}}, {@type01={{0x0, 0x2, 0x9}, {0x14bb}, @device_b, @random="908eb69148b3", @random="bf6b4b6f6962", {0x6, 0xff8}}, {0xd, 0x0, 0x3, 0x1, 0x3}}}, @ver_80211n={0x0, 0x8, 0x1, 0x1, 0x0, 0x3, 0x1, 0x0, 0x0, 0x1}}, @random="7280231aea8af808ac1cf4066987e7d9fb13e8a51a61fe0d0274fa026a75938ef10686973a0d4715f50e1ec9b1102584ae75f71c0be25c04c7bc2a8f457792b3de86444d6c12c5440bb4fdd86a6160fd82a039d342d97463f3258ba5fcec9e1776ed957e06cc8bb083eb8945b0c9670bb3121a527ce8ab086564fe97f036a4f8c46a19ea67a55d6cddf02e7a354e8f17688ee315991079830f616a036b62e9d0ca178ac74b3dd430a1fa200aa5471fa95c33b13a533c0d58996586a436c6da4933906495cba59ffc92b20c2aaeae85bcc72b61b17982846cc2440bf8bb0ff88cf0bec1dcb9bfc9ee3672d485b7043ae16ed400a0d9c9621df63fc90caa8e1d8375f77e92a5d80ba182168dd1c6a2dbe4061c249fee560ba7d9332abfa2e852f7501e6e2b2f4aeaf86b48bf05ce663afc18717beb0fa8fd12ef66d3de07edb1fd450f9446b0965d299136d82cd41f3e0c409f1998c198dcbfbaf94cb8058727b7de56201ef2adc60c0e202cd5a1dc2c81d179c9ea4c0c67911ea55224ec11c8673114a2a59b2f783d11a111eb0cd11248965ba22c95768bfbc64ef42906226fca98a21f48ce91c9baaa05b379007891a9736275137edbd46bbf195baab21d6ba211249c7ea3e6b6834c7b6964f9d99e3d021fe3c817429063459ff7ec1e97b39c34a3d4e5ff0aaa628b028b8e7d218e1011c54f09df33c7fd4e6d8196e8f4d9dec7ca71001fca59f1d387887cc7d38fe342e042edfc084e5a381278329c5fd60d8e0a9695caa11a48571903e48a3455cfe4f45d004071ecab864c93e861753dec12488049848b0005e00ce7c63d725cd1323d15b69977343145e9a899e198cbb08c64b90323baa189dbaf00b640ed6023cbc6fc3b7ff0bac8800823964b346b1d87581004f793225ca03c6e0335129576dc2931ad87f7333ffa3b3057639e84f0cedaa80e3e5bbb97b0c4265e8a6620f26ad175612142f4bcdf35abaf669f90079609e07cdf0a8b5757495e0b731a281fb52c7618674eee1ce74b12599b9ed162a81b094a6d74ae6d5374192d3aaeae1c2b17b96df5788db9c4f505f6f066f159279c8d9a47b46369f86e7726de079d35117905c43c2c22f357592cbf42a11cc373a7760d939c04e10d453d26e0211b9d38efbc10174e0edd8d6212bff383c0458ea5d016c00a60221d5ad14bed9c56abc113e85913e6a9f745a91991555af6d1c9b0d0ba8ea518b648d3ba6f3bbd7cd1cdb004a75a2f617bbd066fa39f92e4b0423af22c856ae92611400ef2fd8631838f034320acf5a611c2731b75f1e60fdb86716fe144e420c575d2670577a1aac48fe8736aa71b1b7690fd7c2be6b11efe498bf0680fe74e03dd0c0a4c8c9220618060f32c89469ba9fdaa6d4b1c3c815a3357d11148e08cffbdf9361f2aade668be4a489fc1f96f75bb479d204faa7847bf4a5f87febe3337bf786e066f811065bb9daf0c751c20238253182a4349aaaf5aaef7a8aaf2af6f6ec0be2598e1de1ee256708d4f23ff4a8105315cbd94be50410cd5bb1ac2b199df18f08fe18293d20bddafb0498808ae909ff0b93fc67a1d75321307246cd77d7fce25e065e53d39b20b9eccc3dc0051c9c00557ce11ca0bdc6446ce497478b994c1eafad7f461c9a59f3a339d71156f72a42970673a7243cb0f4dc7acadfb861daa3a58e84db842189b280958791666ae1e6c499d4251372949eb962548a5f62691b3bc1947d5e9c445c76f59cab0cf0c00a25680f7b0a7ba9164ebc0aba33be66bada35eb2b35e84640459097c20863aee5099bdaf9eb542675987fb7d912039e2a52786709ce31834ab81c9f37b126d6a28d5a50089a66e9b1a8f160173776ce15f8c456c685fdbd1c65ff6990e97ba81"}}]}, 0x5bc}, 0x1, 0x0, 0x0, 0x20000004}, 0x80)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000001700), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_RINGS_SET(r4, &(0x7f0000016580)={0x0, 0x0, &(0x7f0000016540)={&(0x7f0000000000)={0x34, r5, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_RINGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}]}, @ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x9, 0x1000}]}, 0x34}}, 0x0)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000040), 0xc, &(0x7f0000000240)={&(0x7f0000000080)={0x60, r5, 0x10, 0x70bd28, 0x25dfdbfb, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r0}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x4004810}, 0x4010)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x8, &(0x7f0000000100)}, 0x0)
syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000500), r4)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r6, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)

01:21:14 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 49)

[ 1961.987176] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1961.987176]    program syz-executor.1 not setting count and/or reply_len properly
[ 1961.993730] FAULT_INJECTION: forcing a failure.
[ 1961.993730] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1961.995547] CPU: 1 PID: 24466 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 1961.996458] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1961.997548] Call Trace:
[ 1961.997905]  dump_stack+0x107/0x167
[ 1961.998397]  should_fail.cold+0x5/0xa
[ 1961.998914]  __alloc_pages_nodemask+0x182/0x600
[ 1961.999524]  ? __kmalloc+0x16e/0x390
[ 1962.000013]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 1962.000801]  ? trace_hardirqs_on+0x5b/0x180
[ 1962.001371]  alloc_pages_current+0x187/0x280
[ 1962.001956]  sg_build_indirect.isra.0+0x2f5/0x710
[ 1962.002596]  sg_common_write.constprop.0+0x992/0x1a30
[ 1962.003286]  ? sg_build_indirect.isra.0+0x710/0x710
[ 1962.003935]  ? vprintk_func+0x93/0x140
[ 1962.004444]  ? printk+0xba/0xf1
[ 1962.004873]  ? record_print_text.cold+0x16/0x16
[ 1962.005488]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 1962.006148]  ? trace_hardirqs_on+0x5b/0x180
[ 1962.006724]  sg_write.part.0+0x69e/0xaa0
[ 1962.007254]  ? sg_new_write.isra.0+0x770/0x770
[ 1962.007853]  ? find_held_lock+0x2c/0x110
[ 1962.008384]  ? __might_fault+0xd3/0x180
[ 1962.008900]  ? lock_downgrade+0x6d0/0x6d0
[ 1962.009450]  ? _cond_resched+0x10/0x30
[ 1962.009964]  ? inode_security+0x107/0x140
[ 1962.010506]  ? avc_policy_seqno+0x9/0x70
[ 1962.011055]  ? selinux_file_permission+0x92/0x520
[ 1962.011689]  ? iov_iter_advance+0x23b/0xec0
[ 1962.012269]  sg_write+0x87/0x120
[ 1962.012357] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1962.012357]    program syz-executor.5 not setting count and/or reply_len properly
[ 1962.012721]  do_iter_write+0x4f0/0x700
[ 1962.012737]  ? import_iovec+0x83/0xb0
[ 1962.012752]  vfs_writev+0x1ae/0x620
[ 1962.012766]  ? vfs_iter_write+0xa0/0xa0
[ 1962.012778]  ? __fget_files+0x2cf/0x520
[ 1962.012790]  ? lock_downgrade+0x6d0/0x6d0
[ 1962.012800]  ? find_held_lock+0x2c/0x110
[ 1962.012822]  ? ksys_write+0x12d/0x260
[ 1962.020693]  ? __fget_files+0x2f8/0x520
[ 1962.021222]  ? __fget_light+0xea/0x290
[ 1962.021742]  do_writev+0x139/0x300
[ 1962.021997] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=115 sclass=netlink_route_socket pid=24472 comm=syz-executor.2
[ 1962.022212]  ? vfs_writev+0x620/0x620
[ 1962.025582]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1962.026262]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1962.026935]  do_syscall_64+0x33/0x40
[ 1962.027413]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1962.028079] RIP: 0033:0x7f04ef0deb19
[ 1962.028562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1962.030947] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 1962.031944] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 1962.032870] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 1962.033788] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 1962.034735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1962.035660] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:21:14 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c045503000200000e0000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 1962.065932] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1962.065932]    program syz-executor.5 not setting count and/or reply_len properly
[ 1962.092465] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=115 sclass=netlink_route_socket pid=24480 comm=syz-executor.2
01:21:14 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000200000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:14 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030621206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:14 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400037421206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:14 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe03000030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:14 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 50)

01:21:14 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000300000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 1962.218012] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1962.218012]    program syz-executor.1 not setting count and/or reply_len properly
01:21:14 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x8, 0x5, 0x0, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

[ 1962.229200] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1962.229200]    program syz-executor.5 not setting count and/or reply_len properly
[ 1962.231808] FAULT_INJECTION: forcing a failure.
[ 1962.231808] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1962.235002] CPU: 1 PID: 24545 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 1962.235840] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1962.236870] Call Trace:
[ 1962.237192]  dump_stack+0x107/0x167
[ 1962.237631]  should_fail.cold+0x5/0xa
[ 1962.238088]  __alloc_pages_nodemask+0x182/0x600
[ 1962.238641]  ? __kmalloc+0x16e/0x390
[ 1962.239106]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 1962.239819]  ? trace_hardirqs_on+0x5b/0x180
[ 1962.240332]  alloc_pages_current+0x187/0x280
[ 1962.240864]  sg_build_indirect.isra.0+0x2f5/0x710
[ 1962.241436]  sg_common_write.constprop.0+0x992/0x1a30
[ 1962.242063]  ? sg_build_indirect.isra.0+0x710/0x710
[ 1962.242659]  ? vprintk_func+0x93/0x140
[ 1962.243136]  ? printk+0xba/0xf1
[ 1962.243523]  ? record_print_text.cold+0x16/0x16
[ 1962.244077]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 1962.244669]  ? trace_hardirqs_on+0x5b/0x180
[ 1962.245181]  sg_write.part.0+0x69e/0xaa0
[ 1962.245664]  ? sg_new_write.isra.0+0x770/0x770
[ 1962.246204]  ? find_held_lock+0x2c/0x110
[ 1962.246694]  ? __might_fault+0xd3/0x180
[ 1962.247162]  ? lock_downgrade+0x6d0/0x6d0
[ 1962.247669]  ? _cond_resched+0x10/0x30
[ 1962.248123]  ? inode_security+0x107/0x140
[ 1962.248608]  ? avc_policy_seqno+0x9/0x70
[ 1962.249080]  ? selinux_file_permission+0x92/0x520
[ 1962.249642]  ? iov_iter_advance+0x23b/0xec0
[ 1962.250167]  sg_write+0x87/0x120
[ 1962.250573]  do_iter_write+0x4f0/0x700
[ 1962.251045]  ? import_iovec+0x83/0xb0
[ 1962.251495]  vfs_writev+0x1ae/0x620
[ 1962.251930]  ? vfs_iter_write+0xa0/0xa0
[ 1962.252400]  ? __fget_files+0x2cf/0x520
[ 1962.252876]  ? lock_downgrade+0x6d0/0x6d0
[ 1962.253371]  ? find_held_lock+0x2c/0x110
[ 1962.253863]  ? ksys_write+0x12d/0x260
[ 1962.254317]  ? __fget_files+0x2f8/0x520
[ 1962.254799]  ? __fget_light+0xea/0x290
[ 1962.255256]  do_writev+0x139/0x300
[ 1962.255672]  ? vfs_writev+0x620/0x620
[ 1962.256121]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1962.256733]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1962.257336]  do_syscall_64+0x33/0x40
[ 1962.257768]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1962.258365] RIP: 0033:0x7f04ef0deb19
[ 1962.258809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1962.260965] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 1962.261860] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 1962.262697] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 1962.263535] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 1962.264368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1962.265211] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:21:14 executing program 0:
r0 = syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0, <r6=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r7=>0x0, &(0x7f0000000300)=<r8=>0x0)
setresuid(0x0, r5, r7)
r9 = fork()
setreuid(r4, r4)
prlimit64(r9, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r10=>0x0})
setresuid(0xffffffffffffffff, r10, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r0, {r8, <r11=>r6}}, './file0\x00'})
chown(&(0x7f0000000280)='./file0\x00', r10, r11)
newfstatat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0}, 0x1000)
fchownat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, r12, 0x1000)

01:21:14 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400037a21206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:14 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030721206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:14 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000001000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:14 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe0b600030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:14 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x25, 0x5, 0x0, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

[ 1962.431620] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1962.431620]    program syz-executor.5 not setting count and/or reply_len properly
01:21:14 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x2400, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000000104010200edf8017200000000000001000200"/40], 0x24}}, 0x0)
r1 = add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f00000001c0)={'fscrypt:', @desc4}, &(0x7f0000000200)={0x0, "f038779de021f8c8c974dd89170cf2579d1fa459ba726003d07140eeb342b87ae631f7a548867a29f29fd1637ddac658a709b49b093393d0e1c7391515c7ab7c"}, 0x48, 0xfffffffffffffffe)
keyctl$set_timeout(0xf, r1, 0x0)
add_key$keyring(&(0x7f0000000040), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r2 = add_key$fscrypt_v1(&(0x7f0000000380), &(0x7f0000000540)={'fscrypt:', @desc4}, &(0x7f0000000600)={0x0, "8e332b3678f68519e80359c1ce37ab196d1c9b6c4d894e78ee91dccf7d8c2e7c254b01bc06ec8b5f09d3bae18a5ef3a65f15692b0a86e06891ad2e408341f2b1", 0x12}, 0x48, 0xfffffffffffffff9)
add_key(&(0x7f00000000c0)='user\x00', &(0x7f0000000280)={'syz', 0x2}, &(0x7f0000000480)="17a176f017d28d91b51993afc1f91f3fc05cb8d126f0832efb3aba3e405825e6900b48b0c69db65eea0fbfefb16366398b5ad94ff44650f8c55ebfdbedda0fea5ac9ec42b1a5d4f8fd9fc25390f0b4c5eb900a8c9f", 0x55, r2)
getgroups(0x5, &(0x7f0000000040)=[0x0, 0x0, 0xee00, 0x0, 0x0])
sendmsg$IPCTNL_MSG_EXP_DELETE(0xffffffffffffffff, 0x0, 0x80014)
r3 = add_key$fscrypt_v1(&(0x7f0000000200), &(0x7f0000000500)={'fscrypt:', @desc4}, &(0x7f0000000680)={0x0, "51bab78fbede0eb5fae9c09d1193a258a2e3125ffdcd424c2f8cf56e277a15201fa83a9d96dbd58e991ffb9e07a1638e07a037807e7786eb446cd80e9a5867be", 0x3b}, 0x48, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, &(0x7f0000000700)='id_legacy\x00', &(0x7f0000000740)=@keyring)
perf_event_open(&(0x7f0000000400)={0x2, 0x80, 0xed, 0x1, 0xd7, 0x1f, 0x0, 0x0, 0x103a6, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, @perf_bp={&(0x7f0000000080), 0x1}, 0x0, 0x7, 0x5, 0x8, 0x5, 0x101, 0x2, 0x0, 0x5}, 0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0xb)
add_key$keyring(&(0x7f0000000100), &(0x7f00000003c0)={'syz', 0x3}, 0x0, 0x0, r3)
keyctl$update(0x2, r3, &(0x7f0000000100)="6dfcbf858335a78a816ec20218651e012c15aa0ac6dc97907e502811020c1604b4f33ce47ae897c4667815ad70ad7ef635cba3a382f95d876cdd18596e76eb29d4efb3bca2b1ae835666a02e706dc74ef287dcf8ab1a43", 0x57)
add_key$fscrypt_v1(&(0x7f0000000300), &(0x7f0000000340)={'fscrypt:', @desc3}, &(0x7f0000000580)={0x0, "18ff11eada931e41726aff50a770f500fb0e3d624c1f5e589d4ca6212ff40f02cb85ab0459396e259d56687243ff072d79e07739f2c22c265dc682c378abec78", 0x29}, 0x48, 0x0)
setgid(0x0)

01:21:15 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_WRITE={0x17, 0x3, 0x4000, @fd_index=0x8, 0xeff, &(0x7f0000000340)="2fa21d746e300af52bc4036a725ad1e50ca58a82f26a36d535cbcd17e341592498751b20cf680d4c2accd224320cd2c4362487f835b3860dc00dad933968f76fd5031571ee4746a3b7c46dbe941d4fd28baca3f24da6a24a7bcb76b85bd51e2460cc1b23b0d84bdf5a44146da32819467b5a532029367391eea28c7a4bb76835635d42815eb30b9d783cb44265bf452527ed8d9da5aa23ba7d", 0x99, 0x0, 0x1}, 0x10000)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0, <r6=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r7=>0x0, &(0x7f0000000300))
setresuid(0x0, r5, r7)
r8 = fork()
fchown(r0, r5, r6)
setreuid(r4, r4)
prlimit64(r8, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

01:21:15 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030030206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 1962.478306] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 1962.500848] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 1962.506624] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1962.525799] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1962.525799]    program syz-executor.4 not setting count and/or reply_len properly
[ 1962.548584] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:21:28 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 51)

01:21:28 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000002000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:28 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030921206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:28 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02402030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:28 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x2400, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000000104010200edf8017200000000000001000200"/40], 0x24}}, 0x0)
r1 = add_key$fscrypt_v1(&(0x7f0000000180), &(0x7f00000001c0)={'fscrypt:', @desc4}, &(0x7f0000000200)={0x0, "f038779de021f8c8c974dd89170cf2579d1fa459ba726003d07140eeb342b87ae631f7a548867a29f29fd1637ddac658a709b49b093393d0e1c7391515c7ab7c"}, 0x48, 0xfffffffffffffffe)
keyctl$set_timeout(0xf, r1, 0x0)
add_key$keyring(&(0x7f0000000040), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r2 = add_key$fscrypt_v1(&(0x7f0000000380), &(0x7f0000000540)={'fscrypt:', @desc4}, &(0x7f0000000600)={0x0, "8e332b3678f68519e80359c1ce37ab196d1c9b6c4d894e78ee91dccf7d8c2e7c254b01bc06ec8b5f09d3bae18a5ef3a65f15692b0a86e06891ad2e408341f2b1", 0x12}, 0x48, 0xfffffffffffffff9)
add_key(&(0x7f00000000c0)='user\x00', &(0x7f0000000280)={'syz', 0x2}, &(0x7f0000000480)="17a176f017d28d91b51993afc1f91f3fc05cb8d126f0832efb3aba3e405825e6900b48b0c69db65eea0fbfefb16366398b5ad94ff44650f8c55ebfdbedda0fea5ac9ec42b1a5d4f8fd9fc25390f0b4c5eb900a8c9f", 0x55, r2)
getgroups(0x5, &(0x7f0000000040)=[0x0, 0x0, 0xee00, 0x0, 0x0])
sendmsg$IPCTNL_MSG_EXP_DELETE(0xffffffffffffffff, 0x0, 0x80014)
r3 = add_key$fscrypt_v1(&(0x7f0000000200), &(0x7f0000000500)={'fscrypt:', @desc4}, &(0x7f0000000680)={0x0, "51bab78fbede0eb5fae9c09d1193a258a2e3125ffdcd424c2f8cf56e277a15201fa83a9d96dbd58e991ffb9e07a1638e07a037807e7786eb446cd80e9a5867be", 0x3b}, 0x48, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, &(0x7f0000000700)='id_legacy\x00', &(0x7f0000000740)=@keyring)
perf_event_open(&(0x7f0000000400)={0x2, 0x80, 0xed, 0x1, 0xd7, 0x1f, 0x0, 0x0, 0x103a6, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x3, 0x0, @perf_bp={&(0x7f0000000080), 0x1}, 0x0, 0x7, 0x5, 0x8, 0x5, 0x101, 0x2, 0x0, 0x5}, 0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0xb)
add_key$keyring(&(0x7f0000000100), &(0x7f00000003c0)={'syz', 0x3}, 0x0, 0x0, r3)
keyctl$update(0x2, r3, &(0x7f0000000100)="6dfcbf858335a78a816ec20218651e012c15aa0ac6dc97907e502811020c1604b4f33ce47ae897c4667815ad70ad7ef635cba3a382f95d876cdd18596e76eb29d4efb3bca2b1ae835666a02e706dc74ef287dcf8ab1a43", 0x57)
add_key$fscrypt_v1(&(0x7f0000000300), &(0x7f0000000340)={'fscrypt:', @desc3}, &(0x7f0000000580)={0x0, "18ff11eada931e41726aff50a770f500fb0e3d624c1f5e589d4ca6212ff40f02cb85ab0459396e259d56687243ff072d79e07739f2c22c265dc682c378abec78", 0x29}, 0x48, 0x0)
setgid(0x0)

01:21:28 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe024000300b6206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:28 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x5f, 0x5, 0x0, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:21:28 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000000100)='./file0\x00', &(0x7f0000001500)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r6=>0x0, &(0x7f0000000300))
unlinkat(0xffffffffffffffff, &(0x7f00000018c0)='./file0\x00', 0x200)
setresuid(0x0, r5, r6)
r7 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r7, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$TCPDIAG_GETSOCK(r7, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)={0x4c, 0x12, 0x501, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, {0xffff}}}, 0x4c}}, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f0000000500)={{<r8=>0x0, 0xd76, 0x0, 0x1, 0x7fffffff, 0xfffffffffffffffd, 0x0, 0x9e68, 0x9, 0x1, 0x0, 0x4, 0x1, 0x4, 0x20}})
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r7, 0xc0709411, &(0x7f0000000340)=ANY=[@ANYRES64=r8, @ANYBLOB="ff010000000000001200000000000000c60a000000000000040006de0000000001000000000000004ade000000000000030000001d0b0000090000000200000009000000100000000001000000000000000000000000000020000000000000001000"/120])
r9 = fork()
setreuid(r4, r4)
prlimit64(r9, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

[ 1975.623794] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1975.623794]    program syz-executor.4 not setting count and/or reply_len properly
[ 1975.628539] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 1975.634215] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 1975.649645] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1975.649645]    program syz-executor.5 not setting count and/or reply_len properly
[ 1975.657683] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1975.678591] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1975.678591]    program syz-executor.1 not setting count and/or reply_len properly
01:21:28 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030009206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:28 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030d21206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 1975.691722] FAULT_INJECTION: forcing a failure.
[ 1975.691722] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1975.693339] CPU: 1 PID: 24859 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 1975.694197] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1975.695248] Call Trace:
[ 1975.695580]  dump_stack+0x107/0x167
[ 1975.696035]  should_fail.cold+0x5/0xa
[ 1975.696513]  __alloc_pages_nodemask+0x182/0x600
[ 1975.697088]  ? __kmalloc+0x16e/0x390
[ 1975.697561]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 1975.698314]  ? trace_hardirqs_on+0x5b/0x180
[ 1975.698871]  alloc_pages_current+0x187/0x280
[ 1975.699430]  sg_build_indirect.isra.0+0x2f5/0x710
[ 1975.700036]  sg_common_write.constprop.0+0x992/0x1a30
[ 1975.700686]  ? sg_build_indirect.isra.0+0x710/0x710
[ 1975.701301]  ? vprintk_func+0x93/0x140
[ 1975.701793]  ? printk+0xba/0xf1
[ 1975.702204]  ? record_print_text.cold+0x16/0x16
[ 1975.702609] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1975.702609]    program syz-executor.5 not setting count and/or reply_len properly
[ 1975.702787]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 1975.706836]  ? trace_hardirqs_on+0x5b/0x180
[ 1975.707390]  sg_write.part.0+0x69e/0xaa0
[ 1975.707906]  ? sg_new_write.isra.0+0x770/0x770
[ 1975.708481]  ? find_held_lock+0x2c/0x110
[ 1975.708988]  ? __might_fault+0xd3/0x180
[ 1975.709483]  ? lock_downgrade+0x6d0/0x6d0
[ 1975.710005]  ? _cond_resched+0x10/0x30
[ 1975.710499]  ? inode_security+0x107/0x140
[ 1975.711033]  ? avc_policy_seqno+0x9/0x70
[ 1975.711537]  ? selinux_file_permission+0x92/0x520
[ 1975.712153]  ? iov_iter_advance+0x23b/0xec0
[ 1975.712700]  sg_write+0x87/0x120
[ 1975.713138]  do_iter_write+0x4f0/0x700
[ 1975.713632]  ? import_iovec+0x83/0xb0
[ 1975.714110]  vfs_writev+0x1ae/0x620
[ 1975.714568]  ? vfs_iter_write+0xa0/0xa0
[ 1975.714998] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1975.715097]  ? __fget_files+0x2cf/0x520
[ 1975.717402]  ? lock_downgrade+0x6d0/0x6d0
[ 1975.717917]  ? find_held_lock+0x2c/0x110
[ 1975.718429]  ? ksys_write+0x12d/0x260
[ 1975.718939]  ? __fget_files+0x2f8/0x520
[ 1975.719442]  ? __fget_light+0xea/0x290
[ 1975.719934]  do_writev+0x139/0x300
[ 1975.720378]  ? vfs_writev+0x620/0x620
[ 1975.720852]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1975.721505]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1975.722150]  do_syscall_64+0x33/0x40
[ 1975.722612]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1975.723268] RIP: 0033:0x7f04ef0deb19
[ 1975.723726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1975.725993] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 1975.726948] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 1975.727823] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000008
[ 1975.728691] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 1975.729562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1975.730432] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:21:28 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000003000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 1975.776746] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1975.776746]    program syz-executor.4 not setting count and/or reply_len properly
01:21:40 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000009000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:40 executing program 7:
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x80000000100, 0x400000)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000700)={0x53, 0xffffffffffffffff, 0xa4, 0x5, @scatter={0x3, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000340)=""/28, 0x1c}, {&(0x7f0000000380)=""/76, 0x4c}, {&(0x7f0000000400)=""/168, 0xa8}]}, &(0x7f0000000500)="8e2aaead10f2b2c959426cf2ab1eab87ca68cf127d0dad09afe725c225cac6b1ea9d83523876dbf81e4c61aae82659181a4d7d2eef0bde9e93bd6e07fabcb5f53f47054416cdf66276ada9c5c667d3fdca3a2cae9dd38aae633dcc5de66196d5d5419ab265645d99c55ccb3b57e1f6b409fa15826f99f71e1783308b3f3e1d82160c102d9cd31d0b61f14df73f648eba5d020b0629dc31572d95c848f1c49a53696e0325", &(0x7f00000005c0)=""/215, 0x0, 0x0, 0xffffffffffffffff, &(0x7f00000006c0)})
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000040), 0x6e, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1, &(0x7f0000000200)=[@cred={{0x1c, 0x1, 0x2, {<r1=>0x0}}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x50}, 0xe2d79843f04ab3e8)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f00000002c0)={'\x00', 0xc10, 0x3, 0x0, 0x9, 0x85a, r1})

01:21:40 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 52)

01:21:40 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030030206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:40 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x6, 0x0, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:21:40 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02403030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 1988.427851] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1988.427851]    program syz-executor.4 not setting count and/or reply_len properly
01:21:40 executing program 0:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$TCPDIAG_GETSOCK(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000001680)=ANY=[@ANYBLOB="4c0000001200010500000000008f000007000000ffff00000000000000005f27643e000e00"/56, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000002df994834bcbee11cbc341801cd548a68a2fd5f3ebe0bd73e33ef61d9e903290070000008b67e8d3a946b76d5a95ff517f8b2092a92538a977faa3a155946156df689c4f3e1b9705bf7229a2982c2642c161a71e89fd42c87983370e458b23b7525d60e7930e491d67f9b772f0d28c928d51f0c55e2fb65652390800d24fb70f7d45410a66a0c711638377820b53a3ccffb49199c2b9ea2fe27a7da706c5db85bd4a9a53e970d2c97a22a916fa12c3ae48df9732aa2c0eeefb5e911724c97bffc42ca7c2e9480a43cdd9a01d3e7a16da59f7962900000000000000"], 0x4c}}, 0x0)
syz_io_uring_setup(0x5a73, &(0x7f0000000240)={0x0, 0x83a6, 0x2, 0x1, 0x2c0, 0x0, r0}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f00000003c0), &(0x7f0000000400)=<r5=>0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000100)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4007, @fd=r0, 0x470000000000000, &(0x7f0000000540)=""/4096, 0x1000, 0x10}, 0x9ad4)
stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000001540)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
setresuid(0xffffffffffffffff, r6, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r7=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r8=>0x0, &(0x7f0000000340))
fspick(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x1)
setresuid(0x0, r7, r8)
r9 = fork()
setreuid(r6, r6)
prlimit64(r9, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

[ 1988.433705] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1988.433705]    program syz-executor.5 not setting count and/or reply_len properly
[ 1988.439231] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:21:40 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030e21206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 1988.448564] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1988.448564]    program syz-executor.1 not setting count and/or reply_len properly
[ 1988.453296] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 1988.459165] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1988.459165]    program syz-executor.5 not setting count and/or reply_len properly
[ 1988.466332] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 1988.475462] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:21:41 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe024000300b6206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 1988.483081] FAULT_INJECTION: forcing a failure.
[ 1988.483081] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1988.486045] CPU: 0 PID: 24984 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 1988.487809] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1988.489510] Call Trace:
[ 1988.490181]  dump_stack+0x107/0x167
[ 1988.490948]  should_fail.cold+0x5/0xa
[ 1988.491769]  __alloc_pages_nodemask+0x182/0x600
[ 1988.492737]  ? __kmalloc+0x16e/0x390
[ 1988.493512]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 1988.494781]  ? trace_hardirqs_on+0x5b/0x180
[ 1988.495702]  alloc_pages_current+0x187/0x280
[ 1988.496614]  sg_build_indirect.isra.0+0x2f5/0x710
[ 1988.497625]  sg_common_write.constprop.0+0x992/0x1a30
[ 1988.498707]  ? sg_build_indirect.isra.0+0x710/0x710
[ 1988.499741]  ? vprintk_func+0x93/0x140
[ 1988.500550]  ? printk+0xba/0xf1
[ 1988.501245]  ? record_print_text.cold+0x16/0x16
[ 1988.502212]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 1988.503262]  ? trace_hardirqs_on+0x5b/0x180
[ 1988.504164]  sg_write.part.0+0x69e/0xaa0
[ 1988.505013]  ? sg_new_write.isra.0+0x770/0x770
[ 1988.505969]  ? find_held_lock+0x2c/0x110
[ 1988.506815]  ? __might_fault+0xd3/0x180
[ 1988.507662]  ? lock_downgrade+0x6d0/0x6d0
[ 1988.508541]  ? _cond_resched+0x10/0x30
[ 1988.509355]  ? inode_security+0x107/0x140
[ 1988.510217]  ? avc_policy_seqno+0x9/0x70
[ 1988.511063]  ? selinux_file_permission+0x92/0x520
[ 1988.512078]  ? iov_iter_advance+0x23b/0xec0
[ 1988.512992]  sg_write+0x87/0x120
[ 1988.513708]  do_iter_write+0x4f0/0x700
[ 1988.514534]  ? import_iovec+0x83/0xb0
[ 1988.515335]  vfs_writev+0x1ae/0x620
[ 1988.516093]  ? vfs_iter_write+0xa0/0xa0
[ 1988.516924]  ? __fget_files+0x2cf/0x520
[ 1988.517766]  ? lock_downgrade+0x6d0/0x6d0
[ 1988.518627]  ? find_held_lock+0x2c/0x110
[ 1988.519703]  ? ksys_write+0x12d/0x260
[ 1988.520509]  ? __fget_files+0x2f8/0x520
[ 1988.521362]  ? __fget_light+0xea/0x290
[ 1988.522357]  do_writev+0x139/0x300
[ 1988.523117]  ? vfs_writev+0x620/0x620
[ 1988.523444] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1988.523444]    program syz-executor.4 not setting count and/or reply_len properly
[ 1988.523909]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1988.523934]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 1988.527884]  do_syscall_64+0x33/0x40
[ 1988.528660]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1988.529720] RIP: 0033:0x7f04ef0deb19
[ 1988.530683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1988.534445] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 1988.536027] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 1988.537497] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000008
[ 1988.539002] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 1988.540268] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1988.540268]    program syz-executor.5 not setting count and/or reply_len properly
[ 1988.540504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1988.540527] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:21:41 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400033021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:41 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02404030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:41 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c0455030002000000000d000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:41 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=@reiserfs_3={0xc, 0x3, {0x101, 0x7, 0x29}}, 0x8400)
pipe(&(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
fcntl$setstatus(r1, 0x4, 0x42c00)
r3 = socket$inet(0x2, 0xa, 0x0)
dup2(r3, r2)

[ 1988.574910] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 1988.574910]    program syz-executor.5 not setting count and/or reply_len properly
01:21:55 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x9, 0x0, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:21:55 executing program 7:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000440)='blkio.bfq.io_wait_time\x00', 0x0, 0x0)
ioctl$SNAPSHOT_FREE(r0, 0x3305)
mkdirat$binderfs(0xffffffffffffff9c, &(0x7f00000001c0)='./binderfs2\x00', 0x1ff)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000010a00)="ff4344303031", 0x6, 0xff}], 0x8, &(0x7f0000000080)={[{@unhide}, {@map_off}]})
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x9, 0x3, &(0x7f0000000300)=[{&(0x7f0000000140)="10d5ac4242ead94232aaa73bf9dd6da910dfab3c09dce5ee89ee875b49ab6289ee3de7c798a6bdaa27623eb45266044b86163076f7aaed3d80d7649f0c7494c20c4e371fcc4d68b75a93947754c5fd9220578363fb5d2ad4ed940f5f08658a1f3e1cf99c8da5a7d8edec4f409d9f79f7e66889eb6eba896097b1d7bafa", 0x7d, 0x7}, {&(0x7f00000001c0)}, {&(0x7f0000000240)="2c3fdf150395a34121af0ab93f50c1d81a21f503584fed13394f4efb4dad2e365594e39c1f5178687afd44c66b1552d2bbcb9022436f8f66be472a00559059623e60eae6a9b36ac31751b581a68fbd6395063363f14671a41c54af3057c830c10f0fa0b9d9faf9612693192aebd72e52e48d99f3972641de3496941a6579b54e96f113217bea6afeb996656480998242befa7c2967", 0x95, 0xfff}], 0x28480, &(0x7f0000000380)={[{@utf8}, {@fat=@flush}, {@iocharset={'iocharset', 0x3d, 'koi8-u'}}, {@rodir}, {@utf8no}, {@shortname_winnt}, {@nonumtail}, {@shortname_win95}], [{@fscontext={'fscontext', 0x3d, 'root'}}, {@defcontext={'defcontext', 0x3d, 'system_u'}}, {@subj_type={'subj_type', 0x3d, '^-'}}, {@uid_eq={'uid', 0x3d, 0xee00}}, {@fowner_lt={'fowner<', 0xee00}}]})

01:21:55 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400034821206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:55 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000200)=<r3=>0x0)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
setresuid(0xffffffffffffffff, r5, 0x0)
r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2000001, 0x40010, r1, 0x8000000)
syz_io_uring_submit(r6, r3, &(0x7f0000000100)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x1, 0x0, @fd_index=0x2, 0x3ff, 0x0, 0x8c19, 0x4, 0x1}, 0x3)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r7=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r8=>0x0, &(0x7f0000000300))
setresuid(0x0, r7, r8)
r9 = fork()
setreuid(r5, r5)
prlimit64(r9, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

01:21:55 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02405030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:55 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c0455030002000000000e000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:55 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 53)

01:21:55 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021036cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2002.779153] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2002.791702] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2002.791702]    program syz-executor.5 not setting count and/or reply_len properly
[ 2002.794506] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2002.794506]    program syz-executor.4 not setting count and/or reply_len properly
[ 2002.811929] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2002.811929]    program syz-executor.1 not setting count and/or reply_len properly
[ 2002.834828] FAULT_INJECTION: forcing a failure.
[ 2002.834828] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2002.838146] CPU: 1 PID: 25135 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2002.839892] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2002.841944] Call Trace:
[ 2002.842607]  dump_stack+0x107/0x167
[ 2002.843526]  should_fail.cold+0x5/0xa
[ 2002.844477]  __alloc_pages_nodemask+0x182/0x600
[ 2002.845636]  ? mark_held_locks+0x9e/0xe0
[ 2002.846648]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2002.848143]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2002.849432]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2002.850779]  alloc_pages_current+0x187/0x280
[ 2002.851890]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2002.853117]  sg_common_write.constprop.0+0x992/0x1a30
[ 2002.854401]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2002.855640]  ? vprintk_func+0x93/0x140
[ 2002.856601]  ? printk+0xba/0xf1
[ 2002.857423]  ? record_print_text.cold+0x16/0x16
[ 2002.857556] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2002.858571]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 2002.858592]  ? trace_hardirqs_on+0x5b/0x180
[ 2002.858635]  sg_write.part.0+0x69e/0xaa0
[ 2002.863926]  ? sg_new_write.isra.0+0x770/0x770
[ 2002.864899]  ? find_held_lock+0x2c/0x110
[ 2002.865763]  ? __might_fault+0xd3/0x180
[ 2002.866613]  ? lock_downgrade+0x6d0/0x6d0
[ 2002.867536]  ? _cond_resched+0x10/0x30
[ 2002.868366]  ? inode_security+0x107/0x140
[ 2002.869235]  ? avc_policy_seqno+0x9/0x70
[ 2002.870092]  ? selinux_file_permission+0x92/0x520
[ 2002.871109]  ? iov_iter_advance+0x23b/0xec0
[ 2002.872053]  sg_write+0x87/0x120
[ 2002.872781]  do_iter_write+0x4f0/0x700
[ 2002.873624]  ? import_iovec+0x83/0xb0
[ 2002.874442]  vfs_writev+0x1ae/0x620
[ 2002.875225]  ? vfs_iter_write+0xa0/0xa0
[ 2002.876073]  ? __fget_files+0x2cf/0x520
[ 2002.876932]  ? lock_downgrade+0x6d0/0x6d0
[ 2002.877813]  ? find_held_lock+0x2c/0x110
[ 2002.878679]  ? ksys_write+0x12d/0x260
[ 2002.879495]  ? __fget_files+0x2f8/0x520
[ 2002.880350]  ? __fget_light+0xea/0x290
[ 2002.881185]  do_writev+0x139/0x300
[ 2002.881935]  ? vfs_writev+0x620/0x620
[ 2002.882739]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2002.883866]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2002.885069]  do_syscall_64+0x33/0x40
01:21:55 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021076cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2002.885866]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2002.887197] RIP: 0033:0x7f04ef0deb19
[ 2002.887986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2002.891849] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2002.893454] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2002.894938] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 2002.896445] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2002.897934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2002.899454] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:21:55 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000020000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:55 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x25, 0x0, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:21:55 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400034c21206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:55 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02406030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2002.988751] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2002.988751]    program syz-executor.4 not setting count and/or reply_len properly
[ 2003.022499] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2003.022499]    program syz-executor.5 not setting count and/or reply_len properly
[ 2003.031924] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2003.071106] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:21:55 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400036821206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:55 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021096cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:21:55 executing program 7:
r0 = creat(&(0x7f0000000340)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = getuid()
getuid()
write$P9_RUNLINKAT(r0, &(0x7f0000000040)={0x7}, 0x7)
fallocate(r0, 0x11, 0x0, 0x8000)
r2 = msgget(0x1, 0x80)
msgctl$IPC_INFO(r2, 0x3, &(0x7f0000000400)=""/71)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
getresgid(&(0x7f00000010c0), &(0x7f0000001100)=<r5=>0x0, &(0x7f0000001140))
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
mount$9p_fd(0x0, &(0x7f0000000400)='./file1\x00', &(0x7f00000000c0), 0x400, &(0x7f0000000640)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB=',loose,access=', @ANYRESDEC=r6, @ANYBLOB=',debug=0x0000000000000fff,nodevmap,cache=loose,dfltgid=', @ANYRESHEX=r5, @ANYBLOB="2c616669643d3078303030303030243030303030303334352c002d7256e4577ae496d1ccba65c64be2a9cecdf5fbd2ca5df5707629e5f5ac00000060bd8ff1cf5cc521637a45a684e6bbf9b96a25dc40fccbe86c83da8dbd9beaadf8a3eebfa9d071c8fcf96baf0ed5aca8b2ebb757186ef82857fd6e1ed559dfc0ff9689be8c24908993f5a05e80d02e88d8797a08ca7de6a3a77df2371bf5d2b6d3935d4b4736cd776bab88b632eff82022253aa12ebf68fd67f0d9356de92ed9f888b76e19730ec53b0134028f2fbbc8c3f2230523737c27c9606614b896ae6e0759796947ca6b6383f7b3ef58f775f7a9866437bf7a0000010000000000acd8185b6de54329d1b534b17f145b2357a37acc7f0f04ee8b34e990e54872eacd789d375131fa0200064c03777de8da255c3eacc9898a1e9dc4afdd62d7"])
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r7=>0x0})
setresuid(0xffffffffffffffff, r7, 0x0)
clone3(&(0x7f0000000380)={0x40000280, &(0x7f0000000000), &(0x7f0000000080), &(0x7f00000000c0)=<r8=>0x0, {0x18}, &(0x7f0000000100)=""/220, 0xdc, &(0x7f0000000200)=""/235, &(0x7f0000000300)=[0xffffffffffffffff, 0x0, 0xffffffffffffffff], 0x3, {r0}}, 0x58)
r9 = clone3(&(0x7f0000000600)={0x30300000, &(0x7f0000000400), &(0x7f0000000440), &(0x7f0000000480), {0x40}, &(0x7f00000004c0)=""/86, 0x56, &(0x7f0000000540)=""/107, &(0x7f00000005c0)=[0x0], 0x1, {r0}}, 0x58)
msgctl$IPC_SET(r2, 0x1, &(0x7f0000000680)={{0x0, r1, r5, r7, 0xee01, 0x2, 0x8}, 0x0, 0x0, 0x9, 0x2, 0x2, 0xff, 0x0, 0x5, 0x3f, 0x9, r8, r9})

[ 2003.152183] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2003.152183]    program syz-executor.4 not setting count and/or reply_len properly
01:22:08 executing program 7:
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
munlock(&(0x7f0000ff4000/0x1000)=nil, 0x1000)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x2000000000000000}, 0x11010, 0x84b, 0x0, 0x0, 0xc350, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xd, 0xffffffffffffffff, 0x8)
r0 = pkey_alloc(0x0, 0x2)
r1 = pkey_alloc(0x0, 0x5)
pkey_mprotect(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000001, r1)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, 0x0)
pkey_mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x8, 0xffffffffffffffff)
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x3)
pkey_mprotect(&(0x7f0000ff1000/0x1000)=nil, 0x1000, 0x9, r0)
pkey_mprotect(&(0x7f0000ff1000/0x1000)=nil, 0x1000, 0x0, 0xffffffffffffffff)
pkey_free(0xffffffffffffffff)
pkey_mprotect(&(0x7f0000ff0000/0x4000)=nil, 0x4000, 0x3, r0)
pkey_mprotect(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000006, 0xffffffffffffffff)
gettid()
pkey_mprotect(&(0x7f0000ff3000/0x4000)=nil, 0x4000, 0x3000008, r1)
getpid()
munlock(&(0x7f0000ff2000/0x3000)=nil, 0x3000)
r2 = creat(&(0x7f0000000000)='./file1\x00', 0x0)
fallocate(r2, 0x0, 0x0, 0x8800000)

01:22:08 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02407030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:22:08 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe024000300210a6cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:22:08 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 54)

01:22:08 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000030000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:22:08 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x28203, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r6=>0x0, &(0x7f0000000300))
setresuid(0x0, r5, r6)
r7 = fork()
setreuid(r4, r4)
prlimit64(r7, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

01:22:08 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5f, 0x0, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:22:08 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400036c21206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2016.189948] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2016.201898] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2016.201898]    program syz-executor.1 not setting count and/or reply_len properly
[ 2016.205220] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2016.205749] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2016.205749]    program syz-executor.5 not setting count and/or reply_len properly
01:22:08 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400037421206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2016.218557] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2016.218557]    program syz-executor.4 not setting count and/or reply_len properly
01:22:08 executing program 7:
prctl$PR_GET_DUMPABLE(0x3)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=ANY=[])
r1 = openat(r0, &(0x7f0000000040)='./file1\x00', 0x882c2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f0000000380)={0x14d4, 0x1f, 0x2, 0x70bd26, 0x25dfdbfd, {0x3}, [@generic="6d811e9cbe39a6ca19243d4ffab259c9276510efea1a47ef38aaf6024e6dd1a7f63ef6abd82f0bf5609499e31a07f6b54d2e88cb3df5e59d4d695c86c21b310f80af68df492c316e561af796b9435a36c5fa77b841b3efde134816da4ac3ff75f517a64da3c52c397de7aa45c1a94dc1484a0751617bb06ff3c1898d5277428ee245e03869020d92c52066bc16b7caed8bb1abf00e234f2f6bd7c4a0663f260ec8172fc16609a6aa9cf07f003e3fe2881044136121ccca0cd7f1e5516db67ae00327242034f3af99c710cb11c768bbb6e2aa5441aaee04e19b419e25fe73c231693c", @nested={0x1c6, 0x44, 0x0, 0x1, [@generic="875d9c737bfd962c5fc1", @generic="35c0e14630b5349aeba5e4ede4ab218919ec638915e9c46c200274a2bfc5c0fe5d5d692d6cf830b6a1698bb012f9a39f92094ce793a5abde0db685d385b1c8a14475e73b6832269db7a90574cfcca83915e9c7ebbbfb165cbea51800b54c0c9dc214a5abe1b994aa928c75d6025447ca1931d6e876f08bb8c5260d0982ee8c9b7082a32bd6f70aaa3fde8d4d9d2645c9340b7fb09c6705f0756debe291214e595ebe56da99ed261caab2f936be8199833340f5829ea59628acdff24288fce3e552965152dbe6fb9712b6ae68d070a6bb22fa977396a724abda42d216517938c4b8db389cef962e057f07b073a4ae9839496a09d83ef3", @typed={0xa, 0x3f, 0x0, 0x0, @str='tmpfs\x00'}, @generic="8bae6bc24f240f56cae05037437a42f6abd4ccf496dde9732835e63959b42ce76141f3b0f38a82dc1466100731f0b1adb57eba0b2e48505af4ef0f3462a69ac97cbba67fa9c6552cd2bfdadd5f5441f25e02c7f81dae0e587acb346dda97d596646f3225f29c074f1bddcc10f2a87ec4d97bae80f9579537ebd9cd276d9c64e8d01c6e9d1cd1a6a36737f1595ec2479f247bdbb7faac08e5661aff6004464f1da7dc42fd89b8079db9f51cd511a567cf9a910c7fd45c"]}, @nested={0x1210, 0x5b, 0x0, 0x1, [@typed={0xe7, 0x71, 0x0, 0x0, @binary="385c13c325a22959fdf93364887ab877e08eaee7d49737b8364e7b83c9c44d9a873d28cf371b4b684efe796f79d1ef6db4d27870ac237afe06bbdb382f73be38e3db348197865ca8a192c6d0abe4785b64af36a5449bddc0a7a4512edf18918d9a5f1bec43dd344f1888f69f46d04d3e9406fb12a6fab57573a65a647c4caba8dea330f5dc7d208b9ffb150d18f09012fa3fe7d64ce77219a6c8fbbb03e01e3246b7d70a062ef7e5f0fa64b8484ac540a84ae7508a8da82499e99f84d26c73d24ba91a6ea4a21f66be161c8aa2a02480fb79f0a5994ba75f33c1f1ac51d5fa766105f4"}, @typed={0x8, 0x24, 0x0, 0x0, @pid=0xffffffffffffffff}, @typed={0x1004, 0x1a, 0x0, 0x0, @binary="5db6ceb22632cb2e90a78d773aa011c3c86f223104b21524e2bd6856fb9aca66b98512950dd25d63b174b731ef2106f59de5ec813e6ff21776869661b26ab2351f5de359522d8a0a5abad0f592e2e968f60263c38c5e43418c9c073ef108bc9615158460808acbceafbf921a67cb60e78bcd8962f2ff7784c3b8ad5e09829c26013111c94cbcdea0ce650f942fdf609ecd459bf5c6f65e50330a55f0eabba3417d4f031af031a13c3ad35f2e1919fdb7218167cc0ecbc9507bb6f156ff660b95bcf075f3dd8e9306cf196c1525d614244be5bbeae8dc65800078c1edd8f36c9168566e8b3cbce1bfaf914cf7696368cd832b107696f90f74c97ee880126ff3f18cb85cd660f0eb43987789e5897c6980b82f5d72195e23258c53ef2d9cb67bc8be757708971eb17529280c86fdd8dcc7ef718daf4e03ee337556db87cc802e85caf9ca33b4f35a8c5b69c0843acbdadd68610272faaac628ee9216e4b9b88413c1f3fc962715d9fbb96c2ab526c6a0f34f4b64ffe34a4e196936fcbbe99ee7ab50d9cb02d26cd166f2788b25ceb6a5162408eced027c309dd9b1414315c765bd476ed762c571dad7ab98ba8b962f57800125f45549d04932cad5327a1a5cf732063a0a5d6b559b168e10bced69a661c00b2f96cf5759db3faeadbd9d0a015335b0eae1d0f801ccf592fab7a9c424dadfab0f1e69473f9dfff2f6482402709260b27425752fde43d5b572c8d0d19cfd9b1525a1fc5b325c5e16e420a4532d1f89e6764579fcbbfe47a588cde0d235012328f13768b4e9f3abeb8a2e01bca5696cd016eca9f2b2d9c49c308fcfcd3c148f4c686fe152d01f35b15822207f1d683893371329a5c6d857cf7b095185ca7b4d82e42500493c3abbb921c2264ff02d597961e172d141ad008d2168ecdcef9485913d5a0a71c48348ed89d93d9081ebc57408613f1a8d878a57aaa7d326ff2f5bc0ab3164c109b36673b3d6ac9352c66c95858575e0149ef9f25def99457b4482ff8f9cfd5de3da5fcf3b6ec56f05cd62f11cf9e38c36faaaa5be42ed7c6ba0207a4be0a7c657520000e7eaa2646765572eae290f9be87cd7d25125613d0027b4e21a403440f82ebe8ba6c8c837dc31b98c8b197f8bee392c7882f9467a67516a6ea1612e55623bfec06776a5d33fc76a79967d732596a9a33c388297652572ed97e18d82a20227a34285b1a13fc02da147a93fcfd13d13b7ad3b3eab9de99d2067f0a92c87c9eb65abbea9a507009339c2f9ecbd1efab264e4c6a8c0fe2cb71dcb06102f75c074225669a8346d0a755e7f5b710ffdcc51dfb1ad0d13096b5e5427777b5ce9e0b5751c6d8e608caa12f14fbc42597a9a046cd39e68fc72344615b8fa8569bf2f2e0830ee18d9372d26945ccb926e692e49cdd75a613d7b141cf26ade09fb5fbcd3d45ce60158b5e228e78e51aea518a12efe98ba7280d2bce8677d230473dfe41b47ac05cb40be34332deeed78ac8adc0ebdce4793316e989c3de9225a70d8662ee8d936200448ce9c01544f7259302257cef878103bcaae1e73799700c4b3c2959b9a855c8407f7852561bd56bc61e5d7dc150a55823d3d5c43c7e8a69a022d9c299ccee091d9bc728497ac6aa5e8851190ed789f7cdb0924bc2bfa62a1a712a59dee12c7646568988834b7b002e24f841153e63975718199c2c7ee3cc3df1c010338d4cd8d3071a3f28b3ba02022c13884f126be132b07f794d574bc8b96b555be8e96c5b8ed9f8ebf769a6c57ab6c2fbb2998dbf4c8ccb2b8d2b7d50433ed763756b098f2be67da91facc1d2488e7472b7e03ba2757e43de993c0b66faecb07a2b16f6606d398297dec0298e4877ede0da49b9e11bb02b733bd8bead58f653bdef93d0d03373cfb8e59e206e7a6d311d3a61c239d70e8ee164d34f739b1822258b6e31b75a230054d22a3a79cac309968ecbfe79a852fab6740a2f297b490a46283ddd28d5f6ff6e8cee06731893b5a15ac96145af82b26e126f8dbc0082484d1f8641e72bba3739d53a86d873750b6e2d670a92c89d8553069c13a52040af2c796058779369f23e16b06bd0d01f3d4af3e767f6b76ce920ae3346828e90d26e3439accc614bf41ba8dc132db85481939843656c3e4a4bd59c686c9e1171f8f8525d2cd48ff3d2a311443c6d3d084cc28e464c4a15d1dbb0108762806053d5c63980c6446d269d68da5d5193009b338da40196bd93b19ade178726c5713b6860efcbd75d63ee29713fe4ffa5404d93313385b7a8818542e656c63dd66a37aa76db9a874d87f99d07d68fcda0fdadf81ba132963ed318a97827026168681c777466db8ffa5ceb85d9a54b84f7d73c34d73a9170f4125fbade00b29514098b724344bcd9b5c28952c7b3198520ce260f27c49089fe820da16ed35536d2149cdec506732f5b1240ffdb6eec07d9b38dce707d2ec87c5b692e3eac911a1bf3b9e1d717d1e075828e95229b74dda50aefa9e145be216a8cf387b6db4ef63d9ed2be6074b4c9bbb2b7d2cf1117789ac319c30e26c5e483eca9900f1205006a6f0d28704fcb2f1f512010f463da9964ac83dc24d8a57208f4ec9fdab026260afe55f71c67006d25979c9d9247be4c917c44271b0a7d7b23da2f19a69cad4532d417b108ac4d04d39eff2e528328a88664deaa5257174d0cbbdbd82633d1e6b89dbe28132297a2f37865a088485080a9e045fd51ce20cc9baa786eb1a253f8edee2afa146b0b61a477d208907c21110f813a98aca506f6a0b4517ab7ab028d2038f05b8a85f647d411826273891dcef1a51e335d80f4ecc7ae1cf763d58e157322bdd3e6ae5a479e735ad7bb1cb31432afb95b3c908917900834eca7922930ee27432cc96787955d14b42d6ce1621779a2aa40dbc78f578249481ae96b24cc98eb72363c7e8f3d77edeed7a6bf8dd5e0899c581c67a7c1d68c3a50bf37aa5d18058ef2105e7571d344f90848b6c343de5f8fe99f6fcc7c9b7fd3623a0ab45c6e13753c89782741fb17bcd23aead91a724b20ea4f5ee8872ab57aaf4ed9f5a918da3a94e3e32d5bba235934a2739574e753c13bdc24b95536b51343c80f6f2601d548b6dd1da57e2089d3f99ea6a209492b815c2daa12b3f329bab86f66aa077b472ba164473c448e9a5169414768b38ade310bfccd1c352afccb0a9975ea76270e2c92aa3900ff39b323e6acbf6a75ecaf57850e881f5e69fe2e28d86db1c71dbe21fc9ff97a3eea295b0cafb11749ff04267af169f176276ab612f0b228343c06716f475ee6da79c3392379d572fe7026a9e2b35b470b98e11c1d7447d999d9aa6b636fee582d5455116cec24054f57f7bf6047ce8feffed6dcafd387bcf0d2b10de06e4429783f5342a27351735f2f77d683634f6cab3e94b7bbe43ffb43798f63913a1a7e07e85ac67f1319635a559ca65f7d9965265096c333f4c89990734d4aeda2ec81eeecd342b58b865c0092460c63b14a88c9585f937a864bebd4dd50ec99f87aaef642f2580d4b880f306c49e18e088b8439006a6277ad232e214148f6542e94601fad809d5352fa0694667d0b7e60caf5aca9b211e588f0a8486417a96bf019e9c3c64c06ce94f98eb1485846cea1a6f01af34b9412b7a23e4782ef6fb0f0f7b1d597b9dd399c0e7129d94a49cee04c3bbe8886caacf907eae6113dfa90810da2e57ee3b8d73a275c0c498305a803f905f8358941c8ff0564f366ab2488d7cf63ed04a2f4398145af26a37cf1e9a7edabbbc1777e3c1da81e1c3a91be12f1e28ce4891d6c6e7b7215ebcd05d77008e1dc549412ab85a6bd667b6fd49ec6bdf30b387b49af0bfac80c77fff326da5d7f592d5ec0358cb03fd2ca14077285ebd89c83e10521de656f566e1ffe4b2be8e101c9bbbd9196e73131180aa6eed56125d74e6c59af14fb329815751274c278e7f996c4c0d45562c2101879bf23d88c063926267daba08c2af9e173f563c70612cdeced710476254f00fa0873f9bb05ddeb8ea544b4e55a2055c915b3fb5c7e1d2cdcc262b476bf8684a83805ece407f14b7561bc6d675c638dc79578b2f918a05c1cd39d0c8134ebee79ca6b8fa5917e27f0118095f17a165f54079d1615e2c9459b57cab5f4fbb979db3d14dc49389ec8257f0a9ae80180a68e32e474716e48ee15c5a53ae0a6550bef962879475e510f20b9b58f87b9bbfcce732f34d6954dd2fa1f57f98293a7c8ef38fdd3852e76f78880a172b8de338f0241fa8ae5c54873cb2898c1160e60a2dfed739f753656f8ea14823ca4b04a9b96b4b1065c6ec65c37d52f8d93dd94d30b52cff017af0ac6e67a17765fdbcec2b25e7622d52304df8185c9f831fc680fd742508f6c31b51900df458e500e347f6d43f9f202369a16fbe917cc52188841a7020c1819f0de2cda6d6fc60770b61afb2533744dbefd9de5377391f66804abf1df3ed4b30302742268ea5ba18ab3ad36c2012a214c91892b3bb5a34da3b85dd243675e070d94aedd4524f452037cd3532586e3cc95744d40ac49a793fffc76c7bc3d85057f112e5cf97e7c6518026155729bc08d30545934ba0b7e8e9d1eaf636997a81c95f92ad79d03917ac832de6c6c2ae77b72da22b90ffedd8060fc5fc9a3f00d8cc8422d0ce885074c88144c6fe5b4e3985712ab8d0cc007d36226c60b6b5377b44f6a0ed781843b785bea1cc2fe799a4d87083815a6bf94369fbe88e6c9d0fc0ebdbf98b096a7985d9152c62fd59d7c684d338ed4ce60dc65913f5c8a1432cf53281dd87355882cc794a09db6b986de8101ea74f19b41c528d980de84ba491bf053f823c462d3242e1161f61fe74305ead5c0ef61936d5080e08bbda5aacbcc300f38103e7fe0aafd6e098173963ec3cc143a71714009aba3d898150b59027aebbdd0e9af0d19a103f78db40c307f269db5db3df1fa060fa141067c2bb0f241620b68446ac54ffcf894ec72a7007fbd8ae5eb94729253088d24421e1b813874101a3affa1c39ae6ef11078a92be28617bc5b667f2a21375ad919403d2985f0c41f9664355328c47c18f6ee5492aa02a0cf222541e2f7b06cf2014c945c0d20ec8c47e90c8b72968726a2ec0cae154b6c157318ab15967cda6be4422a3a36512b2bf362da356fb159cb03cd6013b1a9f3e198445bd92d32c0a5c67bbe076b9ae8d9bc8c0ff190191a0e79c432d0add2e3f052389a98e5b1510961139487066bf479feed1bea711cd5eb56ff9019f9ccdf2da1623f9563c42b375afa0838fae58b4aa4104eee106111c69f3833a3edd5029e95bb61122af000918a38f934b1532399039fd96ec45a78a64fe3d4e3ceb238df394838020689d90a0f2beb61e5e86cb2f84c8d9a796a50bfa079543a265050984578b9beb6b3ee6db87cf46c0333de09ce40351712e888db002e9767e68dc3ca642ab0d60b10ae4d03ed25ee0d2bcc0062d09f121b0f5cf020e813560a85d8192e73790b794b9d96ec9e864cafed18f13743e734650a455bb0ab40868870d69d56ac32a636ede87b376483154b2ceee98285bc741ce5b77e4692aba6a10f73585c3ee77aead38315f60830d0df6ebebfe9de4105116b8b6635c411ee5fccefc8b1eb3a02f83776e9e01ea0d345efff610b289898172f3d75413665a0a5e3f5aaf2f42a020a62eeaad38884d834acda4121d1018f446cd117b1ec366e640f0180a7f9b91043cd698162293e809f92b32c603c2f370cb660b9a326654f4d22aaaf5910608e3433a8d941f02fe461d50c2da7e0688a59c7f36749"}, @generic="3cbcae5fd6770dfc9843c3eaa78b", @typed={0x4, 0x76}, @generic="aafac442a4e1a01202a026dd4b867bc8298fb3bae73cad0e95ca68d2c6aa7358b76e096bc0e45e9beed5c5764d906d028c005b6bb206de6a8cf72e18ebfc100fc368b42489d8b9cbdaefb8c78d9cbb4169ca5a1172fa250103b6461c4c8431d795f3d882ebd76fa860fe483f8bf8e32a8b21aab4510279b64132517c39d197a66702c5cad7d504f1ff3ed03b8dbcb23601e5bb1b2471686e065832ab179d2c79bb69e7419675332a46733dd95989ff6ec2e32b2c18b8c080f3", @generic="7fbf548fa0d193fb37eebab4ab5e5f34d86d4fc0a7fe70ef46fa481275931cba6474a1e908f2927a5a597d9f422df14f820612dc951c2431f0b34b7c17a6b859c4dce7c287addd8eafe5a92800"]}, @typed={0x4, 0x31}]}, 0x14d4}, 0x1, 0x0, 0x0, 0x44011}, 0x4040)
fallocate(r1, 0x0, 0x0, 0x1000002)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000300)={0x4, 0x80, 0x96, 0x1, 0x9, 0x1f, 0x0, 0x7, 0x20, 0x8, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0xfff, 0x2, @perf_config_ext={0x56, 0xe000000000000000}, 0x0, 0xfffffffffffffffa, 0x0, 0x3, 0x0, 0x4bf0, 0x0, 0x0, 0xffffffff, 0x0, 0xdd28})

[ 2016.234725] FAULT_INJECTION: forcing a failure.
[ 2016.234725] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2016.237421] CPU: 0 PID: 25284 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2016.238889] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2016.240655] Call Trace:
[ 2016.241220]  dump_stack+0x107/0x167
[ 2016.241996]  should_fail.cold+0x5/0xa
[ 2016.242813]  __alloc_pages_nodemask+0x182/0x600
[ 2016.243814]  ? __kmalloc+0x16e/0x390
[ 2016.244607]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2016.245883]  ? trace_hardirqs_on+0x5b/0x180
[ 2016.246804]  alloc_pages_current+0x187/0x280
[ 2016.247745]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2016.248777]  sg_common_write.constprop.0+0x992/0x1a30
[ 2016.249881]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2016.250938]  ? vprintk_func+0x93/0x140
[ 2016.251770]  ? printk+0xba/0xf1
[ 2016.252478]  ? record_print_text.cold+0x16/0x16
[ 2016.253467]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 2016.254539]  ? trace_hardirqs_on+0x5b/0x180
[ 2016.255481]  sg_write.part.0+0x69e/0xaa0
[ 2016.256314]  ? sg_new_write.isra.0+0x770/0x770
[ 2016.257270]  ? find_held_lock+0x2c/0x110
[ 2016.258120]  ? __might_fault+0xd3/0x180
[ 2016.258948]  ? lock_downgrade+0x6d0/0x6d0
[ 2016.259843]  ? _cond_resched+0x10/0x30
[ 2016.260675]  ? inode_security+0x107/0x140
[ 2016.261549]  ? avc_policy_seqno+0x9/0x70
[ 2016.262389]  ? selinux_file_permission+0x92/0x520
[ 2016.263422]  ? iov_iter_advance+0x23b/0xec0
[ 2016.264332]  sg_write+0x87/0x120
[ 2016.265041]  do_iter_write+0x4f0/0x700
[ 2016.265867]  ? import_iovec+0x83/0xb0
[ 2016.266665]  vfs_writev+0x1ae/0x620
[ 2016.267435]  ? vfs_iter_write+0xa0/0xa0
[ 2016.268256]  ? __fget_files+0x2cf/0x520
[ 2016.269088]  ? lock_downgrade+0x6d0/0x6d0
[ 2016.269964]  ? find_held_lock+0x2c/0x110
[ 2016.270831]  ? ksys_write+0x12d/0x260
[ 2016.271650]  ? __fget_files+0x2f8/0x520
[ 2016.272497]  ? __fget_light+0xea/0x290
[ 2016.273330]  do_writev+0x139/0x300
[ 2016.274082]  ? vfs_writev+0x620/0x620
[ 2016.274892]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2016.276009]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2016.277100]  do_syscall_64+0x33/0x40
[ 2016.277892]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2016.278978] RIP: 0033:0x7f04ef0deb19
[ 2016.279776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2016.283684] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2016.285309] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2016.286820] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 2016.288333] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2016.289839] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2016.291353] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:22:08 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400037a21206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:22:08 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x0, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:22:08 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c045503000200fffffff5000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2016.353763] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:22:08 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021256cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:22:08 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02409030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:22:08 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030030206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2016.395174] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2016.429306] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2016.429306]    program syz-executor.4 not setting count and/or reply_len properly
[ 2016.443851] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2016.443851]    program syz-executor.5 not setting count and/or reply_len properly
[ 2016.456827] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2016.456827]    program syz-executor.5 not setting count and/or reply_len properly
[ 2016.459970] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2016.459970]    program syz-executor.6 not setting count and/or reply_len properly
[ 2016.483097] tmpfs: Unknown parameter 'Í'mœdèÐn�Ѧ£g7ñY^ÂGŸ${Û·ú¬åfÿ`FO§ÜBý‰¸�¹õÕ¥gÏš‘Ô\'
01:22:21 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe0240d030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2029.298877] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2029.298877]    program syz-executor.6 not setting count and/or reply_len properly
[ 2029.312897] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2029.312897]    program syz-executor.1 not setting count and/or reply_len properly
01:22:21 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c045503000200ffffefff000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:22:21 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup(0xffffffffffffffff)
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x12401, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r0, 0xc018937d, &(0x7f0000000400)=ANY=[@ANYRES16, @ANYBLOB="a3a63eb86a4f21796803454b92f03ed48582a2428363a8cdca846babda8978b94295ffc4b4a11d86fab78017ed304c807b7dcbe8ec8b09f8f9981a2753890d5ad44a86ceab793fdfb2e3f0e00d08c3aa95962146ff9f6887affb7adc785372d11294e70eeee399762db7c5761a83d506ac6dce0314c4c9d3a72851193dba253107779315ab3ad8ebd6a0b4f2bee54aeb14377b0444e3d58109a47694a170526de857b35393983626167ba096340da705cbc3861652bc760ccd1b110d18f423c7e1c1fd9a8b74440524038b5010e084d198", @ANYRES16])
syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140)=<r1=>0x0)
syz_io_uring_submit(0x0, r1, 0x0, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, 0x0, 0x70481, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000140))
syz_io_uring_submit(r3, 0x0, &(0x7f00000002c0)=@IORING_OP_TIMEOUT={0xb, 0x5, 0x0, 0x0, 0xa, &(0x7f0000000080)={0x77359400}, 0x1, 0x1}, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x19, &(0x7f0000000180)=0xa4ffffff, 0x4)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2e, &(0x7f0000000100)={0x0, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @local}}}, 0x108)
kexec_load(0x0, 0x1, &(0x7f00000000c0)=[{0x0, 0x0, 0x1000000, 0x8000000}], 0x0)

01:22:21 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe024000300b6206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:22:21 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x2, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:22:21 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 55)

01:22:21 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe024000300212f6cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:22:21 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x8, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x80, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000200)=<r3=>0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_LINK_TIMEOUT={0xf, 0x2, 0x0, 0x0, 0x0, &(0x7f0000000380)={0x77359400}, 0x1, 0x1}, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r4 = dup2(r0, r1)
syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_CONNECT={0x10, 0x1, 0x0, r4, 0x80, &(0x7f0000000240)=@phonet={0x23, 0x3f, 0x5, 0x4}}, 0x9ad4)
stat(&(0x7f0000000340)='.\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
setxattr$incfs_metadata(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), &(0x7f0000000580)="c02f2587a8b9296cfbb01f513dd1f6b1a1fa01f3e87f3d75a2d814be6d8e1382b778adb42b14506451fcc076f43aa1c43c1bfa8106c766155ac5c948274fa822335ef375a9af1cdbb61c61435dee6f73f5b262a882116af65552ee085c1d2791684daf50f75426849c33dfb5b9f2ebd6dee28652b8871231cb91ec01c8f98e7eb9edd6e03a7f15d23e48b19a911b70eb186a0ab6c5cbf1d5be378029a926bf5df0ef9ad05f3cc33218d545d73c86c16e586ca5d2202d94", 0xb7, 0x0)
setresuid(0xffffffffffffffff, r5, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r7=>0x0, &(0x7f0000000300))
setresuid(0x0, r6, r7)
r8 = fork()
setreuid(r5, r5)
prlimit64(r8, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

[ 2029.323595] FAULT_INJECTION: forcing a failure.
[ 2029.323595] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2029.325221] CPU: 1 PID: 25441 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2029.326102] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2029.327164] Call Trace:
[ 2029.327514]  dump_stack+0x107/0x167
[ 2029.327983]  should_fail.cold+0x5/0xa
[ 2029.328473]  __alloc_pages_nodemask+0x182/0x600
[ 2029.329073]  ? __kmalloc+0x16e/0x390
[ 2029.329553]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2029.330317]  ? trace_hardirqs_on+0x5b/0x180
[ 2029.330869]  alloc_pages_current+0x187/0x280
[ 2029.331448]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2029.332068]  sg_common_write.constprop.0+0x992/0x1a30
[ 2029.332737]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2029.333374]  ? vprintk_func+0x93/0x140
[ 2029.333870]  ? printk+0xba/0xf1
[ 2029.334287]  ? record_print_text.cold+0x16/0x16
[ 2029.334885]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 2029.335555]  ? trace_hardirqs_on+0x5b/0x180
[ 2029.336116]  sg_write.part.0+0x69e/0xaa0
[ 2029.336646]  ? sg_new_write.isra.0+0x770/0x770
[ 2029.337227]  ? find_held_lock+0x2c/0x110
[ 2029.337751] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2029.337751]    program syz-executor.4 not setting count and/or reply_len properly
[ 2029.339785]  ? __might_fault+0xd3/0x180
[ 2029.340284]  ? lock_downgrade+0x6d0/0x6d0
[ 2029.340828]  ? _cond_resched+0x10/0x30
[ 2029.341328]  ? inode_security+0x107/0x140
[ 2029.341861]  ? avc_policy_seqno+0x9/0x70
[ 2029.342013] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2029.342362]  ? selinux_file_permission+0x92/0x520
[ 2029.342375]  ? iov_iter_advance+0x23b/0xec0
[ 2029.342389]  sg_write+0x87/0x120
[ 2029.342404]  do_iter_write+0x4f0/0x700
[ 2029.342419]  ? import_iovec+0x83/0xb0
[ 2029.342439]  vfs_writev+0x1ae/0x620
[ 2029.347232]  ? vfs_iter_write+0xa0/0xa0
[ 2029.347744]  ? __fget_files+0x2cf/0x520
[ 2029.348269]  ? lock_downgrade+0x6d0/0x6d0
[ 2029.348802]  ? find_held_lock+0x2c/0x110
[ 2029.349320]  ? ksys_write+0x12d/0x260
[ 2029.349806]  ? __fget_files+0x2f8/0x520
[ 2029.350317]  ? __fget_light+0xea/0x290
[ 2029.350819]  do_writev+0x139/0x300
[ 2029.351267]  ? vfs_writev+0x620/0x620
[ 2029.351778]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2029.352457]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2029.353132]  do_syscall_64+0x33/0x40
[ 2029.353620]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2029.354295] RIP: 0033:0x7f04ef0deb19
[ 2029.354788] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2029.357189] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2029.358189] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2029.359133] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 2029.360058] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2029.360969] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2029.361899] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
[ 2029.364310] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2029.364310]    program syz-executor.5 not setting count and/or reply_len properly
01:22:21 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe0240e030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:22:21 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c045503000200ffefffff000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:22:21 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x3, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

[ 2029.434712] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2029.434712]    program syz-executor.5 not setting count and/or reply_len properly
01:22:21 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021306cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:22:21 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030009206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2029.458923] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2029.458923]    program syz-executor.5 not setting count and/or reply_len properly
[ 2029.485875] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2029.485875]    program syz-executor.4 not setting count and/or reply_len properly
[ 2029.487684] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2029.487684]    program syz-executor.6 not setting count and/or reply_len properly
01:22:22 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02430030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2029.519596] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:22:22 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 56)

[ 2029.540024] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2029.631709] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2029.631709]    program syz-executor.5 not setting count and/or reply_len properly
[ 2029.637238] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2029.637238]    program syz-executor.1 not setting count and/or reply_len properly
[ 2029.644291] FAULT_INJECTION: forcing a failure.
[ 2029.644291] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2029.645790] CPU: 1 PID: 25573 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2029.646626] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2029.647639] Call Trace:
[ 2029.647957]  dump_stack+0x107/0x167
[ 2029.648394]  should_fail.cold+0x5/0xa
[ 2029.648856]  __alloc_pages_nodemask+0x182/0x600
[ 2029.649415]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2029.650061]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2029.650788]  alloc_pages_current+0x187/0x280
[ 2029.651311]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2029.651907]  sg_common_write.constprop.0+0x992/0x1a30
[ 2029.652534]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2029.653134]  ? vprintk_func+0x93/0x140
[ 2029.653605]  ? printk+0xba/0xf1
[ 2029.653994]  ? record_print_text.cold+0x16/0x16
[ 2029.654546]  ? _raw_spin_unlock_irqrestore+0x25/0x40
[ 2029.655150]  sg_write.part.0+0x69e/0xaa0
[ 2029.655649]  ? sg_new_write.isra.0+0x770/0x770
[ 2029.656193]  ? find_held_lock+0x2c/0x110
[ 2029.656684]  ? __might_fault+0xd3/0x180
[ 2029.657154]  ? lock_downgrade+0x6d0/0x6d0
[ 2029.657660]  ? _cond_resched+0x10/0x30
[ 2029.658121]  ? inode_security+0x107/0x140
[ 2029.658619]  ? avc_policy_seqno+0x9/0x70
[ 2029.659096]  ? selinux_file_permission+0x92/0x520
[ 2029.659679]  ? iov_iter_advance+0x23b/0xec0
[ 2029.660196]  sg_write+0x87/0x120
[ 2029.660601]  do_iter_write+0x4f0/0x700
[ 2029.661071]  ? import_iovec+0x83/0xb0
[ 2029.661529]  vfs_writev+0x1ae/0x620
[ 2029.661961]  ? vfs_iter_write+0xa0/0xa0
[ 2029.662432]  ? __fget_files+0x2cf/0x520
[ 2029.662902]  ? lock_downgrade+0x6d0/0x6d0
[ 2029.663395]  ? find_held_lock+0x2c/0x110
[ 2029.663908]  ? ksys_write+0x12d/0x260
[ 2029.664369]  ? __fget_files+0x2f8/0x520
[ 2029.664849]  ? __fget_light+0xea/0x290
[ 2029.665315]  do_writev+0x139/0x300
[ 2029.665745]  ? vfs_writev+0x620/0x620
[ 2029.666196]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2029.666817]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2029.667440]  do_syscall_64+0x33/0x40
[ 2029.667885]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2029.668493] RIP: 0033:0x7f04ef0deb19
[ 2029.668938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2029.671120] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2029.672031] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2029.672882] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000008
[ 2029.673740] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2029.674589] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2029.675442] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:22:34 executing program 7:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x5, 0x2, &(0x7f0000000200)=[{&(0x7f0000000080)="200000000002000019000000500100000f000000000000000000000004000000000002000020000020000000def4655fdef4655f0100ffff53ef010001000000ddf465", 0x43, 0x400}, {&(0x7f0000000140)="000000891daeadd9eca541eeea9a4ceb937a000000000000000000e58ca12e13a2", 0x21, 0x4e0}], 0x0, &(0x7f0000012b00)=ANY=[])

01:22:34 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 57)

01:22:34 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c045503000200f5ffffff000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:22:34 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021b66cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:22:34 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x4, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:22:34 executing program 0:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r6, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$TCPDIAG_GETSOCK(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)={0x4c, 0x12, 0x501, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, {0xffff}}}, 0x4c}}, 0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r7=>0x0, &(0x7f00000000c0)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
syz_io_uring_submit(0x0, r8, &(0x7f0000000040)=@IORING_OP_FILES_UPDATE={0x14, 0x5, 0x0, 0x0, 0x800, &(0x7f0000000240)=[r0, r4, 0xffffffffffffffff, r0, r4], 0x5, 0x0, 0x1, {0x0, r5}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r9=>0x0})
setresuid(0xffffffffffffffff, r9, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r10=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r11=>0x0, &(0x7f0000000300))
setresuid(0x0, r10, r11)
r12 = fork()
setreuid(r9, r9)
prlimit64(r12, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

01:22:34 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02448030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:22:34 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030030206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2042.410613] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2042.429998] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2042.431424] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2042.431424]    program syz-executor.4 not setting count and/or reply_len properly
[ 2042.440995] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2042.440995]    program syz-executor.1 not setting count and/or reply_len properly
[ 2042.460050] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2042.460050]    program syz-executor.6 not setting count and/or reply_len properly
[ 2042.460657] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2042.460657]    program syz-executor.5 not setting count and/or reply_len properly
[ 2042.466180] FAULT_INJECTION: forcing a failure.
[ 2042.466180] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2042.469008] CPU: 1 PID: 25585 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2042.470499] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2042.472298] Call Trace:
[ 2042.472879]  dump_stack+0x107/0x167
[ 2042.473669]  should_fail.cold+0x5/0xa
[ 2042.474495]  __alloc_pages_nodemask+0x182/0x600
[ 2042.475492]  ? __kmalloc+0x16e/0x390
[ 2042.476309]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2042.477604]  ? trace_hardirqs_on+0x5b/0x180
[ 2042.478537]  alloc_pages_current+0x187/0x280
[ 2042.479487]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2042.480549]  sg_common_write.constprop.0+0x992/0x1a30
[ 2042.481674]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2042.482750]  ? vprintk_func+0x93/0x140
[ 2042.483602]  ? printk+0xba/0xf1
[ 2042.484322]  ? record_print_text.cold+0x16/0x16
[ 2042.485325]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 2042.486412]  ? trace_hardirqs_on+0x5b/0x180
[ 2042.487356]  sg_write.part.0+0x69e/0xaa0
[ 2042.488241]  ? sg_new_write.isra.0+0x770/0x770
[ 2042.489232]  ? find_held_lock+0x2c/0x110
[ 2042.490112]  ? __might_fault+0xd3/0x180
[ 2042.490968]  ? lock_downgrade+0x6d0/0x6d0
[ 2042.491878]  ? _cond_resched+0x10/0x30
[ 2042.492706]  ? inode_security+0x107/0x140
[ 2042.493591]  ? avc_policy_seqno+0x9/0x70
[ 2042.494457]  ? selinux_file_permission+0x92/0x520
[ 2042.495487]  ? iov_iter_advance+0x23b/0xec0
[ 2042.496422]  sg_write+0x87/0x120
[ 2042.497159]  do_iter_write+0x4f0/0x700
[ 2042.497993]  ? import_iovec+0x83/0xb0
[ 2042.498813]  vfs_writev+0x1ae/0x620
[ 2042.499602]  ? vfs_iter_write+0xa0/0xa0
[ 2042.500454]  ? __fget_files+0x2cf/0x520
[ 2042.501304]  ? lock_downgrade+0x6d0/0x6d0
[ 2042.502188]  ? find_held_lock+0x2c/0x110
[ 2042.503068]  ? ksys_write+0x12d/0x260
[ 2042.503905]  ? __fget_files+0x2f8/0x520
[ 2042.504760]  ? __fget_light+0xea/0x290
[ 2042.505595]  do_writev+0x139/0x300
[ 2042.506359]  ? vfs_writev+0x620/0x620
[ 2042.507183]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2042.508308]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2042.509409]  do_syscall_64+0x33/0x40
[ 2042.510199]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2042.511292] RIP: 0033:0x7f04ef0deb19
[ 2042.512091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2042.516017] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2042.517637] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2042.519149] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000008
[ 2042.520670] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2042.522189] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2042.523716] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:22:35 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
open_tree(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1000)
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r6=>0x0, &(0x7f0000000300))
setresuid(0x0, r5, r6)
r7 = fork()
setreuid(r4, r4)
prlimit64(r7, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

01:22:35 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0xfa, 0x0, 0x0, 0x0, 0x4808, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000002c0), 0x9}, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001}, 0x0, 0x6, 0xffffffffffffffff, 0x0)
r0 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = syz_io_uring_setup(0x3a7b, &(0x7f0000000300)={0x0, 0xf919, 0x1, 0x20003, 0xe3}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(0xffffffffffffffff, 0x406, r1)
syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x2007, @fd_index=0x7, 0x800, 0x0, 0x0, 0x10, 0x0, {0x1}}, 0xffff)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000140)={'lo\x00', <r8=>0x0})
setsockopt$packet_int(r6, 0x107, 0x14, &(0x7f0000000040)=0x3f, 0x4)
bind$packet(r6, &(0x7f0000000240)={0x11, 0x0, r8, 0x1, 0x0, 0x6, @random="ca73da4133fc"}, 0x14)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'syzkaller0\x00'})
sendfile(r6, r5, 0x0, 0x500000001)
renameat(r5, &(0x7f0000000080)='./file0\x00', r0, &(0x7f0000000100)='./file0\x00')
io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
openat(r0, &(0x7f0000000280)='./file0\x00', 0x4200, 0x8)
openat(0xffffffffffffffff, &(0x7f00000000c0)='/proc/self/exe\x00', 0x0, 0x0)
execveat(0xffffffffffffffff, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1100)

01:22:35 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000020046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:22:35 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021200ada3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2042.551053] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2042.555609] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2042.555609]    program syz-executor.4 not setting count and/or reply_len properly
01:22:35 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe0244c030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:22:35 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe024000300b6206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2042.632136] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2042.632136]    program syz-executor.5 not setting count and/or reply_len properly
01:22:35 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x5, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

[ 2042.637933] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2042.637933]    program syz-executor.6 not setting count and/or reply_len properly
01:22:35 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000030046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:22:35 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe024000300212025da3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2042.678879] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2042.678879]    program syz-executor.5 not setting count and/or reply_len properly
[ 2042.685200] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2042.685200]    program syz-executor.4 not setting count and/or reply_len properly
[ 2042.689854] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2042.706581] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:22:47 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000090046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:22:47 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021036cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:22:47 executing program 7:
syz_emit_ethernet(0x8b, &(0x7f00000002c0)={@link_local, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "96363f", 0x55, 0x2c, 0x0, @private2, @mcast2, {[@dstopts={0x88, 0x1, '\x00', [@jumbo, @enc_lim]}], @time_exceed={0x3, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "001000", 0x0, 0x0, 0x0, @private0, @private2, [], "7df2d21a83ffe1577f325d2606"}}}}}}}, 0x0)
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[], 0xfdef)
ftruncate(r0, 0x2)
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xd21}, 0x0, 0x0, 0x0, 0x5, 0x0, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x3)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='net/fib_trie\x00')
readv(r1, &(0x7f0000000280)=[{&(0x7f00000004c0)=""/4089, 0xff9}], 0x1)
mlock2(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/fib_triestat\x00')
mlock2(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0)
munlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000001a0011cd"], 0x1c}}, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000180)=""/43, 0x2b}], 0x1)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000000c0)=ANY=[@ANYRESHEX=r2, @ANYRES32, @ANYBLOB="09a9266dd076fb2a2930e184bb0000000000f3042e2f8e0b0c"])
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000140)={<r3=>r2, 0x10000, 0x800, 0x3})
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f0000000240)={&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, &(0x7f00000014c0)=""/193, 0xc1, 0x0, &(0x7f00000001c0)=""/109, 0x6d}, &(0x7f0000000380)=0x40)
mremap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x3000, 0x6, &(0x7f0000ff9000/0x3000)=nil)
pipe2$9p(&(0x7f0000000280), 0x40000)

01:22:47 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021202eda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:22:47 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02468030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:22:47 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x6, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:22:47 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 58)

01:22:47 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r6=>0x0, &(0x7f0000000300))
setresuid(0x0, r5, r6)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/consoles\x00', 0x0, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r8=>0x0})
setresuid(0xffffffffffffffff, r8, 0x0)
syz_mount_image$iso9660(&(0x7f00000003c0), &(0x7f0000000400)='\x00', 0x92, 0x1, &(0x7f0000000440)=[{&(0x7f0000000500)="7046493a5927d7f1c63e668321114ef0e4cf837bd923704641e335859a8641b91578d52565d74bbaac3b4eb501799bd8ffa2f2d190d46198bf3a7f09c58675fa756c7e723b91b3d42c", 0x49, 0x5}], 0x88401, &(0x7f0000000580)={[{@unhide}, {@nocompress}, {@dmode={'dmode', 0x3d, 0x3f}}, {@nocompress}], [{@dont_hash}, {@func={'func', 0x3d, 'KEXEC_INITRAMFS_CHECK'}}, {@uid_gt={'uid>', r8}}, {@euid_eq={'euid', 0x3d, r4}}, {@dont_measure}, {@smackfsroot={'smackfsroot', 0x3d, '\''}}, {@obj_role={'obj_role', 0x3d, '-*\''}}]})
syz_io_uring_setup(0x1ab1, &(0x7f0000000240)={0x0, 0xe497, 0x8, 0x1, 0x1da, 0x0, r7}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000000340), &(0x7f0000000380))
r9 = fork()
setreuid(r4, r4)
prlimit64(r9, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

[ 2055.423711] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2055.434628] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2055.434628]    program syz-executor.6 not setting count and/or reply_len properly
[ 2055.447819] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2055.447819]    program syz-executor.5 not setting count and/or reply_len properly
[ 2055.448800] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2055.451845] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2055.451845]    program syz-executor.4 not setting count and/or reply_len properly
[ 2055.468548] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2055.468548]    program syz-executor.1 not setting count and/or reply_len properly
[ 2055.486225] FAULT_INJECTION: forcing a failure.
[ 2055.486225] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2055.488870] CPU: 0 PID: 25858 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2055.490337] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2055.492104] Call Trace:
[ 2055.492676]  dump_stack+0x107/0x167
[ 2055.493447]  should_fail.cold+0x5/0xa
[ 2055.494260]  __alloc_pages_nodemask+0x182/0x600
[ 2055.495239]  ? __kmalloc+0x16e/0x390
[ 2055.496036]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2055.497303]  ? trace_hardirqs_on+0x5b/0x180
[ 2055.498223]  alloc_pages_current+0x187/0x280
[ 2055.499152]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2055.500190]  sg_common_write.constprop.0+0x992/0x1a30
[ 2055.501284]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2055.502319]  ? vprintk_func+0x93/0x140
[ 2055.503123]  ? printk+0xba/0xf1
[ 2055.503821]  ? record_print_text.cold+0x16/0x16
[ 2055.504770]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 2055.505795]  ? trace_hardirqs_on+0x5b/0x180
[ 2055.506683]  sg_write.part.0+0x69e/0xaa0
[ 2055.507510]  ? sg_new_write.isra.0+0x770/0x770
[ 2055.508460]  ? find_held_lock+0x2c/0x110
[ 2055.509293]  ? __might_fault+0xd3/0x180
[ 2055.510095]  ? lock_downgrade+0x6d0/0x6d0
[ 2055.510949]  ? _cond_resched+0x10/0x30
[ 2055.511747]  ? inode_security+0x107/0x140
[ 2055.512589]  ? avc_policy_seqno+0x9/0x70
[ 2055.513413]  ? selinux_file_permission+0x92/0x520
[ 2055.514394]  ? iov_iter_advance+0x23b/0xec0
[ 2055.515283]  sg_write+0x87/0x120
[ 2055.515987]  do_iter_write+0x4f0/0x700
[ 2055.516789]  ? import_iovec+0x83/0xb0
[ 2055.517562]  vfs_writev+0x1ae/0x620
[ 2055.518299]  ? vfs_iter_write+0xa0/0xa0
[ 2055.519104]  ? __fget_files+0x2cf/0x520
[ 2055.519922]  ? lock_downgrade+0x6d0/0x6d0
[ 2055.520759]  ? find_held_lock+0x2c/0x110
[ 2055.521586]  ? ksys_write+0x12d/0x260
[ 2055.522369]  ? __fget_files+0x2f8/0x520
[ 2055.523192]  ? __fget_light+0xea/0x290
[ 2055.524001]  do_writev+0x139/0x300
[ 2055.524732]  ? vfs_writev+0x620/0x620
[ 2055.525512]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2055.526584]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2055.527635]  do_syscall_64+0x33/0x40
[ 2055.528406]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2055.529435] RIP: 0033:0x7f04ef0deb19
[ 2055.530192] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2055.533925] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2055.535473] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2055.536934] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 2055.538385] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2055.539835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2055.541283] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:22:48 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x7, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:22:48 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000300046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:22:48 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021076cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2055.593651] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2055.596567] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2055.596567]    program syz-executor.6 not setting count and/or reply_len properly
[ 2055.626896] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2055.626896]    program syz-executor.6 not setting count and/or reply_len properly
01:22:48 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0, <r6=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r7=>0x0, &(0x7f0000000300))
setresuid(0x0, r5, r7)
r8 = fork()
setreuid(r4, r4)
prlimit64(r8, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))
r9 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x40400, 0x20)
r10 = getuid()
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000100000018000001", @ANYRES32=r9, @ANYRES32=r10, @ANYRES32=r6, @ANYBLOB='./file0\x00'])

01:22:48 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021204cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:22:48 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe0246c030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:22:48 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[])
r0 = syz_io_uring_complete(0x0)
chdir(&(0x7f0000000040)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0)
r2 = perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r3=>r0, {0x1}}, './file0\x00'})
bind$unix(r3, &(0x7f00000001c0)=@file={0x0, './file0\x00'}, 0x6e)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, 0xffffffffffffffff)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000280), &(0x7f0000000300)=0xc)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0)
openat(0xffffffffffffffff, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000440)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38, 0x0, 0xffff}, [{0x0, 0x0, 0x0, 0x0, 0x5}], "", ['\x00']}, 0x178)
sendfile(r1, r4, 0x0, 0x100000001)

01:22:48 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021096cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2055.696271] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2055.696271]    program syz-executor.4 not setting count and/or reply_len properly
[ 2055.698596] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2055.698596]    program syz-executor.5 not setting count and/or reply_len properly
01:22:48 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000800046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:22:48 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x8, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

[ 2055.754937] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2055.754937]    program syz-executor.6 not setting count and/or reply_len properly
01:22:48 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 59)

[ 2055.772622] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2055.772622]    program syz-executor.5 not setting count and/or reply_len properly
01:22:48 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe024000300212075da3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2055.780513] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2055.806108] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2055.833833] FAULT_INJECTION: forcing a failure.
[ 2055.833833] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2055.835681] CPU: 1 PID: 26099 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2055.836650] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2055.837794] Call Trace:
[ 2055.838166]  dump_stack+0x107/0x167
[ 2055.838670]  should_fail.cold+0x5/0xa
[ 2055.839198]  __alloc_pages_nodemask+0x182/0x600
[ 2055.839862]  ? __kmalloc+0x16e/0x390
[ 2055.840387]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2055.841221]  ? trace_hardirqs_on+0x5b/0x180
[ 2055.841816]  alloc_pages_current+0x187/0x280
[ 2055.842420]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2055.843084]  sg_common_write.constprop.0+0x992/0x1a30
[ 2055.843804]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2055.844498]  ? lock_downgrade+0x6d0/0x6d0
[ 2055.845065]  ? do_raw_spin_trylock+0xad/0x180
[ 2055.845682]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2055.846407]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 2055.847093]  ? trace_hardirqs_on+0x5b/0x180
[ 2055.847691]  ? ___ratelimit+0x1fc/0x440
[ 2055.848246]  sg_write.part.0+0x69e/0xaa0
[ 2055.848803]  ? sg_new_write.isra.0+0x770/0x770
[ 2055.849441]  ? find_held_lock+0x2c/0x110
[ 2055.850000]  ? __might_fault+0xd3/0x180
[ 2055.850545]  ? lock_downgrade+0x6d0/0x6d0
[ 2055.851126]  ? _cond_resched+0x10/0x30
[ 2055.851672]  ? inode_security+0x107/0x140
[ 2055.852250]  ? avc_policy_seqno+0x9/0x70
[ 2055.852805]  ? selinux_file_permission+0x92/0x520
[ 2055.853461]  ? iov_iter_advance+0x23b/0xec0
[ 2055.854051]  sg_write+0x87/0x120
[ 2055.854518]  do_iter_write+0x4f0/0x700
[ 2055.855049]  ? import_iovec+0x83/0xb0
[ 2055.855572]  vfs_writev+0x1ae/0x620
[ 2055.856082]  ? vfs_iter_write+0xa0/0xa0
[ 2055.856620]  ? __fget_files+0x2cf/0x520
[ 2055.857160]  ? lock_downgrade+0x6d0/0x6d0
[ 2055.857722]  ? find_held_lock+0x2c/0x110
[ 2055.858277]  ? ksys_write+0x12d/0x260
[ 2055.858802]  ? __fget_files+0x2f8/0x520
[ 2055.859346]  ? __fget_light+0xea/0x290
[ 2055.859885]  do_writev+0x139/0x300
[ 2055.860373]  ? vfs_writev+0x620/0x620
[ 2055.860893]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2055.861608]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2055.862369]  do_syscall_64+0x33/0x40
[ 2055.862879]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2055.863574] RIP: 0033:0x7f04ef0deb19
[ 2055.864095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2055.866585] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2055.867609] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2055.868588] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000008
[ 2055.869563] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2055.870554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2055.871515] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:22:48 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe024000300210a6cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:02 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x9, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:23:02 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02474030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:02 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 60)

01:23:02 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000ffffffff0046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:02 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe0240003002120b6da3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:02 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021256cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:02 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x2, 0x0, 0xb150, 0x1, &(0x7f0000000340)="b88314cfc50b3880ab368b5b225ddd9bd21283e4f5ba98aa77ba9a4629b32a76e6dafaa5376e26b8916a89951662b3c1b5efd11c9151af6d725136d296655ab11ee14460f2a9ea0def51d1fb0fde482c0a1b05175dddce25aa48d9d9b14c031ce314a7010ff741ed3f32838537610fe9c563153b6f39c379e7b371f496446d955326e1340d0eb8cf443581f5edac8820d0d800267114e16174a2375e3667ab2f613339dae25a9463c64f03f9594e2ae15ef43d479d69320489a242d688bfe0c371e9599a15fc0f4166622f0f17b85996101672af3eafde835b185cebdc1d6cf252", 0x5, 0x0, 0x1, {0x2}}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
setresuid(0xffffffffffffffff, r3, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r5=>0x0, &(0x7f0000000300))
setresuid(0x0, r4, r5)
r6 = fork()
setreuid(r3, r3)
prlimit64(r6, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

01:23:02 executing program 7:
unshare(0x28020600)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4317, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)={0x4c, 0x12, 0x501, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, {0xffff}}}, 0x4c}}, 0x0)
ioctl$int_in(r0, 0x5421, &(0x7f0000000000)=0x2)
openat$cdrom(0xffffffffffffff9c, &(0x7f0000000180), 0x40800, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$TCPDIAG_GETSOCK(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)={0x4c, 0x12, 0x501, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, {0xffff}}}, 0x4c}}, 0x0)
r2 = syz_genetlink_get_family_id$gtp(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$GTP_CMD_NEWPDP(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r2, 0x300, 0x70bd29, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_PEER_ADDRESS={0x8, 0x4, @local}]}, 0x24}, 0x1, 0x0, 0x0, 0x200040c1}, 0x20008000)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000040)=ANY=[@ANYBLOB="e3d85566de50678b8df2b7eba7cf07ad80caf7dde7bc258185e51d90394ee7c5e93e4091f2e7de7fd05342ea7791204deb79ad2b07361ffe7a8c7c2ff69136bf0c9a3d40838d173767dde1508475b05b5a764555fabfb047f144f403dbe8695848f44df8434884f343b71dd79128ebb6a119919acd5e0d26a5617c3916a4d6292ee12ff79610553dcfce4974c4e753506900ed534e14a6e65ff262f235ce10b29768506c9af4"])
unshare(0x48020200)

[ 2069.825757] sg_write: 3 callbacks suppressed
[ 2069.825780] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2069.825780]    program syz-executor.5 not setting count and/or reply_len properly
01:23:02 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000020000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2069.846694] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2069.846694]    program syz-executor.6 not setting count and/or reply_len properly
[ 2069.849685] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2069.849685]    program syz-executor.1 not setting count and/or reply_len properly
[ 2069.853873] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 2069.855830] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2069.855830]    program syz-executor.5 not setting count and/or reply_len properly
[ 2069.857305] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2069.869292] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 2069.873869] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2069.873869]    program syz-executor.4 not setting count and/or reply_len properly
[ 2069.876857] FAULT_INJECTION: forcing a failure.
[ 2069.876857] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2069.879572] CPU: 1 PID: 26115 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2069.881060] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2069.882830] Call Trace:
[ 2069.883397]  dump_stack+0x107/0x167
[ 2069.884189]  should_fail.cold+0x5/0xa
[ 2069.884997]  __alloc_pages_nodemask+0x182/0x600
[ 2069.885983]  ? __kmalloc+0x16e/0x390
[ 2069.886775]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2069.888083]  ? trace_hardirqs_on+0x5b/0x180
[ 2069.889010]  alloc_pages_current+0x187/0x280
[ 2069.889956]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2069.890997]  sg_common_write.constprop.0+0x992/0x1a30
[ 2069.892120]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2069.893175]  ? vprintk_func+0x93/0x140
[ 2069.894011]  ? printk+0xba/0xf1
[ 2069.894711]  ? record_print_text.cold+0x16/0x16
[ 2069.895698]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 2069.896781]  ? trace_hardirqs_on+0x5b/0x180
[ 2069.897713]  sg_write.part.0+0x69e/0xaa0
[ 2069.898587]  ? sg_new_write.isra.0+0x770/0x770
[ 2069.899578]  ? find_held_lock+0x2c/0x110
[ 2069.900454]  ? __might_fault+0xd3/0x180
[ 2069.901301]  ? lock_downgrade+0x6d0/0x6d0
[ 2069.902196]  ? _cond_resched+0x10/0x30
[ 2069.903018]  ? inode_security+0x107/0x140
[ 2069.903917]  ? avc_policy_seqno+0x9/0x70
[ 2069.904778]  ? selinux_file_permission+0x92/0x520
[ 2069.905783]  ? iov_iter_advance+0x23b/0xec0
[ 2069.906713]  sg_write+0x87/0x120
[ 2069.907438]  do_iter_write+0x4f0/0x700
[ 2069.908246]  ? import_iovec+0x83/0xb0
[ 2069.909079]  vfs_writev+0x1ae/0x620
[ 2069.909858]  ? vfs_iter_write+0xa0/0xa0
[ 2069.910716]  ? __fget_files+0x2cf/0x520
[ 2069.911572]  ? lock_downgrade+0x6d0/0x6d0
[ 2069.912472]  ? find_held_lock+0x2c/0x110
[ 2069.913338]  ? ksys_write+0x12d/0x260
[ 2069.914041] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=26126 comm=syz-executor.7
[ 2069.914185]  ? __fget_files+0x2f8/0x520
[ 2069.914214]  ? __fget_light+0xea/0x290
[ 2069.917263]  do_writev+0x139/0x300
[ 2069.918011]  ? vfs_writev+0x620/0x620
[ 2069.918820]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2069.919945]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2069.921041]  do_syscall_64+0x33/0x40
[ 2069.921688] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2069.921835]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2069.923901] RIP: 0033:0x7f04ef0deb19
[ 2069.924693] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2069.928644] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2069.930236] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2069.931757] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000008
[ 2069.933308] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
01:23:02 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000030000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2069.934818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2069.936489] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:23:02 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe024000300212f6cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:02 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe0247a030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:02 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0xf, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:23:02 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 61)

01:23:02 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda0a5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2070.031279] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2070.031279]    program syz-executor.6 not setting count and/or reply_len properly
[ 2070.031772] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2070.035727] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2070.035727]    program syz-executor.5 not setting count and/or reply_len properly
[ 2070.040474] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2070.040474]    program syz-executor.1 not setting count and/or reply_len properly
[ 2070.040778] FAULT_INJECTION: forcing a failure.
[ 2070.040778] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2070.040791] CPU: 0 PID: 26189 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2070.040797] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2070.040801] Call Trace:
[ 2070.040818]  dump_stack+0x107/0x167
[ 2070.040830]  should_fail.cold+0x5/0xa
[ 2070.040845]  __alloc_pages_nodemask+0x182/0x600
[ 2070.040867]  ? __kmalloc+0x16e/0x390
[ 2070.049424]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2070.050127]  ? trace_hardirqs_on+0x5b/0x180
[ 2070.050632]  alloc_pages_current+0x187/0x280
[ 2070.051148]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2070.051709]  sg_common_write.constprop.0+0x992/0x1a30
[ 2070.052319]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2070.052900]  ? vprintk_func+0x93/0x140
[ 2070.053353]  ? printk+0xba/0xf1
[ 2070.053735]  ? record_print_text.cold+0x16/0x16
[ 2070.054282]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 2070.054872]  ? trace_hardirqs_on+0x5b/0x180
[ 2070.055377]  sg_write.part.0+0x69e/0xaa0
[ 2070.055851]  ? sg_new_write.isra.0+0x770/0x770
[ 2070.056389]  ? find_held_lock+0x2c/0x110
[ 2070.056859]  ? __might_fault+0xd3/0x180
[ 2070.057317]  ? lock_downgrade+0x6d0/0x6d0
[ 2070.057806]  ? _cond_resched+0x10/0x30
[ 2070.058269]  ? inode_security+0x107/0x140
[ 2070.058749]  ? avc_policy_seqno+0x9/0x70
[ 2070.059214]  ? selinux_file_permission+0x92/0x520
[ 2070.059771]  ? iov_iter_advance+0x23b/0xec0
[ 2070.060279]  sg_write+0x87/0x120
[ 2070.060680]  do_iter_write+0x4f0/0x700
[ 2070.061111]  ? import_iovec+0x83/0xb0
[ 2070.061560]  vfs_writev+0x1ae/0x620
[ 2070.061979]  ? vfs_iter_write+0xa0/0xa0
[ 2070.062442]  ? __fget_files+0x2cf/0x520
[ 2070.062900]  ? lock_downgrade+0x6d0/0x6d0
[ 2070.063379]  ? find_held_lock+0x2c/0x110
[ 2070.063848]  ? ksys_write+0x12d/0x260
[ 2070.064296]  ? __fget_files+0x2f8/0x520
[ 2070.064756]  ? __fget_light+0xea/0x290
[ 2070.065209]  do_writev+0x139/0x300
[ 2070.065622]  ? vfs_writev+0x620/0x620
[ 2070.066067]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2070.066677]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2070.067249]  do_syscall_64+0x33/0x40
[ 2070.067679]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2070.068248] RIP: 0033:0x7f04ef0deb19
[ 2070.068677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2070.070794] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2070.071668] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2070.072492] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 2070.073306] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2070.074128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2070.074947] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
[ 2070.094017] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 2070.099414] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 2070.100906] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2070.100906]    program syz-executor.4 not setting count and/or reply_len properly
[ 2070.105918] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 2070.111824] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.7'.
01:23:02 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021306cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:02 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000090000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:02 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x48, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

[ 2070.156837] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=26126 comm=syz-executor.7
01:23:02 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x4)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r6=>0x0, &(0x7f0000000300))
setresuid(0x0, r5, r6)
r7 = fork()
setreuid(r4, r4)
prlimit64(r7, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

01:23:02 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400300021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:02 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda255e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2070.180512] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:23:02 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c045503000200000d0000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:02 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x4c, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

[ 2070.231224] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2070.231224]    program syz-executor.6 not setting count and/or reply_len properly
01:23:15 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r6=>0x0, &(0x7f0000000300))
setresuid(0x0, r5, r6)
r7 = fork()
setreuid(r4, r4)
prlimit64(r7, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

01:23:15 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400b60021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:15 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021b66cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:15 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 62)

01:23:15 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c045503000200000e0000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:15 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x68, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:23:15 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cdab65e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:15 executing program 7:
unshare(0x28020600)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4317, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)={0x4c, 0x12, 0x501, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, {0xffff}}}, 0x4c}}, 0x0)
ioctl$int_in(r0, 0x5421, &(0x7f0000000000)=0x2)
openat$cdrom(0xffffffffffffff9c, &(0x7f0000000180), 0x40800, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$TCPDIAG_GETSOCK(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)={0x4c, 0x12, 0x501, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, {0xffff}}}, 0x4c}}, 0x0)
r2 = syz_genetlink_get_family_id$gtp(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$GTP_CMD_NEWPDP(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r2, 0x300, 0x70bd29, 0x25dfdbfb, {}, [@GTPA_LINK={0x8}, @GTPA_PEER_ADDRESS={0x8, 0x4, @local}]}, 0x24}, 0x1, 0x0, 0x0, 0x200040c1}, 0x20008000)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000040)=ANY=[@ANYBLOB="e3d85566de50678b8df2b7eba7cf07ad80caf7dde7bc258185e51d90394ee7c5e93e4091f2e7de7fd05342ea7791204deb79ad2b07361ffe7a8c7c2ff69136bf0c9a3d40838d173767dde1508475b05b5a764555fabfb047f144f403dbe8695848f44df8434884f343b71dd79128ebb6a119919acd5e0d26a5617c3916a4d6292ee12ff79610553dcfce4974c4e753506900ed534e14a6e65ff262f235ce10b29768506c9af4"])
unshare(0x48020200)

[ 2083.155375] sg_write: 3 callbacks suppressed
[ 2083.155495] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2083.155495]    program syz-executor.4 not setting count and/or reply_len properly
[ 2083.178018] __nla_validate_parse: 3 callbacks suppressed
[ 2083.178038] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:23:15 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400040021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2083.180835] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2083.180835]    program syz-executor.6 not setting count and/or reply_len properly
01:23:15 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000300000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2083.205310] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2083.205310]    program syz-executor.5 not setting count and/or reply_len properly
[ 2083.207882] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 2083.209726] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2083.211316] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2083.211316]    program syz-executor.1 not setting count and/or reply_len properly
[ 2083.228706] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 2083.234969] FAULT_INJECTION: forcing a failure.
[ 2083.234969] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2083.237821] CPU: 0 PID: 26409 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2083.239396] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2083.241348] Call Trace:
[ 2083.241925]  dump_stack+0x107/0x167
[ 2083.242719]  should_fail.cold+0x5/0xa
01:23:15 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021200ada3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2083.243551]  __alloc_pages_nodemask+0x182/0x600
[ 2083.244774]  ? __kmalloc+0x16e/0x390
[ 2083.245616]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2083.246953]  ? trace_hardirqs_on+0x5b/0x180
[ 2083.247878]  alloc_pages_current+0x187/0x280
[ 2083.248813]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2083.249813]  sg_common_write.constprop.0+0x992/0x1a30
[ 2083.250877]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2083.251952]  ? vprintk_func+0x93/0x140
[ 2083.252762]  ? printk+0xba/0xf1
[ 2083.253441]  ? record_print_text.cold+0x16/0x16
[ 2083.254423]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 2083.255456]  ? trace_hardirqs_on+0x5b/0x180
[ 2083.256369]  sg_write.part.0+0x69e/0xaa0
[ 2083.257202]  ? sg_new_write.isra.0+0x770/0x770
[ 2083.258164]  ? find_held_lock+0x2c/0x110
[ 2083.259003]  ? __might_fault+0xd3/0x180
[ 2083.259835]  ? lock_downgrade+0x6d0/0x6d0
[ 2083.260725]  ? _cond_resched+0x10/0x30
01:23:15 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x6c, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:23:15 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400300021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2083.261533]  ? inode_security+0x107/0x140
[ 2083.262504]  ? avc_policy_seqno+0x9/0x70
[ 2083.263377]  ? selinux_file_permission+0x92/0x520
[ 2083.264400]  ? iov_iter_advance+0x23b/0xec0
[ 2083.265305]  sg_write+0x87/0x120
[ 2083.266020]  do_iter_write+0x4f0/0x700
[ 2083.266841]  ? import_iovec+0x83/0xb0
[ 2083.267647]  vfs_writev+0x1ae/0x620
[ 2083.268418]  ? vfs_iter_write+0xa0/0xa0
[ 2083.269249]  ? __fget_files+0x2cf/0x520
[ 2083.270081]  ? lock_downgrade+0x6d0/0x6d0
[ 2083.270945]  ? find_held_lock+0x2c/0x110
[ 2083.271798]  ? ksys_write+0x12d/0x260
[ 2083.272611]  ? __fget_files+0x2f8/0x520
[ 2083.273446]  ? __fget_light+0xea/0x290
[ 2083.274254]  do_writev+0x139/0x300
[ 2083.274982]  ? vfs_writev+0x620/0x620
[ 2083.275754]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2083.276825]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2083.277859]  do_syscall_64+0x33/0x40
[ 2083.278621]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2083.279686] RIP: 0033:0x7f04ef0deb19
[ 2083.280462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2083.284338] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2083.285936] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2083.287422] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 2083.288927] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2083.290419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2083.291922] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
[ 2083.302514] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=26407 comm=syz-executor.7
[ 2083.321066] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2083.321066]    program syz-executor.6 not setting count and/or reply_len properly
[ 2083.322842] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2083.322842]    program syz-executor.5 not setting count and/or reply_len properly
[ 2083.328202] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2083.351150] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:23:15 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3bb65672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2083.370580] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2083.370580]    program syz-executor.5 not setting count and/or reply_len properly
[ 2083.403481] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2083.403481]    program syz-executor.4 not setting count and/or reply_len properly
01:23:15 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x74, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:23:15 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000300000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2083.457032] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2083.471861] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:23:28 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 63)

01:23:28 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r6=>0x0, &(0x7f0000000300))
setresuid(0x0, r5, r6)
r7 = fork()
ptrace(0x8, r7)
setreuid(r4, r4)
prlimit64(r7, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

01:23:28 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5eb672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:28 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400b60021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:28 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe024000300212025da3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:28 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x2203, &(0x7f00000002c0)={0x0, 0x0, 0x1, 0x2}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x66e2, 0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r5=>0x0, &(0x7f00000000c0)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
syz_io_uring_setup(0x211d, &(0x7f0000000180)={0x0, 0x869a, 0x10, 0x1, 0x38e}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000000080), &(0x7f0000001500)=<r7=>0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
io_uring_enter(r4, 0x6386, 0xafea, 0x2, &(0x7f0000000340)={[0x1]}, 0x8)
syz_io_uring_submit(r5, r7, &(0x7f0000001640)=@IORING_OP_WRITE={0x17, 0x2, 0x4000, @fd=r0, 0x80000001, &(0x7f0000001540)="d5e2254385306e35d993b4217fcd621d8ec561ecd786fa3c7dc978e8441dd0951552f7d5b4cec0bb77b6d185d5eaf246ef704d5a5eebae52d7a8751ba6e120d76e236268246d381e9cd90ea45e35b5a1646c8c349d64c04f2cc1dcba91721f6754ee5a5ce34ce4bfa81cf608bd8dc971cb6fa7b523ee4215b6612dbb4178e513b9349afe0bdc6088339e62c0758df5e4323bfcf14222f28c68cce35e3316698d9bcc9c741f8e6aaf1c9ad4523b9e558dd5495ecd13ddfc499ac6e8e27bcf9bb8f8ee677cc52251bba34d305b1dd6c24251052ca232e0829a08046f13619d3f795ce6c09a4ce2baae", 0xe8, 0x1a, 0x1, {0x0, r8}}, 0x5)
syz_io_uring_submit(r2, r3, &(0x7f0000000240)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r4, 0x0, 0x0, 0xa2c0792771366ceb}, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000014c0)=@IORING_OP_RECVMSG={0xa, 0x5, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000001680)=""/136, 0x88}, {&(0x7f00000003c0)=""/195, 0xc3}, {&(0x7f00000004c0)=""/4096, 0x1000}], 0x3, &(0x7f0000000200)=""/60, 0x3c}, 0x0, 0x40002000, 0x0, {0x2}}, 0x3ff)
r9 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
syz_io_uring_submit(r9, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)

01:23:28 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000900000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:28 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x7a, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

[ 2096.145015] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2096.145015]    program syz-executor.4 not setting count and/or reply_len properly
[ 2096.147256] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2096.163933] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2096.163933]    program syz-executor.6 not setting count and/or reply_len properly
[ 2096.174092] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2096.174092]    program syz-executor.1 not setting count and/or reply_len properly
[ 2096.195604] FAULT_INJECTION: forcing a failure.
[ 2096.195604] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2096.197596] CPU: 0 PID: 26559 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2096.198638] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2096.200244] Call Trace:
[ 2096.200760]  dump_stack+0x107/0x167
[ 2096.201469]  should_fail.cold+0x5/0xa
[ 2096.202200]  __alloc_pages_nodemask+0x182/0x600
[ 2096.203093]  ? __kmalloc+0x16e/0x390
[ 2096.203820]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2096.204986]  ? trace_hardirqs_on+0x5b/0x180
[ 2096.205829]  alloc_pages_current+0x187/0x280
[ 2096.206687]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2096.207420]  sg_common_write.constprop.0+0x992/0x1a30
[ 2096.208446]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2096.209189]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2096.210196]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2096.211210]  ? trace_hardirqs_on+0x5b/0x180
[ 2096.211856]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2096.212897]  sg_write.part.0+0x69e/0xaa0
[ 2096.213670]  ? sg_new_write.isra.0+0x770/0x770
[ 2096.214543]  ? find_held_lock+0x2c/0x110
[ 2096.215314]  ? __might_fault+0xd3/0x180
[ 2096.216066]  ? lock_downgrade+0x6d0/0x6d0
[ 2096.216760]  ? _cond_resched+0x10/0x30
[ 2096.217501]  ? inode_security+0x107/0x140
[ 2096.218123]  ? avc_policy_seqno+0x9/0x70
[ 2096.218889]  ? selinux_file_permission+0x92/0x520
[ 2096.219816]  ? iov_iter_advance+0x23b/0xec0
[ 2096.220654]  sg_write+0x87/0x120
[ 2096.221299]  do_iter_write+0x4f0/0x700
[ 2096.222042]  ? import_iovec+0x83/0xb0
[ 2096.222779]  vfs_writev+0x1ae/0x620
[ 2096.223474]  ? vfs_iter_write+0xa0/0xa0
[ 2096.224238]  ? __fget_files+0x2cf/0x520
[ 2096.224993]  ? lock_downgrade+0x6d0/0x6d0
[ 2096.225772]  ? find_held_lock+0x2c/0x110
[ 2096.226554]  ? ksys_write+0x12d/0x260
[ 2096.227276]  ? __fget_files+0x2f8/0x520
[ 2096.227933]  ? __fget_light+0xea/0x290
[ 2096.228579]  do_writev+0x139/0x300
[ 2096.229110]  ? vfs_writev+0x620/0x620
[ 2096.229684]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2096.230452]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2096.231204]  do_syscall_64+0x33/0x40
[ 2096.231747]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2096.232521] RIP: 0033:0x7f04ef0deb19
[ 2096.233069] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2096.235862] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2096.237045] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2096.238130] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 2096.239228] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2096.240317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2096.241411] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:23:28 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e560ab89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:28 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000d00000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2096.253407] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:23:28 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030009206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2096.302520] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2096.302520]    program syz-executor.4 not setting count and/or reply_len properly
01:23:28 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021202eda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:28 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0xf0, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:23:28 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5625b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2096.361670] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2096.361670]    program syz-executor.5 not setting count and/or reply_len properly
01:23:28 executing program 7:
syz_usb_control_io$uac1(0xffffffffffffffff, &(0x7f0000000080)={0x14, &(0x7f0000000000)={0x40, 0x21, 0x1a, {0x1a, 0x5, "6350357040aae35b95a382fa1fba495f5f4532e8e25a73c0"}}, &(0x7f0000000040)={0x0, 0x3, 0x20, @string={0x20, 0x3, "784471cbb2bee58097206cf08ffdab5569006629e76670fb910937dc48be"}}}, &(0x7f00000002c0)={0x44, &(0x7f00000000c0)={0x20, 0x17, 0x20, "7fd4a4cd9f7c6293db71dddf279b798cfddca7dcd5d28905c4a221e1d03ade52"}, &(0x7f0000000100)={0x0, 0xa, 0x1, 0x2}, &(0x7f0000000140)={0x0, 0x8, 0x1, 0x40}, &(0x7f0000000180)={0x20, 0x81, 0x1, '['}, &(0x7f00000001c0)={0x20, 0x82, 0x3, "1b5ccc"}, &(0x7f0000000200)={0x20, 0x83, 0x1, "db"}, &(0x7f0000000240)={0x20, 0x84, 0x1, "7f"}, &(0x7f0000000280)={0x20, 0x85, 0x3, "44a2b2"}})
syz_usb_control_io$printer(0xffffffffffffffff, &(0x7f00000004c0)={0x14, &(0x7f0000000340)={0x20, 0x22, 0xef, {0xef, 0x6, "27d0ce0538777ae614d5a26bf0cd52bbf73d735d29f911581a73951bd585822cca4600870afb3af3b37269fc1336429cdb45b21c9168bee55b411fe852e393c444e4d7f62af9f54ff47ae597b5f3098d72dc4024b548da1c86815eacec737178e3875a077df4e119ad5984c7b4f0abf579cfd489091ad7fc046db8446507ed04badba164f3c3a35a3301277840435eb2601379d73884c5c175155ac6bed841b54b2fc2c4d5349b928a3948f63b461e405ddcb8f1b15f247e8ae42f6aa89966e833b200961eea88ea3280e399c6e3f413ec193834f00cb34ff958dd09b887bbbcea4d40cb42688328b0244e806c"}}, &(0x7f0000000440)={0x0, 0x3, 0x56, @string={0x56, 0x3, "9e30bc94efde77054c2bf466377a641b9975c3ee6d10004a24e3a8943cb3eba395f057f31bc71770f3782e331e58e7997053e0c30116c82ed4325a4fe268ec6492e341b82ef85fda635b18f3ed6d4890fd2f0413"}}}, &(0x7f0000000780)={0x34, &(0x7f0000000500)={0x20, 0x16, 0x86, "261df25f31152476d68b029bd6290b5b2ecbccf5f49f41a97935f0e3aedec1ea5289e2ec8084c4e7e38623e59c6cf7af919b146baff223773f23eea43d232b450dc6d4d2c06927f032aceb90f76e545b8dd9c15626a0549eafa9705adc37ccb17a2825690bd2341da38bdec9186018261750f7920d61e557f0683b06e82bacf77261d0a86e6b"}, &(0x7f00000005c0)={0x0, 0xa, 0x1}, &(0x7f0000000600)={0x0, 0x8, 0x1, 0x7}, &(0x7f0000000640)={0x20, 0x0, 0x95, {0x93, "244a8a6114e60046b5e14a622539141602df33402e4abe6b3b3864013eac1f28cb5054e473c66df235570cf76e474cf332b2212cf41e86e657e143341971088bb22f92339601ae217a578fea4c6e3d90c7313230b052f272a3e88eb778b6855be108ec793dbc49f93bf3df58a2024e2b76f461b684a8c15fb228f736259e98d97307b78f66a4debd92149c688428dd25106734"}}, &(0x7f0000000700)={0x20, 0x1, 0x1, 0x3}, &(0x7f0000000740)={0x20, 0x0, 0x1, 0x90}})
prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0x4)
syz_usb_control_io(0xffffffffffffffff, &(0x7f00000009c0)={0x2c, &(0x7f00000007c0)={0x60, 0x9, 0xd1, {0xd1, 0x24, "e93d6392d42f6f093f176556fcd29437d443e834a1303227f3977b1929bcf75640c0c4cc11ea36042bdb6f9241e193e80841b3e22d52242499e839a4501fed27b591e5a30e385ad5a6a03c28297b7569ffc917f155b39dd19eb3af80bf8c0c2d5526e757a21658d03725b296baf3d71299d370197725262457840a0c9ceb1ebd6a0cc7985b2db4f16640ec80b39d190d5632d786be730ca664d2e654176da3f4c35e578c541c916f5f2bc118445e18e5754b56bee78e19b95ff0e3fb30be9ac336a52c84f049472af3ed3e3c67b8ce"}}, &(0x7f00000008c0)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x43f}}, &(0x7f0000000900)={0x0, 0xf, 0x5, {0x5, 0xf, 0x5}}, &(0x7f0000000940)={0x20, 0x29, 0xf, {0xf, 0x29, 0x4, 0x0, 0x1, 0x7, "09a6ae0f", '!@bf'}}, &(0x7f0000000980)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x7, 0x2, 0x1, 0x3, 0x0, 0x8}}}, &(0x7f0000000e00)={0x84, &(0x7f0000000a00)={0x20, 0x7, 0x7, "3b98c63d449ed6"}, &(0x7f0000000a40)={0x0, 0xa, 0x1, 0x20}, &(0x7f0000000a80)={0x0, 0x8, 0x1, 0x7f}, &(0x7f0000000ac0)={0x20, 0x0, 0x4, {0x1, 0x1}}, &(0x7f0000000b00)={0x20, 0x0, 0x4, {0xe0, 0x40}}, &(0x7f0000000b40)={0x40, 0x7, 0x2, 0x6}, &(0x7f0000000b80)={0x40, 0x9, 0x1, 0x3}, &(0x7f0000000bc0)={0x40, 0xb, 0x2, "ccb5"}, &(0x7f0000000c00)={0x40, 0xf, 0x2, 0x9}, &(0x7f0000000c40)={0x40, 0x13, 0x6}, &(0x7f0000000c80)={0x40, 0x17, 0x6}, &(0x7f0000000cc0)={0x40, 0x19, 0x2, "28c8"}, &(0x7f0000000d00)={0x40, 0x1a, 0x2, 0x5738}, &(0x7f0000000d40)={0x40, 0x1c, 0x1}, &(0x7f0000000d80)={0x40, 0x1e, 0x1, 0x1}, &(0x7f0000000dc0)={0x40, 0x21, 0x1, 0x12}})
prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0x2)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000f40)={'erspan0\x00', &(0x7f0000000ec0)={'gretap0\x00', 0x0, 0x80, 0x10, 0x2, 0x8, {{0x11, 0x4, 0x0, 0x35, 0x44, 0x68, 0x0, 0x8, 0x4, 0x0, @remote, @dev={0xac, 0x14, 0x14, 0x1e}, {[@timestamp_prespec={0x44, 0x1c, 0x9a, 0x3, 0x8, [{@local, 0x3}, {@dev={0xac, 0x14, 0x14, 0x23}, 0x4fd9}, {@remote, 0xeb3f}]}, @generic={0x82, 0xb, "a03f77b3062203dd10"}, @cipso={0x86, 0x6, 0xffffffffffffffff}]}}}}})
r0 = syz_usb_connect$cdc_ecm(0x6, 0x6a, &(0x7f0000000f80)={{0x12, 0x1, 0x310, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x58, 0x1, 0x1, 0x80, 0xa0, 0x57, [{{0x9, 0x4, 0x0, 0x4, 0x3, 0x2, 0x6, 0x0, 0x1, {{0xa, 0x24, 0x6, 0x0, 0x0, "85687f32c6"}, {0x5, 0x24, 0x0, 0x7ff}, {0xd, 0x24, 0xf, 0x1, 0x1, 0x2, 0xb55, 0x9}, [@acm={0x4, 0x24, 0x2, 0x1}, @acm={0x4, 0x24, 0x2, 0xc}, @ncm={0x6, 0x24, 0x1a, 0x800, 0x27}, @country_functional={0xa, 0x24, 0x7, 0x5, 0x81, [0x3, 0x1f]}]}, {[], {{0x9, 0x5, 0x82, 0x2, 0x200, 0x5, 0x2, 0xff}}, {{0x9, 0x5, 0x3, 0x2, 0x4ce390eede5f8190, 0xf0, 0x8, 0x3}}}}}]}}]}}, &(0x7f0000001180)={0xa, &(0x7f0000001000)={0xa, 0x6, 0x250, 0x1f, 0x13, 0x6, 0xff, 0x8}, 0xee, &(0x7f0000001040)={0x5, 0xf, 0xee, 0x5, [@wireless={0xb, 0x10, 0x1, 0xc, 0x8, 0x8, 0x3, 0x0, 0x8}, @ptm_cap={0x3}, @wireless={0xb, 0x10, 0x1, 0xc, 0x20, 0x4, 0x5b, 0x2, 0x81}, @generic={0xc5, 0x10, 0x4, "53fe13646f7543b274dd7cdf4184b76390d8eacb61b792095522dbbf6fbd025bc0b2d8a484824d730f6e04126dc0e327bd8a09cea6e00ffa20029e0dc89175535ef15744d2bf5a9b5a1c56af8e54ee0d9dbfdd4b60408c3a520262e8bc2f9e899138931b328028a50f20e821b190f03d104c54ab429aa88e4b299e2880fc3929dcad97c78f38e3bca2ee1461231f2fe625844e45328b0a53d0698a1091093654c1d240922a050fe3173bcf2302b0e9b1d72f9861d9f62ec1516c354296e041cf1375"}, @wireless={0xb, 0x10, 0x1, 0xc, 0x21, 0x0, 0x8, 0x2}]}, 0x1, [{0x24, &(0x7f0000001140)=@string={0x24, 0x3, "1c9eaea63717fdd2ac47db2fff7d8f9b6a8b4b0cf0f840281721780f34c7d33314fe"}}]})
syz_usb_ep_write(r0, 0xf0, 0x5a, &(0x7f00000011c0)="2a6275319ee9ccfc95b2c0e6491354d95da2d81674ce0ddb1c59f13e6b7d490af013cc89c8cccf5d08516ed8cd8aa215e4c449c7c2ee9f959a1ae4ae360cfdbd117096db170e86b59bde5db8913012b99c3e30e45351b20cc45f")
syz_usb_ep_write$ath9k_ep2(0xffffffffffffffff, 0x83, 0x10, &(0x7f0000001240)=@ready={0x0, 0x0, 0x8, "bb3e195e", {0x1, 0x7fff, 0x40, 0x6}})
r1 = syz_usb_connect$cdc_ecm(0x0, 0x62, &(0x7f0000001280)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x50, 0x1, 0x1, 0x4, 0x30, 0x83, [{{0x9, 0x4, 0x0, 0x9, 0x3, 0x2, 0x6, 0x0, 0x20, {{0x5}, {0x5, 0x24, 0x0, 0x7}, {0xd, 0x24, 0xf, 0x1, 0xd0, 0x7, 0x5, 0x1}, [@dmm={0x7, 0x24, 0x14, 0x9, 0x6}, @obex={0x5, 0x24, 0x15, 0x1}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x200, 0x90, 0x80}}], {{0x9, 0x5, 0x82, 0x2, 0x240, 0x81, 0x9}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0x1, 0x41, 0xff}}}}}]}}]}}, &(0x7f0000001400)={0xa, &(0x7f0000001300)={0xa, 0x6, 0x110, 0x3f, 0x81, 0x3, 0xff, 0xfa}, 0x4f, &(0x7f0000001340)={0x5, 0xf, 0x4f, 0x6, [@ptm_cap={0x3}, @ss_container_id={0x14, 0x10, 0x4, 0x74, "72bf9d035cdcc3c0515a12a1977cde26"}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0x3, 0x4, 0x7, 0x4}, @ssp_cap={0x18, 0x10, 0xa, 0x80, 0x3, 0x20, 0x1ef00, 0x2, [0xc000, 0xff30, 0xc000]}, @ext_cap={0x7, 0x10, 0x2, 0x0, 0xb, 0x3, 0x41}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x0, 0x3, 0xff, 0x7ff}]}, 0x1, [{0x4, &(0x7f00000013c0)=@lang_id={0x4, 0x3, 0x816}}]})
syz_usb_control_io$cdc_ecm(r1, &(0x7f0000001540)={0x14, &(0x7f0000001440)={0x40, 0xe, 0xb0, {0xb0, 0x30, "10632b56d53cdc217948b52d73a814497cb5d8a7721319868d4851714d9bc64667e0d78ec75cad3ffc68949ef275148ee9d410c0eec12dcb07c94d6bf3d2c4fd9709b38e726eae31c9ccb0db6fd926ceb165279b69634c3b2f84b41fb58fb57e57b02a6d4831ca9953cceb0e5224d762836421fd142de55ebb01ad946bfc0cbc78b8e5bc74d4ba1c60e6d3a48f85ecc8138ab25d3e1c92e0f1e7f98b4989aa3d17c1b4de7fd158403899e47fa2c9"}}, &(0x7f0000001500)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f00000016c0)={0x1c, &(0x7f0000001580)={0x0, 0x15, 0x7e, "9c079fbeaaebc9a01c825133b24ea8bb4ae1cdc75ab172ff52f7cf711bfcfd08d5f449c6f836def2c8798274df6ca750fb8ac18c22c78e1bfd9430ee67c8eb525fa5e53236a7e2e49b2edf5e7b3bd8c99ff591912f0be38e903a1eda4d36e20cb503c69afd119194e9b5dbe8cb47a89551b7cc33bfc972f60dbfb51ed237"}, &(0x7f0000001640)={0x0, 0xa, 0x1}, &(0x7f0000001680)={0x0, 0x8, 0x1, 0xb6}})
r2 = syz_usb_connect$hid(0x1, 0x36, &(0x7f0000001700)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0xff, 0xffffffff, 0xffffffff, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x1f, 0xc0, 0xcb, [{{0x9, 0x4, 0x0, 0x2, 0x1, 0x3, 0x1, 0x0, 0x40, {0x9, 0x21, 0x400, 0x9, 0x1, {0x22, 0x397}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0xc9, 0x5, 0x81}}}}}]}}]}}, &(0x7f0000001b00)={0xa, &(0x7f0000001740)={0xa, 0x6, 0x250, 0x1, 0x0, 0x8, 0x20, 0x68}, 0x20, &(0x7f0000001780)={0x5, 0xf, 0x20, 0x2, [@ssp_cap={0xc, 0x10, 0xa, 0x3, 0x0, 0xdf9c, 0xf, 0x4800}, @generic={0xf, 0x10, 0xd, "5253400b292f020ed25aaafe"}]}, 0x7, [{0x4, &(0x7f00000017c0)=@lang_id={0x4, 0x3, 0xf0ff}}, {0xfd, &(0x7f0000001800)=@string={0xfd, 0x3, "5556586c54358de7e803306dc7b62d01e6d08806a65046a5f5f15622ac9ed53996ba8944acbb3ad3cdcd7647fc4c4ea89a91458f9ff1f337a605870f9e636ef0dcd8d1058444f61573fe41de7d3eb4c7f1a6db777a8b4319766eb91a2e2026c1a03db4465bcc1e0cd3a2bb8cafa6c539ac9f3eca8cce7d4b7e29f40cfb4cf98cd95909a722f7a349c195ae26587249da58858e53325347492b8f2ad41eddd634a7072131a9bf445c0ad0a298658d008f6bcb94885c5bd3583f802163487ebe03a2f76551effb54015933adae589b850700359991711b53b41ca61b4f33e4dff8c4686490e994f2a9bfcae04b8e8aab18b2895868298385fe9f6ed5"}}, {0x4, &(0x7f0000001900)=@lang_id={0x4, 0x3, 0x240a}}, {0x4, &(0x7f0000001940)=@lang_id={0x4, 0x3, 0x816}}, {0x4, &(0x7f0000001980)=@lang_id={0x4, 0x3, 0x2001}}, {0x4, &(0x7f00000019c0)=@lang_id={0x4, 0x3, 0x41d}}, {0xc7, &(0x7f0000001a00)=@string={0xc7, 0x3, "d9b17db2e1a623d552e15a4a93c818d5c1f38687101366c08cf65f6f76e2631db768fb56a5788827713987d620cffcd7c63640a6eaeb9a51fc92dc989f815587a95db41cc648865d5d435ea7ab3954b510832d6f3801581b484cf1637f9c3864338d74d0586af1206475b31f59991dad96b1a6df3236fb5eb5ca94d1e85fc42f78868d5f92cdf1a21a09b9b2b6743aeea6977e4e924bde2173d9d4047ba6d2f85668b4419550ceabfc705acbfbf44b89dd9e4aa390247ca833244bab9011217f4b3350f074"}}]})
syz_usb_control_io$hid(r2, &(0x7f0000001d40)={0x24, &(0x7f0000001b80)={0x20, 0x30, 0x9c, {0x9c, 0x21, "94f51eafa07023a1ae1e72d0b24a70600ab02e293b829c05924b479bf46b6edae58b2f44234115eec59bbff3060e32e1c015015e4f35328a92b5d0a428f7f5ebe86ff61b047ee634830331f015ad5e43541155613809ace0b570f8732585a7865a811c381ff6b973263c66e9927ef3fdefa755ff31cd2c683e8bd9ca7bd2f44a6c2de64904f7f2df4aa767a5d90e0d3beed5d2919d1fba6f0631"}}, &(0x7f0000001c40)={0x0, 0x3, 0x5f, @string={0x5f, 0x3, "128cb2a90453104dd0c4b31dc14442a027d83687cf1815de74372eb9650a9d4795e249f581343ef98eb05c60b1ac6eb90d7f5f282030d19ab2a59a11f564e75a8a7b4b3a3ae7997940c9b3d2ab46ef89b055013ccb6ea2345be315fa5a"}}, &(0x7f0000001cc0)={0x0, 0x22, 0xf, {[@local=@item_4={0x3, 0x2, 0x7, "d90429d6"}, @global=@item_012={0x0, 0x1, 0xb}, @global=@item_4={0x3, 0x1, 0x3, "3f4a00cc"}, @global=@item_012={0x0, 0x1, 0x1}, @global, @global=@item_012={0x1, 0x1, 0x5, 'H'}]}}, &(0x7f0000001d00)={0x0, 0x21, 0x9, {0x9, 0x21, 0x88, 0x0, 0x1, {0x22, 0xba8}}}}, &(0x7f0000001fc0)={0x2c, &(0x7f0000001d80)={0x20, 0x16, 0xa1, "7e9f5876f5de69bd8abb8eab7f23468bb20203525078bd93fd12c7c416a299d70efe53f91819f2f8337e399742f0088cac22f5c99d4d8831ddcd10c7a03d2deeb6ed75cdc7e53541077f82d7276e2d007be9a5ce84c6398025230c2597fbf4c4ab30ddf1236a121f6e9a6b651e95e2d52b5323a4f325a89c2d6d93ae9e348acfe9aec7d455cb508c9fcc09fee6330fe24dced97beef0fe599480b727d77b59b1dd"}, &(0x7f0000001e40)={0x0, 0xa, 0x1, 0x20}, &(0x7f0000001e80)={0x0, 0x8, 0x1, 0x7f}, &(0x7f0000001ec0)={0x20, 0x1, 0x95, "6073369447a88f235d7f9ca8248c94615223fd711bcaff32add6143402a0860ef6fc3d300fb27be1dfd2e45d0f3b08eed2a5a0299b11454014627b4939e2ca77e83f80df45ba5f452393cd63777954896be3ce0074f728391eae671e95c8ef0063262408a54026c120f6c7bf3af621dce9dd7fbce1d412018d60d5969fe541df140f1a77412d6508cb4d13943184a10dde3994698c"}, &(0x7f0000001f80)={0x20, 0x3, 0x1, 0x8}})
r3 = syz_usb_connect$cdc_ncm(0x1, 0x8f, &(0x7f0000002000)={{0x12, 0x1, 0x300, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x7d, 0x2, 0x1, 0x0, 0x40, 0x1, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0xa, 0x24, 0x6, 0x0, 0x1, "99796a43ec"}, {0x5, 0x24, 0x0, 0x6}, {0xd, 0x24, 0xf, 0x1, 0x401, 0xfa15, 0x1, 0x59}, {0x6, 0x24, 0x1a, 0x40, 0x8}, [@network_terminal={0x7, 0x24, 0xa, 0x4, 0x3, 0x4, 0x1f}, @mdlm={0x15, 0x24, 0x12, 0x4}]}, {{0x9, 0x5, 0x81, 0x3, 0x10, 0x20, 0x6, 0x6}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x10, 0x40, 0x81, 0xbf}}, {{0x9, 0x5, 0x3, 0x2, 0xbe4594e2b738d36b, 0x60, 0x44, 0x6}}}}}}}]}}, &(0x7f0000002680)={0xa, &(0x7f00000020c0)={0xa, 0x6, 0x201, 0x2, 0x3f, 0x1f, 0xff, 0x5}, 0xdd, &(0x7f0000002100)={0x5, 0xf, 0xdd, 0x6, [@ptm_cap={0x3}, @ssp_cap={0xc, 0x10, 0xa, 0x0, 0x0, 0x107, 0xf000, 0x7fff}, @ext_cap={0x7, 0x10, 0x2, 0x4, 0x2, 0x3, 0x400}, @ptm_cap={0x3}, @generic={0xbc, 0x10, 0xa, "f484959846e58b719dc126334599f9850c7f9ee93cdd590a4d7aa4e6ed1c83f4905053c5b09ade69646e2f31637e5c91836aa5c3652c67171a757608e877ceb9e7cdd170c82d310d5d488ef861347463fb011ad8fe5c5205e5361850bc0843b037025a1af7ad02d8bc6ef663980a57ca5766c376ff7a40900d9860539326ec566d21e9ac1f6469f02164a5a9748eccb6c368ee0197db571a1b895087b8e6f48e54405bfb27aa7915e858065a7ef9d27013dbe409eb0a6a7a8e"}, @ptm_cap={0x3}]}, 0x8, [{0x49, &(0x7f0000002200)=@string={0x49, 0x3, "adab9cf239f9f0691235407e8cc5d0e226adba62b940e90368a5f2d9e07d6796acc1c7c7738c2f8213975e3e015d0044179ce357b14bb0ee1af8ebf955a81ac7a2b53073534035"}}, {0xf4, &(0x7f0000002280)=@string={0xf4, 0x3, "03826b9abb3564a9a7615ccd9f03caf181582e2a09ae8d7d23d047e6b9117c38b1bf4ac690a4811ca4cde14db419ce67788360af17a6daa613062ac08ef90ca96ae65d55fb86fb9d09429875faf94b38e95a93d20b1b9faaaad8ccff9a0583f6a6c2e2a78e2fec10c41f0af08416aa06932913d8ca4c472aa4976f92fbefe9dc2e8862894aebc6accb0d521814b3a7433b025d79acf77425ab00931fa0bda72440983449219ae23cad73c71b014d0adda266036a5a0eed6e4a22838124bac5c907917b34707265e0c61c6687a858d764a8e99cc27dc6d05e258db3e43192de3c254944149056c674cf6eaa8956bf4044dc70"}}, {0x66, &(0x7f0000002380)=@string={0x66, 0x3, "b1911c263e2ab013f32cb81abe75c249893a214125ef7339b753acc54ddd34b025b3660fa37a55507af6a18c9c68653e4bac30ecb50bd965721a5f0ff7a9842fa7c4eea8b3768d78afc3062ff503a21c9a1e213a272ccd9cb87e65bb52d9901e428394b3"}}, {0x91, &(0x7f0000002400)=@string={0x91, 0x3, "d1e3df9f52aa04db8803e3197a3eeb701229b672f8e1f49caba3896f5eb3470d84f0ba9642700fad560baf8a0872f8d154fd414a571c5b8fdafc1bb060a2ac0877b065587ac7cf7381fe067955b80e632c84486c4c7cb4d9e9af4c8489f7b0a3e8fa315ad11e85ede88bb3901a840e58eff4e7e8555a1e8444300c87ec4d014cf2759f5f2b6cc7683a7ca8ce6e8219"}}, {0x4, &(0x7f00000024c0)=@lang_id={0x4, 0x3, 0x426}}, {0x69, &(0x7f0000002500)=@string={0x69, 0x3, "8392e25c1abf3eaee1e331fe3377bcfb97b547482500dfbd2ac76911b582832b8b535b30f1c67d248fecfa979769669d6a77496c2e30f75e37385d2f2cb2d8dcb3004d6a1766cf1ba427948cdce0f375dcc2ab6286cd57deced2aa34166fdb531043369a99a03a"}}, {0x8a, &(0x7f0000002580)=@string={0x8a, 0x3, "39c5a4df6253390112aee9000de94ddf2728accfea9c2bf6769c305df0471679fe986a8cf03d882d1bc091e59fd23d1d1622b381cc3e83141b62b8b2523cd053ba65d1737115aaabdb96630b8271741a72794b4dfea07ed8afb4250e2bd79b388c79f9f4a0d09a33fd43ccfbd3fba718482984581eae8003613ce0527e32d41b07e9929748213b93"}}, {0x2f, &(0x7f0000002640)=@string={0x2f, 0x3, "4c569f917368ce9b488c15a75a2f5764fa333728ff62e66485dfed3abc2541183cf11f6c7e993f7dbb6f0c112d"}}]})
syz_usb_control_io$cdc_ncm(r3, &(0x7f0000002780)={0x14, &(0x7f0000002700)={0x40, 0x14, 0x8, {0x8, 0x30, "a8547a3c72c8"}}, &(0x7f0000002740)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f00000029c0)={0x44, &(0x7f00000027c0)={0x0, 0x16, 0xc, "71be511f3e6dfc19b30773bf"}, &(0x7f0000002800)={0x0, 0xa, 0x1, 0x40}, &(0x7f0000002840)={0x0, 0x8, 0x1, 0x20}, &(0x7f0000002880)={0x20, 0x80, 0x1c, {0x6, 0x483, 0x0, 0xc4fa, 0x1000, 0x3, 0x5, 0xf0, 0xfffb, 0x1, 0x7, 0x8}}, &(0x7f00000028c0)={0x20, 0x85, 0x4, 0x800}, &(0x7f0000002900)={0x20, 0x83, 0x2}, &(0x7f0000002940)={0x20, 0x87, 0x2, 0x1}, &(0x7f0000002980)={0x20, 0x89, 0x2, 0x1}})
[ 2096.378234] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2096.378234]    program syz-executor.4 not setting count and/or reply_len properly
[ 2096.380860] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2096.380860]    program syz-executor.5 not setting count and/or reply_len properly
syz_usb_connect$printer(0x1, 0x36, &(0x7f0000002a40)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x10, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x80, 0x50, 0x4, [{{0x9, 0x4, 0x0, 0x20, 0x1, 0x7, 0x1, 0x1, 0x20, "", {{{0x9, 0x5, 0x1, 0x2, 0x40, 0x7f, 0x40, 0x7}}, [{{0x9, 0x5, 0x82, 0x2, 0x3ff, 0x6, 0x40, 0x3f}}]}}}]}}]}}, &(0x7f0000002b40)={0xa, &(0x7f0000002a80)={0xa, 0x6, 0x250, 0x9, 0x7f, 0x0, 0x40, 0x1}, 0x5, &(0x7f0000002ac0)={0x5, 0xf, 0x5}, 0x1, [{0x4, &(0x7f0000002b00)=@lang_id={0x4, 0x3, 0x424}}]})
syz_usb_control_io$cdc_ncm(r3, &(0x7f0000002c40)={0x14, &(0x7f0000002b80)={0x0, 0xd, 0x43, {0x43, 0x22, "87aefaa57b3e04b10c99d25f8df737aca066e926a726143863d5ebc951ce33bc959385d78bc893885431df92a6c10884c7eb8d6a06b43a1d5cd8e3ab488626ad86"}}, &(0x7f0000002c00)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000002f40)={0x44, &(0x7f0000002c80)={0x40, 0x11, 0xdd, "989db7283fc40cc0eb2d9fa2d267d25acf3382d979200073663a3cda8d688c5e6d2909957c5557c2f2559f7dff1570241d84879f5e606f0fc6cab14e9ee30a4f5fe902610a06507e04227bd35d1e8a534302a39f91ad28fb509ba0ba4553a0ac1763fd42e5cef6cdad3212eaccd8ff9ccfb10aed9dfed4e77405c57eed22d24c09fedde074a8ab29f535a196722fb9f474c229043039e74e3e0760c7528f624b72d446c7162c2e4f1b07c543e5e8f8e99ffe6aff99e30d3135f3f12a34b0d9503d1e49785e87171659600e81ced71d5fb8096415232eec6a48aa1f0554"}, &(0x7f0000002d80)={0x0, 0xa, 0x1, 0x3f}, &(0x7f0000002dc0)={0x0, 0x8, 0x1, 0x18}, &(0x7f0000002e00)={0x20, 0x80, 0x1c, {0x2, 0x9, 0x7, 0xf1e, 0x5, 0x3f, 0x2, 0x3, 0x1, 0x43e2}}, &(0x7f0000002e40)={0x20, 0x85, 0x4, 0xfe1}, &(0x7f0000002e80)={0x20, 0x83, 0x2, 0x1}, &(0x7f0000002ec0)={0x20, 0x87, 0x2, 0x3}, &(0x7f0000002f00)={0x20, 0x89, 0x2}})
syz_usb_control_io$hid(r2, &(0x7f0000003140)={0x24, &(0x7f0000002fc0)={0x40, 0x21, 0x8f, {0x8f, 0x10, "a0bffac842d4c5904e1cc97056f467ef76fb470edf2893169f9195cf1cd8808168b0f5c31d5f0c46c6e80e7e995d65e583c3f10ff08f221399a785c5c44ec9cba34feace7f0e7e097e8ebc6c61e9ccd3a941cb287d74c29fcdd0c8864d5235610a621a339b3838ccfd5059b1bc998785a0041e300cbe039c607c33adfb228659c01c3da05e7fb7fce7b9e26a54"}}, &(0x7f0000003080)={0x0, 0x3, 0x4, @lang_id={0x4}}, &(0x7f00000030c0)={0x0, 0x22, 0x12, {[@global=@item_012={0x0, 0x1, 0x6}, @main=@item_012={0x1, 0x0, 0x9, "7f"}, @global=@item_4={0x3, 0x1, 0xb, "4b45a2f5"}, @global=@item_4={0x3, 0x1, 0xb, "0e92a41f"}, @main=@item_4={0x3, 0x0, 0xa, "3cdcba3d"}]}}, &(0x7f0000003100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x3, 0x40, 0x1, {0x22, 0x3f5}}}}, &(0x7f0000003340)={0x2c, &(0x7f0000003180)={0x40, 0x3, 0x7, "6ebaf984381e4d"}, &(0x7f00000031c0)={0x0, 0xa, 0x1, 0x45}, &(0x7f0000003200)={0x0, 0x8, 0x1, 0x7f}, &(0x7f0000003240)={0x20, 0x1, 0x8f, "a2893664d93f7fd441d44163d438f78959a4febe80c55ca004dc8a35805609f53113cf3148a59fed3894227ecf1b0c909a5d1d7c68b4456cc55319f7dfa117bb225823e3d91d0fa5f28a5f2d36795a1a2f77b2b58a79ea0c3e0d0e4b6b8f4dffe3b2532552d131bb6d07d0990d1f410315d79ede6cd48e9fe2fea5b4692c92951eca1f2bdc7bcd824641d19866063b"}, &(0x7f0000003300)={0x20, 0x3, 0x1, 0x24}})
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000003380)={{0x1, 0x1, 0x18, <r4=>0xffffffffffffffff, {0x8}}, './file0\x00'})
bind$inet6(r4, &(0x7f00000033c0)={0xa, 0x4e21, 0x9, @private0={0xfc, 0x0, '\x00', 0x1}, 0x6}, 0x1c)

[ 2096.392104] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2096.404546] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2096.404546]    program syz-executor.6 not setting count and/or reply_len properly
[ 2096.420862] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:23:28 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000e00000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2110.579014] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2110.598225] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2110.598225]    program syz-executor.4 not setting count and/or reply_len properly
01:23:43 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 64)

01:23:43 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030221206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:43 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e56b6b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:43 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021204cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:43 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000000080)=0x90, 0x4)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
bind$inet6(0xffffffffffffffff, &(0x7f0000000180)={0xa, 0x4e23, 0x4, @empty, 0x2}, 0x1c)
setsockopt$sock_timeval(r0, 0x1, 0x43, &(0x7f0000000040)={0x0, 0xea60}, 0x10)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000900)={@in6={{0xa, 0x0, 0x0, @mcast1}}, 0x0, 0x0, 0x33, 0x0, "4fb2386f65a856b6930930052d7d4e52fc4032fe98f268baabdf34269819ec36e44c87f906b59567acb1dd5aa5ba7be8ecc7069f172fddc076e97b1bb7ad34493270d4dbba4a2ca52cc13ca18e08c805"}, 0xd8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f00000000c0)=0x6, 0x4)
sendmsg$inet6(r0, &(0x7f00000006c0)={0x0, 0x31, &(0x7f0000000540)=[{&(0x7f0000000100)=':\x00', 0xfffffdef}], 0x1}, 0x10044001)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, 0x0, 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pwrite64(r2, 0x0, 0x0, 0x0)
lseek(0xffffffffffffffff, 0x9e46, 0x0)
r3 = dup2(0xffffffffffffffff, r2)
fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f0000001440)='syz_tun\x00', 0x0, r1)
sendmsg$nl_generic(r3, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x1c, 0x1f, 0x4, 0x70bd2b, 0x25dfdbfe, {0x1e}, [@typed={0x7, 0x7, 0x0, 0x0, @str=',^\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x17}, 0x800)
getdents64(0xffffffffffffffff, &(0x7f0000001400)=""/53, 0x35)
bind$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0x53e, @private0={0xfc, 0x0, '\x00', 0x1}, 0xffff}, 0x1c)

01:23:43 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000004307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080)={0x0, 0xc09c, 0x1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000001880)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
stat(&(0x7f00000018c0)='./file0\x00', &(0x7f0000001800)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r6=>0x0, &(0x7f0000000300))
setresuid(0x0, r5, r6)
r7 = fork()
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r8=>0x0})
setresuid(0xffffffffffffffff, r8, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r9, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$TCPDIAG_GETSOCK(r9, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)={0x4c, 0x12, 0x501, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, {0xffff}}}, 0x4c}}, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000240)=@abs, 0x6e, &(0x7f0000001780)=[{&(0x7f0000000340)=""/190, 0xbe}, {&(0x7f0000000500)=""/4096, 0x1000}, {&(0x7f0000001500)=""/135, 0x87}, {&(0x7f0000000100)=""/55, 0x37}, {&(0x7f00000015c0)=""/172, 0xac}, {&(0x7f0000000400)=""/20, 0x14}, {&(0x7f0000001680)=""/235, 0xeb}], 0x7, &(0x7f0000001900)=ANY=[@ANYBLOB="1c000000000000000100000001080000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRESDEC=r9, @ANYRES32, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="2c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=<r10=>0x0, @ANYRES32=0x0, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYBLOB="1000000000000000010000000100000018000000000000000100000001000000", @ANYRES32, @ANYRES32], 0xf8}, 0x2)
setreuid(r10, r8)
prlimit64(r7, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

01:23:43 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000002000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:43 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x1a8, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

[ 2110.609326] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2110.609326]    program syz-executor.6 not setting count and/or reply_len properly
[ 2110.619675] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2110.619675]    program syz-executor.1 not setting count and/or reply_len properly
01:23:43 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000003000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2110.628133] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2110.628133]    program syz-executor.6 not setting count and/or reply_len properly
[ 2110.635850] FAULT_INJECTION: forcing a failure.
[ 2110.635850] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2110.637386] CPU: 0 PID: 26705 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2110.638202] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2110.639199] Call Trace:
[ 2110.639529]  dump_stack+0x107/0x167
[ 2110.639967]  should_fail.cold+0x5/0xa
[ 2110.640440]  __alloc_pages_nodemask+0x182/0x600
[ 2110.640983]  ? __kmalloc+0x16e/0x390
[ 2110.641416]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2110.642116]  ? trace_hardirqs_on+0x5b/0x180
[ 2110.642614]  alloc_pages_current+0x187/0x280
[ 2110.643129]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2110.643695]  sg_common_write.constprop.0+0x992/0x1a30
[ 2110.644302]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2110.644884]  ? vprintk_func+0x93/0x140
[ 2110.645335]  ? printk+0xba/0xf1
[ 2110.645724]  ? record_print_text.cold+0x16/0x16
[ 2110.646268]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 2110.646859]  ? trace_hardirqs_on+0x5b/0x180
[ 2110.647361]  sg_write.part.0+0x69e/0xaa0
[ 2110.647839]  ? sg_new_write.isra.0+0x770/0x770
[ 2110.648376]  ? find_held_lock+0x2c/0x110
[ 2110.648848]  ? __might_fault+0xd3/0x180
[ 2110.649307]  ? lock_downgrade+0x6d0/0x6d0
[ 2110.649795]  ? _cond_resched+0x10/0x30
[ 2110.650246]  ? inode_security+0x107/0x140
[ 2110.650731]  ? avc_policy_seqno+0x9/0x70
[ 2110.651204]  ? selinux_file_permission+0x92/0x520
[ 2110.651774]  ? iov_iter_advance+0x23b/0xec0
[ 2110.652283]  sg_write+0x87/0x120
[ 2110.652687]  do_iter_write+0x4f0/0x700
[ 2110.653138]  ? import_iovec+0x83/0xb0
[ 2110.653579]  vfs_writev+0x1ae/0x620
[ 2110.654001]  ? vfs_iter_write+0xa0/0xa0
[ 2110.654463]  ? __fget_files+0x2cf/0x520
[ 2110.654932]  ? lock_downgrade+0x6d0/0x6d0
[ 2110.655409]  ? find_held_lock+0x2c/0x110
[ 2110.655885]  ? ksys_write+0x12d/0x260
[ 2110.656328]  ? __fget_files+0x2f8/0x520
[ 2110.656809]  ? __fget_light+0xea/0x290
[ 2110.657301]  do_writev+0x139/0x300
[ 2110.657724]  ? vfs_writev+0x620/0x620
[ 2110.658179]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2110.658788]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2110.659404]  do_syscall_64+0x33/0x40
[ 2110.659853]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2110.660465] RIP: 0033:0x7f04ef0deb19
[ 2110.660893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2110.663018] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2110.663897] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2110.664731] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000008
[ 2110.665556] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2110.666374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2110.667205] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:23:43 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x300, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:23:43 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe024000300212075da3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:43 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000010000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:43 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b8b6eddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2110.737969] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2110.737969]    program syz-executor.4 not setting count and/or reply_len properly
[ 2110.743661] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2110.754994] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2110.756575] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2110.756575]    program syz-executor.6 not setting count and/or reply_len properly
01:23:58 executing program 7:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000003000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:58 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe0240003002120b6da3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:58 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030321206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:58 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000020000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:58 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r6=>0x0, &(0x7f0000000300))
setresuid(0x0, r5, r6)
r7 = fork()
setreuid(r4, r4)
prlimit64(r7, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

01:23:58 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb30535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:23:58 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x500, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:23:58 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 65)

[ 2125.991226] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2125.991226]    program syz-executor.4 not setting count and/or reply_len properly
[ 2126.000731] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2126.011569] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2126.011569]    program syz-executor.6 not setting count and/or reply_len properly
[ 2126.023748] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2126.023748]    program syz-executor.1 not setting count and/or reply_len properly
[ 2126.038186] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2126.042966] FAULT_INJECTION: forcing a failure.
[ 2126.042966] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2126.045782] CPU: 1 PID: 26864 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2126.047274] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2126.049076] Call Trace:
[ 2126.049660]  dump_stack+0x107/0x167
[ 2126.050447]  should_fail.cold+0x5/0xa
[ 2126.051285]  __alloc_pages_nodemask+0x182/0x600
[ 2126.052284]  ? __kmalloc+0x16e/0x390
[ 2126.053111]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2126.054433]  ? trace_hardirqs_on+0x5b/0x180
[ 2126.055372]  alloc_pages_current+0x187/0x280
[ 2126.056320]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2126.057385]  sg_common_write.constprop.0+0x992/0x1a30
[ 2126.058509]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2126.059571]  ? vprintk_func+0x93/0x140
[ 2126.060397]  ? printk+0xba/0xf1
[ 2126.061131]  ? record_print_text.cold+0x16/0x16
[ 2126.062141]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 2126.063222]  ? trace_hardirqs_on+0x5b/0x180
[ 2126.064157]  sg_write.part.0+0x69e/0xaa0
[ 2126.065044]  ? sg_new_write.isra.0+0x770/0x770
[ 2126.065994]  ? find_held_lock+0x2c/0x110
[ 2126.066875]  ? __might_fault+0xd3/0x180
[ 2126.067720]  ? lock_downgrade+0x6d0/0x6d0
[ 2126.068602]  ? _cond_resched+0x10/0x30
[ 2126.069441]  ? inode_security+0x107/0x140
[ 2126.070322]  ? avc_policy_seqno+0x9/0x70
[ 2126.071183]  ? selinux_file_permission+0x92/0x520
[ 2126.072212]  ? iov_iter_advance+0x23b/0xec0
[ 2126.073148]  sg_write+0x87/0x120
[ 2126.073871]  do_iter_write+0x4f0/0x700
[ 2126.074701]  ? import_iovec+0x83/0xb0
[ 2126.075503]  vfs_writev+0x1ae/0x620
[ 2126.076278]  ? vfs_iter_write+0xa0/0xa0
[ 2126.077137]  ? __fget_files+0x2cf/0x520
[ 2126.077967]  ? lock_downgrade+0x6d0/0x6d0
[ 2126.078853]  ? find_held_lock+0x2c/0x110
[ 2126.079706]  ? ksys_write+0x12d/0x260
[ 2126.080541]  ? __fget_files+0x2f8/0x520
[ 2126.081402]  ? __fget_light+0xea/0x290
[ 2126.082227]  do_writev+0x139/0x300
[ 2126.082974]  ? vfs_writev+0x620/0x620
[ 2126.083785]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2126.084909]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2126.086000]  do_syscall_64+0x33/0x40
[ 2126.086781]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2126.087897] RIP: 0033:0x7f04ef0deb19
[ 2126.088796] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2126.093214] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2126.095033] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2126.096743] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 2126.098439] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2126.100139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2126.101840] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:23:58 executing program 7:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000003000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:13 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddbb6535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:13 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000030000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:13 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r6=>0x0, &(0x7f0000000300))
setresuid(0x0, r5, r6)
r7 = fork()
bind(r3, &(0x7f0000000240)=@ieee802154={0x24, @long={0x3, 0xffff, {0xaaaaaaaaaaaa0302}}}, 0x80)
setreuid(r4, r4)
prlimit64(r7, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

01:24:13 executing program 7:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000003000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:13 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda0a5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:13 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x600, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:24:13 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 66)

01:24:13 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030421206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2140.748978] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2140.752269] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2140.752269]    program syz-executor.6 not setting count and/or reply_len properly
[ 2140.757620] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2140.757620]    program syz-executor.4 not setting count and/or reply_len properly
[ 2140.774128] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2140.774128]    program syz-executor.1 not setting count and/or reply_len properly
[ 2140.786032] FAULT_INJECTION: forcing a failure.
[ 2140.786032] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2140.788089] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2140.788817] CPU: 0 PID: 26994 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2140.792099] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2140.793986] Call Trace:
[ 2140.794580]  dump_stack+0x107/0x167
[ 2140.795404]  should_fail.cold+0x5/0xa
[ 2140.796260]  __alloc_pages_nodemask+0x182/0x600
[ 2140.797330]  ? __kmalloc+0x16e/0x390
[ 2140.798170]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2140.799530]  ? trace_hardirqs_on+0x5b/0x180
[ 2140.800506]  alloc_pages_current+0x187/0x280
[ 2140.801530]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2140.802631]  sg_common_write.constprop.0+0x992/0x1a30
[ 2140.803796]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2140.804950]  ? vprintk_func+0x93/0x140
[ 2140.805834]  ? printk+0xba/0xf1
[ 2140.806575]  ? record_print_text.cold+0x16/0x16
[ 2140.807625]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 2140.808775]  ? trace_hardirqs_on+0x5b/0x180
[ 2140.809771]  sg_write.part.0+0x69e/0xaa0
[ 2140.810692]  ? sg_new_write.isra.0+0x770/0x770
[ 2140.811719]  ? find_held_lock+0x2c/0x110
[ 2140.812632]  ? __might_fault+0xd3/0x180
[ 2140.813552]  ? lock_downgrade+0x6d0/0x6d0
[ 2140.814493]  ? _cond_resched+0x10/0x30
[ 2140.815358]  ? inode_security+0x107/0x140
[ 2140.816283]  ? avc_policy_seqno+0x9/0x70
[ 2140.817217]  ? selinux_file_permission+0x92/0x520
[ 2140.818292]  ? iov_iter_advance+0x23b/0xec0
[ 2140.819264]  sg_write+0x87/0x120
[ 2140.820028]  do_iter_write+0x4f0/0x700
[ 2140.820934]  ? import_iovec+0x83/0xb0
[ 2140.821794]  vfs_writev+0x1ae/0x620
[ 2140.822618]  ? vfs_iter_write+0xa0/0xa0
[ 2140.823517]  ? __fget_files+0x2cf/0x520
[ 2140.824415]  ? lock_downgrade+0x6d0/0x6d0
[ 2140.825384]  ? find_held_lock+0x2c/0x110
[ 2140.826303]  ? ksys_write+0x12d/0x260
[ 2140.827177]  ? __fget_files+0x2f8/0x520
[ 2140.828074]  ? __fget_light+0xea/0x290
[ 2140.828993]  do_writev+0x139/0x300
[ 2140.829793]  ? vfs_writev+0x620/0x620
[ 2140.830663]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2140.831843]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2140.833038]  do_syscall_64+0x33/0x40
[ 2140.833869]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2140.835018] RIP: 0033:0x7f04ef0deb19
[ 2140.835857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2140.840001] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2140.841732] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2140.843333] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 2140.844964] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2140.846573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2140.848176] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:24:13 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a0a5fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:13 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030521206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:13 executing program 7:
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000600)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x8}}, './file0\x00'})
openat(r0, &(0x7f0000000640)='./file0\x00', 0x2, 0x18)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
fremovexattr(r1, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="a40000002600010100000000000000000100000090006300a0eab51f24f4074cfbfbbb07324cc62f701d9f2905855dd18b1f0d5ce7f3493090af5beef11c281fbcc10f4675223ffc29811a6d82c0c17acd7a40480a51d57b2b3cc217bf3558b4d61924aa0922349a5a2c995217811204aa8bde49e583895d495ac12b16cb2b0cb00a0c3d1fb5b695cfebd4ad94d1a5642d3ec01006002e9f8a9bff9bc38d6a5f4c42eb9238b7bc3a2be2cefbfd2d17065093"], 0xa4}, 0x1, 0x0, 0x0, 0xb0}, 0x8044)
r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
pwrite64(r3, &(0x7f00000000c0)="041a3a4985d424bdce9675f286982a09f7fe7569cb2c6e71f89e8019678c585aa70cc9e2435235dcb0b3434020d0f4d5613bb8bde96608eaf4af1834720900b040007af6d3edc14cd7ab81c733b614b0835ac6af8173be3b00015a826f2562ae98feb0d40000f80000", 0xff69, 0x3ff03)
syz_io_uring_setup(0x22, &(0x7f0000000240)={0x0, 0x813d, 0x0, 0x0, 0x12d}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f00000002c0)=<r4=>0x0, &(0x7f0000002a40))
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x802073, &(0x7f0000000440)=ANY=[@ANYRES16, @ANYRESOCT, @ANYRES64, @ANYRESDEC])
copy_file_range(0xffffffffffffffff, 0x0, r5, &(0x7f0000000180)=0x3, 0x9, 0x0)
r6 = gettid()
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000680)={0x50, 0x0, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @val={0xc, 0x99, {0x0, 0x68}}}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x50}}, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r2)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_SET_KEY(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000580)={&(0x7f00000004c0)=ANY=[@ANYBLOB="8c000000", @ANYRES16=r7, @ANYBLOB="000425bd7000fcdbdf250a00000008000300", @ANYRES32=r8, @ANYBLOB="0c009900804b00001c00000011000700a01115d3969e85930b15bed2e70000000800090005ac0f0040005080040006001100010056598b7607796c904e93de220b0000001c00088004000200040001000400010004000100040002000400020005000900020000000800370000000000"], 0x8c}, 0x1, 0x0, 0x0, 0x4000080}, 0x80)
fallocate(0xffffffffffffffff, 0x3, 0x52, 0x6)
syz_io_uring_submit(r4, 0x0, &(0x7f0000000300)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, r2, &(0x7f0000000200), 0x0, 0x0, 0x1000}, 0x9)
getpriority(0x2, r6)

01:24:13 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000090000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:13 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x700, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:24:13 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda255e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2140.951561] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2140.951561]    program syz-executor.4 not setting count and/or reply_len properly
[ 2140.961249] netlink: 128 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 2140.979588] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2141.014681] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2141.014681]    program syz-executor.6 not setting count and/or reply_len properly
[ 2141.025194] netlink: 128 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 2141.030218] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:24:13 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030621206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2141.061961] netlink: 128 bytes leftover after parsing attributes in process `syz-executor.7'.
01:24:13 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c045503000200000000000d0000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:13 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x2003a75, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r6=>0x0, &(0x7f0000000300))
r7 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r7, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$TCPDIAG_GETSOCK(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)={0x4c, 0x12, 0x501, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, {0xffff}}}, 0x4c}}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000240), 0x42020c0, &(0x7f0000000380)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@cache_none}, {@cachetag={'cachetag', 0x3d, '\x10'}}, {@privport}, {@cache_mmap}, {@msize={'msize', 0x3d, 0x8000}}, {@cache_none}], [{@dont_measure}]}})
sendmsg$TCPDIAG_GETSOCK(r7, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="4c20000012000105000000000000000007000000ff00"/43, @ANYRES32=0x0, @ANYBLOB='\x00'/16], 0x4c}}, 0x0)
ioctl$BTRFS_IOC_BALANCE(r7, 0x5000940c, 0x0)
setresuid(0x0, r5, r6)
r8 = fork()
setreuid(r4, r4)
prlimit64(r8, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

01:24:13 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a255fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2141.119293] netlink: 128 bytes leftover after parsing attributes in process `syz-executor.7'.
01:24:13 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cdab65e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:13 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x900, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

[ 2141.150186] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2141.150186]    program syz-executor.4 not setting count and/or reply_len properly
01:24:13 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 67)

[ 2141.191014] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:24:13 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030721206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:13 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c045503000200000000000e0000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2141.223036] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2141.223036]    program syz-executor.6 not setting count and/or reply_len properly
[ 2141.239781] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2141.301972] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2141.301972]    program syz-executor.1 not setting count and/or reply_len properly
[ 2141.326142] FAULT_INJECTION: forcing a failure.
[ 2141.326142] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2141.328743] CPU: 1 PID: 27163 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2141.330151] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2141.331871] Call Trace:
[ 2141.332437]  dump_stack+0x107/0x167
[ 2141.333209]  should_fail.cold+0x5/0xa
[ 2141.334008]  __alloc_pages_nodemask+0x182/0x600
[ 2141.334966]  ? __kmalloc+0x16e/0x390
[ 2141.335742]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2141.337012]  ? trace_hardirqs_on+0x5b/0x180
[ 2141.337912]  alloc_pages_current+0x187/0x280
[ 2141.338832]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2141.339857]  sg_common_write.constprop.0+0x992/0x1a30
[ 2141.340956]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2141.341984]  ? vprintk_func+0x93/0x140
[ 2141.342788]  ? printk+0xba/0xf1
[ 2141.343482]  ? record_print_text.cold+0x16/0x16
[ 2141.344461]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 2141.345535]  ? trace_hardirqs_on+0x5b/0x180
[ 2141.346456]  sg_write.part.0+0x69e/0xaa0
[ 2141.347303]  ? sg_new_write.isra.0+0x770/0x770
[ 2141.348266]  ? find_held_lock+0x2c/0x110
[ 2141.349133]  ? __might_fault+0xd3/0x180
[ 2141.349965]  ? lock_downgrade+0x6d0/0x6d0
[ 2141.350842]  ? _cond_resched+0x10/0x30
[ 2141.351652]  ? inode_security+0x107/0x140
[ 2141.352515]  ? avc_policy_seqno+0x9/0x70
[ 2141.353361]  ? selinux_file_permission+0x92/0x520
[ 2141.354352]  ? iov_iter_advance+0x23b/0xec0
[ 2141.355246]  sg_write+0x87/0x120
[ 2141.355972]  do_iter_write+0x4f0/0x700
[ 2141.356786]  ? import_iovec+0x83/0xb0
[ 2141.357575]  vfs_writev+0x1ae/0x620
[ 2141.358326]  ? vfs_iter_write+0xa0/0xa0
[ 2141.359156]  ? __fget_files+0x2cf/0x520
[ 2141.359976]  ? lock_downgrade+0x6d0/0x6d0
[ 2141.360845]  ? find_held_lock+0x2c/0x110
[ 2141.361687]  ? ksys_write+0x12d/0x260
[ 2141.362474]  ? __fget_files+0x2f8/0x520
[ 2141.363300]  ? __fget_light+0xea/0x290
[ 2141.364110]  do_writev+0x139/0x300
[ 2141.364850]  ? vfs_writev+0x620/0x620
[ 2141.365632]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2141.366713]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2141.367773]  do_syscall_64+0x33/0x40
[ 2141.368540]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2141.369608] RIP: 0033:0x7f04ef0deb19
[ 2141.370379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2141.374180] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2141.375767] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2141.377244] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 2141.378708] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2141.380176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2141.381655] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:24:25 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 68)

01:24:25 executing program 7:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c045503000200000000000d0000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:25 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000000100)='./file0\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r6=>0x0, &(0x7f0000000300))
setresuid(0x0, r5, r6)
r7 = fork()
r8 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r8, &(0x7f00000000c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2b}}, 0x10)
r9 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmallocinfo\x00', 0x0, 0x0)
sendfile(r8, r9, 0x0, 0xffe3)
mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1000002, 0x30, r9, 0x10000000)
setreuid(r4, r4)
prlimit64(r7, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

01:24:25 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000200000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:25 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2ab65fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:25 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3bb65672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:25 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0xf00, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:24:25 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030921206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2153.427042] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2153.432065] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2153.432065]    program syz-executor.4 not setting count and/or reply_len properly
[ 2153.456013] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2153.456013]    program syz-executor.4 not setting count and/or reply_len properly
[ 2153.459081] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2153.466056] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2153.466056]    program syz-executor.6 not setting count and/or reply_len properly
[ 2153.481972] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2153.481972]    program syz-executor.1 not setting count and/or reply_len properly
01:24:26 executing program 7:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c045503000200000000000d0000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2153.488985] FAULT_INJECTION: forcing a failure.
[ 2153.488985] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2153.491908] CPU: 0 PID: 27271 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2153.493478] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2153.495330] Call Trace:
[ 2153.495922]  dump_stack+0x107/0x167
[ 2153.496743]  should_fail.cold+0x5/0xa
[ 2153.497611]  __alloc_pages_nodemask+0x182/0x600
[ 2153.498647]  ? __kmalloc+0x16e/0x390
[ 2153.499481]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2153.500830]  ? trace_hardirqs_on+0x5b/0x180
[ 2153.501818]  alloc_pages_current+0x187/0x280
[ 2153.502808]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2153.503898]  sg_common_write.constprop.0+0x992/0x1a30
[ 2153.505072]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2153.506193]  ? vprintk_func+0x93/0x140
[ 2153.507066]  ? printk+0xba/0xf1
[ 2153.507813]  ? record_print_text.cold+0x16/0x16
[ 2153.508880]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 2153.510013]  ? trace_hardirqs_on+0x5b/0x180
[ 2153.510997]  sg_write.part.0+0x69e/0xaa0
[ 2153.511912]  ? sg_new_write.isra.0+0x770/0x770
[ 2153.512949]  ? find_held_lock+0x2c/0x110
[ 2153.513872]  ? __might_fault+0xd3/0x180
[ 2153.514763]  ? lock_downgrade+0x6d0/0x6d0
[ 2153.515714]  ? _cond_resched+0x10/0x30
[ 2153.516580]  ? inode_security+0x107/0x140
[ 2153.517531]  ? avc_policy_seqno+0x9/0x70
[ 2153.518445]  ? selinux_file_permission+0x92/0x520
[ 2153.519527]  ? iov_iter_advance+0x23b/0xec0
[ 2153.520495]  sg_write+0x87/0x120
[ 2153.521270]  do_iter_write+0x4f0/0x700
[ 2153.522145]  ? import_iovec+0x83/0xb0
[ 2153.523014]  vfs_writev+0x1ae/0x620
[ 2153.523839]  ? vfs_iter_write+0xa0/0xa0
[ 2153.524734]  ? __fget_files+0x2cf/0x520
[ 2153.525631]  ? lock_downgrade+0x6d0/0x6d0
[ 2153.526563]  ? find_held_lock+0x2c/0x110
[ 2153.527486]  ? ksys_write+0x12d/0x260
[ 2153.528355]  ? __fget_files+0x2f8/0x520
[ 2153.529277]  ? __fget_light+0xea/0x290
[ 2153.530165]  do_writev+0x139/0x300
[ 2153.530964]  ? vfs_writev+0x620/0x620
[ 2153.531823]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2153.533006]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2153.534169]  do_syscall_64+0x33/0x40
[ 2153.535003]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2153.536151] RIP: 0033:0x7f04ef0deb19
[ 2153.536997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2153.541198] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2153.542911] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2153.544513] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 2153.546132] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2153.547726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2153.549329] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:24:26 executing program 7:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c045503000200000000000d0000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:40 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000200)=<r3=>0x0)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
syz_io_uring_setup(0x5988, &(0x7f0000000240)={0x0, 0xd66b, 0x20, 0x0, 0x118, 0x0, r1}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff0000/0xd000)=nil, &(0x7f0000000100), &(0x7f0000000340)=<r5=>0x0)
syz_io_uring_submit(r2, r5, &(0x7f0000000380)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x1, 0x0, @fd_index=0x9, 0x100000001, 0x0, 0x6, 0x2, 0x1}, 0x100)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2b}}, 0x10)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmallocinfo\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, r6, 0x0, 0xffe3)
perf_event_open(&(0x7f0000000400)={0x4, 0x80, 0x5, 0xdb, 0x80, 0x2, 0x0, 0x9, 0x80c, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x80, 0x2, @perf_bp={&(0x7f00000003c0), 0xc}, 0x21c4, 0x9, 0x6, 0x4, 0xc277, 0x4, 0x6, 0x0, 0x2, 0x0, 0xe012}, 0x0, 0xd, r6, 0x0)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r7=>0x0})
setresuid(0xffffffffffffffff, r7, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r8=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r9=>0x0, &(0x7f0000000300))
setresuid(0x0, r8, r9)
r10 = fork()
setreuid(r7, r7)
prlimit64(r10, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

01:24:40 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000300000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:40 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 69)

01:24:40 executing program 7:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030621206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:40 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030d21206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:40 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a530abd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:40 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5eb672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:40 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x10b9, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

[ 2168.197342] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2168.208198] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2168.208198]    program syz-executor.6 not setting count and/or reply_len properly
[ 2168.208523] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2168.208523]    program syz-executor.4 not setting count and/or reply_len properly
[ 2168.217810] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2168.217810]    program syz-executor.1 not setting count and/or reply_len properly
[ 2168.229941] FAULT_INJECTION: forcing a failure.
[ 2168.229941] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2168.232680] CPU: 1 PID: 27395 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2168.234172] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2168.235945] Call Trace:
[ 2168.236510]  dump_stack+0x107/0x167
[ 2168.237292]  should_fail.cold+0x5/0xa
[ 2168.238227]  __alloc_pages_nodemask+0x182/0x600
[ 2168.239467]  ? __kmalloc+0x16e/0x390
[ 2168.240281]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2168.241607]  ? trace_hardirqs_on+0x5b/0x180
[ 2168.242542]  alloc_pages_current+0x187/0x280
[ 2168.243528]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2168.244556]  sg_common_write.constprop.0+0x992/0x1a30
[ 2168.245648]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2168.246696]  ? vprintk_func+0x93/0x140
[ 2168.247522]  ? printk+0xba/0xf1
[ 2168.248221]  ? record_print_text.cold+0x16/0x16
[ 2168.249224]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 2168.250345]  ? trace_hardirqs_on+0x5b/0x180
[ 2168.251256]  sg_write.part.0+0x69e/0xaa0
[ 2168.252116]  ? sg_new_write.isra.0+0x770/0x770
[ 2168.253095]  ? find_held_lock+0x2c/0x110
[ 2168.253955]  ? __might_fault+0xd3/0x180
[ 2168.254787]  ? lock_downgrade+0x6d0/0x6d0
[ 2168.255665]  ? _cond_resched+0x10/0x30
[ 2168.256472]  ? inode_security+0x107/0x140
[ 2168.257343]  ? avc_policy_seqno+0x9/0x70
[ 2168.258191]  ? selinux_file_permission+0x92/0x520
[ 2168.259205]  ? iov_iter_advance+0x23b/0xec0
[ 2168.260167]  sg_write+0x87/0x120
01:24:40 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030e21206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2168.260905]  do_iter_write+0x4f0/0x700
[ 2168.262025]  ? import_iovec+0x83/0xb0
[ 2168.262848]  vfs_writev+0x1ae/0x620
[ 2168.263656]  ? vfs_iter_write+0xa0/0xa0
[ 2168.264515]  ? __fget_files+0x2cf/0x520
[ 2168.265387]  ? lock_downgrade+0x6d0/0x6d0
[ 2168.266296]  ? find_held_lock+0x2c/0x110
[ 2168.267191]  ? ksys_write+0x12d/0x260
[ 2168.268051]  ? __fget_files+0x2f8/0x520
[ 2168.268916]  ? __fget_light+0xea/0x290
[ 2168.269762]  do_writev+0x139/0x300
[ 2168.270522]  ? vfs_writev+0x620/0x620
[ 2168.271348]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2168.272483]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2168.273603]  do_syscall_64+0x33/0x40
[ 2168.274411]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2168.275509] RIP: 0033:0x7f04ef0deb19
[ 2168.276314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2168.280284] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2168.281927] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2168.283456] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 2168.284993] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2168.286544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2168.288076] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:24:40 executing program 7:
sendmsg$ETHTOOL_MSG_LINKINFO_GET(0xffffffffffffffff, &(0x7f00000008c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000880)={&(0x7f0000000600)={0xc8, 0x0, 0x10, 0x70bd29, 0x0, {}, [@HEADER={0x6c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}]}, @HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0xc8}, 0x1, 0x0, 0x0, 0x4000}, 0x8044891)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
ftruncate(r0, 0x1000004)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000200)=ANY=[@ANYBLOB="feff00822db87c3d55efd9599e442eb7afdb49b36aca6ba79b96f004bd6d0886a18278e6d9821c9fc6c31f0c", @ANYRES32=r0, @ANYBLOB="00000000000000002e2f662c86a260b1ec035cfee65237e05634de93ac3f8819dedb65c8fa8891ef2e1462c2cfba9e02ef30e546553ce5"])
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000100)=[r0, 0xffffffffffffffff], 0x2)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x91)
r2 = creat(&(0x7f0000000000)='./file2\x00', 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000500)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYBLOB="200100000000000000000000000000027f00000100000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c7ba67cb7d38793daf5bb8e"], 0x134}}, 0x0)
close(r2)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c005ba5ecc6e7fb6e7d0dd60c5c814dfd19140700e62f"], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
ioctl$LOOP_CHANGE_FD(r1, 0x4c06, 0xffffffffffffffff)
fallocate(0xffffffffffffffff, 0x58, 0x80000001, 0x9)
ioctl$IOC_PR_REGISTER(0xffffffffffffffff, 0x401870c8, &(0x7f00000000c0)={0x6200, 0x1f, 0x1})
ioctl$HDIO_GETGEO(0xffffffffffffffff, 0x301, &(0x7f0000000180))
perf_event_open(&(0x7f0000000400)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x104, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x8000, 0x7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
lseek(r1, 0x0, 0x2)
ftruncate(0xffffffffffffffff, 0xd5)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x128)
copy_file_range(r3, 0x0, r1, 0x0, 0x200f5ef, 0x0)

01:24:40 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e560ab89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:40 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000fffffff50000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:40 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a5325bd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:40 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x4800, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

[ 2168.458287] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2168.458287]    program syz-executor.6 not setting count and/or reply_len properly
01:24:41 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400033021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2168.520081] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2168.521045] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2168.521045]    program syz-executor.4 not setting count and/or reply_len properly
[ 2168.539885] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:24:53 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400034821206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:53 executing program 7:
ftruncate(0xffffffffffffffff, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
statx(0xffffffffffffffff, 0x0, 0x6900, 0x10, &(0x7f00000001c0))
umount2(&(0x7f0000000040)='./file1\x00', 0x8)
lstat(&(0x7f0000000180)='./file1\x00', &(0x7f0000000540))
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000007c0)={{{@in, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@loopback}}, &(0x7f0000000500)=0xe8)
uselib(0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612)
mkdirat(0xffffffffffffffff, &(0x7f00000002c0)='./file1\x00', 0x8)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000380)={0x0, <r0=>0x0})
r1 = perf_event_open(&(0x7f0000000300)={0x5, 0x80, 0x81, 0xd0, 0x7, 0x8, 0x0, 0x0, 0x8000, 0x8, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x1f, 0x8}, 0x208, 0x10001, 0xef2f, 0x0, 0x2, 0x7, 0xfff, 0x0, 0x9, 0x0, 0x6}, r0, 0x3, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f00000003c0)={0x1, 0x5d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x5, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$GIO_SCRNMAP(0xffffffffffffffff, 0x4b40, &(0x7f00000000c0)=""/150)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000440), 0x2101, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000004c0)={{0x1, 0x1, 0x18, <r4=>r1, {0xfffffff9}}, './file1\x00'})
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r3, 0xc018937d, &(0x7f00000005c0)={{0x1, 0x1, 0x18, r4, {0x1}}, './file1\x00'})
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0)

01:24:53 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a53b6bd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2181.417143] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2181.421665] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2181.421665]    program syz-executor.4 not setting count and/or reply_len properly
[ 2181.431057] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2181.431057]    program syz-executor.6 not setting count and/or reply_len properly
[ 2181.433140] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:24:53 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x4c00, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:24:53 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5625b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:53 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000ffffefff0000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:53 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 70)

01:24:53 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000200)=<r3=>0x0)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
fsetxattr$security_ima(r1, &(0x7f0000000100), &(0x7f0000000240)=@sha1={0x1, "4f823f10fe8f1c56a9232988753f60c25e44ecf8"}, 0x15, 0x2)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
setresuid(0xffffffffffffffff, r5, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r7=>0x0, &(0x7f0000000300))
setresuid(0x0, r6, r7)
r8 = openat$full(0xffffffffffffff9c, &(0x7f0000000280), 0x10002, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2000005, 0x10, r8, 0x0)
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0xf9, 0x2d, 0x9, 0x6, 0x0, 0x401, 0x4856, 0xc, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x5, 0x4, @perf_config_ext={0x5c2, 0x452}, 0x46260, 0x1f, 0x7, 0x0, 0x9, 0x7, 0x0, 0x0, 0x7, 0x0, 0x4}, 0x0, 0xa, 0xffffffffffffffff, 0x14)
r9 = fork()
setreuid(r5, r5)
prlimit64(r9, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

[ 2181.453957] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2181.453957]    program syz-executor.1 not setting count and/or reply_len properly
[ 2181.457234] FAULT_INJECTION: forcing a failure.
[ 2181.457234] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2181.459169] CPU: 0 PID: 27548 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2181.460243] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2181.461533] Call Trace:
[ 2181.461941]  dump_stack+0x107/0x167
[ 2181.462523]  should_fail.cold+0x5/0xa
[ 2181.463130]  __alloc_pages_nodemask+0x182/0x600
[ 2181.463870]  ? __kmalloc+0x16e/0x390
[ 2181.464458]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2181.465414]  ? trace_hardirqs_on+0x5b/0x180
[ 2181.466103]  alloc_pages_current+0x187/0x280
[ 2181.466808]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2181.467562]  sg_common_write.constprop.0+0x992/0x1a30
[ 2181.468349]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2181.469123]  ? vprintk_func+0x93/0x140
[ 2181.469764]  ? printk+0xba/0xf1
[ 2181.470292]  ? record_print_text.cold+0x16/0x16
[ 2181.470997]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 2181.471794]  ? trace_hardirqs_on+0x5b/0x180
[ 2181.472483]  sg_write.part.0+0x69e/0xaa0
[ 2181.473124]  ? sg_new_write.isra.0+0x770/0x770
[ 2181.473840]  ? find_held_lock+0x2c/0x110
[ 2181.474506]  ? __might_fault+0xd3/0x180
[ 2181.475108]  ? lock_downgrade+0x6d0/0x6d0
[ 2181.475749]  ? _cond_resched+0x10/0x30
[ 2181.476352]  ? inode_security+0x107/0x140
[ 2181.477000]  ? avc_policy_seqno+0x9/0x70
[ 2181.477634]  ? selinux_file_permission+0x92/0x520
[ 2181.478388]  ? iov_iter_advance+0x23b/0xec0
[ 2181.479052]  sg_write+0x87/0x120
[ 2181.479569]  do_iter_write+0x4f0/0x700
[ 2181.480181]  ? import_iovec+0x83/0xb0
[ 2181.480758]  vfs_writev+0x1ae/0x620
[ 2181.481321]  ? vfs_iter_write+0xa0/0xa0
[ 2181.481947]  ? __fget_files+0x2cf/0x520
[ 2181.482583]  ? lock_downgrade+0x6d0/0x6d0
[ 2181.483241]  ? find_held_lock+0x2c/0x110
[ 2181.483885]  ? ksys_write+0x12d/0x260
[ 2181.484481]  ? __fget_files+0x2f8/0x520
[ 2181.485119]  ? __fget_light+0xea/0x290
[ 2181.485734]  do_writev+0x139/0x300
[ 2181.486287]  ? vfs_writev+0x620/0x620
[ 2181.486896]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2181.487709]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2181.488545]  do_syscall_64+0x33/0x40
[ 2181.488646] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2181.488646]    program syz-executor.4 not setting count and/or reply_len properly
[ 2181.489139]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2181.491783] RIP: 0033:0x7f04ef0deb19
[ 2181.492384] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2181.495344] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2181.496588] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2181.497746] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 2181.498880] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2181.500008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2181.501145] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:24:54 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0406006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:54 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000ffefffff0000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:54 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e56b6b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:54 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400034c21206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:54 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0806006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:54 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000f5ffffff0000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:24:54 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x6800, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

[ 2181.592501] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2181.592501]    program syz-executor.6 not setting count and/or reply_len properly
[ 2181.595594] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2181.595594]    program syz-executor.4 not setting count and/or reply_len properly
[ 2181.618678] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2181.637759] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:24:54 executing program 0:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000340)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_MADVISE={0x19, 0x1, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x64, 0x1, {0x0, r5}}, 0x9ad4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00'})
setresuid(0xffffffffffffffff, 0x0, 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r7=>0x0, &(0x7f00000000c0)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r1, r8, &(0x7f0000000380)=@IORING_OP_TIMEOUT={0xb, 0x5, 0x0, 0x0, 0x2, &(0x7f0000000200)={0x0, 0x3938700}, 0x1, 0x1, 0x1}, 0x9)
getresuid(&(0x7f0000000300), &(0x7f00000002c0)=<r9=>0x0, &(0x7f0000000280))
setresuid(0x0, r6, r9)
r10 = fork()
setreuid(0x0, 0x0)
prlimit64(r10, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

01:24:54 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400036821206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:25:06 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b8b6eddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:25:06 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r6=>0x0, &(0x7f0000000300))
setresuid(0x0, r5, r6)
r7 = fork()
stat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000240))
setreuid(r4, r4)
prlimit64(r7, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

01:25:06 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400036c21206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2193.538577] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2193.538577]    program syz-executor.6 not setting count and/or reply_len properly
[ 2193.539568] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2193.542747] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2193.542747]    program syz-executor.4 not setting count and/or reply_len properly
01:25:06 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000000646e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:25:06 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xac540, 0x8c)
r1 = openat$incfs(0xffffffffffffffff, &(0x7f0000000080)='.pending_reads\x00', 0x202000, 0x25)
clone3(&(0x7f0000001200)={0x28519e700, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r1}}, 0x58)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1100)

01:25:06 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd3006006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:25:06 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x6c00, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:25:06 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 71)

[ 2193.558368] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2193.577198] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2193.577198]    program syz-executor.1 not setting count and/or reply_len properly
[ 2193.580124] FAULT_INJECTION: forcing a failure.
[ 2193.580124] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2193.581755] CPU: 1 PID: 27814 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2193.582614] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2193.583644] Call Trace:
[ 2193.583979]  dump_stack+0x107/0x167
[ 2193.584446]  should_fail.cold+0x5/0xa
[ 2193.584934]  __alloc_pages_nodemask+0x182/0x600
[ 2193.585527]  ? __kmalloc+0x16e/0x390
[ 2193.585991]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2193.586739]  ? trace_hardirqs_on+0x5b/0x180
[ 2193.587279]  alloc_pages_current+0x187/0x280
[ 2193.587831]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2193.588435]  sg_common_write.constprop.0+0x992/0x1a30
[ 2193.589084]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2193.589711]  ? vprintk_func+0x93/0x140
[ 2193.590201]  ? printk+0xba/0xf1
[ 2193.590614]  ? record_print_text.cold+0x16/0x16
[ 2193.591207]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 2193.591836]  ? trace_hardirqs_on+0x5b/0x180
[ 2193.592397]  sg_write.part.0+0x69e/0xaa0
[ 2193.592903]  ? sg_new_write.isra.0+0x770/0x770
[ 2193.593483]  ? find_held_lock+0x2c/0x110
[ 2193.594000]  ? __might_fault+0xd3/0x180
[ 2193.594500]  ? lock_downgrade+0x6d0/0x6d0
[ 2193.595027]  ? _cond_resched+0x10/0x30
[ 2193.595509]  ? inode_security+0x107/0x140
[ 2193.596032]  ? avc_policy_seqno+0x9/0x70
[ 2193.596538]  ? selinux_file_permission+0x92/0x520
[ 2193.597143]  ? iov_iter_advance+0x23b/0xec0
[ 2193.597691]  sg_write+0x87/0x120
[ 2193.598117]  do_iter_write+0x4f0/0x700
[ 2193.598604]  ? import_iovec+0x83/0xb0
[ 2193.599083]  vfs_writev+0x1ae/0x620
[ 2193.599536]  ? vfs_iter_write+0xa0/0xa0
[ 2193.600032]  ? __fget_files+0x2cf/0x520
[ 2193.600530]  ? lock_downgrade+0x6d0/0x6d0
[ 2193.601047]  ? find_held_lock+0x2c/0x110
[ 2193.601566]  ? ksys_write+0x12d/0x260
[ 2193.602037]  ? __fget_files+0x2f8/0x520
[ 2193.602531]  ? __fget_light+0xea/0x290
[ 2193.603015]  do_writev+0x139/0x300
[ 2193.603456]  ? vfs_writev+0x620/0x620
[ 2193.603931]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2193.604579]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2193.605217]  do_syscall_64+0x33/0x40
[ 2193.605687]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2193.606319] RIP: 0033:0x7f04ef0deb19
[ 2193.606779] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2193.609050] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2193.609997] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2193.610882] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 2193.611763] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2193.612638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2193.613537] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:25:06 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000ffff46e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:25:06 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400037421206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:25:06 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbdb606006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:25:06 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x7400, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:25:06 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb30535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2193.696837] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:25:06 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000200000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:25:06 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 72)

[ 2193.715382] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2193.726050] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.7'.
01:25:06 executing program 7:
r0 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000180)='.pending_reads\x00', 0x2000, 0x101)
r1 = syz_open_pts(r0, 0x30f02)
ioctl$KDENABIO(r1, 0x4b36)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$TCPDIAG_GETSOCK(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)={0x4c, 0x12, 0x501, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, {0xffff}}}, 0x4c}}, 0x0)
fdatasync(r3)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$TCPDIAG_GETSOCK(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)={0x4c, 0x12, 0x501, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, {0xffff}}}, 0x4c}}, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r2, 0xc020662a, &(0x7f0000000080)={0x5, 0x1, 0x0, 0x1, 0x3, [{0x908, 0x3, 0x9}, {0x8c, 0x6, 0x100000001, '\x00', 0x80}, {0x4, 0xa1d, 0x9, '\x00', 0xa00}]})
syz_emit_ethernet(0x46, &(0x7f0000000000)={@local, @remote, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, '\x00', 0x10, 0x11, 0x0, @remote, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, {[], {0x0, 0x0, 0x10, 0x0, @gue={{0x2}}}}}}}}, 0x0)

[ 2193.729781] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 2193.743994] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2193.743994]    program syz-executor.4 not setting count and/or reply_len properly
[ 2193.745201] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 2193.749241] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2193.749241]    program syz-executor.6 not setting count and/or reply_len properly
[ 2193.758053] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 2193.782857] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2193.782857]    program syz-executor.1 not setting count and/or reply_len properly
01:25:06 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x7a00, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

[ 2193.808874] FAULT_INJECTION: forcing a failure.
[ 2193.808874] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2193.811893] CPU: 0 PID: 27869 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2193.813467] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2193.815339] Call Trace:
[ 2193.815935]  dump_stack+0x107/0x167
[ 2193.816762]  should_fail.cold+0x5/0xa
[ 2193.817636]  __alloc_pages_nodemask+0x182/0x600
[ 2193.818611] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2193.818679]  ? __kmalloc+0x16e/0x390
[ 2193.820468]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2193.821836]  ? trace_hardirqs_on+0x5b/0x180
[ 2193.822817]  alloc_pages_current+0x187/0x280
[ 2193.823063] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2193.823805]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2193.823838]  sg_common_write.constprop.0+0x992/0x1a30
[ 2193.826998]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2193.828116]  ? vprintk_func+0x93/0x140
[ 2193.828995]  ? printk+0xba/0xf1
[ 2193.829746]  ? record_print_text.cold+0x16/0x16
[ 2193.830791]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 2193.831923]  ? trace_hardirqs_on+0x5b/0x180
[ 2193.832904]  sg_write.part.0+0x69e/0xaa0
[ 2193.833831]  ? sg_new_write.isra.0+0x770/0x770
[ 2193.834869]  ? find_held_lock+0x2c/0x110
[ 2193.835799]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2193.836972]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2193.838204]  ? trace_hardirqs_on+0x5b/0x180
[ 2193.839175]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2193.840408]  ? iov_iter_advance+0x1d8/0xec0
[ 2193.841390]  ? iov_iter_advance+0x1ec/0xec0
[ 2193.842368]  ? __sanitizer_cov_trace_pc+0x4/0x60
[ 2193.843440]  ? iov_iter_advance+0x23b/0xec0
[ 2193.844422]  sg_write+0x87/0x120
[ 2193.845194]  do_iter_write+0x4f0/0x700
[ 2193.846088]  ? import_iovec+0x83/0xb0
[ 2193.846962]  vfs_writev+0x1ae/0x620
[ 2193.847786]  ? vfs_iter_write+0xa0/0xa0
[ 2193.848693]  ? __fget_files+0x2cf/0x520
[ 2193.849600]  ? lock_downgrade+0x6d0/0x6d0
[ 2193.850534]  ? find_held_lock+0x2c/0x110
[ 2193.851456]  ? ksys_write+0x12d/0x260
[ 2193.852323]  ? __fget_files+0x2f8/0x520
[ 2193.853236]  ? __fget_light+0xea/0x290
[ 2193.854131]  do_writev+0x139/0x300
[ 2193.854935]  ? vfs_writev+0x620/0x620
[ 2193.855803]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2193.856990]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2193.858168]  do_syscall_64+0x33/0x40
[ 2193.859009]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2193.860163] RIP: 0033:0x7f04ef0deb19
[ 2193.861010] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2193.865211] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2193.866943] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2193.868556] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 2193.870183] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2193.871800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2193.873423] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:25:19 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r3 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$TCPDIAG_GETSOCK(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)={0x4c, 0x12, 0x501, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, {0xffff}}}, 0x4c}}, 0x0)
r4 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r4, 0xa, 0x0, r5)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x4, 0x0, @fd=r3, 0x0, 0x0, 0x0, {0x6}, 0x0, {0x0, r5}}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
setresuid(0xffffffffffffffff, r6, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r7=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r8=>0x0, &(0x7f0000000300))
setresuid(0x0, r7, r8)
r9 = fork()
setreuid(r6, r6)
prlimit64(r9, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

01:25:19 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400037a21206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:25:19 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000300000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:25:19 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddbb6535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:25:19 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x8100, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:25:19 executing program 7:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(0xffffffffffffffff, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0)
ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f0000000040)=<r2=>0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0xfc, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x7, 0x9}, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = dup3(0xffffffffffffffff, r3, 0x0)
r5 = perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x4, 0x3, 0x97, 0x0, 0x0, 0x9, 0x42, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x3, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x264b, 0x4, @perf_config_ext={0x5, 0x1}, 0x4080, 0x80, 0x8000, 0x3, 0x0, 0xfffff479, 0x9f0, 0x0, 0x961}, r2, 0xf, r3, 0x8)
dup3(r0, r1, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
sendmsg$TCPDIAG_GETSOCK(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)={0x4c, 0x12, 0x501, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, {0xffff}}}, 0x4c}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r4, 0xc0189378, &(0x7f0000000140)={{0x1, 0x1, 0x18, r5, {<r7=>r4}}, './file0\x00'})
copy_file_range(0xffffffffffffffff, &(0x7f0000000100), r7, &(0x7f0000000280)=0x9, 0x730cfda0, 0x0)
fcntl$setown(r6, 0x8, 0xffffffffffffffff)
fcntl$getownex(r6, 0x10, &(0x7f00000009c0)={0x0, <r8=>0x0})
pidfd_open(r8, 0x0)
r9 = perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0xffffffff81000000}, 0x0, 0x0, 0x1}, r8, 0x0, 0xffffffffffffffff, 0x8)
dup3(0xffffffffffffffff, r9, 0x0)
close(r9)
perf_event_open(&(0x7f0000000180)={0x3, 0x80, 0x6b, 0xaa, 0x0, 0xff, 0x0, 0x0, 0x1, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x3, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, @perf_config_ext={0x5, 0x401}, 0x20, 0x100000001, 0x1, 0x5, 0x1, 0x80000001, 0x2, 0x0, 0x1, 0x0, 0x5}, 0x0, 0x5, r9, 0x6)
write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a)

01:25:19 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0702006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:25:19 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 73)

[ 2207.398748] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2207.402586] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2207.402586]    program syz-executor.6 not setting count and/or reply_len properly
[ 2207.408700] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2207.408700]    program syz-executor.4 not setting count and/or reply_len properly
[ 2207.417582] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2207.417582]    program syz-executor.1 not setting count and/or reply_len properly
[ 2207.430298] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2207.434327] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2207.439893] FAULT_INJECTION: forcing a failure.
[ 2207.439893] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2207.442733] CPU: 1 PID: 27964 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2207.444212] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2207.445993] Call Trace:
[ 2207.446559]  dump_stack+0x107/0x167
[ 2207.447335]  should_fail.cold+0x5/0xa
[ 2207.448143]  __alloc_pages_nodemask+0x182/0x600
[ 2207.449123]  ? __kmalloc+0x16e/0x390
[ 2207.449937]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2207.451219]  ? trace_hardirqs_on+0x5b/0x180
[ 2207.452131]  alloc_pages_current+0x187/0x280
[ 2207.453069]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2207.454116]  sg_common_write.constprop.0+0x992/0x1a30
[ 2207.455220]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2207.456262]  ? vprintk_func+0x93/0x140
[ 2207.457084]  ? printk+0xba/0xf1
[ 2207.457805]  ? record_print_text.cold+0x16/0x16
[ 2207.458787]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 2207.459858]  ? trace_hardirqs_on+0x5b/0x180
[ 2207.460775]  sg_write.part.0+0x69e/0xaa0
[ 2207.461665]  ? sg_new_write.isra.0+0x770/0x770
[ 2207.462626]  ? find_held_lock+0x2c/0x110
[ 2207.463496]  ? __might_fault+0xd3/0x180
[ 2207.464336]  ? lock_downgrade+0x6d0/0x6d0
[ 2207.465223]  ? _cond_resched+0x10/0x30
01:25:20 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030030206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2207.466067]  ? inode_security+0x107/0x140
[ 2207.467155]  ? avc_policy_seqno+0x9/0x70
[ 2207.468005]  ? selinux_file_permission+0x92/0x520
[ 2207.469015]  ? iov_iter_advance+0x23b/0xec0
[ 2207.469953]  sg_write+0x87/0x120
[ 2207.470667]  do_iter_write+0x4f0/0x700
[ 2207.471486]  ? import_iovec+0x83/0xb0
[ 2207.472288]  vfs_writev+0x1ae/0x620
[ 2207.473051]  ? vfs_iter_write+0xa0/0xa0
[ 2207.473916]  ? __fget_files+0x2cf/0x520
[ 2207.474747]  ? lock_downgrade+0x6d0/0x6d0
[ 2207.475612]  ? find_held_lock+0x2c/0x110
[ 2207.476467]  ? ksys_write+0x12d/0x260
[ 2207.477270]  ? __fget_files+0x2f8/0x520
[ 2207.478139]  ? __fget_light+0xea/0x290
[ 2207.478962]  do_writev+0x139/0x300
[ 2207.479714]  ? vfs_writev+0x620/0x620
[ 2207.480518]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2207.481841]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2207.483180]  do_syscall_64+0x33/0x40
[ 2207.484136]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2207.485480] RIP: 0033:0x7f04ef0deb19
[ 2207.486403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2207.490569] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2207.492308] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2207.493948] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
01:25:20 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0705006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2207.495568] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2207.497369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2207.499005] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:25:20 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0xa801, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:25:20 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000900000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:25:20 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a0a5fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:25:20 executing program 7:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x4d4f, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040), &(0x7f0000000140)=<r2=>0x0)
r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
syz_io_uring_submit(r3, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
socket$inet(0x2, 0x2, 0x0)
io_uring_enter(r1, 0x100058ab, 0x0, 0x0, 0x0, 0x0)
ioctl$F2FS_IOC_DEFRAGMENT(r0, 0xc010f508, &(0x7f0000000100)={0x4, 0x2})

[ 2207.587698] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2207.587698]    program syz-executor.5 not setting count and/or reply_len properly
[ 2207.594648] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2207.594648]    program syz-executor.4 not setting count and/or reply_len properly
[ 2207.607131] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2207.621299] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2207.621299]    program syz-executor.5 not setting count and/or reply_len properly
[ 2207.641929] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2207.641929]    program syz-executor.6 not setting count and/or reply_len properly
[ 2207.654824] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2207.654824]    program syz-executor.4 not setting count and/or reply_len properly
[ 2207.668231] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:25:20 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000d00000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:25:36 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 74)

01:25:36 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000e00000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:25:36 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a255fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:25:36 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0709006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:25:36 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe024000300b6206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:25:36 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0xb910, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:25:36 executing program 7:
listen(0xffffffffffffffff, 0x0)
copy_file_range(0xffffffffffffffff, &(0x7f00000001c0), 0xffffffffffffffff, &(0x7f0000000200), 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x6)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000140)=ANY=[@ANYBLOB="040900000000", @ANYRES32=r0, @ANYBLOB='\x00'/16])
bind(0xffffffffffffffff, &(0x7f0000000040)=@sco, 0x80)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000180)={'sit0\x00', &(0x7f00000000c0)={'syztnl1\x00', 0x0, 0x4, 0x2, 0x6, 0x6, 0x4e, @private0, @private2={0xfc, 0x2, '\x00', 0x1}, 0x8, 0x80, 0x7, 0xe6}})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x400, 0x0, 0x0, 0xfffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x100001, 0x8)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)=ANY=[@ANYBLOB="480000001d00210c00000000000000000400020014001180809801a7b0c7dba09475f251c743092f2000008008000000", @ANYRES32=r1, @ANYBLOB="14000000fe8000000000000000040000000000bbbfc6473092fd29ccc79a49cd166de8c26e4c38e8d1a12d62af5cbec15f681853255322d448a5ba2c818b006f786cb2fdd32a2ccd510419622a9715108dcab2e2f1bc5d437c53f546b5af49935530e799072ec99bea52a1ac93ee0f9d2e9a438146f25788b61825d25b93979d6cb59429fc25ecd5420336b19beca877e57215f8d29cec731f2d9cf5607a3bcf3a11c88d0c7384de850606602cc74d41b275db1e864ab7aed71f19a629385dc6f44fffd300ca5cdd3ecfc76aef214d8e0b2bc3baf187"], 0x48}}, 0x0)

01:25:36 executing program 0:
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000100)=<r0=>0x0)
r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x7, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x13, 0x0, 0x0, 0x7}, r0, 0x400000, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000200)=<r3=>0x0)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r5 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140))
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r6)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0}, 0x0, 0x2201, 0x1, {0x0, r6}}, 0x8)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r1, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r7=>0x0})
setresuid(0xffffffffffffffff, r7, 0x0)
syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x8, 0x3, &(0x7f0000000400)=[{&(0x7f0000000340)="7fce93d86b33dc11", 0x8, 0x3}, {&(0x7f0000000500)="5cc2479d1c091d975b192cdaad92e839fda4169373dd962215be69bbdd3ef9d10598a628aa52ac9995c9ec0fa71e5da1744eb87a65b7e35fcf6c0a78f11d7321c02757042f160233e6a188242e70ac58050ed6f2bd400522d4d7dc4a6b96a543d7c815c910831326090ac948861fdc920b9440c764986ae5af4564611934ad910a56a69379f2f5bde99924260279f8d38457eb9807e0fe7390f149f9cb8caf1e45ca5099791f8e90215f08af548606cd60bfe30c400157c51513e98b3f1ef49cd38fca463db67710e76a5b9ad241dd9f4c8953a1dee6c113d220331820599babf086437e4afdcc59c9d15a9eca2a5ffc304e9cd27df55eb35bc727cf666a52b3f565f1ae1b19a734faa22cd3e16edc456a9532aad1b0bb2d04af00e25273a7718cb5035e826fbe742c2e852997e5b1d0ee97354a573257ea2862e2df9a313aa10fd6a40ec3e1199050f27d66849152248175d469a69cf38eb19fa209fe1d2540fa9cb03ad82c0b491e86c7af241dd94c7f6975209fe6f96e2082b327d6ad6606c52e146660d779160d597d76c3267f2805b08b2e3297b96ee867b4ee8e7d3b37cc99b9d1a001c8172293a335c6830c4367b8d8332ad7676ea1d988b2dfdeb59e4546e8ce675466b1c59e3d3bc41cb9279fc2704f2481f5c459d177206f9ae71023e02bf4563805dbd6893b216bba6519496df0fb357a3a3fc8a49e486e16aa427a6cf3195caaeae7c83005e0d208b06984050f74439a726f99585dd501dede89b0fbc69208c48420b0f83059770842c5267ca70cf49e19685a938337795a42869e4f1474352104cff6ab892e6f90894220dd697c79f6bd2bd361d058851769afe7c812f172c4344ea7de7a4f9be75722e5113023176f4e20088741a4ee1eefdee5259120734b7f8f380d915a46344eda557ea97a1e4336498217d16f9336483f505cb5ba4535ca9f0f718be35e3bd64045a28b7711a6239deffede0fcb6cc7e30b7d81e8b63efd71786a210ed2bc71c032850e4d66d13916f72900577072adc37e4556ea421a3fde5d7df77999676d6c670e7932d455ab95cc208207ad1ad9aae39907691ac30a5c9ed054f3cf75e30a025e79331ab46f00fbb2bc45ffc7a584f84f4c4d2abaaa59d9f4f32f16df7e2b12039ca478c9d85741e41151b312b3324b69faf20ac0f8e23ab4314e62d95673d43b21916a94d45f971d7af099c2437fa7128c8596202bb7ceff35b2c6615dd4441972e4a12df239fea8c0ccc34359e4d8e86fb292d5e47a4e8db1d98aa0eedd751a6fe953ca35a8f11aed2c8b80d55eb0f98d6c5b38d4863cff7d5501e65ac9b524c55c5739c47c3fb17b8901847cd0dcf6dd63a31cf04223b6ad022ca4b8464c819e21ceafac1ef32b92f8bb38c236ef47ec6f24e0e8476f759fc37def9ab27409748881fb892745126b86f7d59f390521e019339d6dcd297055498ab95d4062bccc31408232ac36268334d184132951ea2ce0878166359f38ee8061b8ee4446699f71cf207e032b501562cafeefa10b3df8f2dd7da4afe07c057c0c182cfca03b642f6c45ffc087d8fda0640c1cd1dfc7547e3c557c9d909dfd4df9492bc884b786cf20098fc4102bd43790a5ea0dcf0aab7aa8264da3312f0238d406087f6080f56351ac3e3e0ed2c52b33cc268c2d8a8fa50a579a2b537b495dbc15c2f63c1a7606631863a7e70c58026d6b964191c71538208b886b5ab901167159a761e20c19f4d2f23df8c9645b9c201c829e6cdea2116c4e3fe52c8586d82c0a1317b599c10bb25a2a6b5e40e533f9c52feb0e2ac4b9be4c9b9899d1f5cac1cd15e4dc9098f2c0573a5ccc087f21b5529d69bee4a483703ef3aa17573555f0424546ae603793b2c1975d5e9f8f5ef30e7c6c899c54e18b0efedc8123caafca376a56b08570cd48881371cf6383b397e5c20f96a7a47ff377a29e90dccccc1548171e2f58fb6f32ab5677504ce2fc149ece2417d005b18aca6269b9035beb160ed0fc116baf2444817e8f874381b54b883953e85b72ff24498e78f33f2027058a3ffac84e1cfa3adfb73249ce6ce31f00946a08c8a00c278ed032a71dbf1e63ca3fda5b04acb76512c486141b86c45aca3d7f4952bfaccab66d8c867b3de63c0ff9f8b8dcc7f5dba2f630ff1ab112580268c31142061c4386e1666bdc96e61a548ee410d4861bf382c8da4a145bf74e3d9ef2dbbaf43c0fb0995e137a0aacc66e98e9eb5c0573331d5de7d6a950f18eb379348d9bcf5b749a0806d3fe620c4e8ec0f176fd25d6dd143644efeda9c18469716f77919fa36ab5553de125ac0e6df52625cc62d9e5012523d8c414109d51287168085b3883f099e1f5af3ecd43b502e3148db641d4d109ce8eb9ce6525e905b0dc3a095e8ca2e8305e0b8dbf8dcd7784d98f4d8bdf4524091651f0e08534215b1ec21ccd584fb67c47cf461c652d4bc819228e98c015b653e15e7c544fc44ed80ee5067f55ddb3b5f6b616535acb63499dff3fb6105809f57b5f4ba671b2629b26834881d14c76ce4aab49776e281bf8a4de87496935a72ec972c3de0451b09620ac260ca7a77bee23934c2bcc50f59f81fff4aec72e4ca862c26f162bc8490c05c78d6e72c272028a6d5d827cfba2cb2ecd4fa682b69e056747b8325cd27e79cf1b3ab7e32279add015e5b76b8f994e4e0010835ffaa5112246614661610a5ee40970e64924f5d03b30fa6a01df966f1fc840efea4587f73f943e9dc052316f6cb1e298cde3d0e550b2837d305d545c6161aad7a715b65affc18f41577390871a8133cc7e57e7c29af21dbdf5cd4b3f8a76bd8b0004a52dcc94b2433004fb6fdfea2740228b781f0ce4b9686a5e954ae97a952ac3d65b423d3938cb9ee304b732f8723fda59e782e8bb8073abfbf25d64759f42bbb004a81719182c966ebc85016d7f9470f706d9d6e631e242ce908bf12458dd71b96c02023e191086968d75e9d3bfa1797d9bd92fdd0055523ac242c5e18f824a14b9a202a41e6fdb7e6466dc71d36bea0998047143de9e4cb1616289a3a256aa65eb53f8e470dc06a92d8c2908f44c92109303259c510d0dd0faf449410ee4196681dda7e580ebf8b458cbfcbb979c63854d8eca3ef74bec4e1222e56ad6b876e21915d53d5c450299cfc3d4f3004e425c6bf33c246e9eae4c99b5537d5a19cea47bc087ae02bb0f1e3fb348e6af417b99e59bdc0b62f5f833e80ffd962bfc112b5907d9db4adf526f0f7185f3d922ccab06ba4ecaf9c6991567de467f845184fe63fdd4d99b05a7cc57101f8042f791712d4c785d357d5ae236d6a890053faa264ae737523b81a690a79f70f8a4adbb256f63b8189274dce9e02a752889cffa827317387a847107b5d6e9c50d6361cfc0e3044e4b1c8c97f777094464ba3da1913761773422e2effc47810eafaf49fd25540fe744103d2cfc48ae8b1eb7bb7bdfb8f6c694b27cd656dcffbbd6af81a68b680c4a0468fde79a8087984b611a53018bb5d68270541d6ac7e23d2021badaef90e92abaf5c7d49be71dc3e4766049e86e8d399d6bcfffb9aa7ebfc363a33dc475b6f08118049aa68d5f7c88d59a86039025301ba9224829a355c1df2ef9e0e211a9b95d597a3da6cc71d32fca80378205057cdd0b5039299c825f794c03a86cc1feeff29790d3f20ce287dd0c42fb379ffae02aa06682555115c0cfd027ca234657ccf1bba5e03bdb901a062367841668ac9df1e33157e0a01223e7676329e2045bd2b8ed2f6dfa123a5e644f1e12d368fa1d6678b3fa547c7976c3f92a34a86b0e48a91664b1808839a6678d21026927564d015596d3b97231814ac0303917b9e7d4c7e905b79898a1e04b59f9955f2d6ab06973437c4b005cf86cb74c23eb05fcf8b521bd057ecd5185df76cc20c64388ce9b96fc7001281026b8310970ddec93298aab78a0f9adf4bfcea77c0abfa11c9b706d11b8f3718a1a14253820d4925a63276696715a4c88bf9797a4dcf9f7e6e715a25b140c6aa064d37e0cdca276422aea7cba9cd2dff000b9931ba7232c48adf2ada6af12a654c8371f88dce0d27b06422099996b654eabeccce252242a203217d10d15f0ad6084f428ef128ad1b67696b77c46bfbee692a739ec628de0d9356dbe95fcc40a32bba15be1903f1fe05853e4d295312a240a7b03a4517f8fa361832abdf55920f8314a15484772cce06ee076317fb3e4e75a0a1abab3ac2ef2625838f1ba8e815eaf43ac28b979637cb6ccf50a3af45445c1b2a959dd5b4c7d311a9711ba4c00db01352973f274d52acdded8c2f8b9b0b32fdd74ade929d4b227dc0781cf7cf969ca6f4f4e0773cbec21036e55ac387b0ad57b2e783aab8969ddd47c8300393d8aa9e15272936ce322a0dcdd77f7fb2a2d84da33c7f44b2fb0df96ba7c7347509eb3645dd0df1dda1ccac5f6484c3c7122dd9ed1a58b6c050296af6568c23cc0262edae5acc463cde47d8c920eb3e16180904e745f7218904d9482e7f0a6e3421e60dfaae258238bd0cbccfd928808a69210c7e45719303a000bf9b96728e646eaf4daa2cdc797d65c951c280bf8d1e93afe54b2995eaf1e69d15211ce1220c607cfc16e449db80800aa5088a6ebcdc9e0c3ff62befb227381e22e80f05fb76dcb09baddde0149699426477f49914285a7438e572bdd19ca232c2275ac7c6beb32feef0eadc4a211a87a11e1bf1a681edab42468e5ad35de7c559447eaa1ad9573768dc7516340a8811efe928102cd8ac36a1fad7238d7f5b2bd36d84e781f0c50e6b6e4a3a4e0de593b8b0e5a76203b106c5be16890813a758d38d7af3cbec78c3602d7f2791ec7692afd45d7c30ec57fbec67ec1a6bc49b4f920e7a61b1d81c5530e5b5101e95abb38103c84c285d443d8f4fa5206846c38c27872ada42e5c6fca2f4fc037ebac40432b9253d28d35f2d6c1bdf5f1f2b8097367293efba5316e2e2644c5233065950088cf588ed10758af08add0d17d913d6d69e6846af6ff84811ee0f3fe1b03ccd5c701152189dc77460c5e2e5e91edca18510474a2b13ab7f258d69f9daafa3903a254f55f6052453c18a9c15af3947301b2039b4d9cc6cd1e604c225e11b194494b9f82def6f3572620e6a5acb0bdd99cb60f4ccd02a98bf89393a0e60e01c29196f9d10729d33b2e5a63cecd78930635430dded76f89067fbba9e9db5b6e5b79fc8d83e8b7c89d08657a129e0287a43ea680461000996e611038122e8adeea91d797dfa2454b06a087d5509c319a3a51f28cb0cc132487a736c4da6fe0a137feb9c1bfea16513a0d9bd4db2c3dee42f0a893559092b463ccbc6e8259bfd735960675dd205c25c2bda386b7deb47dfa17e879753cd0ef68375aeb05f45d4d5c0a6bfb6e8c11890f4b6576fa23381b0fc68f2e29fb6873d152e9da26c635ed83e6405cfd458cec390ca4f1344ebc14cc8b1471661526682207ab5d467a62f33fc48a59ee68177c89cc801f4745d29394c3c93cfe394bc1fc1104ffe8ef1544e3211b00a18e53aaed1950bf71bab1312ee40642753cf35bd12b3c082870de210d1816022746f5493e2ae8a0571fb9d8c3efc0e62e317e2b3f2ad0b6dd524684a6a3d02883149bc3038e0f8271e9233c9b216a2510feaf9632bd852b7a317b8ad5c65f4d03d0082490e3899e545caa562f6fd569fd7db1a2873ce58d4ef9f3a6193f36805664561272294b7d143ea374d0567dad91fba22279d019f588a0396fb60a546d3cfb1014c75c32acf18a61960fd57c18a09ce980533e", 0x1000, 0x9}, {&(0x7f0000000380)="3a58e301b7305b4a920fdecb197e3f61ea0f7f58a377fb1b6050691565b45115555a6dff371d7e172bb47c2ec40ba061a9aa0ec3e5689bfda8ad741d63499e685bc5de5e8716c3070970325d79dde05c342690a253c90b9c45f0ef5c1bb4", 0x5e, 0x15e}], 0x1000400, &(0x7f0000001580)=ANY=[@ANYBLOB='dots,smackfsroot=\x00,subj_type=,uid>', @ANYRESDEC=r7, @ANYBLOB="2c00205cb31cf586be27bc9620af697febe5cd321a3b2c39d1ebc5"])
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r8=>0x0})
mmap$IORING_OFF_SQ_RING(&(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x0, 0x20010, r5, 0x0)
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r9=>0x0, &(0x7f0000000300))
setresuid(0x0, r8, r9)
r10 = fork()
setreuid(r7, r7)
prlimit64(r10, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

[ 2223.766881] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2223.766881]    program syz-executor.6 not setting count and/or reply_len properly
[ 2223.775955] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2223.801394] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2223.801394]    program syz-executor.4 not setting count and/or reply_len properly
[ 2223.806766] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2223.806766]    program syz-executor.5 not setting count and/or reply_len properly
[ 2223.815919] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2223.815919]    program syz-executor.1 not setting count and/or reply_len properly
[ 2223.825100] FAULT_INJECTION: forcing a failure.
[ 2223.825100] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2223.825205] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2223.827792] CPU: 0 PID: 28128 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2223.831378] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2223.833126] Call Trace:
[ 2223.833702]  dump_stack+0x107/0x167
[ 2223.834490]  should_fail.cold+0x5/0xa
[ 2223.835299]  __alloc_pages_nodemask+0x182/0x600
[ 2223.836289]  ? __kmalloc+0x16e/0x390
[ 2223.837077]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2223.838368]  ? trace_hardirqs_on+0x5b/0x180
[ 2223.839289]  alloc_pages_current+0x187/0x280
[ 2223.840219]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2223.841246]  sg_common_write.constprop.0+0x992/0x1a30
[ 2223.842359]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2223.843411]  ? vprintk_func+0x93/0x140
[ 2223.844234]  ? printk+0xba/0xf1
[ 2223.844933]  ? record_print_text.cold+0x16/0x16
[ 2223.845935]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 2223.847008]  ? trace_hardirqs_on+0x5b/0x180
[ 2223.847040]  sg_write.part.0+0x69e/0xaa0
[ 2223.847066]  ? sg_new_write.isra.0+0x770/0x770
[ 2223.847092]  ? find_held_lock+0x2c/0x110
[ 2223.847116]  ? __might_fault+0xd3/0x180
[ 2223.851599]  ? lock_downgrade+0x6d0/0x6d0
[ 2223.852490]  ? _cond_resched+0x10/0x30
[ 2223.853306]  ? inode_security+0x107/0x140
[ 2223.854185]  ? avc_policy_seqno+0x9/0x70
[ 2223.855041]  ? selinux_file_permission+0x92/0x520
[ 2223.856059]  ? iov_iter_advance+0x23b/0xec0
[ 2223.856968]  sg_write+0x87/0x120
[ 2223.857704]  do_iter_write+0x4f0/0x700
[ 2223.858533]  ? import_iovec+0x83/0xb0
[ 2223.859348]  vfs_writev+0x1ae/0x620
[ 2223.860129]  ? vfs_iter_write+0xa0/0xa0
[ 2223.860979]  ? __fget_files+0x2cf/0x520
[ 2223.861825]  ? lock_downgrade+0x6d0/0x6d0
[ 2223.862704]  ? find_held_lock+0x2c/0x110
[ 2223.863568]  ? ksys_write+0x12d/0x260
[ 2223.864391]  ? __fget_files+0x2f8/0x520
[ 2223.865239]  ? __fget_light+0xea/0x290
[ 2223.866072]  do_writev+0x139/0x300
[ 2223.866833]  ? vfs_writev+0x620/0x620
[ 2223.867643]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2223.868749]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2223.869853]  do_syscall_64+0x33/0x40
[ 2223.870641]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2223.871740] RIP: 0033:0x7f04ef0deb19
[ 2223.872531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2223.876430] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2223.878038] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2223.879558] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 2223.879819] debugfs: Directory '€˜
§°ÇÛ ”uòQÇC	!' with parent 'ieee80211' already present!
[ 2223.881057] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2223.881068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2223.881079] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:25:36 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2ab65fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:25:36 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000003000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:25:36 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030009206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:25:36 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0730006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2223.976603] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2223.976603]    program syz-executor.6 not setting count and/or reply_len properly
01:25:36 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0xf000, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:25:36 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 75)

[ 2224.062004] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2224.062004]    program syz-executor.5 not setting count and/or reply_len properly
[ 2224.072571] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2224.072571]    program syz-executor.4 not setting count and/or reply_len properly
[ 2224.084638] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:25:36 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a530abd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2224.121971] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2224.121971]    program syz-executor.1 not setting count and/or reply_len properly
[ 2224.134323] sysfs: cannot create duplicate filename '/class/ieee80211/€˜
§°ÇÛ ”uòQÇC	!'
[ 2224.136662] CPU: 0 PID: 28252 Comm: syz-executor.7 Not tainted 5.10.244 #1
[ 2224.138142] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2224.139898] Call Trace:
[ 2224.140459]  dump_stack+0x107/0x167
[ 2224.141237]  sysfs_warn_dup.cold+0x1c/0x29
[ 2224.142158]  sysfs_do_create_link_sd+0x122/0x140
[ 2224.143060] FAULT_INJECTION: forcing a failure.
[ 2224.143060] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2224.143168]  sysfs_create_link+0x5f/0xc0
[ 2224.147108]  device_add+0x703/0x1c50
[ 2224.147903]  ? devlink_add_symlinks+0x970/0x970
[ 2224.148910]  ? ieee80211_set_bitrate_flags+0x202/0x620
[ 2224.150034]  wiphy_register+0x1da6/0x2850
[ 2224.150924]  ? wiphy_unregister+0xb90/0xb90
[ 2224.151855]  ? ieee80211_init_rate_ctrl_alg+0x121/0x500
[ 2224.152988]  ieee80211_register_hw+0x23c5/0x38b0
[ 2224.154014]  ? ieee80211_ifa6_changed+0x4d0/0x4d0
[ 2224.155041]  ? net_generic+0xdb/0x2b0
[ 2224.155858]  ? lockdep_init_map_type+0x2c7/0x780
[ 2224.156873]  ? memset+0x20/0x50
[ 2224.157568]  ? __hrtimer_init+0x12c/0x270
[ 2224.158461]  mac80211_hwsim_new_radio+0x1d04/0x4290
[ 2224.159545]  ? hwsim_send_nullfunc_ps+0x80/0x80
[ 2224.160519]  ? hwsim_new_radio_nl+0x967/0x1080
[ 2224.161481]  ? memcpy+0x39/0x60
[ 2224.162197]  hwsim_new_radio_nl+0x991/0x1080
[ 2224.163138]  ? mac80211_hwsim_new_radio+0x4290/0x4290
[ 2224.164246]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1bb/0x280
[ 2224.165634]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xaf/0x280
[ 2224.167039]  genl_family_rcv_msg_doit+0x22d/0x330
[ 2224.168064]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x280/0x280
[ 2224.169465]  ? cap_capable+0x1cd/0x230
[ 2224.170309]  ? ns_capable+0xe2/0x110
[ 2224.171109]  genl_rcv_msg+0x36a/0x5a0
[ 2224.171929]  ? genl_get_cmd+0x480/0x480
[ 2224.172780]  ? mac80211_hwsim_new_radio+0x4290/0x4290
[ 2224.173885]  ? lock_release+0x680/0x680
[ 2224.174725]  ? netlink_deliver_tap+0xf4/0xcc0
[ 2224.175670]  netlink_rcv_skb+0x14b/0x430
[ 2224.176543]  ? genl_get_cmd+0x480/0x480
[ 2224.177380]  ? netlink_ack+0xab0/0xab0
[ 2224.178213]  ? netlink_deliver_tap+0x1c4/0xcc0
[ 2224.179172]  ? is_vmalloc_addr+0x7b/0xb0
[ 2224.180033]  genl_rcv+0x24/0x40
[ 2224.180729]  netlink_unicast+0x6ce/0xa00
[ 2224.181594]  ? netlink_attachskb+0xab0/0xab0
[ 2224.182558]  netlink_sendmsg+0x90f/0xe00
[ 2224.183432]  ? netlink_unicast+0xa00/0xa00
[ 2224.184346]  ? netlink_unicast+0xa00/0xa00
[ 2224.185248]  __sock_sendmsg+0x154/0x190
[ 2224.186094]  ____sys_sendmsg+0x70d/0x870
[ 2224.186951]  ? sock_write_iter+0x3d0/0x3d0
[ 2224.187839]  ? do_recvmmsg+0x6d0/0x6d0
[ 2224.188663]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2224.189778]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2224.190929]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2224.192077]  ___sys_sendmsg+0xf3/0x170
[ 2224.192910]  ? sendmsg_copy_msghdr+0x160/0x160
[ 2224.193893]  ? __fget_files+0x2cf/0x520
[ 2224.194744]  ? lock_downgrade+0x6d0/0x6d0
[ 2224.195632]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2224.196733]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2224.197880]  ? trace_hardirqs_on+0x5b/0x180
[ 2224.198788]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2224.199940]  ? __fget_light+0xea/0x290
[ 2224.200759]  ? sockfd_lookup_light+0x2e/0x180
[ 2224.201724]  __sys_sendmsg+0xe5/0x1b0
[ 2224.202528]  ? __sys_sendmsg_sock+0x40/0x40
[ 2224.203443]  ? __do_sys_futex+0x2bb/0x480
[ 2224.204333]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2224.205440]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2224.206534]  ? trace_hardirqs_on+0x5b/0x180
[ 2224.207448]  do_syscall_64+0x33/0x40
[ 2224.208236]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2224.209321] RIP: 0033:0x7f32a0d7bb19
[ 2224.210120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2224.214017] RSP: 002b:00007f329e2d0188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2224.215646] RAX: ffffffffffffffda RBX: 00007f32a0e8f020 RCX: 00007f32a0d7bb19
[ 2224.217157] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000005
[ 2224.218663] RBP: 00007f32a0dd5f6d R08: 0000000000000000 R09: 0000000000000000
[ 2224.220204] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2224.221719] R13: 00007ffc08cd689f R14: 00007f329e2d0300 R15: 0000000000022000
[ 2224.223261] CPU: 1 PID: 28255 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2224.224746] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2224.226597] Call Trace:
[ 2224.227166]  dump_stack+0x107/0x167
[ 2224.227948]  should_fail.cold+0x5/0xa
[ 2224.228761]  __alloc_pages_nodemask+0x182/0x600
[ 2224.229745]  ? __kmalloc+0x16e/0x390
[ 2224.230729]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2224.232369]  ? trace_hardirqs_on+0x5b/0x180
[ 2224.233542]  alloc_pages_current+0x187/0x280
[ 2224.234731]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2224.236037]  sg_common_write.constprop.0+0x992/0x1a30
[ 2224.237432]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2224.238785]  ? vprintk_func+0x93/0x140
[ 2224.239825]  ? printk+0xba/0xf1
[ 2224.240702]  ? record_print_text.cold+0x16/0x16
[ 2224.241967]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 2224.243133]  ? trace_hardirqs_on+0x5b/0x180
[ 2224.244099]  sg_write.part.0+0x69e/0xaa0
[ 2224.245063]  ? sg_new_write.isra.0+0x770/0x770
[ 2224.246284]  ? find_held_lock+0x2c/0x110
[ 2224.247166]  ? __might_fault+0xd3/0x180
[ 2224.248010]  ? lock_downgrade+0x6d0/0x6d0
[ 2224.248891]  ? _cond_resched+0x10/0x30
[ 2224.249716]  ? inode_security+0x107/0x140
[ 2224.250598]  ? avc_policy_seqno+0x9/0x70
[ 2224.251451]  ? selinux_file_permission+0x92/0x520
[ 2224.252486]  ? iov_iter_advance+0x23b/0xec0
[ 2224.253394]  sg_write+0x87/0x120
[ 2224.254126]  do_iter_write+0x4f0/0x700
[ 2224.254945]  ? import_iovec+0x83/0xb0
[ 2224.255746]  vfs_writev+0x1ae/0x620
[ 2224.256508]  ? vfs_iter_write+0xa0/0xa0
[ 2224.257354]  ? __fget_files+0x2cf/0x520
[ 2224.258206]  ? lock_downgrade+0x6d0/0x6d0
[ 2224.259071]  ? find_held_lock+0x2c/0x110
[ 2224.259932]  ? ksys_write+0x12d/0x260
[ 2224.260746]  ? __fget_files+0x2f8/0x520
[ 2224.261587]  ? __fget_light+0xea/0x290
[ 2224.262426]  do_writev+0x139/0x300
[ 2224.263173]  ? vfs_writev+0x620/0x620
[ 2224.263978]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2224.265084]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2224.266155]  do_syscall_64+0x33/0x40
[ 2224.266945]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2224.268028] RIP: 0033:0x7f04ef0deb19
[ 2224.268814] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2224.272665] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2224.274274] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2224.275786] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 2224.277277] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2224.278783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2224.280284] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
[ 2224.315621] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2224.315621]    program syz-executor.6 not setting count and/or reply_len properly
01:25:51 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 76)

01:25:51 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a5325bd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:25:51 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000003000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:25:51 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030030206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2238.650751] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:25:51 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040), &(0x7f0000000200)=<r1=>0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
syz_io_uring_submit(r3, r1, &(0x7f0000000000)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, r2, &(0x7f0000000280), 0x0, 0x0, 0x80000}, 0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
setresuid(0xffffffffffffffff, r5, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r7=>0x0, &(0x7f0000000300))
setresuid(0x0, r6, r7)
r8 = fork()
setreuid(r5, r5)
prlimit64(r8, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))
creat(&(0x7f0000000240)='./file0\x00', 0x1)

01:25:51 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x80000, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:25:51 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd07b6006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2238.672627] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2238.672627]    program syz-executor.5 not setting count and/or reply_len properly
01:25:51 executing program 7:
close(0xffffffffffffffff)
r0 = syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000014c0)='./file0\x00', 0x40004, 0x3, &(0x7f0000000f40)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x4000, &(0x7f00000004c0)=ANY=[@ANYRES16=0x0])
execve(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)
syz_mount_image$nfs(&(0x7f0000000200), &(0x7f00000002c0)='./file1\x00', 0x6, 0x3, &(0x7f00000006c0)=[{&(0x7f0000000380)="5bf3c8471b0d277a266a7d9f0d36a0b9619c76d5fcb79601f06bb1bc4ced58e0813103c8497695943daa761d665c0c6c9f9419b959d896c9318f1a77bb41779a5c40f7c9388f6f4e6072e8eb832899fadf06af226ea2de7de771f17f99346aac2e5b6b39078ca124c5a5a6e10ba18494c16e74a4b69ab66120e7ec639d4ae3096fa42851f7705c9fb0483d0e07c31984a0abb705948f6bf765c692bc35523dc6627869529871aa5dc6f909ab1d83b6a8b449102e0426d7eedc8924a23deeddfd379d89fc05485639f6775dd3", 0xcc, 0x401}, {&(0x7f0000000500)="9fbcdbfe97156b542cfa8ee7bb826fccd5083fe08d94cdd9b33c00e11c8faec5b1ac929ac3b0c28958a2e1d003de4e821754371aa59264e232f8d570cbbd1ae0c19129e7b9f67470d1fe8ddecd154d9d80bb1c631100cfd18208df5a565b1c49204f5317a8657dac65ebbca8a1679a819915aa25063c9b68a711a4be56b9ea9b2f4b9e6d48fbe9a1e7c53a5aed486f0c665941b3cd439203d9e1f6f233a6ef52b3aa6e6546e254fd90d318571e84a0dcf9f97310eb1293b9c2e8fbd07a19189d6b16a3689ae260d96c0dc3f1563f0e3431c5b90800be78753a2d9370ee8daa8432c24ad8566a6f403f645817a85e822cc7b12bd8da64aa0111e5", 0xfa, 0x80000000}, {&(0x7f0000000600)="e3ec9d700d937f31a5c21f8850ae2b0cfa4c1b16fe3e9ad7e043840c28cfbf2cefaccd756527887d9170bb70e60a70a29c473027cfe0a3392189a5c3e572fbf95dd2e0ea5c8cac2412b89ccd5df45724bf25b30750c0836136b81632baef213b294bd40d6b62cac387f27b24fc7c2f6b9f88974ea9a8225491e47f6a23448b7ca25c7eea111a736c98879dd5f7c2aa7208eae7091f41a027d7", 0x99, 0xffffffff7fffffff}], 0x1, &(0x7f0000000740)={[{',.'}, {}], [{@obj_user={'obj_user', 0x3d, 'ext4\x00'}}, {@func={'func', 0x3d, 'KEXEC_KERNEL_CHECK'}}, {@permit_directio}, {@fsmagic={'fsmagic', 0x3d, 0x6}}, {@dont_appraise}, {@smackfsdef={'smackfsdef', 0x3d, '/dev/bsg\x00'}}, {@fsname={'fsname', 0x3d, '/!)'}}, {@mask={'mask', 0x3d, 'MAY_EXEC'}}, {@uid_eq}, {@smackfsroot}]})
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x3f, 0x0, &(0x7f0000001e00)="171bb59f43f345f880c182f5b19d0540d4eef7a7c9892dc84daf27a1f9c10b733e9e6a22cecfe28425edd1e3b4a1c5129c3fdaf8183355e89e8db85115f0e7a4425d6981d40c5164c58cb111c164f196a47cf931af8eaccb9c9c5f928700aa774f2f2710d1537d387485e32961e85cce43c5db5f30558db9a52bb3cfa53bf4b3ea5a8487ff01fc1214fccc0554a0fd4a1fa57b042bc556c9085c4240d90f68a2a5b308cb38e805bd7f0769b069c94a1ce146d23fd0e353b3da6c7dc96219fa467ad9e53540c0e120cb7e98c0e94e5c6bfb61977dc0c084bd8c60410f2118ce977fa03b52597d6b24e6b89ccd05f08565b984f213962da46332cb799f4bf67c74c4ecec3ba03dbded9801869e18adfbcca47b53c530d83bac4fb6a8132674df6d831050dfc98f8116d9a901c6ad1edeae7e47d57bb23a0fef07e355349b505ce2584136270db48dacd481bb3f2cafea173d03156a5e8d602016c641c6a4a14e71e553543849cd1b3b27c2fb116be02b6aac024dc4eb9595532acec33e3e0317fe4060d4e5487c5b06787aca025c4ed408e76bbc4fa1026c65b4669c2dcd54404423dbd3976eb8a23fa2e4c91a4bd12f3743891de3e5b59ddc8e04e97cd6490ace43bc1937b7ae0dd99d7a0c0e637b1a737286eb1019d60d575540d139ee007123f963d79b5a362690c0bd46b97f6397723228c99f0b032c054d3138382c43fdc76f93e0c23a4ef1d49a10411cbf91672400c48a0c219e3deeb1b3153253424970594f12927ef3f045ed1ead964816a72c90cbb89a20a345fbb7de8084e5f645a027b1fa012e8a3aa9947aa6f0b313d01529283dfb844ee8ff015d0dcae26a180233f2a2585ea385e0e299bbf263aae12260dcfa1ec1779568eb4e64f4d37654690816251c93ce1abb41fbb278e00316b43e1b59ec189d65fa9330cbdff244f3166651ed905bf26732f266775d92bfebe4c01d0c82251a843fdb0177511af6487e666a9aee3762ed1161712d4b6433184d941f1c4a8d4467b304504ab249572f05cef60deb1215e82154214525d9ec4a91c974670260b0ff2fed03fe20c8e8053c263af3018711c0ac0db7e1a101765fde0e42d3b1a68e02cc4117d9a435b9d8e2fee5f9cacc02be086c4973fe80b0ae44d2f0ccd35202b17da62f2ecfaf17ae26cccc1e12188cc72bb453ac85756b5cff2419c5902ed2ee6c750e1af1e72f8895011564dd38413b800087fb2678dd37bc7e86b7d3309950d4978bade16642176533b0bcc3ad438d6e11ed151213b124d3b1de92d756a3be219e97304dc83ce66ef6744367a0a549397b4f6ff88fdd5b301a7bbc4c1dbc137ef8332d1cfee030d0381555564f4056ac02d613e2324661f581b42f8584ccb618df25b06b4f7b3158ae690464c7e84ae02dce53a7011d6017718a46afee7f7b9c88f04f127a19306e6c9c0bd6bb03efa213b61d4af1f71f48c6431ed9b625ed4fb0f633b7eb0c45a39a27798a5fb4679f464d253c20502d4a68eaf613a0da5a13493e8262fff1d3a8a8a98c260a7993723bece8ae324689e14f966b2a164591155cec8bd8c97232cb9304dc00df20a6887db62ada834e5488598c21857c7630ec3415ba4e69c14e900c911936c721de3ef24422f6f80e6fa831ec4bdd67f23e454d9271fa0859524c85abdfc062904d529c4588e36198510f973370c7b589a54a9689195262a7df8e22bcd31aefa29df618b32590c6e00390ad333316cde4a942fb66cae65987b0690ba6d0c2539f88f714919e906f652f707308561d022ce3de11f9ae45ebf434c6685f1ba2a156b16d03004ee2d265fef18b781f31f13f43cba38b0738403a7685b36032553ca4364fc0de4297ea035ad9c2b67107cec6676cf091ff6f944f56fc4175d6092988fcaf358e635b4e49829d1d10acecd70aa88075390db0963783af1c4397f33bd6f19fcc3e8e8d4e2850400d66b5828ee1ece7a0565b5f945c30536e5356ee883a7f9d36a7143afe17062081d8646b39789e846d2013d10da7353c744ffe63692f1ef398f918e666655876654a3c0e9250fdc260b7376f13e92d5325fb11a909f00aa5d292af923099645d15da9004b33f773481c5958cd3dd4536416af7e15a5b53bb2f1078de987e5a61489d7e266612c0268f44df66cc56d426e5b66ff7c34b665e2d81f13d2247244e4224ab385eb5d4a9a1301c4cc202363606e1ce6e7248ec45a1b76d397fa12ff73ae3e5b722f2bc1674704991131c5b0943c71a38f019a7943b4338018df566c7878825c488a525849f85a1de757eb8ef3929e667f0c7acbc379383fea8b58049f33a1c4e192925a19500f57a9a94cceb6787f01536f6803335c6937bb0c2a7993d6566f6c8e34ec8dbb80a132cd2c0aeca0dff6fe4cceada7155ce4518978984d2e07a14a8fb457bdf24d1e1589830eb7b414a1b2f39d87a798a91babe687287df47818d1f39dd3ebb8ce018537e2a70ee2f115726927e6a78a3bb8e9a428576228c475ed498a0a04da00b8137eacae00d275de0b7b3645d6c172740ff1e666b59567d24806896fde747d354e402d6460b163e9adbfbabec5dc6c1e22dc593e3693af89c531b8ae7ab6c9dc7c12f0b3a9e0aa63956aaead1a81301b9f6438dcf1199e51c65d3f7b88ee98923f5c1bcce26a22ac71b3a122884ee67734373704467595ad7a733924f473fcbc4391f3b34a9269058f24f79e67fd797e07df46d8fa2d98ebfdc9d6271c4353528ca06bee80e136e907ec59284563f14585daf6fddbf76fad7798d4c60137e06647d9b47a5c769d3b6eb9a9a12b96eb12009a9d83e5231c4d8fc1c2179d1d4ea2616efbbe0da35350ac79ed613e6cfc7df305a9fab49539a4acfc516eb8a8c75c936cf7efac621f0b18ef28b3899658771e69061302a4936f030b475c414a3863b2a2d718b676aff87158a0e698f97d904ed4960ec219b1bf2da522f2db2f35294c072fbd54d601b52f7a6d6b9f8244b36451b9153d81c310c4b17d179158879cd0fcb6973858091a868cb3125397f26ab6a1910fef2d1da887cefe3b458a13b2a7679a9762536c7cc1f93783406b4794b65681775178fdeb34baf66ed57c968aafdd8feb156bc127fd983329db4fd36c21d31cd457034d8f735a44a320af81d8ad7159ea906a5deea9e254983f3977daf1afee53be0e4b8eddf113c3012aee84bb4d69440c54347facf7d4f563f64509be8bd88f945412cfeed1667b1ccf0e3f4b2f00969b849c27f16ba9f884159d28d60bf5451da403599acd36d6b5c6b46e009177cdd7175646629092fef4fa65e44a39cb451d2e9f71ec0f2c8c9f670b02d8217b94f1b32f2418459bca8d06e81edd746e91e6295bfefeb9746245a03a582200ffc9e7b36fce8bfb0753e903dc878eb7537c2c903a51111ffc8196c0cd30bae40601b14316cb68428dc417a1a8368ef0a5d13b11ed31ae8a97b24a1a47c3a7b70a3b580bdc9355e35800f0058835fed8ba80f4b3cd97752d13bc0873e202b84d9fff4e89afbf33148cccf20716c60fd47590602607d861d317590c3bf5bb6cf55328e61703daa3c58f8bc07aa8f66402265361a5402239731ee148c758d1ba1a6a6970db4d1abc4809abef1e14940a322cdc8e0b2203b0d631ab30648be4f28a7641bbbaef6213346e626da0e8c5089e255ce0f354e61824a8200c33acd74335f7d8e8608f3bfbd9705af99be4fe08821c202a3b67cc2069a4447344537b7bc5640af3f52464de277d0e089e1758c12823f26e8b2262d9d35758ae11778f3a55d019e2cc88aba9c1f6957b04610c1540f2c81b62f234709b4558e34cdae43dbebdfab73cd70cac0be637348eddac1550cc47cd1b1c9154d30af95977a26922b57fe2e90dce4424284f6743fade98b4594d8f2c6c22378e315fc25705b9be2daa7be7f3dca2d9c1a96667b453c0ac11ee6cb491e40248859a3464f8570558d3f3ed4bcf32cd3dca6c9cfa312c338aa4c6fec17cbe6ac064f0eb2a4b60e6b215642ccd46dbf9cbf6156e70e4a83f7d94d0de24500739bd6336f76f8d5c35941261e231b1156301ddfd2a1c26513d5b532bb58c3d0b206e1d52548d29f7db202d1918b7b4c6536937ca62286a107d2987710a71af075ebf3214fe22c4cd0c27fa38f5fb19b4d184f36cd24c4313f5b1c905aaed38724e74bac65e960c8607393d80e5e47b4a971a7a0c55c26fdb6ba868ac409414033bc5b6107e3bd76ee6ffbd151ab3fb2ce9a89c5c26e3fd360f311086219c73235edf5420b9d628113b998cca5afed243379a7a0bf56773ff3c38bec38ba6f9d10e5154695ba0820c1768631c29c4b07e77682bddab347a809d04318e74e1ff8cda425ade28956e133eebc844c63d4b2c6dadd4e1bddd316226f6968af49ce35eb45baf1d6e7aacda63ac72e809c44b53d1ed82f2b2c7ea265299a638c553d6f1479c74ecee62d37f22e765cd9526678a15eca616fe33ab3e8be56249f5a6b2d6ca143f6975929ce6056fb3fdc2c62c9e7961f3a0776bd3bd8214c61f95d6ee7e9af9a9ab9cde8fefeb48f7b0de835dc7be3a4e2b214821e1841fbb59b1101fe306b7742e50d916c346e77dcca74489487809fd332e86d9feb7a827d117893f1d9fb38bf3a4c50564b54996f09004690bdef8a15ac634da892d40ea7f826661d477a825bf64e8b44ee379f76cce32e3c0ddaa6d4aa0802f5fb83cb93f53e6dfcd1fdc3b26c704bc2ce9bfb9a1715defbdc10e7a9a357c904cbbe34505d3e2a97d53ebef34a414d2eb2054910272f879962875f5058522ce6d86759adfacabb85dac5787c767ab2eff7f268d83748496a43f020911d72f9f06f9d7be549f01d4d24a7add913149a481e091499f073c82bca2c0399dda5a3adc639a40922212dd664bec98fb1ff4c809519476b85146ec417078e6c3b7c33fbd3b3e64bd4d1b9e8e35cb8ca2b84b3ffd01a128d41165d6734c4e81d656baf983ecce58883e565bd7f7ba1eeb55f343d626b1e11dcc214e10a283205e4fe7d8fb267e4f31ddd886a77089ceffe0c2bae1c26ad1c0540db0f8eef1b48b81d4b41ff74c1637f0e2462f9693cadb7687ff065f6541d3e35f13c975bc28621ac43acb5e0a45db3de4713e8d253f24706d8ddbd648ad9004a635d107ddf7d49c18141f23df281cb97cc977e77cef50b6172ee5c5e991b4945d1a3fb5d83522fbe23bbbf3b0b4f265640170e699d021b74542cdf2c22c7491ea2e42701f6c9b6e72abdb88772c4e2bfa8b370851dd98187734ae78d6824a567d76af43cedf5bb2fa2b1a92f7dd4c0c384833ddf555d5368b4262a4a10c09d3b495a46adbd28ad65389cbe273eb2e7ac44c90977ba7f778e390fef3a0cc1b4e6ae4c549fb5a965729a0c5eaecd176f4aaafe90a4c3ecd3ccfd7c4441e3f2dc52b9044e1ceb4f03802a43ef18db492d073e0c7b063200554a8980af76518cd8c8a2ace2993c6e9624086b6be8746696d227ca37cf1afdd371038e004f4fad5efa6f040372e7ff5595af6bb1cc0b83006768abd892d9d6ccd5066f7891b3be65fad4d972244c78fd0d566e7128f28f59b742a3a0bf0ff0c27b80f256bbd5236504521d27f6134159e5781fea137d800674b57822e5f5410a0315dcc201989af3", 0x7, 0x0, 0x0, {0x2}}, 0x2)
r1 = socket$unix(0x1, 0x1, 0x0)
fcntl$setown(r1, 0x8, 0xffffffffffffffff)
fcntl$getownex(r1, 0x10, &(0x7f00000009c0)={0x0, <r2=>0x0})
pidfd_open(r2, 0x0)
r3 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000280), 0x100, 0x0)
perf_event_open(&(0x7f0000000000)={0x4, 0x80, 0xcd, 0x81, 0x4, 0x3, 0x0, 0x0, 0x140, 0x8, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x3, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x7f, 0x1, @perf_config_ext={0xb199, 0xfffffffffffff1c8}, 0x40, 0x5, 0xffff, 0x6, 0x6, 0x20, 0x1, 0x0, 0x1, 0x0, 0x4}, r2, 0x7, r3, 0x8)
ioctl(0xffffffffffffffff, 0x3, &(0x7f0000001100)="7f89dc22902919803070")
syz_io_uring_setup(0x7184, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x40000000, 0xffffffff}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000001180), &(0x7f0000000240))
linkat(0xffffffffffffffff, &(0x7f00000001c0)='./file1\x00', r0, &(0x7f0000001400)='./file0/file0\x00', 0x0)

[ 2238.695009] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2238.698756] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2238.698756]    program syz-executor.4 not setting count and/or reply_len properly
[ 2238.700811] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2238.700811]    program syz-executor.6 not setting count and/or reply_len properly
[ 2238.712734] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2238.712734]    program syz-executor.1 not setting count and/or reply_len properly
[ 2238.724889] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2238.724889]    program syz-executor.5 not setting count and/or reply_len properly
[ 2238.733199] FAULT_INJECTION: forcing a failure.
[ 2238.733199] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2238.736075] CPU: 1 PID: 28282 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2238.737600] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2238.739434] Call Trace:
[ 2238.740024]  dump_stack+0x107/0x167
01:25:51 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0xe0ffff, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

[ 2238.741010]  should_fail.cold+0x5/0xa
[ 2238.741934]  __alloc_pages_nodemask+0x182/0x600
[ 2238.742979]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2238.744148]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2238.745340]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2238.746694]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2238.747916]  ? alloc_pages_current+0x20/0x280
01:25:51 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706000aff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2238.748920]  alloc_pages_current+0x187/0x280
[ 2238.750070]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2238.751156]  sg_common_write.constprop.0+0x992/0x1a30
[ 2238.752319]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2238.753428]  ? vprintk_func+0x93/0x140
[ 2238.754306]  ? printk+0xba/0xf1
[ 2238.755048]  ? record_print_text.cold+0x16/0x16
[ 2238.756093]  ? sg_write.part.0+0x8fc/0xaa0
[ 2238.757040]  sg_write.part.0+0x69e/0xaa0
[ 2238.757968]  ? sg_new_write.isra.0+0x770/0x770
[ 2238.758993]  ? find_held_lock+0x2c/0x110
[ 2238.759911]  ? __might_fault+0xd3/0x180
[ 2238.760797]  ? lock_downgrade+0x6d0/0x6d0
[ 2238.761745]  ? _cond_resched+0x10/0x30
[ 2238.762616]  ? inode_security+0x107/0x140
[ 2238.763537]  ? avc_policy_seqno+0x9/0x70
[ 2238.764440]  ? selinux_file_permission+0x92/0x520
[ 2238.765517]  ? iov_iter_advance+0x23b/0xec0
[ 2238.766498]  sg_write+0x87/0x120
[ 2238.767258]  do_iter_write+0x4f0/0x700
[ 2238.768133]  ? import_iovec+0x83/0xb0
[ 2238.768985]  vfs_writev+0x1ae/0x620
[ 2238.769802]  ? vfs_iter_write+0xa0/0xa0
[ 2238.770702]  ? __fget_files+0x2cf/0x520
[ 2238.771586]  ? lock_downgrade+0x6d0/0x6d0
[ 2238.772488]  ? find_held_lock+0x2c/0x110
[ 2238.773385]  ? ksys_write+0x12d/0x260
[ 2238.774225]  ? __fget_files+0x2f8/0x520
[ 2238.775109]  ? __fget_light+0xea/0x290
[ 2238.775984]  do_writev+0x139/0x300
[ 2238.776783]  ? vfs_writev+0x620/0x620
[ 2238.777639]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2238.778810]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2238.779960]  do_syscall_64+0x33/0x40
[ 2238.780534] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2238.780790]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2238.783156] RIP: 0033:0x7f04ef0deb19
[ 2238.783981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2238.788073] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2238.789745] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2238.791324] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 2238.792898] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2238.794478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2238.796051] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
[ 2238.802166] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2238.802166]    program syz-executor.4 not setting count and/or reply_len properly
01:25:51 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000009000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:25:51 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe024000300b6206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:25:51 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0xf0ffff, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:25:51 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a53b6bd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:25:51 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd07060025ff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:25:51 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x2, @perf_config_ext, 0x50102, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
ioctl$sock_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
syz_open_procfs(0x0, &(0x7f0000000080)='maps\x00')
open_by_handle_at(0xffffffffffffffff, &(0x7f00000000c0)=@GFS2_LARGE_FH_SIZE={0x20, 0x8, {{0x8000}, {0x0, 0x7, 0x100, 0x4}}}, 0x46000)
ioctl$SG_EMULATED_HOST(0xffffffffffffffff, 0x127c, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000080)='K', 0x1}], 0x1}}], 0x1, 0x84)
r1 = syz_mount_image$nfs(&(0x7f0000000240), &(0x7f0000000400)='./file0\x00', 0xffffffff, 0x3, &(0x7f0000000740)=[{0x0, 0x0, 0xfffffffffffff1f1}, {0x0, 0x0, 0x6}, {0x0}], 0x82024, &(0x7f0000000500)=ANY=[@ANYBLOB='/dev/vcs#\x00,/dev/vcs#\x00,euid<', @ANYRESDEC=0x0, @ANYBLOB="2c66756e633d43524544535f434845434b2c736d61636b6673666c6f6f723d002c736d61636b66736861743d2c7063723d30303030303030303030303030303030303031322c736d61636b66737472616e736d7574653d2a2f212c40ac272b5e262d2c5c79b02cfb55776e65723e8fd0251c760ccbb5d9a4118cda66a52ec6c67996c304bc3f79518150ee1eb517d59003958a6cb69b3ea7496a3e582d68d618f716a8a160676aed936fb5c6b9a9c3c368b6aa1c27720b686914a2a234ce9132395acdfa371c1da93483082fb00b3e91c1dcf144e9bff5d0d6efbc71f0c1813b6c4c21404d307fef54f39030b8504a3d46cee978ad4877839b743c9ab7af4c5d7619bfb06df78d8ee7bb4f56dc4e40fdb28511b94dcb3f074c128f59394f44737f59c06a0533c24d1f438039a13a57daf20285f7b092a8142101e849c90c1e40cc2df18e8ea3c23e19558facd431e3913624d10fadcea5d8b963e1", @ANYRESDEC, @ANYBLOB=',obj_role=\x00,uid=', @ANYRESDEC=0xee01, @ANYBLOB=',\x00'])
bind$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3}, 0xe)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
dup2(r2, r1)
sendmmsg(r0, &(0x7f0000001040), 0x3fffffffffffdca, 0x40)

[ 2238.933961] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2238.933961]    program syz-executor.5 not setting count and/or reply_len properly
[ 2238.943760] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2238.943760]    program syz-executor.6 not setting count and/or reply_len properly
[ 2238.950234] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2238.960602] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2238.960602]    program syz-executor.4 not setting count and/or reply_len properly
01:25:51 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 77)

01:25:51 executing program 0:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r0=>0x0, &(0x7f0000000200)=<r1=>0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r2, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
r3 = inotify_init1(0x80800)
syz_io_uring_submit(0x0, r1, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r3, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r6=>0x0, &(0x7f0000000300))
setresuid(0x0, r5, r6)
r7 = fork()
setreuid(r4, r4)
prlimit64(r7, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

[ 2238.979935] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2238.979935]    program syz-executor.5 not setting count and/or reply_len properly
[ 2238.987288] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2239.066078] FAULT_INJECTION: forcing a failure.
[ 2239.066078] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2239.067782] CPU: 0 PID: 28426 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2239.068680] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2239.069751] Call Trace:
[ 2239.070113]  dump_stack+0x107/0x167
[ 2239.070582]  should_fail.cold+0x5/0xa
[ 2239.071076]  __alloc_pages_nodemask+0x182/0x600
[ 2239.071675]  ? __kmalloc+0x16e/0x390
[ 2239.072161]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2239.072976]  ? trace_hardirqs_on+0x5b/0x180
[ 2239.073538]  alloc_pages_current+0x187/0x280
[ 2239.074166]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2239.074808]  sg_common_write.constprop.0+0x992/0x1a30
[ 2239.075532]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2239.076180]  ? lock_downgrade+0x6d0/0x6d0
[ 2239.076752]  ? do_raw_spin_trylock+0xad/0x180
[ 2239.077343]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2239.078060]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 2239.078714]  ? trace_hardirqs_on+0x5b/0x180
[ 2239.079284]  ? ___ratelimit+0x1fc/0x440
[ 2239.079792]  sg_write.part.0+0x69e/0xaa0
[ 2239.080328]  ? sg_new_write.isra.0+0x770/0x770
[ 2239.080914]  ? find_held_lock+0x2c/0x110
[ 2239.081438]  ? __might_fault+0xd3/0x180
[ 2239.081952]  ? lock_downgrade+0x6d0/0x6d0
[ 2239.082496]  ? _cond_resched+0x10/0x30
[ 2239.082987]  ? inode_security+0x107/0x140
[ 2239.083525]  ? avc_policy_seqno+0x9/0x70
[ 2239.084042]  ? selinux_file_permission+0x92/0x520
[ 2239.084653]  ? iov_iter_advance+0x23b/0xec0
[ 2239.085210]  sg_write+0x87/0x120
[ 2239.085652]  do_iter_write+0x4f0/0x700
[ 2239.086164]  ? import_iovec+0x83/0xb0
[ 2239.086650]  vfs_writev+0x1ae/0x620
[ 2239.087117]  ? vfs_iter_write+0xa0/0xa0
[ 2239.087622]  ? __fget_files+0x2cf/0x520
[ 2239.088129]  ? lock_downgrade+0x6d0/0x6d0
[ 2239.088658]  ? find_held_lock+0x2c/0x110
[ 2239.089178]  ? ksys_write+0x12d/0x260
[ 2239.089666]  ? __fget_files+0x2f8/0x520
[ 2239.090184]  ? __fget_light+0xea/0x290
[ 2239.090685]  do_writev+0x139/0x300
[ 2239.091150]  ? vfs_writev+0x620/0x620
[ 2239.091637]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2239.092306]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2239.092972]  do_syscall_64+0x33/0x40
[ 2239.093448]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2239.094108] RIP: 0033:0x7f04ef0deb19
[ 2239.094584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2239.096916] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2239.097888] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2239.098792] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000008
[ 2239.099691] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2239.100596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2239.101494] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:26:04 executing program 7:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x3ff, 0x0, 0x2, "77004a6efdff0000000008002600", 0x0, 0x40})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
syz_open_pts(0xffffffffffffffff, 0x0)
ioctl$KDENABIO(0xffffffffffffffff, 0x4b36)
mq_open(&(0x7f0000000000)='\r@\x00\xb7!\xf9Z\xbb,;\x7f\xc0\xa9J\xb3\v\xfb\x84\xaa\xb5\x9a\xa4O\xa8\xb5\xd2\x13/z\v\xae\xfc\xfek*D\xeb{\t\xba>\xe8\xe2\xba\x00\x00\x00\x00\x00\x00\xd0\x82,\x00\xb3\xf4a\xd8/\x90x\xb5\xd8\x04\x19u\xf9D\xb7Eq\xc1\xcee\xd9\b0\xec\v\xe3\x96\x1f\x80\xe4Nk\xa6\xe1\b\x97,\x8b/\x96\x9b\xdb&\xd1\xe3J\xd5\xaf\xe3\xfc\xde\xbe\xa0\x8b\xeb\xea%\x10eW\xf6\xa0J\xe51\xa4\xfesm\x96\x89\x0f\xea\xa6\xc02\xd4\xb8y\x83L\xc4\x93U\x15\x9b\f\x9b\xc3Z\xff\\\x9d\x83\xe6\xc7fc\xa9n\x8e\aV\xe8\xf9\xf9\xe4\v+~\xabu\xf9K\x1d9[\xcd\x9b;=6Q\x80', 0x3, 0x0, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
socket$netlink(0x10, 0x3, 0x0)
syz_mount_image$nfs4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, &(0x7f0000000480), 0x80000, &(0x7f00000005c0)=ANY=[@ANYBLOB="2a2c272c776732002c2f6465762f6e65742f70756e002c76657468305f766c616e002c2f6465762f6e65742f74756e002c2d4000b721f95abb2c3b7fc0a9dbc00bfb84aab59aa44fa8b5d2132f7a0baefcfe6b2a44eb7b09ba3ee8e2ba000000000000d07a64cc44f461d82f9078b5d8041975f944b74571c1ce65d90830ec0be3961f80e44e6ba6e108972c8b2f969b8f26d1b6d5bb90a82b2ad79149e34a0000000000000fffebea2d106557f6a04ae531a4fe736d96890feaa6c032d4b879834cc49355159b2c9bc35aff5c9d83e6c76663a96e8e0756e8f9f9e4fb0b7eab75f94b2c776732002c6f626a5f747970653d2d4000b721f95abb2c3b7fc0b94ab30bfb84aab59aa44fa8b5d2132f7a0baefcfe6b2a44eb7b09ba3ee8e2ba000000000000d07a58cc44f461d82f9078b5d8041975f944b74571c1ce65d90830ec0be3961f80e44e6ba6e108972c8b2f969bdb26d1e34ad5afe3fcdebea08bebea25106557f6a04ae531a4fe736d96890feaa6c032d4b879834c"])
r2 = openat(0xffffffffffffffff, &(0x7f0000000980)='./file0\x00', 0x268c40, 0x108)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
ioctl$VT_GETMODE(0xffffffffffffffff, 0x5601, &(0x7f0000000100))
dup3(0xffffffffffffffff, r0, 0x80000)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
vmsplice(0xffffffffffffffff, &(0x7f00000012c0)=[{&(0x7f0000000040)="e419543f032efb3a595ee221e7282adf96dd152ddadd85e86b27042523e46c1a2e59e001551d59fb0e3a8b9f7518845a691cfc955a788df69eb0d60da8fe9f7cbf350479a3e0ce8f96c20530b12a34ce604b789e3340356f82df62888dbd47df8ddd4697a0c4f315c59ed293f6835d59b4f289cd0dc166c057390afff64f53f0060c75d12ed9a0e3e72bf3bf94e2d06b2a660eb4ea61be4765af733de0318e726e40e8dcf8063e79d8e6011a6deceacfa68dc0d79fefc9809624dc94b41dcde0b710c3ed9a0efa707bfc699face9c6024ab10472caabcc4c43190643e867b77c4ebedeb574b6c326a7bc997ceb800dffda8ba83407087a6303ffbfc42e03b7c415e1639fbb5fc89602a23575f9b292251c2bd9935c642b6c63e93448f6abe106773b41362cdeeecc9a252abf6dfc42658cb2d8b6fcaa3171b15c98043af017458d8d0e80548932a767a9eea23c2cd84a9f5dff2d2c2328f4c918e9ce63757cd69013e3318b49d2f240a6aa112fe7ee631a6eac1e661b05673cadb597a1a24745750d4e6538888dfc05ced1e85ec47727eafd4c7f905ef2aa7dd17f78e82fc0e2e54b795ac880bfd735842dfc16bf18457dd0de1b630e92450d1b22aae69be82a3b3c2f9096ff4efe59d5d4b7a5b07090b5bd805461c072e1d799971848ca1e3304160728f7bb28bf4480b01f8387d142ecb2bab30295e9f91281ae44bbdc2fb1406a21a372ea75ea63b174dc852243533de7d66d0ad663d928c4d9096c4e53c4e130afd8a69395928f3a06c2a436f7ee21f66260269af17a5a9474e9f4ec5322f5abcd9ff7b7402efcfa57e5a854c348f115e87d49fa0f830b663bc7fb5432bc64f39d025c285d8252ac39d1f78e5412b3a640bd0e11323e1a45cccdf59b011cbdfb6f023cbf1613a1c74c2baf26fcb06172a3a8ddc57f2cacdcdc7ae7fe41365dee77f0605fee896c830130a21cfd202d5eeaac9bfeef41b6980dbaba5d9fa523c3687fdf562357e4e0af182d44f59d1cc50a3c52fdbfa63763d5cb06f9a0779d2b8eae2d02a35a0dca592bfb1835499a12caf28ab5038d6fb7bd905111f94083d48fb2b9400fc2e0139c1c31a5abd53f0141c0933b6a0c0f3f4629f95202fb6301d5707b0447ded6926386f332519d75e5a3798373dfd8ac957def295bb345acffabd616eac09937f310606a02ec2eae9edfd5a8721b432ebbbe86e95f18d82a54b4a3dc1290112540dc34798e794ee73d87fa668794c06b87f4307cd894cb4ef5dd6d9cfcdecc63450439c937018ecf95b16cac6d31c8703acb861bc66b8a3d70f2f8310f6de6d59b7f19a6bf49e1935c1ca3138954b7a1565164a51ff38e34118f76f66ef130e861a93ca2a8c1b914cfe2ce9ae4bd5f049a7750ba75896aab6a2a42c5dffac474094c33907d218a75eaab1f0d20ad212b8c43415abbfb1a94136d9372498c38129cb4d4506a57771062eff2c04b861ddd02bd82b719cfe7126f91d7bfe239c3e2e4f7ecd96ae3b8b8e3553731eee61e786eaaab50116655b37c0e9a35ac3223595cb50176fb9d9ff867b3ad6c00e3d31ae538cc3c9ab32d98cf4152bf1e5c7ef5a39743a92db256c000c1be7a40ecb8d6fe494882cc525a7f97152e8dfc1a24fa7149986773c7b6c1b05504078e773860d82ff8251d5af7399c35a923ec9c2dc2c71f73dbdf0f5d9f25ed3bf24193784d10627b6ed97cadd5315e79cb700ba763db2749f3f931a73475cf9d8728ad0b75b42e9ed8a3c57eb584d21f8eb1f75e2750c52776b725ebdc4e130708440ca7a151833432d1b47e79ecda0b7ffba91aa42cbde65e58dc28797fc00891628b43d01f566e32ef0f7a3a79e1cf48e4a36afd8c1aebc7acb7ecad1cace3d57e887127b7affde579e181e447928239d448f4e9d199a5c4855b00677e6e9850383aa1db17ed0713703b217487196ded7cc2c3e6b7026972e870f22ed98fd58d2a2a6bbe3bcc9196ab28165795703dc3c11fc24a39843c7ad46ac740221199a16dd5c7ba786073f41ab873b66c876ceec827af2c71389afa124b08951972de1b3f30cbe9814e08d3f3b739b153c8ca4e8253b8b92945dc09e82763eb5d2bc5016031762e580ba42288c57f9c12e26b9a65f410517aedf8d6da32941466f17e8cbf796799f3d7e1ede241625bce464417752be142206a2af47bb348da9690ed95d3b34a71f691630552e6113908f5b677829373a47a5bf817f4a8244a1d477cb40544a80575dcd56050166256d75f71c3cf43fd7a74eb3f7b0704576b8f669fa3e7f674802c13f461bfa0f014d411e1e2dc704c3d8fec3d716be74c836479dab873999fc5a33aba8341cf8262c0b14fb8c7ee0c4fb527a5fb7a64e0f9adcca22ba9df9730f5e5d54ee1291d434ebd4646d4912e23707ad76e92bab0da691af46cd19b4295643d7434ae3fe4d7d76b32fc77bd256e80c5f736864a78397312430a3a3a29b70371c8a95b43a7fb018bb8c11c852ce878f17217e93e862ff216eafa129e55e88072131630d16c31490f156b29ed3c2fb867b3c0fc3fe188490a3886aaee78f2a49bd9037029887939105c5da07b1726993f845d36fa1b8608a67cde248e0928d318349cdc735ea81c3cd52dab646bf8ca9c528c853bf3b16adf67b6d077e54efda81d112f857d43459be69a4c019aa13e12714c3ee7196fd4dda2446d1f416b94fe1e2c81e522c56533c1bf5cde972be08f01663a2e7c9f0ea487ce403816c4ffb30d1fddfb48278b300676749dc968ca9aa95aaae1919cb2e60d7f80756c4611788d48aab32e38f4d607702e9581fa97ceaf5ca4a16ebd67adf95c27e37c613a125ba35e9ca10daab1d6042afd85623c40ec9c132383c90c9b2c2696e340a449ebe58dcf5df4f3b75f04b322c1cac6211b6d2662386786a4272b549bf4d6bd7dc13aa67836f135501358bbd963a8a23780a5c12bd414e5a4fe11bd8f17a96f313d610d22b5972d697440e2d335df8316ccef0ecf7187c5999bc995a613fd5fd0ac8935cee897c1f7aef7dde2b2b906b9279d99c5776013d43330ba4e97729132a118c4334f2122648a5524d8e1c4bcc78c1512d5a5303f0ce1e7c70404e40c07b5ef527d9d8454fe806856123eb38aaf3f2e14233466d78e2ad3ed6de81ef57bbefc69fb9af566ad94c9eaf0cdb3fc324ee9f82ff63692b1cf8f7b0acd5b25345151f12c27032f6fb665c04a34333288e00dd5073f964eda4cdc7fe4c12e7a48118ecdc63167d18753e101b7c507b01f205a774780375e0dabcbd64e64562f0495501b65460f3ff2d624a212c162578374f7c1f0f06f6548931e92f6021aab1400290104d2cf16715dc02e42bb002160a4544b4ba9e58944536f5381291e60f629e21fe03ba3d1d5ae06f283e342b6c6836c8674b070e0cc3034a2cb5ba45ea2932b0dc24ef199233091d03565bd0bd1b7fe4ebe4ed62ac8e16979b3e10997d4fb29f286334e4d7ce20e932b70fdafa85a42758e714eee33653638cef88cb033cd515e9aa178ac7375c51fef07895c08ed0b3a51150aca4350d9360a313847fb517b6ade52bb9bc6738fec5aa1f93bb436b88c1fa9c611d3f685a6f860f832e59600ead15067217fe0c3501dad29f815f16c39af57cd1ab894d26276240b1828ac68042a75b92c34151cfa6cd05eedfdb3f2f4bcd40476eceb334c858e239d69df17565e92fe1a161e9848907b6557eb009c3d24879cdcb19e835612825f490d453123a83f9c9de8490791144bef3f7b6450445747c247f80003a2e65aa1c077012ae4bd65e5c1f425ec0d0573fddcdf475456e2d734959835ed20e8dfd4ef4932c42004557c409e09c43daf92651f63c40af8630df9e8e84578b5a628cfce5b328f115d2532469d2b4218ea87fe46d8d06616d6fab54cdfa32f14b76199bcfd21b13f8a72376f549874b118ceed00d4106450100f92c87dad3b93f03ead01f1a488362aa4fec5913c4d98e4aceba87214aa241f3727f64c52ce30383ca2a5b7115b67d4a5be7aaf817fc22f2a213d6612a598fa61086bfcc49126c8c7f6933f4fa51f1cc003732d51ab7d80b8c0ab7e77b51f96f4e1d866f29e7c09bef6ad687ace636e8c59232f929f3b1b19337f6a67bc79a4e09daa48b41f55f56b7bf3d5cb80b58b6786b41e1da2156449b224346fc21bd52ccb2d5512b8e210201e11dc09485828b2eda5f3586330dbe80135939d7d10c9eadfc1940d5c4566cdf35b4945e3ea3407dece97ef37fb98e9de9552c7b904c1ce06ff77d2cd0e738fe6a0d904de2964c794d87d70746579746d6a74fc6f708e609cff51be1228932165c2fcfe02ea845f5c0eab8b416604eded565c341a16a77993322ac8751b90715d1e75c37245c598e39a6b1272bd38c299ab93c34cac7cde6f01ca88b889f468721c8fe27d84eab5fdcede8cb0ecc7c102abc9f7dbc4c9e3d2d76ab3f8a4de79eba6427f62866ffe1660b92a43bb2933b60b9fd4b37dbb3ca612b802f5165f27315b2bd36be7ef5d0cd2c064ae8b26545978a7c8c03c8a8fde739f516928a387e71b034cc621add347e14bed5a485e75770a1279466de0c48e9e4377af75b23b320e7bc5c1264f6687c70a9b9f7191560c6ec0998a3b32f64ed7ce9a911e563aa956967cac766aa68ffa2464e0d281716cc5e72e5ac000985c2c0e6a905c444e63b79d391c74c60ba03b0915fbc1baf841c88706f665f77d4745532340e78fd3bb4989ec45783bdabf315d6de15fa38eb736efdcda493f7ae4c23e9b26291fd17e97cc4402d61eb34ec49a3f3ad057e268472cf3328d937d7e7a7b191fa02a75c3f44f512e0569c7a86314b74bdc50ca225dbaeca382bd97f462b2875a7bf8ccd96e1dfa3c882379b7559437c424408065986dd16c6649f7c80997518a76531ce798c74ce7ddfd8d030bc54bcfeae164336693b96b5c158fabadd3e96964065523e085e0dcb5f93ae8be31e2b2ca8fe5ba9c76383f6606ed11d07b29f194dc0c49e23a404f15a3b9ab6cf571aff668085eddc6599881a335d4e40cdc46f0f3a08249cf30878373ee3e5084729a6b444683f7541b49e65fa5cc3449655b628fae538b0e6af12b6dd64bdf348b1fd9d16e680d1043f0064642d937032a7b54ef892f913acd053f10d3536233b2019f9d8d3bf2933cb59136bbb39f82ad67cdf2bda565452eddb7ecf08b2905bd80238e18cc1f286967d57efcf9d32c89d2dc4dade997212d32681aa13160742444933e91776c3169a6b866927b81de4dc1b98cb29df47aea56571b46c5a795473d523855c7b190a311b0c0cf656dbebdefae64cd0b75e5f53fda5a2bef64d816a59298bd61c2b4385e97f1a04da0c026f811f2c141e66fe21f2ec313bfd1352ab517e93585f0aafb7ddaa5812c4abe5e9a537d5024622a8c7a4654ea161fd16724a5666aab94c2169e6748018d81c733e84da77654febc1541994de66dd6d0e8d7ecb89b1c132598a62422bbae1a79c6aa75137ac5ff8abdb95aadd53cfe9be4fdfdc55b4f16bf948e06d86d0061cdc30e45ed0144d92bb0b17b9cd7f7bcb47e6f22c534852c6b3b94d5353435df4d46a410f74a62550b6de1a3af3e2d56400de8766a05e3d873fb7671e3ff6370fb9a4d6464bc2944b1343fc56cb45615c1181e189bf5f9c9e7ad78ead49ac041c1b5e868c7fb4a1702bea97a78693379", 0xfffffe90}], 0x1, 0x0)
ioctl$KDENABIO(r2, 0x4b36)
vmsplice(0xffffffffffffffff, &(0x7f0000001140)=[{&(0x7f0000001200)='<', 0xffffffffffffff31}], 0x1, 0x3)
perf_event_open(&(0x7f0000001080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9}, 0x840, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup3(r1, r0, 0x0)

01:26:04 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2b}}, 0x10)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmallocinfo\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0xffe3)
r2 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x56a6}}, 0x0, 0x0, r1, 0x12)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000200)=<r4=>0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r5, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r2, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
setresuid(0xffffffffffffffff, r6, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r7=>0x0})
setresuid(0x0, r7, 0x0)
r8 = fork()
setreuid(r6, r6)
prlimit64(r8, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))
fsetxattr$trusted_overlay_upper(r1, &(0x7f0000000100), &(0x7f0000000240)={0x0, 0xfb, 0x94, 0x4, 0x1, "ce5daeaa5ccbb585d6798992e8357eff", "00b2032970d638c96cc7d7468f89ff995b03b31175dd9f0dc02b7741424a82f7fa908ad9217fa1c3a72e2515a41d5cd4929eba69184fd1ec39d6e1c2a8a0b88275cd19240dbea333654903a9cb81650ee7e8c16d141d03f7e8ab111c70fa8ec7572c971942555b262eb85dcca9559ca3da099c4ab191c0967bdc2c78678206"}, 0x94, 0x3)

01:26:04 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 78)

01:26:04 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x1000000, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:26:04 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c0455030002000000000d000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:26:04 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0406006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:26:04 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021036cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:26:04 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706026dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2252.245743] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2252.249673] sg_write: 1 callbacks suppressed
[ 2252.249692] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2252.249692]    program syz-executor.6 not setting count and/or reply_len properly
[ 2252.257260] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2252.257260]    program syz-executor.4 not setting count and/or reply_len properly
[ 2252.260582] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2252.260582]    program syz-executor.5 not setting count and/or reply_len properly
[ 2252.265763] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2252.265763]    program syz-executor.1 not setting count and/or reply_len properly
[ 2252.280213] FAULT_INJECTION: forcing a failure.
[ 2252.280213] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2252.283034] CPU: 1 PID: 28546 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2252.284556] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2252.286391] Call Trace:
[ 2252.286970]  dump_stack+0x107/0x167
[ 2252.287769]  should_fail.cold+0x5/0xa
[ 2252.288611]  __alloc_pages_nodemask+0x182/0x600
[ 2252.289627]  ? __kmalloc+0x16e/0x390
[ 2252.290451]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2252.291770]  ? trace_hardirqs_on+0x5b/0x180
[ 2252.292718]  alloc_pages_current+0x187/0x280
[ 2252.293682]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2252.294756]  sg_common_write.constprop.0+0x992/0x1a30
[ 2252.295891]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2252.296977]  ? vprintk_func+0x93/0x140
[ 2252.297824]  ? printk+0xba/0xf1
[ 2252.298551]  ? record_print_text.cold+0x16/0x16
[ 2252.299568]  ? _raw_spin_unlock_irqrestore+0x25/0x40
[ 2252.300685]  sg_write.part.0+0x69e/0xaa0
[ 2252.301574]  ? sg_new_write.isra.0+0x770/0x770
[ 2252.302580]  ? find_held_lock+0x2c/0x110
[ 2252.303470]  ? __might_fault+0xd3/0x180
[ 2252.304335]  ? lock_downgrade+0x6d0/0x6d0
[ 2252.305249]  ? _cond_resched+0x10/0x30
[ 2252.306111]  ? inode_security+0x107/0x140
[ 2252.307012]  ? avc_policy_seqno+0x9/0x70
[ 2252.307898]  ? selinux_file_permission+0x92/0x520
[ 2252.308946]  ? iov_iter_advance+0x23b/0xec0
[ 2252.309891]  sg_write+0x87/0x120
[ 2252.310644]  do_iter_write+0x4f0/0x700
[ 2252.311498]  ? import_iovec+0x83/0xb0
[ 2252.312330]  vfs_writev+0x1ae/0x620
[ 2252.313125]  ? vfs_iter_write+0xa0/0xa0
[ 2252.314000]  ? __fget_files+0x2cf/0x520
[ 2252.314864]  ? lock_downgrade+0x6d0/0x6d0
[ 2252.315766]  ? find_held_lock+0x2c/0x110
[ 2252.316656]  ? ksys_write+0x12d/0x260
[ 2252.317495]  ? __fget_files+0x2f8/0x520
[ 2252.318379]  ? __fget_light+0xea/0x290
[ 2252.319231]  do_writev+0x139/0x300
[ 2252.320009]  ? vfs_writev+0x620/0x620
[ 2252.320841]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2252.321990]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2252.323114]  do_syscall_64+0x33/0x40
[ 2252.323923]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2252.325037] RIP: 0033:0x7f04ef0deb19
[ 2252.325847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2252.329856] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2252.331519] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2252.333076] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 2252.334632] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2252.336181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2252.337733] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:26:04 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706036dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:26:04 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c0455030002000000000e000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:26:04 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r0=>0x0, &(0x7f0000000200)=<r1=>0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r2, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
r3 = inotify_init1(0x80800)
syz_io_uring_submit(0x0, r1, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r3, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r6=>0x0, &(0x7f0000000300))
setresuid(0x0, r5, r6)
r7 = fork()
setreuid(r4, r4)
prlimit64(r7, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

[ 2252.418892] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2252.418892]    program syz-executor.4 not setting count and/or reply_len properly
01:26:04 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021076cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:26:04 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0806006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:26:05 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x2000000, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:26:05 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000020000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2252.554027] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2252.574797] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2252.574797]    program syz-executor.6 not setting count and/or reply_len properly
[ 2252.591034] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2252.591034]    program syz-executor.5 not setting count and/or reply_len properly
[ 2252.596331] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:26:17 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021096cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:26:17 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706046dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:26:17 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x3000000, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:26:17 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0)
r1 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
openat2(r0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)={0x234402, 0x10, 0x12}, 0x18)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000200)="af", 0x1}], 0x1)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
fallocate(r2, 0x0, 0x0, 0x8000)
pipe(&(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
getresgid(&(0x7f00000010c0), &(0x7f0000001100)=<r5=>0x0, &(0x7f0000001140))
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
mount$9p_fd(0x0, &(0x7f0000000400)='./file1\x00', &(0x7f00000000c0), 0x400, &(0x7f00000008c0)=ANY=[@ANYBLOB="7466646e6f3d91766a37cf21a6cbf6408f8e255c6d23c28017b5ec855e53da4c0e27028ae427a280d517846e6e535d865aefa6189037e140538b0b8ebdac375ba991584c1a6c8f5b1ca3d28f1a4416bbb6ee723064fbdecb1a8f6119b4ae8b14e15c46fd60d50f046cc3de728aad4bdf80e358ec2d6969f8e4d596c89cba8f5999a546e0ca32493ce94e3b32c17fbe7c395040af1b90cfef", @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB=',loose,access=', @ANYRESDEC=r6, @ANYBLOB=',debug=0x0000000000000fff,nodevmap,cache=loose,dfltgid=', @ANYRESHEX=r5, @ANYBLOB="2c616669643d3078303030303030243030303030303334352c002d7256e4577ae496d1ccba65c64be2a9cecdf5fbd2ca5df5707629e5f5ac00000060bd8ff1cf5cc521637a45a684e6bbf9b96a25dc40fccbe86c83da8dbd9beaadf8a3eebfa9d071c8fcf96baf0ed5aca8b2ebb757186ef82857fd6e1ed559dfc0ff9689be8c24908993f5a05e80d02e88d8797a08ca7de6a3a77df2371bf5d2b6d3935d4b4736cd776bab88b632eff82022253aa12ebf68fd67f0d9356de92ed9f888b76e19730ec53b0134028f2fbbc8c3f2230523737c27c9606614b896ae6e0759796947ca6b6383f7b3ef58f775f7a9866437bf7a0000010000000000acd8185b6de54329d1b534b17f145b2357a37acc7f0f04ee8b34e990e54872eacd789d375131fa0200064c03777de8da255c3eacc9898a1e9dc4afdd62d7"])
r7 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r7, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$TCPDIAG_GETSOCK(r7, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)={0x4c, 0x12, 0x501, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, {0xffff}}}, 0x4c}}, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r8, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$TCPDIAG_GETSOCK(r8, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)={0x4c, 0x12, 0x501, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, {0xffff}}}, 0x4c}}, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r7, 0xc028660f, &(0x7f00000002c0)={0x0, r8, 0x2fe, 0x2, 0xfffffffffffffffc, 0x80000000})
fstat(r1, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
fsetxattr$system_posix_acl(r0, &(0x7f0000000140)='system.posix_acl_access\x00', &(0x7f0000000540)=ANY=[@ANYBLOB="02000000010004000000000002000400", @ANYRES32=0x0, @ANYBLOB="040007000000000008000200", @ANYRES32=r5, @ANYBLOB="08000300", @ANYRES32=0xee01, @ANYBLOB="08000300", @ANYRES32=0xee00, @ANYBLOB="08000100", @ANYRES32=0xee01, @ANYBLOB="0800060007d8b2050ec0fea000000000000001b81cb59a1d095eca9d0ca724982d0d814725c1d9213e286ce901696afadebccd3be2c12c15ed8fabe4e25fe164d61c412ce56d35a511cb35e24fab1ccc95076cc06a14fc255d0e656bc240168e05b4e67fc1bcc64115cc67df2ab23f9f0c0c5c27def57293aa94804b8e", @ANYRES32=r9, @ANYBLOB="10000000000000002000050000000000"], 0x54, 0x2)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000040)={0x0, r1, 0x2, 0x0, 0xfffffffe})

01:26:17 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getresuid(&(0x7f00000001c0)=<r6=>0x0, &(0x7f00000002c0)=<r7=>0x0, &(0x7f0000000300))
mount$9p_unix(&(0x7f0000000100)='./file0\x00', &(0x7f0000000240)='./file0\x00', &(0x7f0000000280), 0x1000000, &(0x7f0000000340)={'trans=unix,', {[{@loose}], [{@smackfsroot}, {@appraise_type}, {@uid_eq={'uid', 0x3d, r6}}, {@uid_gt={'uid>', r6}}]}})
setresuid(0x0, r5, r7)
r8 = fork()
setreuid(r4, r4)
prlimit64(r8, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

01:26:17 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 79)

01:26:17 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000030000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:26:17 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd3006006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2265.217470] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2265.217470]    program syz-executor.4 not setting count and/or reply_len properly
[ 2265.238871] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:26:17 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706056dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2265.250762] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2265.250762]    program syz-executor.6 not setting count and/or reply_len properly
[ 2265.254712] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 2265.265583] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 2265.270592] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2265.270592]    program syz-executor.1 not setting count and/or reply_len properly
[ 2265.275070] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2265.275070]    program syz-executor.5 not setting count and/or reply_len properly
[ 2265.290032] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 2265.291841] FAULT_INJECTION: forcing a failure.
[ 2265.291841] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2265.294818] CPU: 0 PID: 28695 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2265.296411] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2265.298334] Call Trace:
[ 2265.298943]  dump_stack+0x107/0x167
[ 2265.299234] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 2265.299784]  should_fail.cold+0x5/0xa
[ 2265.299812]  __alloc_pages_nodemask+0x182/0x600
[ 2265.302766]  ? __kmalloc+0x16e/0x390
[ 2265.303621]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2265.305008]  ? trace_hardirqs_on+0x5b/0x180
[ 2265.305998]  alloc_pages_current+0x187/0x280
[ 2265.307021]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2265.307426] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 2265.308138]  sg_common_write.constprop.0+0x992/0x1a30
[ 2265.310350]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2265.311473]  ? vprintk_func+0x93/0x140
[ 2265.312358]  ? printk+0xba/0xf1
[ 2265.313112]  ? record_print_text.cold+0x16/0x16
[ 2265.314178]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 2265.315318]  ? trace_hardirqs_on+0x5b/0x180
[ 2265.316313]  sg_write.part.0+0x69e/0xaa0
[ 2265.317241]  ? sg_new_write.isra.0+0x770/0x770
[ 2265.318296]  ? find_held_lock+0x2c/0x110
[ 2265.319216]  ? __might_fault+0xd3/0x180
[ 2265.320112]  ? lock_downgrade+0x6d0/0x6d0
[ 2265.321065]  ? _cond_resched+0x10/0x30
[ 2265.321939]  ? inode_security+0x107/0x140
[ 2265.322890]  ? avc_policy_seqno+0x9/0x70
[ 2265.323818]  ? selinux_file_permission+0x92/0x520
[ 2265.324905]  ? iov_iter_advance+0x23b/0xec0
[ 2265.325882]  sg_write+0x87/0x120
[ 2265.326657]  do_iter_write+0x4f0/0x700
[ 2265.327540]  ? import_iovec+0x83/0xb0
[ 2265.328409]  vfs_writev+0x1ae/0x620
[ 2265.329239]  ? vfs_iter_write+0xa0/0xa0
[ 2265.330143]  ? __fget_files+0x2cf/0x520
[ 2265.331041]  ? lock_downgrade+0x6d0/0x6d0
[ 2265.331988]  ? find_held_lock+0x2c/0x110
[ 2265.332913]  ? ksys_write+0x12d/0x260
[ 2265.333785]  ? __fget_files+0x2f8/0x520
[ 2265.334696]  ? __fget_light+0xea/0x290
01:26:17 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x4000000, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

[ 2265.335581]  do_writev+0x139/0x300
[ 2265.336549]  ? vfs_writev+0x620/0x620
[ 2265.337419]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2265.338616]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2265.339783]  do_syscall_64+0x33/0x40
[ 2265.340629]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2265.341786] RIP: 0033:0x7f04ef0deb19
[ 2265.342638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2265.346834] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2265.348561] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2265.350187] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 2265.351804] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2265.353416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2265.355064] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
[ 2265.362076] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:26:17 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbdb606006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2265.370900] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2265.370900]    program syz-executor.4 not setting count and/or reply_len properly
01:26:17 executing program 7:
kexec_load(0x3, 0x2, &(0x7f0000000300)=[{&(0x7f0000000200)}, {0x0, 0x0, 0x0, 0x4}], 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
flock(0xffffffffffffffff, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x0)
openat$rtc(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_RM_DEV(0xffffffffffffffff, 0x5000940b, 0x0)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000001780)={{0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1a}}, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x0, {0x2, 0x0, @multicast1}})
r1 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2b}}, 0x10)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmallocinfo\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffe3)
ioctl$SCSI_IOCTL_SEND_COMMAND(r2, 0x1, &(0x7f0000000180)={0xe1, 0x0, 0xfee, "7e6aee61c05822b476076c46533c3cf598d0688e816a2eeb364baca30a6c708cb2c7baf5680a99c45a6d4c92db77e532d553f133ea57a181bbce301a4c33df3632727c4d6d74fdd542c74946f7e8baaa6686982e34c71c21fece6415b5749dec7e378ebeac902941f2e1b61611ee9de4361b6e6dfbac8b943f4ac0d2dd2efed084ca786c83c603eb77b4f2907463f9337b0a7649ac2d071fe4f6d0fafec83c4e1603c3bfa2537d33404acb331146d2322ee405483b041482d2ccd9c4eff53c8bc4ed8e3aa79df6106bc1aa874c5ead11714908e1e9fd0e7e7bfc5570b2ee2d22de"})
ioctl$FS_IOC_MEASURE_VERITY(0xffffffffffffffff, 0xc0046686, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(0xffffffffffffffff, 0x2405, 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000380)='./file0\x00', 0x0, 0x4, &(0x7f0000000440)=[{&(0x7f0000000040)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {0x0, 0x0, 0xffffffffdffffff8}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000011600)="ed41000000080000dff46552e0f4655fe0f4655f000000000000040004", 0x1d, 0x2100}], 0x0, &(0x7f0000000140)={[{@noacl}]})
creat(0x0, 0x0)

[ 2265.397873] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2265.416604] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2265.416604]    program syz-executor.6 not setting count and/or reply_len properly
01:26:17 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe024000300210a6cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:26:17 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000100010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:26:17 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706066dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2265.482109] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2265.482109]    program syz-executor.5 not setting count and/or reply_len properly
[ 2265.490181] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2265.490181]    program syz-executor.4 not setting count and/or reply_len properly
[ 2265.533900] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2265.533900]    program syz-executor.5 not setting count and/or reply_len properly
01:26:32 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0}, 0x0, 0x2201, 0x0, {0x20}}, 0x5)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r6=>0x0, &(0x7f0000000300))
setresuid(0x0, r5, r6)
r7 = fork()
setreuid(r4, r4)
prlimit64(r7, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

01:26:32 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x5000000, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:26:32 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021256cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:26:32 executing program 7:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(r0, &(0x7f0000000140)='./file0\x00', 0x181000, 0x145)
lsetxattr$trusted_overlay_upper(&(0x7f0000000980)='./file1\x00', &(0x7f00000009c0), &(0x7f0000000a00)={0x0, 0xfb, 0x1015, 0x1, 0x2, "f7eae3f6bc3f643d093a5e4af63102e4", "26ac1cb8ce8d247c2f30d797140684b71f567768951dff9c74bfc81759eb8f1a03b65bbae5b23c9a194b8411aebe7988256ae2636e05c0d20fcc425d83e484a36a57dd7f1b8646380f2124410771a745172441d50cb20a121c8764be9fd2502b473f23204fbd2ae1d11c2718261e92c9d2741287a1e40fdc04bf77b905e2fac58dc2d2d484e9c2ffff0ebb6cd427f4e44dea7b21067b939f166d126a562a9977e0db473e277b8ea78d22efc63c2b737d71e5f4997ac818a91cd803caa39d3261cb8348848b8cc9329449bd2e7d77c13ef70e6fd1d7513ad20e3f4a0c883187b18f0a846502ad30d5772c9bdbbc402e8971b7737f1edd7b5bfb03ee758b4c3d849daab1b1a76fd7cd95cc97880c79ca1e837a9e50a2252ea638fe61f1e348e5bbea92d2c5d60a1ad5de3c080e0f42a53a808a4f89eeaccf5d99e8b09ac6235b66065cf9a10ffe2e01c5f183586f728268d985c64b7ac712da785ae2f61f356f78cae19dad58d2b5f589d179f53203cb83a752b56dcd7dc449c5c8ed2216ee5be0e0d537d22af462421c4e8baaca4bb52df471c71a1088fd44d1cce77f5cca6380a93a78b5c8a472a40ad71799b7b4d8abe829e42927258a0d2389785f792b59965c29153ed8cba5756f26ae09576fe088654d9f64ea426fb30a33ba4533b11199b871ec0a0ad6efab3c8134bad9892f7bebc9bd09ac9746e2b22af75dff08874a64dc777151b889ea50deadd9ca9625e45c1cf59fa9a07d88125eebc20c1438e02763a66d0905f9ea37ccc75063b3598551edd427d4f60b3f0573a50c00a31b8b457127c3d65f72879f6b6a8f67be0d3e5dc39c5edf18398d4cbb23853c5b20a915f63e94d89f44420a50f1f6fca4ed8fce424932ca586e2ab551e9d3e0c21dcf3a020d9b200917dd954ad99ce09076814bc239a5d7eac6720f5fac0f8f4fef1f84d1f0e3a156c10c65f60deff004107aa4ea108568d3b68f2b6f95b76c07e020ea0c4a33e651075c2a4ba19e7e0bf42b0a6eb1b623e8a7aa35e6dfb4ec51346d4a3721234dad416ec1c5a08e6d28965e843392f3869e7605184feb8ae5730010573207e4843b3fd404a1f134897386f8305976f23a6961a5c253a85176fcf8f068a5a0812c73d312d1cf8d693ace5330ee97357ebe44d8072982d84f82eb64e88fd552d7d504cb836ba04e614d2e2d8d43b8f045a151bb6d8a8ee1f5dca442aae80e7443ceb6e6ce5ae34330ff077aa324b346e1ba07457c406c42d53fe25fd722a108203de52d4d66bd60f81586fc9e59898cfc47ef66b0c645e4a0bf3cf67dde446448a406ec8b6492b71c8111b7c8a54a1d6baab330396647ec2d24607cdb5c419869571dc94061a564c8ba388b8772a07917b0aa9acd25176db88ddaecd5004241dbab862bc4f8c191aa00a17e28df125231ac4bf1133aa945fc59d0a83f99fde95b97f94380dd30e8a23fbd1ee9393b5c2e0a0f49635d7c016a5fe209e32245984ebde0dfd0cb715dffc057845d3d07098bc39c26de468b15c01b4b680ca2dba14054aeef15895d3cb2d9b26650b24ddeff6f1be67dad63fe4d6ad4789269ba2a41fd2a3c0b4c3867ab8c01899fc6deae1de44b3ff92d46a6504538e7a206ca2050e6b4f17d4908bda5889867b0c4f7c9dc17482433c00cca609b3012420f804d625bb976061c30d54b5fcc7a53407aa34361dd9438468718f478a1bbccbfe4dff50beff53b8a583ee9d111f04b1da67463c2c6487e914a78458ad807c58a803b9a20c7883017ffb34e48045b379839e718c672f83a23a5d020f9efc102fad0f5f3886d57570948983500694b4c2aaa82512e4d896ef072e855aa20dd08f5846e427f116c73aeff1b8076540d1451d4fcbb36658a14b7ab254a51f5c5cf945f2b5738050be7a3e61a83e8b1aaec4035ce28decab4086474e82125dac2be83b932633aaeefeb1f9f9888c0f1cda8ebdfad65ab5fd0ff5ff489dda784f1f144675fdb91b75e10c9baafe01e9868d6393b48df94bfbb1aff21573f90ed81f78616cf9ee0e3cc90d40e6e188ec8be55faffc6eeb416270194fd26b1f0a1776362b4be71fa47acee1b8ab717fbf344df8005c599fc506b36a7cc2d7ecc31e912ec26c6b149ef13af3cf2428ecc8776604f167c838987784f75fb9f738a3f81397cfc828b1fb2fd5ccddbc25132b1b8674d173ca0a6b8a7be9ff676bc967c44a78ec214da6ff78dea13553aa28d35a750a96f9b1fed1ade918b1cb8a85a62290e5693b0a741622983d5485625eccf1da4e2e691d7a22a184690e9e2735390f044ea29906621224b91384c1728df43c3fcf9dfe83c7384114d68210af86acad4efee832e6a458a2f9b71bdf44a352ce12ff94ef22377b795a49cdf7acb2b87a40ab2db7b9d8d83d445783cd331f1f73d334464153ebac7607af4d25cd9ec075b27102541c418f0227339fca8b2b379413e4110d2a2bd3941d934c1dafc4fe3964ba9a055ac4deecdb43e6571b61733e1ad0ab602ddfa6d22d4bb0652ddbfdec986e19c79d83d008d957f4b47fe400593c2b31f40e369b4ea44e4e5cf3af3ed7e774c2c0d478f9cf33116dedf48ce86c8624d0226d6a1b7761f348c9ac57b94fa32d0e40abce6754af6903f6b00acb59ac2483eac76193a9c4d29a5695015aed21874d8da1944fa81218e281fe3dd9fdd1bee6c7bbfb3aa903c0420a2c148bd4cb9806821674edff7c04d83a1804c78df26c3ea3f65cfd09ee6479607453ffafb768e24a62b29829e398ab762627cd674e44080035a68418c38b9605df90bb3b5c0ed77c850eda9b280198c5b1dcabab04607bd8aec23e8f08168c3da5037a46b86a5a1eb645a1b4a0a93e4a2f995b8b9cf86f17fea6b0908cdd696a402a4982b68c4d954e3c0c6fef7e3291fe1a67d33c486a78a2def64012292a6fc37a0b769f57771913a2b16a206cf9bfdca2e38cdfe7d11c60a97fbd39bfd445cab79b799b58814b36fc5b567b211761a664cf2f54a494d6893435fc4c0f130b2f63f2eee17becacacb2817976a28ebf79b01cd152030b07880d2ebb8211705e5b56021476bdd0247ebb74195a4913fc32ff7f00df6291b870f822d7183dc052cfbe3768636b9739181c7f953742f9dbcf4155d9edd5d20fc495541c82f226d2bb5f36d1a5e0ed0e7257cb3d3c485d1893d3dcfb0af9fd5b33bd4fff71ba12384c6e89fa99eca3527d0765384613f5c0e0f7c19d465d498c5631bf0bfe6e90eafcd813ac36bab028e0d6e3f4e8009aac796fae1cc70ccda170faa2140f2c93f030ce801a543e9c76ba31e11d83b1f3b58b0b1e1f5ab064a144e736cf0d7c7aa984dadc483769fd3bd14f865b012006ffb74df5b65a36b8af1addde88922b96454d9451578d6e6c225a594d1f4440b392ef2fbd2f1a236feae337f125c7b4ff725eb897f44614d3ef7081dc51dcffff74db33c2883956d04d8e8a32d61c9312c043ec4f122deda33d86d84cd2301c24805d9b17e38ce7465e9abbc64477c1a98eed1a2e87613b637394043d763575741500855d18808cb8a909bcf0df0d7e52793d1fa89893017c13d021bccbf449e43a4d13ec7c56d89099bf7a01539ccf847a24d09788f628a7bc3eee5ba294a9e4b712ba3f51f03ecaf5cf64ffa7808e167a3d34aafa2bae7942b04b95da25a7f255ccdc69948ac0174b38f8c0e9341fef98c90551d689b4cf2ae6e6abe7783bb6aa32e0567940a681fbd291e013387a9a5719f0c0bc3297cc06eb274dbdf6c4cd845fb5778dafe7e71f0140a95f487ea0870cfa964c86813c839d94a22182b174dc25323577ec17314488f03f1611a145ca3c76bd5dd0ba921739e9e0adf72404b935131ba3c6c2c43c71bcd498d1531743e4508a095f7993e3112c253ce6f681134ef9fb708a6c42eb80b2cfcf87a5d3cf7b1299c3c660b127547dc64b28116a9578ac20880b24c9ed0bf308c509c4acb3f8848c5fd7fe11b8a62f1f48a696ab43bb8aba856ed8386c4182faee94cb8c9016499be532ed4d4d4d9aa22befeda6ba4e0a2fa5e428f9bd00003b078447d03eb456c6f3712e228442ae21170d29d0d0808a929823c331255c95e2aa460926a382468c9d33f0cf72c2b696d823c31713b6c81d97b900493cf18d3b4cea9ac4fe42dfdfcbcc3c5ea150f26e3d113c243b822b19f0fceb22816ad463af9e0d6b09a7018a7cd1d94302841f5b40362890fd08223d07849969acf5087272c98d69525d867a990222e52e85bedc28e994e60663a18f942ccf54772b0241ecf1e678efdbe6fe31956e4bc36d6d149ccf772abf033d9ad31aa6ae4fb18753d2ee3ad1be81b7ce5e75ae6240c558d548e12e450a4f006809472e4cac646c63871a4025886dda021bc0c24bcc707ef9206418e09d1563521c61fb8646fa4e69af9a4256e3c9f6a2b2a7503cc9debcdc3f5178722d52a0c32ddc11c7e20e5401cdd6819405a1281388c0cb8f6003b84887442ac0396db1a87ccbfee69ee7b25e17664a4d544861b239362252f988875750e4dcf081dabc745a9bd377979a21db924d00c4ed40d3f193b5cc06196806bbebeb44a79dea0d7acb1363c515a4743283bad08fbafdd8de6faf50a044c432c679479711b907c5141a70f941f66f3f1e14979a2bf2f109fe06156942e21bcd23d4ae76b29e22015eda58c6a2d4c3ac73364e05415725c09b7b8daccdd82992354b06f2f416c19d5b851139eae40d99f1a6abf872295ac909b782db015dc899a95a7d9b636472595a9c8803bddc8f304e80d637e85bafaf37288d2312eac4c08981c104d7df8ffa7eade7714d48cce771d5f3fe2c6aa1def0ab1bedca7e011daca85471d55f806bbd7260f937c0f30e96dd42c0cad682f996db5a094c242999de4e050cf48b6e7807a6523fef52f9b39eeb98c50ba4d8a1bff588ce67ca35cb38e8cc2dd15577d37c1566e6e162bf5ab0f1f501f829e466aabebbd2d687dc3b5c5656d1e446730b60977ff88d91d20f8fa1140c855498e790e046dfaaa2e8dd6c2f50cbd5ae1e1b0afaf147eaadb68f7cb1d2097069afac7e30b39bd936f41efcb95edf02498952d81014f759b2e0ac150ed87045419d3c266db8065860a2d9b2eb4b820ee5dada5d2676d7522c601a869b30f67b3f5b709aeffad3c72b39a3dd0df7f0e6eb894a7251df2b62d46218a377cca2b359875e48e45c59b202a1922052f448f86b7b09e847c9689a2eea7494b6e879fa332992877e44acc5a84ffc3f0af6235dd049e51608c6e0503662934978906be0ce72113abf069f09ce1fc5e2e0541af25e45abcf8c0740a0661e47890f6a6023828d9b6c3ce0e656f51af7d1f52cb54b55eb9ce366bda271ce4a2a52b29094362ca83544a6c9c2e216293960747e049e50110d322cb3ce6744c4c46fa93025b916821faeb0b7075142b4626b580689a75a772a67819478b18dab26a2b789ee99f01257c28760b54c2df5a7155c95ea395d16b146a76709fcc7afb0fe5a7567850fffc8e0729fb9c96df993ef2511f3949d30aa5ae3b69db89ac7acda1b1349580cbc14c60ffe9d039c76a763aa6ab0b974e6e2d35a2e473dbf9ca348cc5b6672532474c16b12cac662b883cf12524bee7c9c742f1f71f27944e88e7d0532de8f0d8f810d932be9cb14f6fc250a8d683b70b8f0cf122043e7c6a591abe6ee7085943d4646eb69c1ceb183caefdd713fbfb3ee3b0dcd3618a749f3b1d524c5f79bce5f82784d7ff9c69b58287857cf952f94a4bfeb96d6a925ebc9c815094989a966f1c0f2caeb2"}, 0x1015, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0xc0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x2d, &(0x7f0000000080)={&(0x7f00000006c0)={0x28, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @u32}, @typed={0xc, 0x12, 0x0, 0x0, @u64=0x2}]}, 0x28}}, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', 0xa000, 0x40)
mount$9p_fd(0x0, &(0x7f0000000340)='./file1\x00', &(0x7f0000000380), 0x8, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}], [{@smackfstransmute}, {@uid_eq={'uid', 0x3d, 0xee00}}, {@smackfshat}, {@smackfsfloor={'smackfsfloor', 0x3d, '-@\x00'}}, {@euid_lt={'euid<', 0xffffffffffffffff}}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@audit}]}})
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = mq_open(&(0x7f0000005c00)='-@\x00', 0x0, 0x0, 0x0)
poll(&(0x7f0000000040)=[{r2}], 0x1, 0x5)
clock_gettime(0x0, &(0x7f0000000180)={<r3=>0x0, <r4=>0x0})
mq_timedsend(r2, &(0x7f0000000140), 0x0, 0x20, &(0x7f00000001c0)={r3, r4+60000000})
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
futex(&(0x7f00000002c0)=0x2, 0x8, 0x0, &(0x7f00000004c0)={0x0, 0x3938700}, &(0x7f0000000940)=0x1, 0x2)
renameat2(r5, &(0x7f00000000c0)='./file0\x00', r5, &(0x7f0000000280)='./file1\x00', 0x2)
openat(r5, &(0x7f0000000300)='./file1\x00', 0x0, 0x0)

01:26:32 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0702006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:26:32 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706076dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:26:32 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000200010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:26:32 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 80)

[ 2279.734529] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2279.734529]    program syz-executor.4 not setting count and/or reply_len properly
[ 2279.745917] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2279.764007] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2279.764007]    program syz-executor.6 not setting count and/or reply_len properly
[ 2279.766768] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2279.767721] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2279.767721]    program syz-executor.5 not setting count and/or reply_len properly
[ 2279.780087] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2279.780087]    program syz-executor.1 not setting count and/or reply_len properly
[ 2279.784276] 9pnet: Insufficient options for proto=fd
[ 2279.794711] FAULT_INJECTION: forcing a failure.
[ 2279.794711] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2279.795919] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2279.795919]    program syz-executor.5 not setting count and/or reply_len properly
[ 2279.797284] CPU: 1 PID: 28850 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2279.800640] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2279.802519] Call Trace:
[ 2279.803096]  dump_stack+0x107/0x167
[ 2279.803888]  should_fail.cold+0x5/0xa
[ 2279.804730]  __alloc_pages_nodemask+0x182/0x600
[ 2279.805742]  ? __kmalloc+0x16e/0x390
[ 2279.806563]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2279.807876]  ? trace_hardirqs_on+0x5b/0x180
[ 2279.808817]  alloc_pages_current+0x187/0x280
[ 2279.809776]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2279.810849]  sg_common_write.constprop.0+0x992/0x1a30
[ 2279.811979]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2279.813059]  ? vprintk_func+0x93/0x140
[ 2279.813907]  ? printk+0xba/0xf1
[ 2279.814627]  ? record_print_text.cold+0x16/0x16
[ 2279.815637]  ? _raw_spin_unlock_irqrestore+0x25/0x40
[ 2279.816753]  sg_write.part.0+0x69e/0xaa0
[ 2279.817643]  ? sg_new_write.isra.0+0x770/0x770
[ 2279.818653]  ? find_held_lock+0x2c/0x110
[ 2279.819542]  ? __might_fault+0xd3/0x180
[ 2279.820404]  ? lock_downgrade+0x6d0/0x6d0
[ 2279.821316]  ? _cond_resched+0x10/0x30
[ 2279.822155]  ? inode_security+0x107/0x140
[ 2279.823054]  ? avc_policy_seqno+0x9/0x70
[ 2279.823929]  ? selinux_file_permission+0x92/0x520
[ 2279.824973]  ? iov_iter_advance+0x23b/0xec0
[ 2279.825911]  sg_write+0x87/0x120
[ 2279.826660]  do_iter_write+0x4f0/0x700
[ 2279.827509]  ? import_iovec+0x83/0xb0
[ 2279.828343]  vfs_writev+0x1ae/0x620
[ 2279.829133]  ? vfs_iter_write+0xa0/0xa0
[ 2279.830003]  ? __fget_files+0x2cf/0x520
[ 2279.830878]  ? lock_downgrade+0x6d0/0x6d0
[ 2279.831774]  ? find_held_lock+0x2c/0x110
[ 2279.832666]  ? ksys_write+0x12d/0x260
[ 2279.833500]  ? __fget_files+0x2f8/0x520
[ 2279.834380]  ? __fget_light+0xea/0x290
[ 2279.835241]  do_writev+0x139/0x300
[ 2279.836013]  ? vfs_writev+0x620/0x620
[ 2279.836843]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2279.837984]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2279.839111]  do_syscall_64+0x33/0x40
[ 2279.839915]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2279.841023] RIP: 0033:0x7f04ef0deb19
[ 2279.841829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2279.845848] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2279.847512] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2279.849053] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 2279.850607] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2279.852158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2279.853700] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:26:32 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706096dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:26:32 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000300010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:26:32 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x6000000, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:26:32 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x4000000}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r6=>0x0, &(0x7f0000000300))
newfstatat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', &(0x7f0000000240), 0x2100)
setresuid(0x0, r5, r6)
r7 = fork()
r8 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r8, &(0x7f00000000c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2b}}, 0x10)
r9 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmallocinfo\x00', 0x0, 0x0)
sendfile(r8, r9, 0x0, 0xffe3)
openat(r9, &(0x7f0000000340)='./file0\x00', 0x40, 0x108)
setreuid(r4, r4)
prlimit64(r7, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

01:26:32 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe024000300212f6cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2279.888696] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2279.889155] 9pnet: Insufficient options for proto=fd
01:26:32 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0705006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2279.906120] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2279.906120]    program syz-executor.5 not setting count and/or reply_len properly
[ 2279.910616] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2279.910616]    program syz-executor.4 not setting count and/or reply_len properly
01:26:32 executing program 7:
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x40000, 0x4, &(0x7f0000000200)=[{&(0x7f0000010000)="20000000000100000c000000d40000000f000000010000000000000000000000002000000020000020000000d7f4655fd7f4655f0100ffff53ef010001000000d7f4655f000000000000000001000000000000000b00000000020000280200000284", 0x62, 0x400}, {&(0x7f0000010400)="030000000400000005000000d4000f", 0xf, 0x800}, {&(0x7f0000000500)="ffffffffff070000000000000000000000000000000000000000000000000080ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", 0x402, 0xc00}, {&(0x7f0000010e00)="ed41000000040000d7f4655fd7f4655fd7f4655f000000000000040002", 0x1d, 0x1600}], 0x0, &(0x7f00000003c0)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
openat(r0, &(0x7f0000000140)='./file0\x00', 0x181000, 0x145)
lsetxattr$trusted_overlay_upper(&(0x7f0000000980)='./file1\x00', &(0x7f00000009c0), &(0x7f0000000a00)={0x0, 0xfb, 0x1015, 0x1, 0x2, "f7eae3f6bc3f643d093a5e4af63102e4", "26ac1cb8ce8d247c2f30d797140684b71f567768951dff9c74bfc81759eb8f1a03b65bbae5b23c9a194b8411aebe7988256ae2636e05c0d20fcc425d83e484a36a57dd7f1b8646380f2124410771a745172441d50cb20a121c8764be9fd2502b473f23204fbd2ae1d11c2718261e92c9d2741287a1e40fdc04bf77b905e2fac58dc2d2d484e9c2ffff0ebb6cd427f4e44dea7b21067b939f166d126a562a9977e0db473e277b8ea78d22efc63c2b737d71e5f4997ac818a91cd803caa39d3261cb8348848b8cc9329449bd2e7d77c13ef70e6fd1d7513ad20e3f4a0c883187b18f0a846502ad30d5772c9bdbbc402e8971b7737f1edd7b5bfb03ee758b4c3d849daab1b1a76fd7cd95cc97880c79ca1e837a9e50a2252ea638fe61f1e348e5bbea92d2c5d60a1ad5de3c080e0f42a53a808a4f89eeaccf5d99e8b09ac6235b66065cf9a10ffe2e01c5f183586f728268d985c64b7ac712da785ae2f61f356f78cae19dad58d2b5f589d179f53203cb83a752b56dcd7dc449c5c8ed2216ee5be0e0d537d22af462421c4e8baaca4bb52df471c71a1088fd44d1cce77f5cca6380a93a78b5c8a472a40ad71799b7b4d8abe829e42927258a0d2389785f792b59965c29153ed8cba5756f26ae09576fe088654d9f64ea426fb30a33ba4533b11199b871ec0a0ad6efab3c8134bad9892f7bebc9bd09ac9746e2b22af75dff08874a64dc777151b889ea50deadd9ca9625e45c1cf59fa9a07d88125eebc20c1438e02763a66d0905f9ea37ccc75063b3598551edd427d4f60b3f0573a50c00a31b8b457127c3d65f72879f6b6a8f67be0d3e5dc39c5edf18398d4cbb23853c5b20a915f63e94d89f44420a50f1f6fca4ed8fce424932ca586e2ab551e9d3e0c21dcf3a020d9b200917dd954ad99ce09076814bc239a5d7eac6720f5fac0f8f4fef1f84d1f0e3a156c10c65f60deff004107aa4ea108568d3b68f2b6f95b76c07e020ea0c4a33e651075c2a4ba19e7e0bf42b0a6eb1b623e8a7aa35e6dfb4ec51346d4a3721234dad416ec1c5a08e6d28965e843392f3869e7605184feb8ae5730010573207e4843b3fd404a1f134897386f8305976f23a6961a5c253a85176fcf8f068a5a0812c73d312d1cf8d693ace5330ee97357ebe44d8072982d84f82eb64e88fd552d7d504cb836ba04e614d2e2d8d43b8f045a151bb6d8a8ee1f5dca442aae80e7443ceb6e6ce5ae34330ff077aa324b346e1ba07457c406c42d53fe25fd722a108203de52d4d66bd60f81586fc9e59898cfc47ef66b0c645e4a0bf3cf67dde446448a406ec8b6492b71c8111b7c8a54a1d6baab330396647ec2d24607cdb5c419869571dc94061a564c8ba388b8772a07917b0aa9acd25176db88ddaecd5004241dbab862bc4f8c191aa00a17e28df125231ac4bf1133aa945fc59d0a83f99fde95b97f94380dd30e8a23fbd1ee9393b5c2e0a0f49635d7c016a5fe209e32245984ebde0dfd0cb715dffc057845d3d07098bc39c26de468b15c01b4b680ca2dba14054aeef15895d3cb2d9b26650b24ddeff6f1be67dad63fe4d6ad4789269ba2a41fd2a3c0b4c3867ab8c01899fc6deae1de44b3ff92d46a6504538e7a206ca2050e6b4f17d4908bda5889867b0c4f7c9dc17482433c00cca609b3012420f804d625bb976061c30d54b5fcc7a53407aa34361dd9438468718f478a1bbccbfe4dff50beff53b8a583ee9d111f04b1da67463c2c6487e914a78458ad807c58a803b9a20c7883017ffb34e48045b379839e718c672f83a23a5d020f9efc102fad0f5f3886d57570948983500694b4c2aaa82512e4d896ef072e855aa20dd08f5846e427f116c73aeff1b8076540d1451d4fcbb36658a14b7ab254a51f5c5cf945f2b5738050be7a3e61a83e8b1aaec4035ce28decab4086474e82125dac2be83b932633aaeefeb1f9f9888c0f1cda8ebdfad65ab5fd0ff5ff489dda784f1f144675fdb91b75e10c9baafe01e9868d6393b48df94bfbb1aff21573f90ed81f78616cf9ee0e3cc90d40e6e188ec8be55faffc6eeb416270194fd26b1f0a1776362b4be71fa47acee1b8ab717fbf344df8005c599fc506b36a7cc2d7ecc31e912ec26c6b149ef13af3cf2428ecc8776604f167c838987784f75fb9f738a3f81397cfc828b1fb2fd5ccddbc25132b1b8674d173ca0a6b8a7be9ff676bc967c44a78ec214da6ff78dea13553aa28d35a750a96f9b1fed1ade918b1cb8a85a62290e5693b0a741622983d5485625eccf1da4e2e691d7a22a184690e9e2735390f044ea29906621224b91384c1728df43c3fcf9dfe83c7384114d68210af86acad4efee832e6a458a2f9b71bdf44a352ce12ff94ef22377b795a49cdf7acb2b87a40ab2db7b9d8d83d445783cd331f1f73d334464153ebac7607af4d25cd9ec075b27102541c418f0227339fca8b2b379413e4110d2a2bd3941d934c1dafc4fe3964ba9a055ac4deecdb43e6571b61733e1ad0ab602ddfa6d22d4bb0652ddbfdec986e19c79d83d008d957f4b47fe400593c2b31f40e369b4ea44e4e5cf3af3ed7e774c2c0d478f9cf33116dedf48ce86c8624d0226d6a1b7761f348c9ac57b94fa32d0e40abce6754af6903f6b00acb59ac2483eac76193a9c4d29a5695015aed21874d8da1944fa81218e281fe3dd9fdd1bee6c7bbfb3aa903c0420a2c148bd4cb9806821674edff7c04d83a1804c78df26c3ea3f65cfd09ee6479607453ffafb768e24a62b29829e398ab762627cd674e44080035a68418c38b9605df90bb3b5c0ed77c850eda9b280198c5b1dcabab04607bd8aec23e8f08168c3da5037a46b86a5a1eb645a1b4a0a93e4a2f995b8b9cf86f17fea6b0908cdd696a402a4982b68c4d954e3c0c6fef7e3291fe1a67d33c486a78a2def64012292a6fc37a0b769f57771913a2b16a206cf9bfdca2e38cdfe7d11c60a97fbd39bfd445cab79b799b58814b36fc5b567b211761a664cf2f54a494d6893435fc4c0f130b2f63f2eee17becacacb2817976a28ebf79b01cd152030b07880d2ebb8211705e5b56021476bdd0247ebb74195a4913fc32ff7f00df6291b870f822d7183dc052cfbe3768636b9739181c7f953742f9dbcf4155d9edd5d20fc495541c82f226d2bb5f36d1a5e0ed0e7257cb3d3c485d1893d3dcfb0af9fd5b33bd4fff71ba12384c6e89fa99eca3527d0765384613f5c0e0f7c19d465d498c5631bf0bfe6e90eafcd813ac36bab028e0d6e3f4e8009aac796fae1cc70ccda170faa2140f2c93f030ce801a543e9c76ba31e11d83b1f3b58b0b1e1f5ab064a144e736cf0d7c7aa984dadc483769fd3bd14f865b012006ffb74df5b65a36b8af1addde88922b96454d9451578d6e6c225a594d1f4440b392ef2fbd2f1a236feae337f125c7b4ff725eb897f44614d3ef7081dc51dcffff74db33c2883956d04d8e8a32d61c9312c043ec4f122deda33d86d84cd2301c24805d9b17e38ce7465e9abbc64477c1a98eed1a2e87613b637394043d763575741500855d18808cb8a909bcf0df0d7e52793d1fa89893017c13d021bccbf449e43a4d13ec7c56d89099bf7a01539ccf847a24d09788f628a7bc3eee5ba294a9e4b712ba3f51f03ecaf5cf64ffa7808e167a3d34aafa2bae7942b04b95da25a7f255ccdc69948ac0174b38f8c0e9341fef98c90551d689b4cf2ae6e6abe7783bb6aa32e0567940a681fbd291e013387a9a5719f0c0bc3297cc06eb274dbdf6c4cd845fb5778dafe7e71f0140a95f487ea0870cfa964c86813c839d94a22182b174dc25323577ec17314488f03f1611a145ca3c76bd5dd0ba921739e9e0adf72404b935131ba3c6c2c43c71bcd498d1531743e4508a095f7993e3112c253ce6f681134ef9fb708a6c42eb80b2cfcf87a5d3cf7b1299c3c660b127547dc64b28116a9578ac20880b24c9ed0bf308c509c4acb3f8848c5fd7fe11b8a62f1f48a696ab43bb8aba856ed8386c4182faee94cb8c9016499be532ed4d4d4d9aa22befeda6ba4e0a2fa5e428f9bd00003b078447d03eb456c6f3712e228442ae21170d29d0d0808a929823c331255c95e2aa460926a382468c9d33f0cf72c2b696d823c31713b6c81d97b900493cf18d3b4cea9ac4fe42dfdfcbcc3c5ea150f26e3d113c243b822b19f0fceb22816ad463af9e0d6b09a7018a7cd1d94302841f5b40362890fd08223d07849969acf5087272c98d69525d867a990222e52e85bedc28e994e60663a18f942ccf54772b0241ecf1e678efdbe6fe31956e4bc36d6d149ccf772abf033d9ad31aa6ae4fb18753d2ee3ad1be81b7ce5e75ae6240c558d548e12e450a4f006809472e4cac646c63871a4025886dda021bc0c24bcc707ef9206418e09d1563521c61fb8646fa4e69af9a4256e3c9f6a2b2a7503cc9debcdc3f5178722d52a0c32ddc11c7e20e5401cdd6819405a1281388c0cb8f6003b84887442ac0396db1a87ccbfee69ee7b25e17664a4d544861b239362252f988875750e4dcf081dabc745a9bd377979a21db924d00c4ed40d3f193b5cc06196806bbebeb44a79dea0d7acb1363c515a4743283bad08fbafdd8de6faf50a044c432c679479711b907c5141a70f941f66f3f1e14979a2bf2f109fe06156942e21bcd23d4ae76b29e22015eda58c6a2d4c3ac73364e05415725c09b7b8daccdd82992354b06f2f416c19d5b851139eae40d99f1a6abf872295ac909b782db015dc899a95a7d9b636472595a9c8803bddc8f304e80d637e85bafaf37288d2312eac4c08981c104d7df8ffa7eade7714d48cce771d5f3fe2c6aa1def0ab1bedca7e011daca85471d55f806bbd7260f937c0f30e96dd42c0cad682f996db5a094c242999de4e050cf48b6e7807a6523fef52f9b39eeb98c50ba4d8a1bff588ce67ca35cb38e8cc2dd15577d37c1566e6e162bf5ab0f1f501f829e466aabebbd2d687dc3b5c5656d1e446730b60977ff88d91d20f8fa1140c855498e790e046dfaaa2e8dd6c2f50cbd5ae1e1b0afaf147eaadb68f7cb1d2097069afac7e30b39bd936f41efcb95edf02498952d81014f759b2e0ac150ed87045419d3c266db8065860a2d9b2eb4b820ee5dada5d2676d7522c601a869b30f67b3f5b709aeffad3c72b39a3dd0df7f0e6eb894a7251df2b62d46218a377cca2b359875e48e45c59b202a1922052f448f86b7b09e847c9689a2eea7494b6e879fa332992877e44acc5a84ffc3f0af6235dd049e51608c6e0503662934978906be0ce72113abf069f09ce1fc5e2e0541af25e45abcf8c0740a0661e47890f6a6023828d9b6c3ce0e656f51af7d1f52cb54b55eb9ce366bda271ce4a2a52b29094362ca83544a6c9c2e216293960747e049e50110d322cb3ce6744c4c46fa93025b916821faeb0b7075142b4626b580689a75a772a67819478b18dab26a2b789ee99f01257c28760b54c2df5a7155c95ea395d16b146a76709fcc7afb0fe5a7567850fffc8e0729fb9c96df993ef2511f3949d30aa5ae3b69db89ac7acda1b1349580cbc14c60ffe9d039c76a763aa6ab0b974e6e2d35a2e473dbf9ca348cc5b6672532474c16b12cac662b883cf12524bee7c9c742f1f71f27944e88e7d0532de8f0d8f810d932be9cb14f6fc250a8d683b70b8f0cf122043e7c6a591abe6ee7085943d4646eb69c1ceb183caefdd713fbfb3ee3b0dcd3618a749f3b1d524c5f79bce5f82784d7ff9c69b58287857cf952f94a4bfeb96d6a925ebc9c815094989a966f1c0f2caeb2"}, 0x1015, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0xc0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x2d, &(0x7f0000000080)={&(0x7f00000006c0)={0x28, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @u32}, @typed={0xc, 0x12, 0x0, 0x0, @u64=0x2}]}, 0x28}}, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', 0xa000, 0x40)
mount$9p_fd(0x0, &(0x7f0000000340)='./file1\x00', &(0x7f0000000380), 0x8, &(0x7f0000000400)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap}], [{@smackfstransmute}, {@uid_eq={'uid', 0x3d, 0xee00}}, {@smackfshat}, {@smackfsfloor={'smackfsfloor', 0x3d, '-@\x00'}}, {@euid_lt={'euid<', 0xffffffffffffffff}}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@audit}]}})
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = mq_open(&(0x7f0000005c00)='-@\x00', 0x0, 0x0, 0x0)
poll(&(0x7f0000000040)=[{r2}], 0x1, 0x5)
clock_gettime(0x0, &(0x7f0000000180)={<r3=>0x0, <r4=>0x0})
mq_timedsend(r2, &(0x7f0000000140), 0x0, 0x20, &(0x7f00000001c0)={r3, r4+60000000})
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
futex(&(0x7f00000002c0)=0x2, 0x8, 0x0, &(0x7f00000004c0)={0x0, 0x3938700}, &(0x7f0000000940)=0x1, 0x2)
renameat2(r5, &(0x7f00000000c0)='./file0\x00', r5, &(0x7f0000000280)='./file1\x00', 0x2)
openat(r5, &(0x7f0000000300)='./file1\x00', 0x0, 0x0)

[ 2279.951091] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2279.951091]    program syz-executor.6 not setting count and/or reply_len properly
[ 2280.029104] 9pnet: Insufficient options for proto=fd
01:26:47 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000900010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:26:47 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x7000000, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:26:47 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
setresuid(0xffffffffffffffff, r5, 0x0)
setfsuid(r5)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r7=>0x0, &(0x7f0000000300))
setresuid(0x0, r6, r7)
r8 = fork()
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setreuid(r4, r4)
prlimit64(r8, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

01:26:47 executing program 7:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000300010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:26:47 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021306cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:26:47 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0709006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:26:47 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 81)

01:26:47 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd07060d6dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2294.730182] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2294.730182]    program syz-executor.5 not setting count and/or reply_len properly
[ 2294.733952] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2294.741157] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2294.741157]    program syz-executor.6 not setting count and/or reply_len properly
[ 2294.746946] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2294.746946]    program syz-executor.4 not setting count and/or reply_len properly
[ 2294.747772] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2294.747772]    program syz-executor.1 not setting count and/or reply_len properly
[ 2294.767165] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2294.777823] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2294.777823]    program syz-executor.5 not setting count and/or reply_len properly
[ 2294.784778] FAULT_INJECTION: forcing a failure.
[ 2294.784778] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2294.787571] CPU: 1 PID: 29098 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2294.789074] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2294.790890] Call Trace:
[ 2294.791457]  dump_stack+0x107/0x167
[ 2294.792249]  should_fail.cold+0x5/0xa
[ 2294.793082]  __alloc_pages_nodemask+0x182/0x600
[ 2294.794090]  ? __kmalloc+0x16e/0x390
[ 2294.794926]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2294.796227]  ? trace_hardirqs_on+0x5b/0x180
[ 2294.797170]  alloc_pages_current+0x187/0x280
[ 2294.798129]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2294.799216]  sg_common_write.constprop.0+0x992/0x1a30
[ 2294.800338]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2294.801432]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2294.802592]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2294.803774]  ? trace_hardirqs_on+0x5b/0x180
[ 2294.804711]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2294.805895]  sg_write.part.0+0x69e/0xaa0
[ 2294.806805]  ? sg_new_write.isra.0+0x770/0x770
[ 2294.807802]  ? find_held_lock+0x2c/0x110
[ 2294.808689]  ? __might_fault+0xd3/0x180
[ 2294.809537]  ? lock_downgrade+0x6d0/0x6d0
[ 2294.810463]  ? _cond_resched+0x10/0x30
[ 2294.811321]  ? inode_security+0x107/0x140
[ 2294.812219]  ? avc_policy_seqno+0x9/0x70
[ 2294.813095]  ? selinux_file_permission+0x92/0x520
[ 2294.814138]  ? iov_iter_advance+0x23b/0xec0
[ 2294.815109]  sg_write+0x87/0x120
[ 2294.815851]  do_iter_write+0x4f0/0x700
[ 2294.816703]  ? import_iovec+0x83/0xb0
[ 2294.817523]  vfs_writev+0x1ae/0x620
[ 2294.818324]  ? vfs_iter_write+0xa0/0xa0
[ 2294.819211]  ? __fget_files+0x2cf/0x520
[ 2294.820074]  ? lock_downgrade+0x6d0/0x6d0
[ 2294.820969]  ? find_held_lock+0x2c/0x110
[ 2294.821852]  ? ksys_write+0x12d/0x260
01:26:47 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd07060e6dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2294.822716]  ? __fget_files+0x2f8/0x520
[ 2294.823863]  ? __fget_light+0xea/0x290
[ 2294.824730]  do_writev+0x139/0x300
[ 2294.825499]  ? vfs_writev+0x620/0x620
[ 2294.826338]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
01:26:47 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0730006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2294.827532]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2294.828805]  do_syscall_64+0x33/0x40
[ 2294.829617]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2294.830757] RIP: 0033:0x7f04ef0deb19
[ 2294.831569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
01:26:47 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x9000000, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

[ 2294.835550] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2294.837337] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2294.838912] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000008
[ 2294.840453] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2294.841996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2294.843561] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:26:47 executing program 7:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000300010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:26:47 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000d00010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2294.931694] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2294.934538] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2294.934538]    program syz-executor.4 not setting count and/or reply_len properly
01:26:47 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021b66cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2294.939750] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2294.939750]    program syz-executor.6 not setting count and/or reply_len properly
[ 2294.970849] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2295.030793] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2295.030793]    program syz-executor.5 not setting count and/or reply_len properly
[ 2295.052335] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2295.052335]    program syz-executor.5 not setting count and/or reply_len properly
01:27:04 executing program 7:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000300010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:27:04 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 82)

01:27:04 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$IP_SET_OP_GET_BYNAME(r5, 0x1, 0x53, &(0x7f0000000100)={0x6, 0x7, 'syz1\x00'}, &(0x7f0000000240)=0x28)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r7=>0x0, &(0x7f0000000300))
setresuid(0x0, r6, r7)
r8 = fork()
setreuid(r4, r4)
prlimit64(r8, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

01:27:04 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706306dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:27:04 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000e00010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:27:04 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd07b6006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:27:04 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0xf000000, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:27:04 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021200ada3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2311.642843] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2311.642843]    program syz-executor.6 not setting count and/or reply_len properly
[ 2311.645954] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2311.645954]    program syz-executor.1 not setting count and/or reply_len properly
[ 2311.646873] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2311.646873]    program syz-executor.4 not setting count and/or reply_len properly
[ 2311.656300] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2311.663799] FAULT_INJECTION: forcing a failure.
[ 2311.663799] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2311.666880] CPU: 1 PID: 29232 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2311.668499] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2311.670449] Call Trace:
[ 2311.671087]  dump_stack+0x107/0x167
[ 2311.671947]  should_fail.cold+0x5/0xa
[ 2311.672849]  __alloc_pages_nodemask+0x182/0x600
[ 2311.673930]  ? __kmalloc+0x16e/0x390
[ 2311.674812]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2311.676213]  ? trace_hardirqs_on+0x5b/0x180
[ 2311.677229]  alloc_pages_current+0x187/0x280
[ 2311.678252]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2311.679396]  sg_common_write.constprop.0+0x992/0x1a30
[ 2311.680599]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2311.681751]  ? vprintk_func+0x93/0x140
[ 2311.682660]  ? printk+0xba/0xf1
[ 2311.683429]  ? record_print_text.cold+0x16/0x16
[ 2311.684521]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 2311.685683]  ? trace_hardirqs_on+0x5b/0x180
[ 2311.686690]  sg_write.part.0+0x69e/0xaa0
[ 2311.687623]  ? sg_new_write.isra.0+0x770/0x770
[ 2311.688676]  ? find_held_lock+0x2c/0x110
[ 2311.689612]  ? __might_fault+0xd3/0x180
[ 2311.690520]  ? lock_downgrade+0x6d0/0x6d0
[ 2311.691491]  ? _cond_resched+0x10/0x30
[ 2311.692378]  ? inode_security+0x107/0x140
[ 2311.693328]  ? avc_policy_seqno+0x9/0x70
[ 2311.694260]  ? selinux_file_permission+0x92/0x520
[ 2311.695377]  ? iov_iter_advance+0x23b/0xec0
[ 2311.696368]  sg_write+0x87/0x120
[ 2311.697145]  do_iter_write+0x4f0/0x700
[ 2311.698042]  ? import_iovec+0x83/0xb0
[ 2311.698919]  vfs_writev+0x1ae/0x620
[ 2311.699745]  ? vfs_iter_write+0xa0/0xa0
[ 2311.700645]  ? __fget_files+0x2cf/0x520
[ 2311.701546]  ? lock_downgrade+0x6d0/0x6d0
[ 2311.702480]  ? find_held_lock+0x2c/0x110
[ 2311.703413]  ? ksys_write+0x12d/0x260
[ 2311.704281]  ? __fget_files+0x2f8/0x520
[ 2311.705189]  ? __fget_light+0xea/0x290
[ 2311.706075]  do_writev+0x139/0x300
[ 2311.706888]  ? vfs_writev+0x620/0x620
[ 2311.707753]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2311.708940]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2311.710110]  do_syscall_64+0x33/0x40
[ 2311.710961]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2311.712112] RIP: 0033:0x7f04ef0deb19
[ 2311.712950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2311.717094] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2311.718790] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2311.720392] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000008
[ 2311.721986] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2311.723588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2311.725173] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:27:04 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706000aff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:27:04 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000002000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:27:04 executing program 7:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="601c6d6b646f736677c66200088020000400000004f8000020004000030000000000000001", 0x25}, {&(0x7f0000010400)="f8ffff0fffffff0fffffff0f", 0xc, 0x10000}], 0x0, &(0x7f0000000080)={[{@numtail}, {@rodir}, {@uni_xlate}, {@fat=@discard}]})
chdir(&(0x7f0000000040)='./file0\x00')

[ 2311.742254] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2311.742254]    program syz-executor.5 not setting count and/or reply_len properly
[ 2311.762138] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:27:04 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706486dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2311.810102] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2311.810102]    program syz-executor.5 not setting count and/or reply_len properly
[ 2311.820274] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2311.820274]    program syz-executor.6 not setting count and/or reply_len properly
[ 2311.853833] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2311.853833]    program syz-executor.4 not setting count and/or reply_len properly
01:27:04 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x48000000, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:27:04 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000003000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:27:04 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe024000300212025da3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:27:04 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd07064c6dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:27:04 executing program 7:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{0x0}, {0x0}], 0x2}, 0x0)
syz_io_uring_setup(0x54e5, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
setxattr$incfs_id(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), &(0x7f0000000340)={'0000000000000000000000000000000', 0x31}, 0x20, 0x3)
sendto(r3, &(0x7f0000000480), 0x0, 0x0, 0x0, 0x0)
pipe2(&(0x7f0000000040), 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
ftruncate(r4, 0x1)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ff9000/0x1000)=nil, 0x1000, 0x0, 0x878, 0xffffffffffffffff, 0x8000000)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000240)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, {0x1000}, 0x1}, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 2311.912708] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2311.933483] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2311.933483]    program syz-executor.4 not setting count and/or reply_len properly
[ 2311.937519] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2311.960739] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2311.960739]    program syz-executor.5 not setting count and/or reply_len properly
01:27:18 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706686dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:27:18 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c0455030002000000fffffff500010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:27:18 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd07060025ff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:27:18 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021202eda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:27:18 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x4c000000, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

01:27:18 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 83)

01:27:18 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7, 0x7fff}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f0000000240)='io\x00')
r1 = syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000200)=<r3=>0x0)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0}, 0x0, 0x2201}, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
io_uring_enter(r1, 0x184e, 0xb4f9, 0x2, &(0x7f0000000100)={[0x8000]}, 0x8)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
setresuid(0xffffffffffffffff, r5, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
r7 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r7, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$TCPDIAG_GETSOCK(r7, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="4c00000012000105000000000000000007000000ffff00000000000000000000000000000000000000000000000000000000000000000000a0530df30f571b5cc6d7f37146c61d712348df51c78bd0bf3446ff7fb2f29c651b8e9f0709144150a94d81da073ce3c8cae73c61e7f54b6b0b0e6701fcc54a0e92fe099a40201549935b8b6c839de2fdec", @ANYRES32=0x0, @ANYBLOB='\x00'/16], 0x4c}}, 0x0)
getsockopt$IP_VS_SO_GET_DAEMON(r7, 0x0, 0x487, &(0x7f0000000280), &(0x7f0000000340)=0x30)
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r8=>0x0, &(0x7f0000000300))
setresuid(0x0, r6, r8)
r9 = fork()
setreuid(r5, r5)
prlimit64(r9, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

01:27:18 executing program 7:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)={0x28, 0x3e, 0x400, 0x0, 0x0, {0xa}, [@typed={0x8, 0x67, 0x0, 0x0, @u32}, @typed={0xb, 0x1b, 0x0, 0x0, @str='/\')-[\x84\x00'}]}, 0x28}}, 0x10)
r1 = openat$incfs(0xffffffffffffffff, &(0x7f0000000340)='.log\x00', 0x58000, 0x9)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_RELOAD_REGDB(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r3, 0x1}, 0x14}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_ADD_TX_TS(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000800)={&(0x7f0000000780)={0x48, 0x0, 0x400, 0x70bd25, 0x25dfdbfb, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_ADMITTED_TIME={0x6, 0xd4, 0x4}, @NL80211_ATTR_ADMITTED_TIME={0x6, 0xd4, 0x4}, @NL80211_ATTR_TSID={0x5, 0xd2, 0xe}, @NL80211_ATTR_USER_PRIO={0x5, 0xd3, 0x1}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x48}, 0x1, 0x0, 0x0, 0xc000}, 0x20000000)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000004f00000008000300", @ANYRES32=r5, @ANYBLOB="00fcfe00ae5e126d1f8207467a8b4c68e31981676dabeffb4a1850d8fa4cc82fdbfd24f9ae30e159d9780ac3be42bf"], 0x20}}, 0x0)
sendmsg$WG_CMD_GET_DEVICE(r1, &(0x7f0000000640)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x1c, 0x0, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@WGDEVICE_A_FLAGS={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x4008014)
sendmsg$NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(r1, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000440)={&(0x7f0000000540)=ANY=[@ANYBLOB, @ANYRES16=r3, @ANYBLOB="00022dbd7000fddbdf253800000008000300", @ANYRES32=r5, @ANYBLOB="0c00580013000000000000000c00580020000000000000000cd6000000000000000000000c0058007200000000000000ee27544429d1d92df3ddda322cc5c080387f925c190a0f58319a0dd77be4c8bc3c7d66afcec2b3a3dc5f25670be45184c7ae54040d0204f0993aab8dc24de93d70a5ffad78cd34d2d43a9c982d9f592c0837fcbd1100441ddda1ade0304010a6ada4694775ef6e674fde9b27dd0ec135b45242b4c7441129980e3468acb892c541e52a46156e32b0af95b49f732d7b8f1dbd4407440a0bfb498b926f6175346a94"], 0x4c}, 0x1, 0x0, 0x0, 0x20000800}, 0xc0)
r7 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r7, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$TCPDIAG_GETSOCK(r7, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)={0x4c, 0x12, 0x501, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, {0xffff}}}, 0x4c}}, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r8, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$TCPDIAG_GETSOCK(r8, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)={0x4c, 0x12, 0x501, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, {0xffff, 0x0, [], [0x0, 0x0, 0x0, 0x2]}}}, 0x4c}}, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r7, 0xc028660f, &(0x7f0000000080)={0x0, r8, 0x7, 0xffffffff00000001, 0x8, 0x80000000000000})

[ 2326.424006] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2326.424006]    program syz-executor.4 not setting count and/or reply_len properly
[ 2326.437139] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 2326.444142] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2326.449323] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 2326.455152] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2326.455152]    program syz-executor.1 not setting count and/or reply_len properly
[ 2326.456093] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2326.456093]    program syz-executor.5 not setting count and/or reply_len properly
[ 2326.463250] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 2326.466327] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2326.466327]    program syz-executor.6 not setting count and/or reply_len properly
[ 2326.468751] FAULT_INJECTION: forcing a failure.
[ 2326.468751] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2326.473011] CPU: 1 PID: 29401 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2326.474525] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2326.476353] Call Trace:
[ 2326.476934]  dump_stack+0x107/0x167
[ 2326.477734]  should_fail.cold+0x5/0xa
[ 2326.478575]  __alloc_pages_nodemask+0x182/0x600
[ 2326.479595]  ? __kmalloc+0x16e/0x390
[ 2326.480409]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2326.481732]  ? trace_hardirqs_on+0x5b/0x180
[ 2326.482678]  alloc_pages_current+0x187/0x280
[ 2326.483648]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2326.484717]  sg_common_write.constprop.0+0x992/0x1a30
[ 2326.485128] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2326.485853]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2326.485879]  ? vprintk_func+0x93/0x140
[ 2326.489616]  ? printk+0xba/0xf1
[ 2326.490336]  ? record_print_text.cold+0x16/0x16
[ 2326.491350]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 2326.492425]  ? trace_hardirqs_on+0x5b/0x180
[ 2326.493347]  sg_write.part.0+0x69e/0xaa0
[ 2326.494207]  ? sg_new_write.isra.0+0x770/0x770
[ 2326.495185]  ? find_held_lock+0x2c/0x110
[ 2326.496053]  ? __might_fault+0xd3/0x180
[ 2326.496895]  ? lock_downgrade+0x6d0/0x6d0
[ 2326.497793]  ? _cond_resched+0x10/0x30
[ 2326.498615]  ? inode_security+0x107/0x140
[ 2326.499498]  ? avc_policy_seqno+0x9/0x70
[ 2326.500356]  ? selinux_file_permission+0x92/0x520
[ 2326.501379]  ? iov_iter_advance+0x23b/0xec0
[ 2326.501867] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2326.501867]    program syz-executor.5 not setting count and/or reply_len properly
[ 2326.502304]  sg_write+0x87/0x120
[ 2326.506338]  do_iter_write+0x4f0/0x700
[ 2326.507210]  ? import_iovec+0x83/0xb0
[ 2326.508023]  vfs_writev+0x1ae/0x620
[ 2326.508795]  ? vfs_iter_write+0xa0/0xa0
[ 2326.509639]  ? __fget_files+0x2cf/0x520
[ 2326.510492]  ? lock_downgrade+0x6d0/0x6d0
[ 2326.511372]  ? find_held_lock+0x2c/0x110
[ 2326.512249]  ? ksys_write+0x12d/0x260
[ 2326.513059]  ? __fget_files+0x2f8/0x520
[ 2326.513920]  ? __fget_light+0xea/0x290
[ 2326.514752]  do_writev+0x139/0x300
[ 2326.515522]  ? vfs_writev+0x620/0x620
[ 2326.516341]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2326.517465]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2326.518573]  do_syscall_64+0x33/0x40
[ 2326.519386]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2326.520484] RIP: 0033:0x7f04ef0deb19
[ 2326.521284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2326.525241] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2326.526890] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2326.528417] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 2326.529945] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2326.531487] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2326.533020] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000
01:27:19 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c0455030002000000ffffefff00010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2326.554958] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 2326.560603] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.7'.
01:27:19 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706026dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:27:19 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x68000000, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

[ 2326.587720] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
01:27:19 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021204cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:27:19 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd07066c6dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2326.602629] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 2326.627004] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 2326.641485] netlink: 44 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 2326.643988] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2326.643988]    program syz-executor.6 not setting count and/or reply_len properly
01:27:19 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c0455030002000000ffefffff00010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2326.664226] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2326.670958] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2326.670958]    program syz-executor.4 not setting count and/or reply_len properly
[ 2326.688513] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2326.688513]    program syz-executor.5 not setting count and/or reply_len properly
01:27:19 executing program 7:
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
sendmsg$unix(r0, &(0x7f0000000680)={&(0x7f0000000400)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000240)="adf33a79c91d90819dacfd245759c1849f856ec0db00a4725f0902b04d55461fcaa762563a4d98dafd0166bf1f87f80b4ae3b74ca7e8a78d2384", 0x3a}], 0x1, &(0x7f0000000640)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff}}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x40}, 0x24004000)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
getsockopt$bt_l2cap_L2CAP_CONNINFO(r5, 0x6, 0x2, &(0x7f00000000c0), &(0x7f0000000200)=0x6)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0x10000, &(0x7f0000000280)=[0xffffffffffffffff, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r5, r1, r1], 0x8, 0x0, 0x1, {0x0, r6}}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, 0xffffffffffffffff)
r7 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r2, 0x8000000)
syz_io_uring_submit(r7, r4, &(0x7f0000000340)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x40012103, 0x1}, 0x80000001)
io_uring_enter(r2, 0x58a7, 0xf6f4, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, &(0x7f00000003c0)='!!$.-]$:/\x00')
write$binfmt_elf64(r0, &(0x7f00000001c0)=ANY=[], 0xfdef)
syz_open_dev$tty20(0xc, 0x4, 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)

01:27:19 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706036dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:27:19 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080)={0x0, 0x40, 0x0, 0x0, 0xffffffff}, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
pread64(0xffffffffffffffff, &(0x7f0000000340)=""/180, 0xb4, 0x7)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x5, 0x2004, @fd=r0, 0x0, 0x0, 0x0, 0x17, 0x0, {0x2}}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r6=>0x0, &(0x7f0000000300))
setresuid(0x0, r5, r6)
r7 = fork()
setreuid(r4, r4)
prlimit64(r7, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

[ 2326.867842] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2326.867842]    program syz-executor.6 not setting count and/or reply_len properly
01:27:31 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c0455030002000000f5ffffff00010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:27:31 executing program 0:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0x4, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x3a79, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000040)=<r0=>0x0, &(0x7f0000000200)=<r1=>0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r2, 0x0, &(0x7f00000029c0)={0x0, 0x0, 0x0, 0xffffffffffffffd5}, 0x0, 0x2201}, 0x0)
r3 = syz_open_dev$sg(&(0x7f0000000340), 0x800, 0x0)
syz_io_uring_submit(0x0, r1, &(0x7f0000000040)=@IORING_OP_READ=@pass_buffer={0x16, 0x5, 0x4000, @fd=r3, 0x2, &(0x7f0000000380)=""/202, 0xca, 0x2}, 0x9ad4)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0xffffffffffffffff, r4, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getresuid(&(0x7f00000001c0), &(0x7f00000002c0)=<r6=>0x0, &(0x7f0000000300))
setresuid(0x0, r5, r6)
r7 = fork()
setreuid(r4, r4)
prlimit64(r7, 0x9, &(0x7f0000000140)={0x7}, &(0x7f0000000180))

01:27:31 executing program 7:
sendmsg$TIPC_CMD_SET_LINK_TOL(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x30, 0x0, 0x8, 0x70bd25, 0x25dfdbfd, {{}, {}, {0x14, 0x18, {0x7d7c, @bearer=@udp='udp:syz1\x00'}}}, ["", "", "", "", "", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x4810}, 0x20044800)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0, 0x5e033, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x2132, 0xffffffffffffffff, 0x0)

01:27:31 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x6c000000, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

[ 2339.437726] __nla_validate_parse: 1 callbacks suppressed
[ 2339.437742] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
01:27:31 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 84)

01:27:31 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706046dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:27:31 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe024000300212075da3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:27:31 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706746dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2339.456542] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2339.465033] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2339.465033]    program syz-executor.5 not setting count and/or reply_len properly
01:27:32 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x74000000, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

[ 2339.479291] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2339.479291]    program syz-executor.6 not setting count and/or reply_len properly
[ 2339.484628] ------------[ cut here ]------------
[ 2339.486242] WARNING: CPU: 1 PID: 29666 at include/linux/fs.h:525 hugetlb_split+0x320/0xc50
[ 2339.488466] Modules linked in:
[ 2339.489306] CPU: 1 PID: 29666 Comm: syz-executor.7 Not tainted 5.10.244 #1
[ 2339.491144] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2339.493111] RIP: 0010:hugetlb_split+0x320/0xc50
[ 2339.494158] Code: 00 00 31 f6 48 81 c7 e0 00 00 00 e8 8a fb 7c 02 31 ff 41 89 c6 89 c6 e8 0e d4 d5 ff 45 85 f6 0f 85 5e fe ff ff e8 b0 da d5 ff <0f> 0b e9 52 fe ff ff e8 a4 da d5 ff 48 8d 43 50 48 89 c2 48 89 44
[ 2339.500220] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2339.503642] RSP: 0018:ffff888057b379a0 EFLAGS: 00010212
[ 2339.505960] RAX: 0000000000000187 RBX: ffff8880175d6200 RCX: ffffc90004a1c000
[ 2339.507590] RDX: 0000000000040000 RSI: ffffffff816af780 RDI: 0000000000000005
[ 2339.509233] RBP: 0000000020400000 R08: 0000000000000000 R09: ffff88800d0bf0bf
[ 2339.510847] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff1100af66f3d
[ 2339.512485] R13: ffffffff8567ae3c R14: 0000000000000000 R15: 0000000000000001
[ 2339.514116] FS:  00007f329e2f1700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[ 2339.515973] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2339.517290] CR2: 0000000000000000 CR3: 000000004f332000 CR4: 0000000000350ee0
[ 2339.518906] Call Trace:
[ 2339.519549]  ? follow_hugetlb_page+0x10c0/0x10c0
[ 2339.519692] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2339.520639]  ? vm_area_alloc+0x110/0x110
[ 2339.522609]  __vma_adjust+0xbe8/0x2510
[ 2339.523531]  ? anon_vma_clone+0x3d0/0x590
[ 2339.524489]  __split_vma+0x41a/0x4e0
[ 2339.525364]  __do_munmap+0xfae/0x1260
[ 2339.526212]  ? arch_get_unmapped_area+0x450/0x450
[ 2339.527355]  ? lock_release+0x680/0x680
[ 2339.528243]  mmap_region+0x7cc/0x1500
[ 2339.529119]  do_mmap+0x868/0x1370
[ 2339.529925]  vm_mmap_pgoff+0x198/0x1f0
[ 2339.530817]  ? randomize_page+0xb0/0xb0
[ 2339.531735]  ? sched_ttwu_pending+0x20b/0x360
[ 2339.532760]  ksys_mmap_pgoff+0xde/0x560
[ 2339.533671]  ? find_mergeable_anon_vma+0x250/0x250
[ 2339.534792]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2339.535983]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2339.537148]  do_syscall_64+0x33/0x40
[ 2339.537998]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2339.539166] RIP: 0033:0x7f32a0d7bb19
[ 2339.540011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2339.544487] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2339.544487]    program syz-executor.1 not setting count and/or reply_len properly
[ 2339.544748] FAULT_INJECTION: forcing a failure.
[ 2339.544748] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2339.548476] RSP: 002b:00007f329e2f1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 2339.548505] RAX: ffffffffffffffda RBX: 00007f32a0e8ef60 RCX: 00007f32a0d7bb19
[ 2339.549924] CPU: 0 PID: 29670 Comm: syz-executor.1 Not tainted 5.10.244 #1
[ 2339.549938] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2339.551850] RDX: 0000000000000000 RSI: 0000000000400000 RDI: 0000000020000000
[ 2339.552674] Call Trace:
[ 2339.552693]  dump_stack+0x107/0x167
[ 2339.552710]  should_fail.cold+0x5/0xa
[ 2339.555888] RBP: 00007f32a0dd5f6d R08: ffffffffffffffff R09: 0000000000000000
[ 2339.556203]  __alloc_pages_nodemask+0x182/0x600
[ 2339.557001] R10: 0000000000002132 R11: 0000000000000246 R12: 0000000000000000
[ 2339.557260]  ? __kmalloc+0x16e/0x390
[ 2339.558197] R13: 00007ffc08cd689f R14: 00007f329e2f1300 R15: 0000000000022000
[ 2339.559016]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2339.559034]  ? trace_hardirqs_on+0x5b/0x180
[ 2339.559051]  alloc_pages_current+0x187/0x280
[ 2339.560198] irq event stamp: 1279
[ 2339.560994]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2339.561018]  sg_common_write.constprop.0+0x992/0x1a30
[ 2339.561940] hardirqs last  enabled at (1291): [<ffffffff84000d02>] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2339.562741]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2339.562753]  ? vprintk_func+0x93/0x140
[ 2339.562771]  ? printk+0xba/0xf1
[ 2339.564260] hardirqs last disabled at (1302): [<ffffffff83e7e8cb>] sysvec_apic_timer_interrupt+0xb/0xa0
[ 2339.564724]  ? record_print_text.cold+0x16/0x16
[ 2339.564739]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 2339.564754]  ? trace_hardirqs_on+0x5b/0x180
[ 2339.565839] softirqs last  enabled at (1256): [<ffffffff84001092>] asm_call_irq_on_stack+0x12/0x20
[ 2339.566212]  sg_write.part.0+0x69e/0xaa0
[ 2339.567404] softirqs last disabled at (1179): [<ffffffff84001092>] asm_call_irq_on_stack+0x12/0x20
[ 2339.567962]  ? sg_new_write.isra.0+0x770/0x770
[ 2339.570338] ---[ end trace 755dca2145cdbd33 ]---
[ 2339.570890]  ? find_held_lock+0x2c/0x110
[ 2339.571932] ------------[ cut here ]------------
[ 2339.572207]  ? __might_fault+0xd3/0x180
[ 2339.574474] WARNING: CPU: 1 PID: 29666 at include/linux/fs.h:525 hugetlb_split+0x320/0xc50
[ 2339.574982]  ? lock_downgrade+0x6d0/0x6d0
[ 2339.576229] Modules linked in:
[ 2339.576705]  ? _cond_resched+0x10/0x30
[ 2339.576716]  ? inode_security+0x107/0x140
[ 2339.576733]  ? avc_policy_seqno+0x9/0x70
[ 2339.578886] 
[ 2339.579342]  ? selinux_file_permission+0x92/0x520
[ 2339.579355]  ? iov_iter_advance+0x23b/0xec0
[ 2339.579371]  sg_write+0x87/0x120
[ 2339.581544] CPU: 1 PID: 29666 Comm: syz-executor.7 Tainted: G        W         5.10.244 #1
[ 2339.582043]  do_iter_write+0x4f0/0x700
[ 2339.583186] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2339.583622]  ? import_iovec+0x83/0xb0
[ 2339.583636]  vfs_writev+0x1ae/0x620
[ 2339.583654]  ? vfs_iter_write+0xa0/0xa0
[ 2339.584811] RIP: 0010:hugetlb_split+0x320/0xc50
[ 2339.585242]  ? __fget_files+0x2cf/0x520
[ 2339.587230] Code: 00 00 31 f6 48 81 c7 e0 00 00 00 e8 8a fb 7c 02 31 ff 41 89 c6 89 c6 e8 0e d4 d5 ff 45 85 f6 0f 85 5e fe ff ff e8 b0 da d5 ff <0f> 0b e9 52 fe ff ff e8 a4 da d5 ff 48 8d 43 50 48 89 c2 48 89 44
[ 2339.587672]  ? lock_downgrade+0x6d0/0x6d0
[ 2339.587681]  ? find_held_lock+0x2c/0x110
[ 2339.587700]  ? ksys_write+0x12d/0x260
[ 2339.588492] RSP: 0018:ffff888057b379a0 EFLAGS: 00010212
[ 2339.588914]  ? __fget_files+0x2f8/0x520
[ 2339.589908] 
[ 2339.590360]  ? __fget_light+0xea/0x290
[ 2339.590375]  do_writev+0x139/0x300
[ 2339.590392]  ? vfs_writev+0x620/0x620
01:27:32 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x7a000000, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

[ 2339.590777] RAX: 0000000000033714 RBX: ffff8880175d6200 RCX: ffffc90004a1c000
[ 2339.591335]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2339.591348]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2339.591364]  do_syscall_64+0x33/0x40
[ 2339.592406] RDX: 0000000000040000 RSI: ffffffff816af780 RDI: 0000000000000005
[ 2339.592767]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2339.592781] RIP: 0033:0x7f04ef0deb19
[ 2339.594768] RBP: 0000000020800000 R08: 0000000000000000 R09: ffff88800d0bf0bf
[ 2339.595190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2339.595202] RSP: 002b:00007f04ec633188 EFLAGS: 00000246
[ 2339.597160] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff1100af66f3d
[ 2339.597562]  ORIG_RAX: 0000000000000014
[ 2339.597569] RAX: ffffffffffffffda RBX: 00007f04ef1f2020 RCX: 00007f04ef0deb19
[ 2339.597576] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000008
[ 2339.597582] RBP: 00007f04ec6331d0 R08: 0000000000000000 R09: 0000000000000000
[ 2339.597595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
01:27:32 executing program 5:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = fcntl$dupfd(r2, 0x0, r3)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe0240003002120b6da3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2339.598458] R13: ffffffff8567ae3c R14: 0000000000000000 R15: 0000000000000001
[ 2339.598886] R13: 00007ffe4eb6835f R14: 00007f04ec633300 R15: 0000000000022000
[ 2339.601880] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2339.601880]    program syz-executor.5 not setting count and/or reply_len properly
[ 2339.605275] FS:  00007f329e2f1700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000
[ 2339.605293] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2339.605306] CR2: 0000000000000000 CR3: 000000004f332000 CR4: 0000000000350ee0
[ 2339.605320] Call Trace:
[ 2339.640801] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2339.641444]  ? follow_hugetlb_page+0x10c0/0x10c0
[ 2339.651639]  ? vm_area_alloc+0x110/0x110
[ 2339.652608]  __vma_adjust+0xbf3/0x2510
[ 2339.653541]  ? anon_vma_clone+0x3d0/0x590
[ 2339.654523]  __split_vma+0x41a/0x4e0
[ 2339.655405]  __do_munmap+0xfae/0x1260
[ 2339.656266]  ? arch_get_unmapped_area+0x450/0x450
[ 2339.657388]  ? lock_release+0x680/0x680
[ 2339.658285]  mmap_region+0x7cc/0x1500
[ 2339.659193]  do_mmap+0x868/0x1370
[ 2339.660021]  vm_mmap_pgoff+0x198/0x1f0
[ 2339.660936]  ? randomize_page+0xb0/0xb0
[ 2339.661876]  ? sched_ttwu_pending+0x20b/0x360
[ 2339.662921]  ksys_mmap_pgoff+0xde/0x560
[ 2339.663850]  ? find_mergeable_anon_vma+0x250/0x250
[ 2339.664066] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2339.664972]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2339.664999]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2339.668328]  do_syscall_64+0x33/0x40
[ 2339.669195]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2339.669478] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2339.669478]    program syz-executor.5 not setting count and/or reply_len properly
[ 2339.670368] RIP: 0033:0x7f32a0d7bb19
[ 2339.670389] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2339.670406] RSP: 002b:00007f329e2f1188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 2339.678889] RAX: ffffffffffffffda RBX: 00007f32a0e8ef60 RCX: 00007f32a0d7bb19
[ 2339.680519] RDX: 0000000000000000 RSI: 0000000000400000 RDI: 0000000020000000
[ 2339.682126] RBP: 00007f32a0dd5f6d R08: ffffffffffffffff R09: 0000000000000000
[ 2339.683745] R10: 0000000000002132 R11: 0000000000000246 R12: 0000000000000000
[ 2339.685354] R13: 00007ffc08cd689f R14: 00007f329e2f1300 R15: 0000000000022000
[ 2339.686754] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2339.686754]    program syz-executor.5 not setting count and/or reply_len properly
[ 2339.686985] irq event stamp: 1945
[ 2339.689589] hardirqs last  enabled at (1959): [<ffffffff8129b57d>] console_unlock+0x92d/0xb40
[ 2339.691516] hardirqs last disabled at (1968): [<ffffffff8129b489>] console_unlock+0x839/0xb40
[ 2339.693414] softirqs last  enabled at (1256): [<ffffffff84001092>] asm_call_irq_on_stack+0x12/0x20
[ 2339.695419] softirqs last disabled at (1179): [<ffffffff84001092>] asm_call_irq_on_stack+0x12/0x20
[ 2339.697389] ---[ end trace 755dca2145cdbd34 ]---
01:27:32 executing program 2:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x5, 0x81000000, {}, [@nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x24}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140))
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f0000000300)={0x3, {{0xa, 0x0, 0x0, @mcast1}}}, 0x5000)
syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401)
r2 = syz_open_procfs(0x0, 0x0)
getdents64(r2, &(0x7f00000007c0)=""/180, 0x200007d8)
openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0xaa041, 0x0)
socket$netlink(0x10, 0x3, 0x0)

[ 2339.724194] ------------[ cut here ]------------
[ 2339.724805] WARNING: CPU: 0 PID: 29686 at include/linux/fs.h:525 hugetlb_split+0x320/0xc50
[ 2339.725767] Modules linked in:
[ 2339.726130] CPU: 0 PID: 29686 Comm: syz-executor.7 Tainted: G        W         5.10.244 #1
[ 2339.727141] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2339.728298] RIP: 0010:hugetlb_split+0x320/0xc50
[ 2339.728898] Code: 00 00 31 f6 48 81 c7 e0 00 00 00 e8 8a fb 7c 02 31 ff 41 89 c6 89 c6 e8 0e d4 d5 ff 45 85 f6 0f 85 5e fe ff ff e8 b0 da d5 ff <0f> 0b e9 52 fe ff ff e8 a4 da d5 ff 48 8d 43 50 48 89 c2 48 89 44
[ 2339.731172] RSP: 0018:ffff888048bd79a0 EFLAGS: 00010212
[ 2339.731799] RAX: 000000000000012a RBX: ffff88804f371000 RCX: ffffc90005220000
[ 2339.732694] RDX: 0000000000040000 RSI: ffffffff816af780 RDI: 0000000000000005
[ 2339.733612] RBP: 0000000020400000 R08: 0000000000000000 R09: ffff88800d0bf0bf
[ 2339.734489] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff1100917af3d
[ 2339.735410] R13: ffffffff8567ae3c R14: 0000000000000000 R15: 0000000000000001
[ 2339.736274] FS:  00007f329e2d0700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[ 2339.737275] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2339.738025] CR2: 00007f329e2d0718 CR3: 000000004f332000 CR4: 0000000000350ef0
[ 2339.738855] Call Trace:
[ 2339.739173]  ? follow_hugetlb_page+0x10c0/0x10c0
[ 2339.739748]  ? vm_area_alloc+0x110/0x110
[ 2339.740214]  __vma_adjust+0xbe8/0x2510
[ 2339.740680]  ? anon_vma_clone+0x3d0/0x590
[ 2339.741152]  __split_vma+0x41a/0x4e0
[ 2339.741610]  __do_munmap+0xfae/0x1260
[ 2339.742055]  ? arch_get_unmapped_area+0x450/0x450
[ 2339.742635]  ? lock_release+0x680/0x680
[ 2339.743082]  mmap_region+0x7cc/0x1500
[ 2339.743514]  do_mmap+0x868/0x1370
[ 2339.743891]  vm_mmap_pgoff+0x198/0x1f0
[ 2339.744312]  ? randomize_page+0xb0/0xb0
[ 2339.744754]  ? lock_downgrade+0x6d0/0x6d0
[ 2339.745200]  ksys_mmap_pgoff+0xde/0x560
[ 2339.745650]  ? find_mergeable_anon_vma+0x250/0x250
[ 2339.746215]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2339.746819]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2339.747437]  do_syscall_64+0x33/0x40
[ 2339.747865]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2339.748480] RIP: 0033:0x7f32a0d7bb19
[ 2339.748913] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2339.751033] RSP: 002b:00007f329e2d0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 2339.751914] RAX: ffffffffffffffda RBX: 00007f32a0e8f020 RCX: 00007f32a0d7bb19
[ 2339.752757] RDX: 0000000000000000 RSI: 0000000000400000 RDI: 0000000020000000
[ 2339.753599] RBP: 00007f32a0dd5f6d R08: ffffffffffffffff R09: 0000000000000000
[ 2339.754422] R10: 0000000000002132 R11: 0000000000000246 R12: 0000000000000000
[ 2339.755296] R13: 00007ffc08cd689f R14: 00007f329e2d0300 R15: 0000000000022000
[ 2339.756125] irq event stamp: 453
[ 2339.756533] hardirqs last  enabled at (463): [<ffffffff8129b57d>] console_unlock+0x92d/0xb40
[ 2339.757534] hardirqs last disabled at (472): [<ffffffff8129b489>] console_unlock+0x839/0xb40
[ 2339.758535] softirqs last  enabled at (0): [<ffffffff8113890b>] copy_process+0x16eb/0x78b0
[ 2339.759536] softirqs last disabled at (0): [<0000000000000000>] 0x0
[ 2339.760249] ---[ end trace 755dca2145cdbd35 ]---
[ 2339.760830] ------------[ cut here ]------------
[ 2339.761408] WARNING: CPU: 0 PID: 29686 at include/linux/fs.h:525 hugetlb_split+0x320/0xc50
[ 2339.762365] Modules linked in:
[ 2339.762745] CPU: 0 PID: 29686 Comm: syz-executor.7 Tainted: G        W         5.10.244 #1
[ 2339.763708] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2339.764685] RIP: 0010:hugetlb_split+0x320/0xc50
[ 2339.765218] Code: 00 00 31 f6 48 81 c7 e0 00 00 00 e8 8a fb 7c 02 31 ff 41 89 c6 89 c6 e8 0e d4 d5 ff 45 85 f6 0f 85 5e fe ff ff e8 b0 da d5 ff <0f> 0b e9 52 fe ff ff e8 a4 da d5 ff 48 8d 43 50 48 89 c2 48 89 44
[ 2339.767366] RSP: 0018:ffff888048bd79a0 EFLAGS: 00010212
[ 2339.767982] RAX: 000000000001958a RBX: ffff88804f371000 RCX: ffffc90005220000
[ 2339.768828] RDX: 0000000000040000 RSI: ffffffff816af780 RDI: 0000000000000005
[ 2339.769677] RBP: 0000000020800000 R08: 0000000000000000 R09: ffff88800d0bf0bf
[ 2339.770521] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff1100917af3d
[ 2339.771367] R13: ffffffff8567ae3c R14: 0000000000000000 R15: 0000000000000001
[ 2339.772205] FS:  00007f329e2d0700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[ 2339.773152] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2339.773837] CR2: 00007f329e2d0718 CR3: 000000004f332000 CR4: 0000000000350ef0
[ 2339.774678] Call Trace:
[ 2339.774993]  ? follow_hugetlb_page+0x10c0/0x10c0
[ 2339.775562]  ? vm_area_alloc+0x110/0x110
[ 2339.776035]  __vma_adjust+0xbf3/0x2510
[ 2339.776507]  ? anon_vma_clone+0x3d0/0x590
[ 2339.776995]  __split_vma+0x41a/0x4e0
[ 2339.777439]  __do_munmap+0xfae/0x1260
[ 2339.777877]  ? arch_get_unmapped_area+0x450/0x450
[ 2339.778458]  ? lock_release+0x680/0x680
[ 2339.778918]  mmap_region+0x7cc/0x1500
[ 2339.779390]  do_mmap+0x868/0x1370
[ 2339.779794]  vm_mmap_pgoff+0x198/0x1f0
[ 2339.780245]  ? randomize_page+0xb0/0xb0
[ 2339.780729]  ? lock_downgrade+0x6d0/0x6d0
[ 2339.781210]  ksys_mmap_pgoff+0xde/0x560
[ 2339.781686]  ? find_mergeable_anon_vma+0x250/0x250
[ 2339.782245]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2339.782875]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2339.783496]  do_syscall_64+0x33/0x40
[ 2339.783928]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2339.784548] RIP: 0033:0x7f32a0d7bb19
[ 2339.784977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2339.787105] RSP: 002b:00007f329e2d0188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 2339.788000] RAX: ffffffffffffffda RBX: 00007f32a0e8f020 RCX: 00007f32a0d7bb19
[ 2339.788845] RDX: 0000000000000000 RSI: 0000000000400000 RDI: 0000000020000000
[ 2339.789687] RBP: 00007f32a0dd5f6d R08: ffffffffffffffff R09: 0000000000000000
[ 2339.790533] R10: 0000000000002132 R11: 0000000000000246 R12: 0000000000000000
[ 2339.791374] R13: 00007ffc08cd689f R14: 00007f329e2d0300 R15: 0000000000022000
[ 2339.792192] irq event stamp: 941
[ 2339.792604] hardirqs last  enabled at (951): [<ffffffff8129b57d>] console_unlock+0x92d/0xb40
[ 2339.793603] hardirqs last disabled at (960): [<ffffffff8129b489>] console_unlock+0x839/0xb40
[ 2339.794587] softirqs last  enabled at (0): [<ffffffff8113890b>] copy_process+0x16eb/0x78b0
[ 2339.795562] softirqs last disabled at (0): [<0000000000000000>] 0x0
[ 2339.796273] ---[ end trace 755dca2145cdbd36 ]---
01:27:32 executing program 6:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706056dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:27:32 executing program 4:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(r1, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = fcntl$dupfd(r1, 0x0, r2)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd07067a6dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

01:27:32 executing program 1:
r0 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000240), 0x1d3c85a9c41a0e54, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0x2, 0xffffffe1, 0x0, 0x80000000, 0x9})
r1 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
ioctl$SG_IO(r2, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
fsetxattr$trusted_overlay_origin(r3, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x2)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_io_uring_setup(0x1ee0, &(0x7f0000000100)={0x0, 0x6ae7, 0x4, 0x3, 0xb1}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), 0x0)
r5 = fcntl$dupfd(r2, 0x0, r4)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000000000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2) (fail_nth: 85)

01:27:32 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000400), 0x0, 0x2001)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x4a890, 0x0, 0x0, 0x8, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = fcntl$dupfd(r0, 0x0, r1)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000000)="0000abe02400030021206cda3b5e5672b89aeddb2a535fbd0706006dff0043a9d7cceb232fb81bf74ebdd05b7677", 0x2e}, {&(0x7f0000000680)="7fd41c04550300020000000002000000010046e92ed2616f72657d044129471d4fd47924fd0900e09e0068deec025f2400113680b0eb4d4627baf31afc6413da00240bc010c515c4", 0x48}], 0x2)

[ 2339.818762] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2339.825771] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 2339.891976] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2339.891976]    program syz-executor.4 not setting count and/or reply_len properly
[ 2339.899715] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2339.899715]    program syz-executor.6 not setting count and/or reply_len properly
[ 2339.925252] sg_write: data in/out 33555249/24 bytes for SCSI command 0xfd-- guessing data in;
[ 2339.925252]    program syz-executor.1 not setting count and/or reply_len properly
[ 2339.936657] FAULT_INJECTION: forcing a failure.
[ 2339.936657] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2339.939529] CPU: 1 PID: 29756 Comm: syz-executor.1 Tainted: G        W         5.10.244 #1
[ 2339.941269] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2339.943018] Call Trace:
[ 2339.943576]  dump_stack+0x107/0x167
[ 2339.944348]  should_fail.cold+0x5/0xa
[ 2339.945160]  __alloc_pages_nodemask+0x182/0x600
[ 2339.946136]  ? mark_held_locks+0x9e/0xe0
[ 2339.947004]  ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310
[ 2339.948261]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2339.949372]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2339.950514]  alloc_pages_current+0x187/0x280
[ 2339.951449]  sg_build_indirect.isra.0+0x2f5/0x710
[ 2339.952469]  sg_common_write.constprop.0+0x992/0x1a30
[ 2339.953560]  ? sg_build_indirect.isra.0+0x710/0x710
[ 2339.954603]  ? vprintk_func+0x93/0x140
[ 2339.955436]  ? printk+0xba/0xf1
[ 2339.956131]  ? record_print_text.cold+0x16/0x16
[ 2339.957107]  ? _raw_spin_unlock_irqrestore+0x38/0x40
[ 2339.958167]  ? trace_hardirqs_on+0x5b/0x180
[ 2339.959092]  sg_write.part.0+0x69e/0xaa0
[ 2339.959949]  ? sg_new_write.isra.0+0x770/0x770
[ 2339.960915]  ? lock_release+0x3b4/0x680
[ 2339.961753]  ? __might_fault+0xd3/0x180
[ 2339.962587]  ? lock_downgrade+0x6d0/0x6d0
[ 2339.963483]  ? _cond_resched+0x10/0x30
[ 2339.964300]  ? inode_security+0x107/0x140
[ 2339.965172]  ? avc_policy_seqno+0x9/0x70
[ 2339.966023]  ? selinux_file_permission+0x92/0x520
[ 2339.967048]  ? iov_iter_advance+0x23b/0xec0
[ 2339.967956]  sg_write+0x87/0x120
[ 2339.968671]  do_iter_write+0x4f0/0x700
[ 2339.969490]  ? import_iovec+0x83/0xb0
[ 2339.970291]  vfs_writev+0x1ae/0x620
[ 2339.971063]  ? vfs_iter_write+0xa0/0xa0
[ 2339.971896]  ? __fget_files+0x2cf/0x520
[ 2339.972729]  ? lock_downgrade+0x6d0/0x6d0
[ 2339.973617]  ? __fget_files+0x2f8/0x520
[ 2339.974458]  ? __fget_light+0xea/0x290
[ 2339.975289]  do_writev+0x139/0x300
[ 2339.976060]  ? vfs_writev+0x620/0x620
[ 2339.976868]  ? __ia32_sys_readv+0xb0/0xb0
[ 2339.977755]  do_syscall_64+0x33/0x40
[ 2339.978543]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2339.979634] RIP: 0033:0x7f04ef0deb19
[ 2339.980416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2339.984291] RSP: 002b:00007f04ec654188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2339.985886] RAX: ffffffffffffffda RBX: 00007f04ef1f1f60 RCX: 00007f04ef0deb19
[ 2339.987395] RDX: 0000000000000002 RSI: 00000000200003c0 RDI: 0000000000000007
[ 2339.988897] RBP: 00007f04ec6541d0 R08: 0000000000000000 R09: 0000000000000000
[ 2339.990400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2339.991913] R13: 00007ffe4eb6835f R14: 00007f04ec654300 R15: 0000000000022000

VM DIAGNOSIS:
01:27:32  Registers:
info registers vcpu 0
RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff85975740 RDX=0000000000000000
RSI=0000000000000001 RDI=ffff888015b77bf0 RBP=ffff888015b77bcd RSP=ffff888015b77a70
R8 =ffffffff85975745 R9 =ffff888015b77c30 R10=0000000000032046 R11=1ffff11002b6ef56
R12=ffff888015b77c30 R13=ffff888015b77b98 R14=1ffff11002b6ef56 R15=ffffffff85975744
RIP=ffffffff81108cec RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f15e89b28c0 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055558df58c18 CR3=000000000ce9a000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=7269762f736563697665642f7379732f XMM01=6c622f6c6175747269762f7365636976
XMM02=ffffff0f0e0d0c0b0a09080706050403 XMM03=696e656420737365636341002f737973
XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=00000000000000000000000000000000
XMM06=0000563b54bbb5600000000400000002 XMM07=00000000000000000000000000000000
XMM08=2f63697361622f6372732f2e2e000d0a XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000000066 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff822e3e01 RDI=ffffffff879f71c0 RBP=ffffffff879f7180 RSP=ffff888057b37338
R8 =0000000000000001 R9 =0000000000000003 R10=0000000000000000 R11=0000000000000001
R12=0000000000000066 R13=0000000000000066 R14=ffffffff879f7180 R15=dffffc0000000000
RIP=ffffffff822e3e58 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f329e2f1700 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000000000000000 CR3=000000004f332000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007f32a0e627c000007f32a0e627c8
XMM02=00007f32a0e627e000007f32a0e627c0 XMM03=00007f32a0e627c800007f32a0e627c0
XMM04=ffffffffffffffffffffffff00000000 XMM05=00000000000000000000000000000000
XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000
XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000