ketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 3)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

[ 2818.133012] loop6: detected capacity change from 0 to 41948160
[ 2818.144731] FAULT_INJECTION: forcing a failure.
[ 2818.144731] name failslab, interval 1, probability 0, space 0, times 0
[ 2818.146217] CPU: 1 PID: 36755 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 2818.147064] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2818.148056] Call Trace:
[ 2818.148377]  dump_stack+0x107/0x167
[ 2818.148825]  should_fail.cold+0x5/0xa
[ 2818.149287]  ? create_object.isra.0+0x3a/0xa20
[ 2818.149837]  should_failslab+0x5/0x20
[ 2818.150290]  kmem_cache_alloc+0x5b/0x310
[ 2818.150794]  create_object.isra.0+0x3a/0xa20
[ 2818.151313]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2818.151928]  kmem_cache_alloc+0x159/0x310
[ 2818.152430]  vm_area_dup+0x78/0x290
[ 2818.152872]  ? preempt_schedule_common+0x44/0x70
[ 2818.153439]  ? _cond_resched+0x23/0x30
[ 2818.153904]  ? copy_page_range+0x24e9/0x3810
[ 2818.154450]  ? vm_area_alloc+0x110/0x110
[ 2818.154951]  ? up_write+0x191/0x550
[ 2818.155385]  ? vm_iomap_memory+0x190/0x190
[ 2818.155890]  ? downgrade_write+0x3a0/0x3a0
[ 2818.156395]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 2818.157046]  ? __vma_link_rb+0x540/0x700
[ 2818.157535]  copy_process+0x291b/0x7800
[ 2818.158027]  ? __cleanup_sighand+0xb0/0xb0
[ 2818.158529]  ? perf_trace_lock+0xac/0x490
[ 2818.159032]  ? perf_trace_lock+0xac/0x490
[ 2818.159536]  kernel_clone+0xe7/0x980
[ 2818.159982]  ? create_io_thread+0xf0/0xf0
[ 2818.160473]  ? lock_downgrade+0x6d0/0x6d0
[ 2818.160964]  ? find_held_lock+0x2c/0x110
[ 2818.161449]  ? ksys_write+0x12d/0x260
[ 2818.161907]  __do_sys_clone+0xc8/0x110
[ 2818.162371]  ? kernel_clone+0x980/0x980
[ 2818.162855]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2818.163402]  ? vfs_write+0x354/0xb10
[ 2818.163857]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2818.164481]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2818.165100]  do_syscall_64+0x33/0x40
[ 2818.165545]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2818.166154] RIP: 0033:0x7fd16660db19
[ 2818.166605] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2818.168800] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2818.169707] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 2818.170551] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2818.171397] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 2818.172238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2818.173078] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
05:47:12 executing program 2:
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/92, 0x5c}], 0x1, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)="ee", 0x1}], 0x100000000000037f)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sendfile(r0, r2, &(0x7f0000000000)=0xffffffffffffffff, 0x1)
fork()
socket$inet6(0xa, 0x6, 0x3fc)

[ 2818.209295] FAULT_INJECTION: forcing a failure.
[ 2818.209295] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2818.212371] CPU: 0 PID: 36758 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 2818.214141] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2818.216121] Call Trace:
[ 2818.216703]  dump_stack+0x107/0x167
[ 2818.217496]  should_fail.cold+0x5/0xa
[ 2818.218332]  __alloc_pages_nodemask+0x182/0x600
[ 2818.219357]  ? lock_downgrade+0x6d0/0x6d0
[ 2818.220249]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 2818.221538]  ? memcg_slab_post_alloc_hook+0x17a/0x430
[ 2818.222651]  ? kmem_cache_alloc_node+0x2bc/0x330
[ 2818.223688]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2818.224813]  copy_process+0x618/0x7800
[ 2818.225665]  ? __lock_acquire+0xbb1/0x5b00
[ 2818.226583]  ? lock_downgrade+0x6d0/0x6d0
[ 2818.227500]  ? __cleanup_sighand+0xb0/0xb0
[ 2818.228404]  ? perf_trace_lock+0xac/0x490
[ 2818.229286]  ? perf_trace_lock+0xac/0x490
[ 2818.230171]  kernel_clone+0xe7/0x980
[ 2818.230974]  ? create_io_thread+0xf0/0xf0
[ 2818.231848]  ? lock_downgrade+0x6d0/0x6d0
[ 2818.232718]  ? find_held_lock+0x2c/0x110
[ 2818.233582]  ? ksys_write+0x12d/0x260
[ 2818.234396]  __do_sys_clone+0xc8/0x110
[ 2818.235226]  ? kernel_clone+0x980/0x980
[ 2818.236067]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2818.237057]  ? vfs_write+0x354/0xb10
[ 2818.237857]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2818.238977]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2818.240068]  do_syscall_64+0x33/0x40
[ 2818.240856]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2818.241947] RIP: 0033:0x7f87f4e1cb19
[ 2818.242747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2818.246623] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2818.248246] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 2818.249757] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2818.251276] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 2818.252781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2818.254283] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
05:47:30 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 28)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:47:30 executing program 2:
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/94, 0x5e}], 0x1, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)="ee", 0x1}], 0x100000000000037f)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
io_uring_register$IORING_REGISTER_EVENTFD(0xffffffffffffffff, 0x4, &(0x7f00000000c0), 0x1)
sendfile(r0, r2, &(0x7f0000000000)=0xffffffffffffffff, 0x1)
fork()
socket$inet6(0xa, 0xa, 0x3ff)

05:47:30 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[])
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:47:30 executing program 3:
connect$inet6(0xffffffffffffffff, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000080)=0x2129, 0x4)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000004d00), 0x2f, 0x0)

05:47:30 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 48)

05:47:30 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 4)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:47:30 executing program 7:
r0 = socket$inet_icmp(0x2, 0x2, 0x1)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
r3 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f0000000340)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x1, 0x0, 0x44, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x1000)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r6, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @mcast2}, 0x80, &(0x7f0000000840)=[{&(0x7f0000000300)}, {0x0}, {0x0}], 0x3}, 0x0, 0x0, 0x0, {0x0, r7}}, 0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_SPLICE={0x1e, 0x5, 0x0, @fd_index=0x8, 0x5, {0x0, r0}, 0x9, 0xb, 0x0, {0x0, r7, r0}}, 0x6)

05:47:30 executing program 0:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_MGMT_C_LISTALL(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x7c, 0x0, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@NLBL_MGMT_A_FAMILY={0x6, 0xb, 0xb}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x2}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x17}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @empty}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x1}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x3}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @dev={0xfe, 0x80, '\x00', 0x24}}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x1}, @NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @mcast1}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000140), r2)
sendmsg$NLBL_MGMT_C_LISTDEF(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6}]}, 0x1c}}, 0x0)
sendmsg$NLBL_MGMT_C_REMOVE(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x64, r3, 0x4, 0x70bd25, 0x25dfdbfe, {}, [@NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @initdev={0xac, 0x1e, 0x1, 0x0}}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @empty}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @loopback}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @dev={0xac, 0x14, 0x14, 0x3c}}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @empty}]}, 0x64}, 0x1, 0x0, 0x0, 0x10}, 0x10)
mlockall(0x7)
mlockall(0x2)
r4 = shmget(0x2, 0x2000, 0x400, &(0x7f0000ffc000/0x2000)=nil)
shmat(r4, &(0x7f0000ff9000/0x4000)=nil, 0xf000)

[ 2836.567856] loop6: detected capacity change from 0 to 41948160
[ 2836.585795] FAULT_INJECTION: forcing a failure.
[ 2836.585795] name failslab, interval 1, probability 0, space 0, times 0
[ 2836.588436] CPU: 1 PID: 36874 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 2836.589908] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2836.591677] Call Trace:
[ 2836.592237]  dump_stack+0x107/0x167
[ 2836.593014]  should_fail.cold+0x5/0xa
[ 2836.593821]  ? create_object.isra.0+0x3a/0xa20
[ 2836.594787]  should_failslab+0x5/0x20
[ 2836.595609]  kmem_cache_alloc+0x5b/0x310
[ 2836.596472]  create_object.isra.0+0x3a/0xa20
[ 2836.597395]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2836.598483]  kmem_cache_alloc+0x159/0x310
[ 2836.599370]  vm_area_dup+0x78/0x290
[ 2836.600153]  ? __lock_acquire+0xbb1/0x5b00
[ 2836.601065]  ? perf_trace_lock+0xac/0x490
[ 2836.601969]  ? __lockdep_reset_lock+0x180/0x180
[ 2836.602982]  ? vm_area_alloc+0x110/0x110
[ 2836.603838]  ? find_held_lock+0x2c/0x110
[ 2836.604698]  ? get_mm_exe_file+0x139/0x310
[ 2836.605594]  ? lock_downgrade+0x6d0/0x6d0
[ 2836.606471]  ? down_write_nested+0xe4/0x160
[ 2836.607398]  ? rwsem_down_write_slowpath+0xc30/0xc30
[ 2836.608544]  ? get_mm_exe_file+0x162/0x310
[ 2836.609500]  copy_process+0x291b/0x7800
[ 2836.610391]  ? mark_lock+0xf5/0x2df0
[ 2836.611284]  ? __cleanup_sighand+0xb0/0xb0
[ 2836.612223]  ? perf_trace_lock+0xac/0x490
[ 2836.613177]  ? perf_trace_lock+0xac/0x490
[ 2836.614214]  kernel_clone+0xe7/0x980
[ 2836.615166]  ? create_io_thread+0xf0/0xf0
[ 2836.616203]  ? lock_downgrade+0x6d0/0x6d0
[ 2836.617213]  ? find_held_lock+0x2c/0x110
[ 2836.618219]  ? ksys_write+0x12d/0x260
[ 2836.619176]  __do_sys_clone+0xc8/0x110
[ 2836.620136]  ? kernel_clone+0x980/0x980
[ 2836.621120]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2836.622287]  ? vfs_write+0x354/0xb10
[ 2836.623229]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2836.623360] FAULT_INJECTION: forcing a failure.
[ 2836.623360] name failslab, interval 1, probability 0, space 0, times 0
[ 2836.624398]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2836.624428]  do_syscall_64+0x33/0x40
[ 2836.624453]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2836.624472] RIP: 0033:0x7f81e84c4b19
[ 2836.624500] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2836.624514] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2836.624538] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 2836.624554] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2836.624567] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2836.624579] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2836.624593] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
[ 2836.646054] CPU: 0 PID: 36875 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 2836.647562] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2836.649322] Call Trace:
[ 2836.649881]  dump_stack+0x107/0x167
[ 2836.650656]  should_fail.cold+0x5/0xa
[ 2836.651497]  ? anon_vma_clone+0xdc/0x590
[ 2836.652371]  should_failslab+0x5/0x20
[ 2836.653175]  kmem_cache_alloc+0x5b/0x310
[ 2836.654058]  anon_vma_clone+0xdc/0x590
[ 2836.655158]  anon_vma_fork+0x82/0x640
[ 2836.656143]  ? __vm_enough_memory+0x184/0x360
[ 2836.657343]  copy_process+0x7218/0x7800
[ 2836.658418]  ? __cleanup_sighand+0xb0/0xb0
[ 2836.659574]  ? perf_trace_lock+0xac/0x490
[ 2836.660538]  ? perf_trace_lock+0xac/0x490
[ 2836.661445]  kernel_clone+0xe7/0x980
[ 2836.662243]  ? create_io_thread+0xf0/0xf0
[ 2836.663161]  ? lock_downgrade+0x6d0/0x6d0
[ 2836.664063]  ? find_held_lock+0x2c/0x110
[ 2836.664951]  ? ksys_write+0x12d/0x260
[ 2836.665783]  __do_sys_clone+0xc8/0x110
[ 2836.666622]  ? kernel_clone+0x980/0x980
[ 2836.667508]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2836.668513]  ? vfs_write+0x354/0xb10
[ 2836.669336]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2836.670466]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2836.671609]  do_syscall_64+0x33/0x40
[ 2836.672407]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2836.673517] RIP: 0033:0x7fd16660db19
[ 2836.674310] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2836.678288] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2836.679930] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 2836.681513] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2836.683056] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 2836.684567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2836.686072] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
[ 2836.715159] FAULT_INJECTION: forcing a failure.
[ 2836.715159] name failslab, interval 1, probability 0, space 0, times 0
[ 2836.717947] CPU: 0 PID: 36887 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 2836.719427] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2836.721190] Call Trace:
[ 2836.721745]  dump_stack+0x107/0x167
[ 2836.722522]  should_fail.cold+0x5/0xa
[ 2836.723346]  ? memcg_alloc_page_obj_cgroups+0x73/0x100
[ 2836.724443]  should_failslab+0x5/0x20
[ 2836.725240]  __kmalloc_node+0x76/0x420
[ 2836.726072]  ? lock_downgrade+0x6d0/0x6d0
[ 2836.726980]  memcg_alloc_page_obj_cgroups+0x73/0x100
[ 2836.728047]  memcg_slab_post_alloc_hook+0x1f0/0x430
[ 2836.729083]  ? trace_hardirqs_on+0x5b/0x180
[ 2836.730010]  kmem_cache_alloc_node+0x181/0x330
[ 2836.730976]  copy_process+0x3285/0x7800
[ 2836.731822]  ? __lock_acquire+0xbb1/0x5b00
[ 2836.732723]  ? lock_downgrade+0x6d0/0x6d0
[ 2836.733635]  ? __cleanup_sighand+0xb0/0xb0
[ 2836.734675]  ? perf_trace_lock+0xac/0x490
[ 2836.735692]  ? perf_trace_lock+0xac/0x490
[ 2836.736691]  kernel_clone+0xe7/0x980
[ 2836.737611]  ? create_io_thread+0xf0/0xf0
[ 2836.738609]  ? lock_downgrade+0x6d0/0x6d0
[ 2836.739587]  ? find_held_lock+0x2c/0x110
[ 2836.740601]  ? ksys_write+0x12d/0x260
[ 2836.741554]  __do_sys_clone+0xc8/0x110
[ 2836.742478]  ? kernel_clone+0x980/0x980
[ 2836.743455]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2836.744570]  ? vfs_write+0x354/0xb10
[ 2836.745446]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2836.746746]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2836.748046]  do_syscall_64+0x33/0x40
[ 2836.748909]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2836.750088] RIP: 0033:0x7f87f4e1cb19
[ 2836.751029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2836.755669] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2836.757516] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 2836.759298] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2836.761097] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 2836.762903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2836.764798] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
05:47:30 executing program 3:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='mountstats\x00')
pread64(r1, &(0x7f0000000240)=""/83, 0x53, 0x200000048)
r2 = perf_event_open(&(0x7f0000000740)={0x2, 0x80, 0x3, 0x8, 0xa2, 0x0, 0x0, 0x5, 0x0, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000700), 0x6}, 0x40000, 0xffffffff, 0x10001, 0x4, 0x1, 0x5, 0x9, 0x0, 0x1, 0x0, 0x1f}, 0xffffffffffffffff, 0xe, r0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
r4 = mmap$IORING_OFF_SQES(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1, 0x40010, r3, 0x10000000)
r5 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r5, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000480)=@IORING_OP_ACCEPT={0xd, 0x4, 0x0, 0xffffffffffffffff, &(0x7f0000000440)=0x80, &(0x7f0000000840)=@qipcrtr, 0x0, 0x0, 0x0, {0x0, r6}}, 0x81)
write$binfmt_elf32(r3, &(0x7f0000000200)=ANY=[], 0x31b)
signalfd4(0xffffffffffffffff, &(0x7f00000011c0)={[0x8001]}, 0x5, 0x180800)
clone3(&(0x7f00000008c0)={0x3040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
msgrcv(0x0, &(0x7f0000000180)=ANY=[@ANYRESHEX], 0x26, 0x1, 0x0)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=ANY=[@ANYBLOB="3314c7e159f443f90b1aff04f119f95d3028d94a2fc37de8b95aa96d0c7aadc8095936db1b57694aa29e3ddd20c31f5539a8d7ce6bfdb33c22707cd13a6489c417", @ANYRESHEX=r0, @ANYBLOB="0b0b00000000000000000100009e5bde00ef0327f3927e370c5b9b467040013443b2aa82c142adb292da483bf982be52b73625f8de9b5ae7600370c52c203d1e3dcde4ed7903154571fb38c4"], 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x0)
recvmsg(r5, &(0x7f00000006c0)={&(0x7f0000000640)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x80, &(0x7f0000000f40)=[{&(0x7f0000000940)=""/165, 0xa5}, {&(0x7f0000000a00)=""/166, 0xa6}, {&(0x7f0000000ac0)=""/203, 0xcb}, {&(0x7f00000007c0)=""/114, 0x72}, {&(0x7f0000000bc0)=""/196, 0xc4}, {&(0x7f0000000cc0)=""/225, 0xe1}, {&(0x7f0000001e00)=""/4096, 0x1000}, {&(0x7f0000000dc0)=""/130, 0x82}, {&(0x7f0000000e80)=""/155, 0x9b}], 0x9, &(0x7f0000001000)=""/143, 0x8f}, 0x60010000)
syz_io_uring_submit(0x0, r4, &(0x7f0000001180)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index, 0x0, 0x0, 0x0, {0x80}, 0x3}, 0x8)
syz_open_dev$vcsn(&(0x7f0000000000), 0x7fff, 0x200100)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000001200)=ANY=[@ANYBLOB="18010000", @ANYRES16=0x0, @ANYBLOB="000125bd7000fbdbdf2511000000680001801400020076657468305f766c616e0000000000000800030000000000080003000200000008000300755f60bb0800030000000000140002007665746831000000000000000000000014000200626f6e645f736c6176655f310000000008000100", @ANYRES32=0x0, @ANYBLOB="500001800800030003000000140002006272696467655f736c6176655f3100001400020076657468315f746f5f7465616d00000008000300000000001400020073797a6b616c6c6572300000000000004c0001801400020076657468315f746f5f626174616476000800030002000000080003000100000008000100", @ANYRES32=0x0, @ANYBLOB="1400020064756d6d7930000000000000ae9d0eb8220e00000000280003000000d243"], 0x118}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000040)

05:47:30 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 29)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

[ 2836.884724] FAULT_INJECTION: forcing a failure.
[ 2836.884724] name failslab, interval 1, probability 0, space 0, times 0
[ 2836.887558] CPU: 1 PID: 37006 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 2836.889034] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2836.890865] Call Trace:
[ 2836.891445]  dump_stack+0x107/0x167
[ 2836.892300]  should_fail.cold+0x5/0xa
[ 2836.893114]  ? vm_area_dup+0x78/0x290
[ 2836.893950]  should_failslab+0x5/0x20
[ 2836.894763]  kmem_cache_alloc+0x5b/0x310
[ 2836.895650]  vm_area_dup+0x78/0x290
[ 2836.896447]  ? avc_has_perm_noaudit+0x1c9/0x3e0
[ 2836.897484]  ? lock_downgrade+0x6d0/0x6d0
[ 2836.898450]  ? copy_page_range+0x24e9/0x3810
[ 2836.899428]  ? avc_has_perm_noaudit+0x1f7/0x3e0
[ 2836.900430]  ? avc_has_extended_perms+0xf40/0xf40
[ 2836.901542]  ? vm_area_alloc+0x110/0x110
[ 2836.902462]  ? find_held_lock+0x2c/0x110
[ 2836.903352]  ? selinux_vm_enough_memory+0x114/0x180
[ 2836.904422]  ? selinux_sb_statfs+0x250/0x250
[ 2836.905427]  ? percpu_counter_add_batch+0x8b/0x140
[ 2836.906565]  ? __vm_enough_memory+0x184/0x360
[ 2836.907538]  ? security_vm_enough_memory_mm+0x8b/0xc0
[ 2836.908651]  copy_process+0x291b/0x7800
[ 2836.909537]  ? __cleanup_sighand+0xb0/0xb0
[ 2836.910459]  ? perf_trace_lock+0xac/0x490
[ 2836.911373]  ? perf_trace_lock+0xac/0x490
[ 2836.912270]  kernel_clone+0xe7/0x980
[ 2836.913118]  ? create_io_thread+0xf0/0xf0
[ 2836.914086]  ? lock_downgrade+0x6d0/0x6d0
[ 2836.914981]  ? find_held_lock+0x2c/0x110
[ 2836.915870]  ? ksys_write+0x12d/0x260
[ 2836.916749]  __do_sys_clone+0xc8/0x110
[ 2836.917610]  ? kernel_clone+0x980/0x980
[ 2836.918500]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2836.919545]  ? vfs_write+0x354/0xb10
[ 2836.920368]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2836.921476]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2836.922585]  do_syscall_64+0x33/0x40
[ 2836.923381]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2836.924484] RIP: 0033:0x7f81e84c4b19
[ 2836.925282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2836.929254] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2836.930897] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 2836.932431] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2836.933962] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2836.935508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2836.937046] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
05:47:31 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000)={0x0, 0x0, 0xca})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0)
r2 = perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x3)
r3 = signalfd(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x104, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000d1dc2c836ab946", @ANYBLOB="70f709000075f823b4c39731527e00919f4895008df6a4b88d250000619c4ad34c97e9fd4f6f916101e133ef70fdf2"])
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x44000)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000007d440)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r4=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r5=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r6=>0x0, <r7=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r8=>0x0}, {0x0, <r9=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r10=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r11=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r12=>0x0}], 0x0, "46dacd8396fe92"})
ioctl$BTRFS_IOC_TREE_SEARCH(r3, 0xd0009411, &(0x7f000004cc80)={{0x0, 0x2, 0xfffffffffffffff9, 0x6d, 0xa6, 0x0, 0x4e4, 0xe49f, 0x4, 0x7fffffff, 0x5, 0x2, 0xe6b, 0x0, 0x20}})
copy_file_range(0xffffffffffffffff, &(0x7f0000000300)=0x81, r3, &(0x7f0000000380)=0x40, 0x7, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100))
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000007d440)={0x9, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r4}, {}, {}, {}, {0x0, r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r10}, {}, {}, {r8}, {}, {}, {}, {0x0, r7}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r12}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r11}], 0x0, "46da9200"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f000004dc80))
lseek(r1, 0x0, 0x2)
lseek(r0, 0x14, 0x2)
r13 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x128)
ioctl$RNDZAPENTCNT(0xffffffffffffffff, 0x5204, &(0x7f0000000340)=0x8)
copy_file_range(r13, 0x0, r1, 0x0, 0x200f5ef, 0x0)

05:47:31 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[])
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:47:31 executing program 3:
r0 = syz_mount_image$tmpfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x2400, &(0x7f0000000600)=ANY=[])
setxattr$system_posix_acl(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='system.posix_acl_default\x00', &(0x7f0000000180), 0x24, 0x0)
mkdirat(r0, &(0x7f0000000240)='./file2\x00', 0x0)

05:47:31 executing program 2:
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/94, 0x5e}], 0x1, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x5)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)="ee", 0x1}], 0x100000000000037f)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sendfile(r0, r2, &(0x7f0000000000)=0xffffffffffffffff, 0x1)
r3 = syz_open_dev$mouse(&(0x7f00000000c0), 0x5, 0x440842)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r3, 0xc018937e, &(0x7f0000000100)={{0x1, 0x1, 0x18, r2, @out_args}, './file0\x00'})
ioctl$AUTOFS_IOC_FAIL(r1, 0x9361, 0x6)
fork()
socket$inet6(0xa, 0xa, 0x3ff)

05:47:31 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 49)

05:47:31 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 5)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:47:31 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 30)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

[ 2837.153688] FAULT_INJECTION: forcing a failure.
[ 2837.153688] name failslab, interval 1, probability 0, space 0, times 0
[ 2837.156568] CPU: 1 PID: 37114 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 2837.158031] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2837.159817] Call Trace:
[ 2837.160383]  dump_stack+0x107/0x167
[ 2837.161160]  should_fail.cold+0x5/0xa
[ 2837.161970]  ? create_object.isra.0+0x3a/0xa20
[ 2837.162974]  should_failslab+0x5/0x20
[ 2837.163933]  kmem_cache_alloc+0x5b/0x310
[ 2837.164952]  create_object.isra.0+0x3a/0xa20
[ 2837.165981]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2837.167261]  kmem_cache_alloc+0x159/0x310
[ 2837.168242]  prepare_creds+0x25/0x5e0
[ 2837.169177]  copy_creds+0x72/0x580
[ 2837.170047]  copy_process+0xfdc/0x7800
[ 2837.171003]  ? __lock_acquire+0xbb1/0x5b00
[ 2837.172014]  ? lock_downgrade+0x6d0/0x6d0
[ 2837.173015]  ? __cleanup_sighand+0xb0/0xb0
[ 2837.174041]  ? perf_trace_lock+0xac/0x490
[ 2837.175065]  ? perf_trace_lock+0xac/0x490
[ 2837.176072]  kernel_clone+0xe7/0x980
[ 2837.176965]  ? create_io_thread+0xf0/0xf0
[ 2837.177958]  ? lock_downgrade+0x6d0/0x6d0
[ 2837.178958]  ? find_held_lock+0x2c/0x110
[ 2837.179936]  ? ksys_write+0x12d/0x260
[ 2837.180926]  __do_sys_clone+0xc8/0x110
[ 2837.181924]  ? kernel_clone+0x980/0x980
[ 2837.182947]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2837.184085]  ? vfs_write+0x354/0xb10
[ 2837.185026]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2837.186335]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2837.187587]  do_syscall_64+0x33/0x40
[ 2837.188370]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2837.189447] RIP: 0033:0x7f87f4e1cb19
[ 2837.190231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2837.194117] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2837.195760] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 2837.197266] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2837.198801] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 2837.200307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2837.201842] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
[ 2837.204218] FAULT_INJECTION: forcing a failure.
[ 2837.204218] name failslab, interval 1, probability 0, space 0, times 0
[ 2837.207454] CPU: 0 PID: 37118 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 2837.209236] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2837.211380] Call Trace:
[ 2837.212070]  dump_stack+0x107/0x167
[ 2837.213020]  should_fail.cold+0x5/0xa
[ 2837.214005]  ? memcg_alloc_page_obj_cgroups+0x73/0x100
[ 2837.215314]  should_failslab+0x5/0x20
[ 2837.216117]  __kmalloc_node+0x76/0x420
[ 2837.216939]  memcg_alloc_page_obj_cgroups+0x73/0x100
[ 2837.218015]  memcg_slab_post_alloc_hook+0x1f0/0x430
[ 2837.219104]  ? trace_hardirqs_on+0x5b/0x180
[ 2837.220026]  kmem_cache_alloc+0x171/0x310
[ 2837.220907]  vm_area_dup+0x78/0x290
[ 2837.221668]  ? avc_has_perm_noaudit+0x1c9/0x3e0
[ 2837.222641]  ? lock_downgrade+0x6d0/0x6d0
[ 2837.223530]  ? _cond_resched+0x10/0x30
[ 2837.224348]  ? copy_page_range+0x24e9/0x3810
[ 2837.225301]  ? avc_has_perm_noaudit+0x1f7/0x3e0
[ 2837.226290]  ? avc_has_extended_perms+0xf40/0xf40
[ 2837.227329]  ? vm_area_alloc+0x110/0x110
[ 2837.228200]  ? selinux_vm_enough_memory+0x114/0x180
[ 2837.229264]  ? selinux_sb_statfs+0x250/0x250
[ 2837.230193]  ? up_write+0x191/0x550
[ 2837.230991]  ? percpu_counter_add_batch+0x8b/0x140
[ 2837.232037]  ? __vm_enough_memory+0x184/0x360
[ 2837.232992]  ? security_vm_enough_memory_mm+0x8b/0xc0
[ 2837.234122]  copy_process+0x291b/0x7800
[ 2837.235151]  ? __cleanup_sighand+0xb0/0xb0
[ 2837.236049]  ? perf_trace_lock+0xac/0x490
[ 2837.236937]  ? perf_trace_lock+0xac/0x490
[ 2837.237818]  kernel_clone+0xe7/0x980
[ 2837.238609]  ? create_io_thread+0xf0/0xf0
[ 2837.239522]  ? lock_downgrade+0x6d0/0x6d0
[ 2837.240390]  ? find_held_lock+0x2c/0x110
[ 2837.241254]  ? ksys_write+0x12d/0x260
[ 2837.242071]  __do_sys_clone+0xc8/0x110
[ 2837.242911]  ? kernel_clone+0x980/0x980
[ 2837.243771]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2837.244748]  ? vfs_write+0x354/0xb10
[ 2837.245554]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2837.246801]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2837.247928]  do_syscall_64+0x33/0x40
[ 2837.248714]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2837.249795] RIP: 0033:0x7fd16660db19
[ 2837.250585] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2837.250880] FAULT_INJECTION: forcing a failure.
[ 2837.250880] name failslab, interval 1, probability 0, space 0, times 0
[ 2837.254476] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2837.254499] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 2837.254511] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2837.254523] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 2837.254535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2837.254547] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
[ 2837.267148] CPU: 1 PID: 37194 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 2837.268613] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2837.270375] Call Trace:
[ 2837.270945]  dump_stack+0x107/0x167
[ 2837.271724]  should_fail.cold+0x5/0xa
[ 2837.272542]  ? create_object.isra.0+0x3a/0xa20
[ 2837.273514]  should_failslab+0x5/0x20
[ 2837.274318]  kmem_cache_alloc+0x5b/0x310
[ 2837.275196]  create_object.isra.0+0x3a/0xa20
[ 2837.276123]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2837.277203]  kmem_cache_alloc+0x159/0x310
[ 2837.278075]  vm_area_dup+0x78/0x290
[ 2837.278830]  ? avc_has_perm_noaudit+0x1c9/0x3e0
[ 2837.279817]  ? lock_downgrade+0x6d0/0x6d0
[ 2837.280683]  ? copy_page_range+0x24e9/0x3810
[ 2837.281625]  ? avc_has_perm_noaudit+0x1f7/0x3e0
[ 2837.282614]  ? avc_has_extended_perms+0xf40/0xf40
[ 2837.283650]  ? vm_area_alloc+0x110/0x110
[ 2837.284502]  ? find_held_lock+0x2c/0x110
[ 2837.285366]  ? selinux_vm_enough_memory+0x114/0x180
[ 2837.286406]  ? selinux_sb_statfs+0x250/0x250
[ 2837.287348]  ? percpu_counter_add_batch+0x8b/0x140
[ 2837.288386]  ? __vm_enough_memory+0x184/0x360
[ 2837.289324]  ? security_vm_enough_memory_mm+0x8b/0xc0
[ 2837.290421]  copy_process+0x291b/0x7800
[ 2837.291313]  ? __cleanup_sighand+0xb0/0xb0
[ 2837.292210]  ? perf_trace_lock+0xac/0x490
[ 2837.293100]  ? perf_trace_lock+0xac/0x490
[ 2837.294001]  kernel_clone+0xe7/0x980
[ 2837.294794]  ? create_io_thread+0xf0/0xf0
[ 2837.295688]  ? lock_downgrade+0x6d0/0x6d0
[ 2837.296568]  ? find_held_lock+0x2c/0x110
[ 2837.297434]  ? ksys_write+0x12d/0x260
[ 2837.298255]  __do_sys_clone+0xc8/0x110
[ 2837.299080]  ? kernel_clone+0x980/0x980
[ 2837.300013]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2837.301113]  ? vfs_write+0x354/0xb10
[ 2837.302018]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2837.303290]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2837.304395]  do_syscall_64+0x33/0x40
[ 2837.305173]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2837.306264] RIP: 0033:0x7f81e84c4b19
[ 2837.307061] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2837.310939] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2837.312535] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 2837.314029] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2837.315540] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2837.317044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2837.318532] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
05:47:31 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[])
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:47:48 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 6)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:47:48 executing program 3:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sync_file_range(0xffffffffffffffff, 0x82, 0x5, 0x0)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r0, 0x84009422, &(0x7f0000000180)={0x0, 0x0, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
r1 = socket$inet(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @private=0xa010101}, 0x10)
connect$inet(r1, &(0x7f0000000140)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r1, &(0x7f0000000000), 0x400000d, 0x0)

05:47:48 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[])
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:47:48 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 31)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:47:48 executing program 2:
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/94, 0x5e}], 0x1, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)="ee", 0x1}], 0x100000000000037f)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r2)
sendfile(r0, r2, &(0x7f0000000000)=0xffffffffffffffff, 0x1)
fork()
socket$inet6(0xa, 0xa, 0x3ff)

05:47:48 executing program 7:
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
pipe(&(0x7f00000014c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f0000000140)={{0x1, 0x1, 0x18}, './file0\x00'})
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000180)=ANY=[@ANYRES32, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32, @ANYRESDEC], 0x40}}, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1000000, 0xffffffffffffffff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x62, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa000800c01bb7e66564c6fd0000000000000001ac1414bb4404da01000000005c01776529", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="f000000090780000011312c481afb4b5239c576ed53b2d20550e10fe06e2d4c3d9001e03070303cffe06f989f2d30000"], 0x0)
clone3(&(0x7f0000000200)={0x44004100, 0x0, &(0x7f00000000c0), &(0x7f0000000100), {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

05:47:48 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 50)

05:47:48 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_WDS_PEER(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x28, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="32fe80f33b27"}]}, 0x28}}, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000000)=0x314, 0x4)
mlockall(0x7)
shmat(0x0, &(0x7f0000800000/0x800000)=nil, 0xe000)

[ 2854.198963] loop6: detected capacity change from 0 to 41948160
[ 2854.232765] FAULT_INJECTION: forcing a failure.
[ 2854.232765] name failslab, interval 1, probability 0, space 0, times 0
[ 2854.235510] CPU: 1 PID: 37345 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 2854.237121] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2854.239060] Call Trace:
[ 2854.239682]  dump_stack+0x107/0x167
[ 2854.240530]  should_fail.cold+0x5/0xa
[ 2854.241420]  ? security_prepare_creds+0x112/0x190
[ 2854.242552]  should_failslab+0x5/0x20
[ 2854.243455]  __kmalloc+0x72/0x390
[ 2854.244272]  security_prepare_creds+0x112/0x190
[ 2854.245363]  prepare_creds+0x452/0x5e0
[ 2854.246274]  copy_creds+0x72/0x580
[ 2854.247119]  copy_process+0xfdc/0x7800
[ 2854.248045]  ? __lock_acquire+0xbb1/0x5b00
[ 2854.249045]  ? lock_downgrade+0x6d0/0x6d0
[ 2854.250014]  ? __cleanup_sighand+0xb0/0xb0
[ 2854.251000]  ? perf_trace_lock+0xac/0x490
[ 2854.252003]  ? perf_trace_lock+0xac/0x490
[ 2854.252990]  kernel_clone+0xe7/0x980
[ 2854.253749] FAULT_INJECTION: forcing a failure.
[ 2854.253749] name failslab, interval 1, probability 0, space 0, times 0
[ 2854.253875]  ? create_io_thread+0xf0/0xf0
[ 2854.257240]  ? lock_downgrade+0x6d0/0x6d0
[ 2854.258217]  ? find_held_lock+0x2c/0x110
[ 2854.259194]  ? ksys_write+0x12d/0x260
[ 2854.260107]  __do_sys_clone+0xc8/0x110
[ 2854.261029]  ? kernel_clone+0x980/0x980
[ 2854.261978]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2854.263092]  ? vfs_write+0x354/0xb10
[ 2854.264000]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2854.265249]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2854.266482]  do_syscall_64+0x33/0x40
[ 2854.267381]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2854.268605] RIP: 0033:0x7f87f4e1cb19
[ 2854.269494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2854.273979] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2854.275836] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 2854.277559] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2854.279268] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 2854.280894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2854.282446] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
[ 2854.284037] CPU: 0 PID: 37341 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 2854.285545] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2854.287330] Call Trace:
[ 2854.287945]  dump_stack+0x107/0x167
[ 2854.288853]  should_fail.cold+0x5/0xa
[ 2854.289678]  ? anon_vma_clone+0xdc/0x590
[ 2854.290558]  should_failslab+0x5/0x20
[ 2854.291409]  kmem_cache_alloc+0x5b/0x310
[ 2854.292286]  anon_vma_clone+0xdc/0x590
[ 2854.293136]  anon_vma_fork+0x82/0x640
[ 2854.293950]  ? __vm_enough_memory+0x184/0x360
[ 2854.294921]  copy_process+0x7218/0x7800
[ 2854.295826]  ? __cleanup_sighand+0xb0/0xb0
[ 2854.296737]  ? perf_trace_lock+0xac/0x490
[ 2854.297641]  ? perf_trace_lock+0xac/0x490
[ 2854.298543]  kernel_clone+0xe7/0x980
[ 2854.299381]  ? create_io_thread+0xf0/0xf0
[ 2854.300273]  ? lock_downgrade+0x6d0/0x6d0
[ 2854.301164]  ? find_held_lock+0x2c/0x110
[ 2854.302049]  ? ksys_write+0x12d/0x260
[ 2854.302887]  __do_sys_clone+0xc8/0x110
[ 2854.303739]  ? kernel_clone+0x980/0x980
[ 2854.304599]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2854.305599]  ? vfs_write+0x354/0xb10
[ 2854.306421]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2854.307576]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2854.308703]  do_syscall_64+0x33/0x40
[ 2854.309514]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2854.310614] RIP: 0033:0x7f81e84c4b19
[ 2854.311430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2854.315424] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2854.317061] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 2854.318596] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2854.320154] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2854.321688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2854.323232] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
05:47:48 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 7)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

[ 2854.401239] FAULT_INJECTION: forcing a failure.
[ 2854.401239] name failslab, interval 1, probability 0, space 0, times 0
[ 2854.404032] CPU: 0 PID: 37351 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 2854.405549] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2854.407366] Call Trace:
[ 2854.407949]  dump_stack+0x107/0x167
[ 2854.408741]  should_fail.cold+0x5/0xa
[ 2854.409570]  ? anon_vma_fork+0xf1/0x640
[ 2854.410435]  should_failslab+0x5/0x20
[ 2854.411271]  kmem_cache_alloc+0x5b/0x310
[ 2854.412155]  anon_vma_fork+0xf1/0x640
[ 2854.412973]  ? __vm_enough_memory+0x184/0x360
[ 2854.413946]  copy_process+0x7218/0x7800
[ 2854.414851]  ? __cleanup_sighand+0xb0/0xb0
[ 2854.415779]  ? perf_trace_lock+0xac/0x490
[ 2854.416682]  ? perf_trace_lock+0xac/0x490
[ 2854.417585]  kernel_clone+0xe7/0x980
[ 2854.418399]  ? create_io_thread+0xf0/0xf0
[ 2854.419307]  ? lock_downgrade+0x6d0/0x6d0
[ 2854.420203]  ? find_held_lock+0x2c/0x110
[ 2854.421086]  ? ksys_write+0x12d/0x260
[ 2854.421921]  __do_sys_clone+0xc8/0x110
[ 2854.422761]  ? kernel_clone+0x980/0x980
[ 2854.423634]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2854.424643]  ? vfs_write+0x354/0xb10
[ 2854.425465]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2854.426598]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2854.427739]  do_syscall_64+0x33/0x40
[ 2854.428554]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2854.429651] RIP: 0033:0x7fd16660db19
[ 2854.430449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2854.434408] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2854.436055] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 2854.437595] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2854.439136] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 2854.440691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2854.442201] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
[ 2854.470324] FAULT_INJECTION: forcing a failure.
[ 2854.470324] name failslab, interval 1, probability 0, space 0, times 0
[ 2854.473156] CPU: 1 PID: 37380 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 2854.474656] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2854.476448] Call Trace:
[ 2854.477040]  dump_stack+0x107/0x167
[ 2854.477830]  should_fail.cold+0x5/0xa
[ 2854.478655]  ? create_object.isra.0+0x3a/0xa20
[ 2854.479658]  should_failslab+0x5/0x20
[ 2854.480471]  kmem_cache_alloc+0x5b/0x310
[ 2854.481366]  create_object.isra.0+0x3a/0xa20
[ 2854.482315]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2854.483436]  __kmalloc+0x16e/0x390
[ 2854.484218]  security_prepare_creds+0x112/0x190
[ 2854.485242]  prepare_creds+0x452/0x5e0
[ 2854.486083]  copy_creds+0x72/0x580
[ 2854.486865]  copy_process+0xfdc/0x7800
[ 2854.487748]  ? __lock_acquire+0xbb1/0x5b00
[ 2854.488693]  ? lock_downgrade+0x6d0/0x6d0
[ 2854.489592]  ? __cleanup_sighand+0xb0/0xb0
[ 2854.490487]  ? perf_trace_lock+0xac/0x490
[ 2854.491407]  ? perf_trace_lock+0xac/0x490
[ 2854.492319]  kernel_clone+0xe7/0x980
[ 2854.493142]  ? create_io_thread+0xf0/0xf0
[ 2854.494037]  ? lock_downgrade+0x6d0/0x6d0
[ 2854.494927]  ? find_held_lock+0x2c/0x110
[ 2854.495822]  ? ksys_write+0x12d/0x260
[ 2854.496679]  __do_sys_clone+0xc8/0x110
[ 2854.497695]  ? kernel_clone+0x980/0x980
[ 2854.498737]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2854.499984]  ? vfs_write+0x354/0xb10
[ 2854.500845]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2854.501999]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2854.503173]  do_syscall_64+0x33/0x40
[ 2854.503979]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2854.505078] RIP: 0033:0x7f87f4e1cb19
[ 2854.505893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2854.509869] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2854.511524] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 2854.513075] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2854.514635] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 2854.516179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2854.517726] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
05:47:48 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[])
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:47:48 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 51)

[ 2854.644956] loop6: detected capacity change from 0 to 41948160
05:47:48 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000380)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000140)={&(0x7f0000001740)={0x364, 0x31, 0x2, 0x70bd2d, 0x25dfdbff, {0x1b}, [@nested={0x60, 0x3d, 0x0, 0x1, [@typed={0x14, 0x1c, 0x0, 0x0, @ipv6=@private1={0xfc, 0x1, '\x00', 0x1}}, @typed={0x14, 0x73, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @generic="5012af3a78883e9ecab4cb083d498c5f212df73225821ebe7a3e5f7fbf3acc22", @typed={0x14, 0x39, 0x0, 0x0, @ipv6=@empty}]}, @generic="ee78023cc6c0a3dba040fd1e1c16d16611d1ea3d954bb34ef9d35b9dcde6d4b88945ee70c0f20d680376dee2236e67881219f6bb7fca6bae95cd7618ff166a57d17335ab5ffaf84f", @typed={0xc, 0x6c, 0x0, 0x0, @u64=0x9}, @nested={0x29a, 0x13, 0x0, 0x1, [@generic="d6de334165973877b256d10020fba5e7c360a626dd3285b6b3c4", @generic="9dd7e78b8d44f5ab18e68deb5fbf7410e3fe1393172af82fdd03c0f63b6e0674b5239a185308eb6cf0a1ec9afa59e331979e35eedd678d4ed6f528d22a1f11683e5949d246a4fedf48fadcf064291ac0626d61a36b824df040f77f308c84ca037a82d69de306cb64d8c9e8e1353498c574981a7cb6c5a9625fdfe28062a8fb7fa5f5dd1cd56d25a2ffcffd5596a201be860cb8d45b9f977bd94678d8ec902553a4108ff83be47d7266b4dc455679e113b230693554a24ed1a3609de61be9639f8d9895c1c2aa30b5b7771d2f399ed93dea3d58dbb4e08efa117cbef2842f53a43719860f59a2d0dbefcb047132", @generic="2351acc7250c2980d5bc04b66193297956e41fc7d569d72eb9a0a89c38f4a5e2b03c34", @generic="375ecc93b0fdca7a0dac82d103ae9e9dd708f615e3d937c74c502c5c6f3e7752dc94158090085b6cb15b2b6cd3dbabf290330048e286bec21227eb922fd00619018ac7debddbf9fc19de0c3d55a6ac79fdb91d51e196e61b9e8d9673631d816a03356770e4e3b9dd2086ac89589583f03c74a87890ec223d8e98d1138e5dada5140de4a66b30f13ec2", @generic="69920e7344c79b29582712651964f16fc55a00782d0ad288e1d3787bfcffd22d6fc9b413dc1bf49ad066755cdd293be61e233d94ec73d4f31c9ee4f2ca222c633f94a17484699b5179", @generic="01bab60804c3a4a5551fd4c327a13e187ef1ad683f1d88171a91844c9ae6d9d0fbb28c70dadb479fd485c48617c09b4f5efdb32371df9c0c82864b691ca0caa0efc8b6f01fc99f19883c6ea95dc5d6aae605d547334e72b8b874cc8d33e6d95c8cad0013303482d1cfc3b9b6fba6f398afaffed31ebd15fcc41a7155c91c9b6d0cfcdc1fd16cd1a5a8dabcde481d05ed8f53b1318bb7266cd7f4"]}]}, 0x364}, 0x1, 0x0, 0x0, 0x80}, 0x10)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
r2 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
pwrite64(r2, &(0x7f00000000c0)="04", 0x1, 0x3ff03)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_udp_int(r3, 0x11, 0xa, &(0x7f0000000000), 0x4)
sendmmsg$inet6(r3, &(0x7f00000004c0)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}], 0x1, 0x0)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r3, 0xd000943e, &(0x7f0000000740)={0x0, 0x0, "8733f89fbf5df05e269099124abc8013aa756e5f59e33a1079a7b8b20d617f09493925ac64a00684f734267984d136259c8c16681338d3a9944c34c4d891bafc0926a4ab094339ce1ded339e5620305b97ea1f953d9e1dec095c01df9578d9b72cf770208aed164c6b6ed021c10b5a4d3f37cbdd347541e730ba1c10ad06ae66cae48fdbcb46d546c77ef3d03c821e4fd4c9b4df14a8312bb3daf76108030e17a778aae6c792bff8c87ad67f4b332533f742f6e4047013d1b31b516b7bb9472486cae04089af474ce0f17f0a65fa1f28d188ff42cf4c9508af83b694f348049485861efb653fb237fa5471f0bbe8b08ca75821999183f6d758c4df96483999b2", "e976c3d716fea85118e8c9f521e1145e465d1a1b36b835592927a9f0e4777b639d1559a90216e60b5a99f2b2287d1e4cea580d2e7e070d6ccb1035c55114c9a72bfc136e599e397e2ec2fe71e1e20d814cfc7f0f6dda8ce1335a671d9a52648c2945d1724a3d0b737123a27180bce1690cfdd75903d5b80951d412a879fbd95f78fb5ad1749ea7b152d3567fed9a192ec25c5f649b7e43b12191d811be9cad3df548931cc3999412437f73cc4701cb7ecb2b36edb6564eefaeaa6d8ee1fef0fcb00e2d7786303055f7f2982103f0373ad9cc764ba0e59cb562dd090b986723998a9b32e83a33797641807a3458b5e63576cc1c9b9630ae096907f83a8cb151c7b207b27a7a2532b73039d4d48481cc6d780a3068b7a6fa93804d42558950abda98702b067e670660984beac2b4ce4bfda35082ea9e22580551e44808b9956f6a6d31c2c744a064255e266270f56f9465158e1d796f4e8650395c8299f814dbad41aaecdd36fe739e2befdb7ac70fc0c4e50d7fe2ecf2f6be81d2a3abbbbae28ecead035b5137fc328d220a384405114172b1cf0365c1d26c89e48e5388133ec53706962e8189b2e20842c133a8a9bb437a93668026209b74a7bc592af93f71ec09b8428258252770b1b905bacd19cacd30254f14a8414c4103fea1ffece77f12051fa1bc121fd96df1e4fb58e0611c03ae32cd5d9b142bda7e448f92dcd15fccfd098b146310062e559c2c2b32cfa835cc221a832d96779d32ea81f95b4f620df728517c49a82504f97b6d6b26124feeaae50634b5011e9a54e0507f483bed4762e202bae5f29448c13994d5af12b608fcf12799200880fb6e97bf15715d417edbd9663378179f9f380351a37a0c73210a5bc523966c579dc5d5e0bff143735dd93eb782f8d2fd51577385cc29da07cce6dbdb82625fa3c743c3e75c4d0ead3d3d861f28a29f3f002e87556f3696958bc1b61503080d6ae53c6f5f5c850d35e5884b05b0be31930d97492edae6dba97ee9e0124557112e7844c3617eb5a67942c98bf7c4b24ff29f155a7d8e990515426f65843d3b55d1faffc9f6baf58d9f114c424f90f730266f5af111d793a84f2bf833f6426ab100b5d8c22a0e2a22cb5843f99aa0b35eeb6f90cb0c84e992893bd96d73f261e65d88e1028706d24aacda8adccd40682e785f1bce15a8342e7164137e7d98ea94fbfd4fba74218601d9680fae6ba2bf52c0b035436c44963ecbb9880b411dda72ab20ed7b59dbf326e70b923662438a9cccf0e8af98958e3d4016ad5b2955a550d84e36a07b3e61984475fea8a32022c78502eda533dccbe173c2cc5a008f7629ef795cb1214d841143d636ad944b027cab96d517e9266b46d11af3082df1a3b5f015e03bf5e995c969772bed3b647c5344bc9b4ffba684c7e8ecf3988e5d8585bb7b83a3ad05a1d8ca4d48059305c6ed38d93cc0fd9f63b1d01aa5b3c275b093a4cd2bb31b0b16049459e43ab54f689221b16ede7cf727f4f0fc7e930d42e200a0ef6d32caf86c69a58f5b7a2a86113b534e6cdd5b6768ee4e5a0d573a69549308f6a4aa60f27994fa6e6d9f92e1a8f1c2509a7be5a7f02e36a58b2a31993837f0f39bb73cc893f84bc2e2da878bc5ff76a49b5be680ed431491f0986b1745a93721d1392fe1d07c84a2f8b0150e473a999a88cb752b5117a040662642c328a2c3f49aacbaa53a0d604f9c328e78a715c9287cae549b5af8334e32fbd12ab85a19716cb5d7da69dfa4aa59aa8b26c4a006478865071ec39c964f53066f9ec3201a877f83ab48b53105267213c030fcc585ea03d913e39b37648c035d099c1331d374489b1d83ac98975965ab6381a744a03c17598e02e6bf827d39f67f0c60970b6674d05c329ea137b9887557bf92d4a0b549eac064fe82ab15f5dfb765dce3355218639750f507009a9d5ce832997b0363e7b682f39ac9bff2a164e1fd92a9a69a12c4890fcabc87799e25cbe5f724a681bea73c255a1d34243055cde971228758a62362b9ca991e9f6ebed8d445bd0852f0e6e1630f41e09820764800a24338e954fdecfc2d2a80b0eed1c80216e953f83707f151e405c6e95bdd5068eb5235b7a3d68948c14103c584943f5bc7844a0221054a6618a9f5510683ff30779def3de804a469b7071194f8f62792664923082db35f772a28f4d18172a2375aeb3fe29b242698f4df0d9a3a97a90c18bfc7a88c32c289c97db38a62939d0736975980780c4323cb4f36ae6a755bfc60a553a6b66f77e0fa878e2a5116d2dd454d4f2459f7f0623dc8cff31b88e47e5314bc72131602fa01c621a54d5fd199c53e482e1703c198f82e22a32d57b44a8fb45a15788fbcb104bab9050cac67ade5981413b389a0a98f00ac8f9f5adcde25c571f435018acaa719f42bf6a8272c674eb4adfc50d95bf80aaf4d37b357f1f16593d2653aa4dd2b63d00bdb1f6a013907dcefaf73cf844a2fc8a9c3e369156762f7d1128956778cd6d2f45df0ac8504fea61b3b50e61ae29d4cee021c91476b113777085d30f581584878ba3bb95034293dbdb5e7599a848a7890040feb494d2314bc91efbf8090282d40960bc261663131345e640d2c686d270c34edba61a73ddfe2e6802b07c0629f8ab4da141f1d7b2cd32962b82c12ffad003d1247cfa2ca3752fd6ddb8c9aa155d3502425f8af2689050e3099ae93981f8750b1e179dd667b6088a506a7577bac5c9aac6314e19a1bcee5d5c25b533b73417a646cf981864d5efe74ee9e2b3a16a16e57bfb8c15b178957cd517fd1a8b49187dfdbc0a76ab19c637f447324b8fd51b219b1ea9a9700a697ef4a6e9ab2dd6f30a6056226e0889b96eb992aa17e54f8ff90ccdb38efbb9df474422110aa7541b335c4f1430d5096021db4f65cc2356d644a1c348aa3fa8c74f55a5d2001083649833ed039882174c5a6393da04b73d36e5477d79c82dab7921a3881c294edb2d5d6678ae6b0335239a8ca25d65dbf2d90341d31ff967ac7e78ae9e20fd2f69880db6c7a684083598689dae25506d12f73e049a1bbe1add3762405d06ba73c8f6afa313db777ce1537d1b9632b4722821aedb8171037e7f36ccbc9d1f78e2916d2f6a9c4ba3541d13e5db5bde2e166c5584d41b147d1aaa755eed72b67fb2d312a53d512cd7ecd2b9f59c75345f24e02f15978a1fff099c99f25173da1475b2aa86663409ff4ac793653a14e2854b8ea1b9854ebfb3af43b243694282b4e0df352db6ff2a0a9e4f09e7f3eea3a05d56ce9da622c40f7bb4de7db79ac000c106c20bb3c0d9a1e7660c618d286c1f00de456b48478d71577d1e8942a836c68f537b6d86adf399354ed41e891c45895894aa2815b6b898ccc6fa320c3acc2234bc149217b8943360e8225187f6a3a574ab1d33a2ba1a3a6fe3841e0235f6dcd97d53e5f2a96c5cf9d3ec336a496f899e8d29a2d5c976fe9ac2d7944fd22d05354576fd54f6054f019ce7398d28a349618def0e615c63fe6086a33f789c8bc90e2a4d7a01de47b7f23a714307b71ccbcce7e554f4b85395684dc5c39085beb657a9eb3d2d256077a51226ea5cd6eb94ea3f6d70c7b44dbbac3924ef9aef4899c96324e8792d6714998f2b012d5c06341ef7c4a1294314db8333bbdf0fe1092ee975d4bc59b0a97f2931fcc2c4e9d64fd5dc385d2a6d6a59ac50d4f10876d389e603e8b5b17aa585fb00ebd82bfcc02c060f4c883b3a2cff43149628309a26ecdd63c8067739e79d923ce8d57161f6ff790b00c6656052c3dc3837780759f6c438d9434110a6529c51bc4de7b1dc3aae1a0062ab636c7199f873058fbb8672ae54bbda901b74248a33be5d5446ad47f9081e48b8d074ef7cfb700585d7ae25c2a2e98ba5d617e07c2408ff40dd9dfcf8ebf55842142d8c529529acb1a00e619094b3979868d03fc086cbbad169c34a20ee7958c6ceae38def6ebeee3877c4fde26475ed80d0357a1c8c02f004b691d6ef61ee809038d9a71cf0eee1873e3cbb91721acf202561b01ae3d39585434403e0f089b6c4669afb31bb3344e469f0e5c0280529e81245cb5213fb60f05eafc1f1897cd6df4612e54c9bd54552aaea1a10b4b3d03875534cb3e5d0c8a06e43a8443ac016e293b39634270aaa0604172b7f64b16b4873f124a29e899c4a0637907927e449b889e27aa197035809ff8a2ca01857de9496705a6e8dc818eac010fcb32fee3e046d40cf1413df0699f12df7cb52cb0607164a850552dd18d8c7b539a7db02d3e6fe052406fb826f186c47ac6663feb4aeb707a8636715d170b0f87f01dce566d51efdeca835e500ab386d87f766576adccd3fd4a6bde256c1c2ab5b15c1555c02470f1c8287c0f979cc7322b893398e9d74b458cbc3051e5cf90bf88a10c86a1ba55eb834f7400d9ee12faa7d7fa45c891a6e154c532ad91252223e88b7ff12a52deeff8fe561f50fe5e84b5724d80368b6b85b7e3e4be81a120e2b0a8cffc56469c20b80efa3c1c7b1013240a18685b2ec2ba62a54f437f9a369158942ea83111e198be9afed9923b83fd6f0b7b3406163e2412baf548617d5014b8d94e1da913665658cb7ef4b218d2eddd2f0b055b2a3e61af3e3a0361db96024877b5e315d0d42874889ca5d8e7834f9c73c1014dd4b28ca3fcad9fd8ddc17284d6c8db4ea75d1a72f93c01189d7dbdecbbf85e71e1866a0288e0b2a6a80b8fd08dbf1e4712bc40e8ba7163fd1a31ed68aae7cb2bd804ed25c127cced3589b01e10d185ad0763addab658f1f1f42121443c3894ff71ea16624f0a556a9d2843e92120c11466da75d830a416250d65005a3fea47fe3daa70b8b91d566aca0bbd8ad46a4683c425ed44c6c1fd32656ce9f9d245b1feac61addef548529040cb4e123c9584aeb4de85c625d98d8a0ea89293d8f6cd29656ea6b9ee510def8d279305f6c8d938673492edd01f5a63102f011ff4164194fe483194a5c7f90ba65357318920792e965391b42fe8ea63b35e5e08939e7a6a54e31e526d1251563c508ad20ab85c89dc0c6c9614323e3fc1708b840a44b224b5bd03f34f7acaad199d48f0eb9fe89545fe77bb30794a41b9777834fd3e1f9fabbb0ca6169c0ee0786dcc6b28c8162b1c2a555cddf82943a1a050265e0c2c712d81e9e45c13700d018c214f0292a5e6df40b4a9b0af0518f17597ba4e97ce8de86414e1b66610224fc3266c7f95aa7c7f3f72a934b8b4f321fc2736ce6d542ddf19b2998518b7ccc314f59af668e76c5497e4ed42f61230a34b63161c825e264596234af8c36ab2bc32811e13da111008456795100da1fc4e11ed1543770f6493ecfc76d28e90fb93f2dfa9eff06c98312f00408ee1d4741bb9776149e17b97f140c636f3735874aa44a6e2373bc"})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r4, 0xc018937b, 0x0)
ioctl$LOOP_SET_STATUS(r4, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]})
sendmsg$IPCTNL_MSG_CT_DELETE(r4, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="2c000000020101040000000000000a000006100005800b000100616d616ea50f00000800164000000600000078dff066328edf96f89a703d074030251082a7cceeb1ea4bc98762c385d92680e586687f352e00182cd155fa3f86cfc25f7ca10cdbdf6004669ebeeac93cb0049927ad4f2ef53f7024cb083008db6d22e685303908c29e5d5486fcf269207ac96fdf1b4e3872ed049b0b86ad0fc637e019418bde49b8a64ca35fffd3a8a98fee1bc07100"/185], 0x2c}}, 0x0)
sendfile(r1, r0, 0x0, 0xffffffff000)

[ 2854.775563] FAULT_INJECTION: forcing a failure.
[ 2854.775563] name failslab, interval 1, probability 0, space 0, times 0
[ 2854.777847] CPU: 0 PID: 37555 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 2854.779154] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2854.780714] Call Trace:
[ 2854.781216]  dump_stack+0x107/0x167
[ 2854.781905]  should_fail.cold+0x5/0xa
[ 2854.782627]  ? create_object.isra.0+0x3a/0xa20
[ 2854.783490]  should_failslab+0x5/0x20
[ 2854.784197]  kmem_cache_alloc+0x5b/0x310
[ 2854.784954]  create_object.isra.0+0x3a/0xa20
[ 2854.785770]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2854.786718]  kmem_cache_alloc+0x159/0x310
[ 2854.787504]  anon_vma_fork+0xf1/0x640
[ 2854.788217]  ? __vm_enough_memory+0x184/0x360
[ 2854.789058]  copy_process+0x7218/0x7800
[ 2854.789836]  ? __cleanup_sighand+0xb0/0xb0
[ 2854.790630]  ? perf_trace_lock+0xac/0x490
[ 2854.791417]  ? perf_trace_lock+0xac/0x490
[ 2854.792201]  kernel_clone+0xe7/0x980
[ 2854.792899]  ? create_io_thread+0xf0/0xf0
[ 2854.793666]  ? lock_downgrade+0x6d0/0x6d0
[ 2854.794438]  ? find_held_lock+0x2c/0x110
[ 2854.795213]  ? ksys_write+0x12d/0x260
[ 2854.795935]  __do_sys_clone+0xc8/0x110
[ 2854.796664]  ? kernel_clone+0x980/0x980
[ 2854.797405]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2854.798275]  ? vfs_write+0x354/0xb10
[ 2854.798991]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2854.799979]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2854.800946]  do_syscall_64+0x33/0x40
[ 2854.801656]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2854.802613] RIP: 0033:0x7fd16660db19
[ 2854.803323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2854.806720] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2854.808132] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 2854.809450] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2854.810775] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 2854.812112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2854.813431] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
05:47:48 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[])
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:47:48 executing program 3:
getsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x2, &(0x7f0000000000), &(0x7f0000000040)=0x4)
setgroups(0x0, 0x0)
socket$inet6_icmp(0xa, 0x2, 0x3a)

[ 2854.982097] loop6: detected capacity change from 0 to 41948160
05:48:08 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 8)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:48:08 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 52)

05:48:08 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[])
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:48:08 executing program 0:
mlockall(0x7)
shmat(0x0, &(0x7f0000f3b000/0x3000)=nil, 0xc000)

05:48:08 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 32)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:48:08 executing program 2:
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/94, 0x5e}], 0x1, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xfff7fffffffeffff, 0xffffffffffffffff, 0x0)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)="ee", 0x1}], 0x100000000000037f)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sendfile(r0, r2, &(0x7f0000000000)=0xffffffffffffffff, 0x1)
fork()
socket$inet6(0xa, 0xa, 0x3ff)

05:48:08 executing program 7:
newfstatat(0xffffffffffffff9c, &(0x7f0000001e40)='./file0\x00', &(0x7f0000001e80)={0x0, 0x0, 0x0, 0x0, <r0=>0x0}, 0x100)
r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x10001, 0x7, &(0x7f0000000500)=[{&(0x7f0000000080)="97d0590cfe245226edd4155b6384be1a5ae4acdd6994e6c70ca860cbdd06d3bb6a160811407097eca9258e5e753cfad61a330e70dc821e1802f4916337eb42d148b240e6b1502ee4389b3339f05daf132a666d34eea5ca45013fa82218bcd3b1097d1b202c3122179d94bfd7e9bdf22133b6d03c6f894b21319d8578548cfce2b6515f758c493a0cff26c02a079302095ba1cf1e4426e13cff786b6ff57708731b906f0fce0957820f595b9c398e30d143947a03d5e29220da059d5900896461", 0xc0, 0x401}, {&(0x7f0000000140)="31474c5b91ad21539497a9198fcedf", 0xf, 0x2}, {&(0x7f0000000180)="9fb77fe4513dbcb0216f030a0201ec74675c664aeef83a23f8be24278e443e5a4d57097d1d5b916022ececee03364c3bc59c90cc72ea0b61a7cd994d121481d59fb141004a6aff074ae58d1263014576b79e23f42898edfaf0822c15cad21db58bc23d709d09ad95ad76b099a6701b92ae013af103ca779a9777460e77008b87083b3ccc8698df158f9f02b7d62cea45b58582f8171ffe5e91e052a79cf2dd57c388a913ad66aa6f69446e3171ec287f18809a442997b9ac7aa0a19b4493a2e57ce5693bd1d8fa2fe500a41ec18fca3b2f155aa9ee017c72979f9771752ebddacbb71c6576b561526dfb22a572dec50f", 0xf0, 0xffffffff}, {&(0x7f0000000280)="11ac3dc9d3a6facac21d348671d07feda86e8992e51c494e658d2aca571304e36fe2bcc276ce7aa74e35c3d79cf94d542c40f5f752fdf556f44ba12dcd59647fdf01e9b21ea7a204e238fdd96fc72b32139e3ff6edd15f1dbcb62e8f9e", 0x5d, 0x7}, {&(0x7f0000000300)="58d7998196dbc103e0bdcf73257f3d54dd3dee0047ce72166bfcc97b82785c1d0378dc2a7e5b46f0271c9d876c8ca271fcbfa6e1ede719351a7fa7213700cd95dc00a6afcc8d933988b7eb08b66eb01cd9edb472f7961aef3085c3725dd6d2695d2efac7cbc181f579c59ee415d4da8ca243b50fe2539e2977a2403025a8c6367d637b44ad307ad5202393102b5f6f5a3220df0e818859d4ff0083830a809af9fedba7c5cd81641043d03b8284d2d6455dd5af556b923b78ac530c7e6614de7e0aee8f64ded59df9d4ae96133cca7ef650a69fbd3cc83999b92e1a2859ca99f680b65e488a90e31d8db9", 0xea, 0x8}, {&(0x7f0000000400)="cbc9f59879e116693da6faa21d47ed96de71179da1086c4c4e3ca1970b0efcd6cc3ff5e8e1caba3d04b68e974d0d8192388b4509c5eccea8cb1eb568717c926a3e3e78ba", 0x44, 0x8}, {&(0x7f0000000480)="21ba9fb7f2d25f5722ed32843522c98caf4a64ceda52b844d3c0b62c2683a76d34cc39833a8e7877b06734239dc6323a22f67c4284f0ddfb02bdc44b6c145d152b234cda172a4bf04cafd937098c31df32dd7ef321c31800c6a5489ad47fb57462d2fc61388ae467b79536", 0x6b, 0x3}], 0x2004000, &(0x7f0000001f00)={[{@nobh}, {@journal_dev={'journal_dev', 0x3d, 0xffffffffdd6175c5}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x7}}, {@dioread_lock}, {@data_err_ignore}, {@usrquota}], [{@dont_hash}, {@appraise_type}, {@smackfsfloor}, {@uid_eq={'uid', 0x3d, r0}}, {@smackfsdef}, {@smackfsfloor={'smackfsfloor', 0x3d, '&@*-'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '$$+-'}}, {@smackfsdef}]})
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000002000)={{0x1, 0x1, 0x18, <r2=>r1}, './file0/file0\x00'})
newfstatat(0xffffffffffffff9c, &(0x7f0000003640)='./file0/file0\x00', &(0x7f0000003680)={0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0xc00)
r4 = syz_mount_image$nfs4(&(0x7f0000002040), &(0x7f0000002080)='./file0/file0\x00', 0x9ef, 0x8, &(0x7f0000003580)=[{&(0x7f00000020c0)="9f1f6741b5b27e147fba601a5b5749adec680a9bc9a2cd95489abe0b38d865e4f4b6b1ae69e000725af4c772e58e5aded152bf876ce213efd54eecfddbfed185664543e1c79ec4a54fb51c45bfe9e10824c168d460b0fdacb9ae9d5334e85dd1dab6b30c5eb5e9ba53d0c489cbd5395de4c3095770951a0773cd9339f3df34763eef7e8fa596e5f83a53625601019c1ecd4a88939b70f7334ef79a94011e4e45aca6f367916447aaba1c99430aab42c13f0d16646e7702491e2b690fb05564447194ceb2b1ad6783c617ddd1180f74c88072b481fb25059668660401db9a92ce8d7aa0215df5524d476afa698ebd16bec91edc084dd7a6a50b88e569bb30ea4f019b9f848e1afbf3b34f4c6e978531f1266b3e1caa262e117fbef9d9d4a6257aa9742c76bc834184881af9162e260ae91a17803d5db344cf4dacac0b46a645860554f92dbc381c972963c764ae4333f5222c777d03be1b0729409318477cae2d75381e7dff83fcd8c3e4fa8e9fe4c295db66e8933f3b34dddb16e9c550701dd43264787dba43917c40fdb1faf18816f4f6ae5a4681e1886c1ab8478ab713ab98e7bd9464b7bb87611b92493054a88262b888df018a1539b5f3003a3e02926fe23786534c101bb7affd4a9dc1ea5295533f7d30e3fcb0e9df3e564a5e09269aee15918952a2e9162681a7fc9114a79ae5b576a5ef8a89a680572697d10e5628753e1a50898ba1a52b705cfd739467e850038bf382521c605b723bdecbff4377eb1933b53cd3fb4ac94c8b00198a8ccb6274d03004801d34ce0dda0b152480a3da8981cd4bd607e80176c180fb2bdb6adc70fb4bc61a2e59335851f287a9d1c1d215896e2d3082d39ac18a5aef6f902a9a9680d4e720cd19447282f0336705c9b74b8c14517440ae8ed1a289ce54ab4fee26f2ece55fcd3267cb2cfb8df9c20e7c3a398f21e44687d82136fe0774981bcf594f92f514b5674110b9e57e19b27a5c196c953eb674d08d85b78a05133cf054a540ddc3e22b232a7c908491a11ec9d342bd0cd579e2a82432a1ac4b5fa64467399d2524c3991c641e1c3bfdaf63ec478ba9dd3653d134609cf06aa27c51186883547fbe008eebc357da6cadc8f8ab5ae5d23da52fba9f26724f0cf6db740bf85eceb4b161d892b32f518ddbb41c5b58dc14f18efad36a7c39074499d23a3e6cf966891b227cadf48a5c2a3c2b162b6b770f80dae116210c83a4c08a0cdbc3e83e53a618545f935259ba632f95940bd30fc3f6906b6151a25f6c981e5971efe3cfcbc97205b810fb3b7daecf75993255431f1fa81e7c655bca9290a9d02cb730a8b2b793e0ff4db018b54e458422c6900877cd9279108d2b260a488462dc4755c30100d579eb51aca36f7cda76311022b81ebd970774a863282e8b751ab713bf829d038eb7024ec2dc7a2b635e0b3e2c25ce01dcdf4bfb38f6674d8fa631c6a5d06baa684b8d862760d62e6d34ec3350eed6a18fdab73de80ef49b56005e4bebd715b53a55189ade7cbcad161d7563218ae720579a77ff135a2be2a1834f0110cf81037b17a053c1a2d0d852effab07d874aef14bdc7a81d5087cfbea313672ff66b92d2f6417193486170bfcd84c6dc1bf49079149f28e0de59d4edbb61f680a43fc877ad9f305f7d6a81bd9ffc4c78649d17a079edba86bdbc79daaadf76a2508fe63ad677b0bdadbc1a3a7b92ffccba17dfe715b39a0f3b73a4bdd6aebd5c10dc5fed5f925500ad163daf8a2b9492e1d8537415277a224e2c3ed186c6203615a4031d6539db739023bb853728334df811bee8d43fdb70f9db81a0fc7adb987cb7c31692468d0bf1dce56641208edf1266a961dc1c1b0cdfeadb42a92540d990cc9a83bbfde1ba7992863c74c9318ea9e3eb2f1cfe3dcc7f29070dbc62dd9cbfaf0be4f0b6dc1d309529910570978dbaacb7574d4c01efb20d7255a4086334d10609efa3a88bfff7bd3598b74f6d4c013410c18d9667e3e355584c34d97c25abd0a5f151a65258316b35890a16bad29496cdc24a181b6966c10453f8dd6946dfedb93a1d26e244e2e7f8a4f0d64aeeb2d069c851f88433616d4626163e7a3e20612f3346a906f3ca9ea23a51e282cd1f076dca4fb134b56c46359620790f635eab4a582d2523b6a0fdfcb36bb81b6356354d2199ca94a60621cc8cb2ef59dcffb0a49fe721f0f325472105c3c30be30f4a493c261f71b31639614843887552e1123b234d2dc8be7b5cc55273ba48f9f74d63a1f7636109e90507a0f38889b32bad72a3326ac11a46ab8d6619fb8f026ac08ceb2fecefd3847d25cfc3cb1668f8651503e5d37362c5e07aa742d758510b7396e3a6e0919af3931335f6023a4562b66f66da2775e4a0906b76c197fa070ccc273f6950baac84130db9d90b2789549811e5639ddabe393f14f44ea95af090ce027602c54433cbb2a69bb85705415944a36009c28bcc95d22d14abdd1b9632b0da43d26f89e44d9f8c5e9b4862260de77e1b6a7f10b120ee04d4936df27301754bc446e7ace07219d7a792e15a6cf23c7024994a874163205c471eb2bc14f3df97ba5281312b67c905f7b3801f1cc06f37a9ce7c201fc953e8eb74d71b572a3587504bc75017ebba2d4b1893f05d9efb6bc9dbd3d6f12ca58b3fc827d582c5ea9546e20ddbbaf5c84b8ae1f4930bba2dd61e32bcf8e0af6ae367f052ab28cea2c7f22000df534da12323cc82b0e91da6f651e1889b0b2c7acf87ff2890e4294ee68c6517f4f50ea89e28d89f33b9b618b018f6456dea42aea5122a7099e2360cf05e31658d8ccbab95b8fcb1dd2cf699bea51e8dc43cf0014a5eeb26a406766a0530f771a66f22ed1e61ed2802c667d7a22be925c7bb4f83289675551af6bcdaaac93386e877732441fcb2fcb3d161bab068eb282c8ec86abec87dddcf0c3d5c05c11c1d7ee9afaa47728699f0dc752312dd645875fbc90a0357da364d3f232d39875a03318d66feea0964833b7902758db4766e7df014e86d980333f74793ec1d05936f79dc12f9313d2f2203d5326a897d68d201000216cd0e4decd8a3550469fd3ea4700e1a11b227ef66a48d3b09c51420e8bf5baf12f396dd157ca8378148eeb542928411341ac31088dcbc919bf118f626313ba09b0fb72467a29e7a4304df04e519f267687e68dd40d892484b10d532a5c8536d4552d7905503e9a08d7c6586b027b8cf03374160256b07bde5d1e0586c5647ff8e63e0f9e82f0e928e160b7ca3d24cce5c3c02a29ddf6f8fcec00e670d4421b7871890a60ded43a06330b22d2f5bf7416f067620821f2950e0bd0f83a8ea13bbdcbef34fa130228d4f66e54dee3cc29a55689f9f3d5c5a27a248a3066bb4527b6ad37e7656f73cef4d39d49c224fef0aec8f007a5e9fea840310b64f1bb1dcfd6e4150f0eb36f7b4c924dcff99fd68c9080e808f6d0898128dad38795fc3396202fc27fe0bbdcfc2c35a10dc70ffab15dd5e0c2ace731aa3a24a23c18c33bf299c74e3eae50aa1a627e2d426d2e12703ec25f0abb8735dcb5161369cfcc6c95c4bcf6ebb8969a7340f3d30d611f915f490691f5a403e208f96de5ded21bb54329f8a3669f10a9555a37136f84c6164ef9eb63c7f2ca1e62742a70c51ea8e15fa746e66733b7f157b7f2df274f49910cd4c3f1541833ae3dc5e094f40f26c4bf98bcdf19dc48895945611b5802a170c01da3eac1b516797f92f7b500b14a98c45c3ecdef4ba341935d26c7c29eee22876bc67857a292858f69fb624fcc8b1175ac8b40cde496adc4789c42dd3cd05608644e0c7eae0c8ab1ac7a788347495c772cd5fe8b7ddad2cc54c14083babec2a384d0c61aa3a84bf445077d07f596114938375623f22150606c0a7de923b6946b85bdaa305eebb3d0c2fa44aa727d2e33dd0fb73dc835cc861354ea0da0c0be0da0f72bfd45f16a5b0fa245e18966ca828e8274735d6e976a2d88594a080a6cc894d629abf45ad9c3047bc685c2a8702fffe55dba322cb1c292b22acf26adcf57d78dc4ca74ccec8618c555f983c4706552023cf6a446dda7159c390ff68aa3b4e30cc2e1709cc457a65366921d771179a64ba38944b60fa26103af8f4dd6178e882c58e7bd429c3e8f6e1d3896e109aaf8f4d0d93676dc8bc2652e45458c0f286603fd48ffd73bbbd059848d6bde1c03d453730691a0255fb81adf47771372f1ddb6cff251338d5cf0def1a74f0fd67940bcb82b8a276740d7d2414f3ce496b002284efc0df0d99091777f7f9431866b4faabca8e3ce56f06300ca3e4a5909ceb4b518ae1e51b6f560f6ec8ff9e466de2d63671ca922ed9680b0b00ce1741828586f55116a8f18c18edfb4720d33fcf69fd304c80cae754c3121ce33a3d518aee25ee0193177f966d8b62bfa9b83439414ce698d510f302d79fbc2b7191523c96bf407d10a965fc7150b7b1b1babcdcdbd9663620219e21e9ec9c2fb6833b61b651a039653531883dcd1d8ce282f25bec57e938cafbe9a54215e956c7237edee6efa48e90cd4b4a27c67592d6c0a3b97e5452dc9917920711ceba1972eecae29a7cf15382d1b1fc8577d2b80920fd7cf209b961b9592d6ea83b8a190957187424fb9146ace0fa6d14c4a221dda4e5a333b42f62392bbc5423cd454bc5fea49fab95c296ab57e8ff37adb94117796c026a4b3308678e11e1bb6a18a973ebc97ebaef38e1ab4f527229e0db8a5a2f2bd505fbe834742baef84dc0cb8e828919f82b44a1363a3c07f384675dc30a0d218e5ae999cb85f0dfe0ccbc2b3dcbb4980e48b30bbbf7ecb6a3fdfcfdd4c2dd3a7a24be067554f91f08d4f6e457315887462a3d74267bcebdcf69a654f8593d863b600b2c445b30525bb360790ff6be786fd3c9a3908498c34a31977582930e2ad4fe0abf0fd3fea8bca4ea5675fa80fcf2e94b8269e5655d0d6d4838dcf0e406644755b4859ee3cbd70cbf6fc6956a98e6ffb7973435e31d1564890e13881af1c803710825ad1aa9b79366a8f7799d976c047289be60ace67959bb161b09a6bfe1e4e3c62bb0adace381e4a230b34ea98addd64a591c9f63e1efab858c9a71535d8a8572f08322c35ff04df4cf58a39b2cf889eaa91481c5b80fc5b8c4d29befcef2d60f307320ac0e24900b42689ba90ddaac747ab0a15f36f03a842adc12217be57e25d64e26c51eae08fccbec0460bf011a101d1d458638f5d03e042b7027f1445a8af5f1622281e185898f36aac875614e0cc05bdac6bfe6151f22c82af7b9bcba6179a1779b9be9edc3e613e54ac1943f88cfb839fb190c5c9c082fb65dd7cc5081a38b848747fa0977ee602c45bcb5e78e19bbd06b09a5294c514987c5843de8ef61301f895f2b4ee0d63706f8d7b7a70099f2f964d07e09f87fb81d5716c1564e22d6f3b4f84814d58809d3895a5dd63648fc61aa325a539cab51b0cb9b93973804b34a0e0b1d79c48fe3b3e577591ccb1fd07e8fd824936fd1743e47cee027ec24d4d0d6e98555107dc3763a9b64b46cba875b20e3bcddd123bcd59d13580db4db08c2821aa008e4f816a590dc6a1d60d025a099effe8a9357fb18d965bbea4e8449cc3ed4f8c05ec18d45695236e591c531f856a6e93f49949c5839235ffa1a92b03bbb937b1152ebd66039406dc8765866571b9897e6c286c44e5f6f7f9bb4dcc9d841d010f1b4cd60b7fd87154077fd714953f0ee4f02d12ce668a5c7e22cea490d2b1e691e394210c2f7994ee17974faf46abaf7a0d073e561dbf7e276b7d4979ab608", 0x1000, 0x4}, {&(0x7f00000030c0)="416244c034873400224181f0c56d1037", 0x10, 0x4}, {&(0x7f0000003100)="39b6f2ca1a3216e997cb532bcc6ee8d05f72952c8d4ca9d47ce9e9614179397a35223ecc8ae96f0bab4c406ae64dd1bb4a30a49c70192482571f7e2ae01d68343ea1c75e0e8472655f7beaa367d17b6ca471c626947f6a69021b62dd0de3f2e9008a3df359ebfb9645d1efa59363060e844d99b185305c7d135c29451504e5dd077a37f482b22f466513cfd375ca331071abcd003c2efdf8dc1ebf929ec47f2c76c9a194b2af8a240d60898fb8d1224f1036a04ef5df3e88a941e29f35686093ca357578de387c", 0xc7, 0x1}, {&(0x7f0000003200)="c510cd11348841016d087bb353af5b1beb958f53a8ba87e45830226f366a466f0d92b4c36458dcaea95e8cdc91e3e74bb80f7bfa2bb87050f2b2ccedb83e2b17a696d0dee03e1b63b9db6ed5b4438dfc8e71308bc17502c453a2ac3390e9fb33739d4bb42c374c4206c7226da28f8cbc4085b3934479257aecadddb5f5b573dc7e126699f4640a5f", 0x88, 0x4}, {&(0x7f00000032c0)="1b1b8978c1eb8bb578334fe05c372dfcde6182c1241dacc5ce2a426425f9dcc96834dcf80aa3a92f48a69618771196009d6005c0c35709183e87cd59be2184af7d8db52b12b4b1f852d48dd4473c1f63c364181b745434ecaec86389c84bd813019e602409f7ff0f8324a8dbdf2674656661b63ab374bf0d7b91b517bac50e6653c481a3482387731862a648e87cc908c172062d273a6b414b32b89fa10aeb470f484f63c4b418", 0xa7, 0x2c}, {&(0x7f0000003380)="58940bff6a492d8a9c375b5893cfe4287425d1b53afc19802c25b174bcb62db787f1f82c272c91e8e7252e9a8eaa48bd93ce29a60788ab2a4cf7170884b162c414f041a7f414353f928a247e8cc7518b9fa4b8c958630f962049cd09541edf928feb7bfc0ded78d85f4caf38c9be78a7355997a500f1a89534d9d68ea58fdf299a237f0d9ca613c353cbfeb596a2f1b368d19fa78821668e8aa4e749446189552bea3127f138493063bbd6a836244a0256ad65a25968ae20e7440d35796ede3c1a1022aebdba7c2f6b00380404253c794a44683072a8f6713cc1f6c9e68d3ad999", 0xe1, 0x8}, {&(0x7f0000003480)="71103ec5087b1a8e87eee8d0cebced1bcb6f40192930c2bd695f59860313aaf865c50fe8c841527142eb5f4075e22866069092254d68716dee84f2e3eac23e1bee35a165c86b1148a31c804cd5e2b3754117479ed1f9f0b8cb2683ed0b5f6559d3aa84f39a6898ae7c236c3cd3ad84863245561136caf26931367596a9967f7250fbb8a2bd97abdc20001c06be83ef3c2b02f9e3c9b3b9ac1bd2a44bd1383deb9cfcfc4331351c9b6920d6125216cb8eaf01a8b3aa", 0xb5, 0x6}, {&(0x7f0000003540)="9cec2bc6c4c8a5db5c6708a470b562f2127cedc163b29b32e064202863d86f89c0052d7c4a29a9332e55384670f7082c5167eac4d60219b0", 0x38, 0x8}], 0x1000000, &(0x7f0000003700)={[{'dioread_lock'}, {'smackfsdef'}, {'*'}], [{@dont_hash}, {@euid_gt={'euid>', r0}}, {@appraise_type}, {@fowner_eq={'fowner', 0x3d, r3}}, {@smackfsdef={'smackfsdef', 0x3d, '\x0e%['}}, {@appraise}, {@defcontext={'defcontext', 0x3d, 'sysadm_u'}}, {@smackfsroot={'smackfsroot', 0x3d, 'nobh'}}, {@smackfshat}]})
stat(&(0x7f00000037c0)='./file0/file0\x00', &(0x7f0000003800))
syz_io_uring_submit(0x0, 0x0, &(0x7f0000003880)=@IORING_OP_FALLOCATE={0x11, 0x0, 0x0, @fd=r2, 0x1f, 0x0, 0x100}, 0x1)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000003ac0)='/sys/module/psmouse', 0x8000, 0x0)
inotify_add_watch(r5, &(0x7f0000003b00)='./file0/file0\x00', 0x4000210)
sendmsg$NFNL_MSG_ACCT_NEW(r2, &(0x7f0000003c80)={&(0x7f0000003b40)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000003c40)={&(0x7f0000003b80)={0x84, 0x0, 0x7, 0x301, 0x0, 0x0, {0x2, 0x0, 0x40}, [@NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x401}, @NFACCT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x3}, @NFACCT_FILTER={0x24, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x91}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x33}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x2d8f}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x8}]}, @NFACCT_FILTER={0x2c, 0x7, 0x0, 0x1, [@NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x5}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x8}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0xfffffffd}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x3}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x8}]}, @NFACCT_FILTER={0xc, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x4}]}]}, 0x84}, 0x1, 0x0, 0x0, 0xc804}, 0x1)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendto(r6, &(0x7f0000003cc0)="eb535288e2eb81e5d572d1de06e13a6739e16a34f24e4e640226e6c5aceea9f86e807ec93d73fe32840a39d6363467a89ee88d427654f8e69b78ac0e88a370e5b5006d6508ebe880ed271c1ed347c8348f91a5181a99acf26ff3cfc7804f07f6b519aa05272826464fa8b854385e5264ea85dfa9e7f3410256bc9ef3d93f398862fc68d48208e3b1947979b5ce147ebcb1c81f18311d048b8afc6febb65708938881ca748d0dfbe10269f2506eb9892492c8", 0xb2, 0x4084, &(0x7f0000003d80)=@ax25={{0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x5}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @default, @default]}, 0x80)
mkdirat(r4, &(0x7f0000003e00)='./file0/file0\x00', 0x35)
symlinkat(&(0x7f0000003e40)='./file0\x00', r2, &(0x7f0000003e80)='./file0/file0\x00')
dup3(r1, 0xffffffffffffffff, 0x0)
mkdirat(r4, &(0x7f0000003ec0)='./file0/file0\x00', 0x0)
r7 = openat(r2, &(0x7f0000003f00)='./file0/file0\x00', 0x2181, 0x40)
lseek(r1, 0x85a2, 0x1)
sendto(r6, &(0x7f0000003f40)="0dadbf6e035ed41d476c4c744d3ffdc4c660e678b6edc2b7a81dcf756b1551bcf9c9436e84e08e1ff6898b6b5c6b0455a68f72d9e7a04683f4a05a817d30d3454fdd49f8572d90c7cf08398fb4a21ec7bb808be1b9e4bb807f35303831a60d6b84114e69eba8d719666cdd2ec7743f9def3182dc68ba23bd0353ed25d918c20ca98f09afd3bd4cff1a23ae9b712b73d4b84d7fe978c17d8c4021edab41526e518f17f6e5ca44ed50fe9418b15b5f9e395555b887ad0ca56bde23f98aa021c57a4566141df41c56be5b28c810871b03ee7f1bc82cae1759d6bf74f0ac0ae58e45a9f13cf11ff7afd4263397c8160c840b95d3d35a100291c76b7e9f26", 0xfc, 0x8000000, &(0x7f0000004040)=@ethernet={0x1, @random="6f70c4dc082f"}, 0x80)
copy_file_range(r7, &(0x7f00000040c0)=0x4, r7, 0x0, 0x3ff, 0x0)

05:48:08 executing program 3:
r0 = creat(&(0x7f0000000180)='./file0\x00', 0x0)
syz_mount_image$nfs4(&(0x7f0000000040), &(0x7f0000000080)='./file1\x00', 0x0, 0x7, &(0x7f0000000600)=[{&(0x7f00000000c0)="4e716511ba6e248ea76519e101a0183e90cac8045ebadc4a3084c1f385fdecd4724722ce3e", 0x25, 0x80000000}, {&(0x7f0000000200)="5784001c84bbbd93ab83a6a386fa2e32774773656216ff1c294b66922b6606d1be1c9c99d9b2caed9f91669da76e158d44fac780678b09526a34261ae1e39c64b030464b95b56aaa10e1eed4c46c0a6bac68c7dfd19b97fb2faf1410346f3286da048b9abdddf51ca49b846f35725051e084c2900f02ea9598727b8aef177eb3647e2552030628152e41e49b0e862f747e217b81d57e06ca18c2424578d784954325dcdb5e0270b6e7a32b03bfdaac20703f7d5c8f1707a0c388452c50d011ccd298771d", 0xc4, 0x9}, {&(0x7f0000000100)="1dc81e00dd966596887d26411c731c82238bd2abe597ea5d4956a7ab58c9039e57d814d005c805d00f01d45ff9014d8a32b904a52f80ae171ffab4a9873c1d4d87b7f7a819bc361f5a04e4be2d58d8a3e4c1c4c7131ff0a089abd41138", 0x5d, 0xffffffffffffffff}, {&(0x7f0000000300)="be3ed0b186582f228f86428cf7a6aa1f589d2ef567c91804a4d400387dfb6add0bb5736eeee3ada1310e6daa1cd0beda1e3ccbe525121960d9c64b54e916b84e3e275f7c9f9bbee6accf9923752694df525f468429d11725734fe345d19d09412dc361bb28369fec1d6996c05feea9bf5185fcee6e1097", 0x77, 0x8}, {&(0x7f0000000380)="058d74977bbc37cd09acbbd79c547b26937da146ca95085403f7764c4cf2975b810e5793a639f9f02113ec8b3da1b24add978097c36123fd98b079faa643cc968d071512012108d1eed6a45603c8f94137a80743f872c1a8975a35b14f305fdc02bf17d509c2c0d77aee5b10a7b48afa42e74136228c3e2bd0afad36e008b6cc396d62059b654236c7884d4aa2ee238b39484186422f6b63a260a6517ac88ae37b", 0xa1, 0xffffffff}, {&(0x7f0000000440)="69e447f3fcd5806afa8f7131019a665445b7089bdc931831408053cb014f5e80f2052d5226a83254e818d92a6a3e2d2583543eafb0ba205b5fb9ea4fd793063d3f553380aa82ce508cc379cb6539178ec0e1d5a02c0b57719e222094e99ebfab214e26247260a69028327471d9db698d1cf14aeca55caa560eb049b52aa0c77e826664caa6fbdaa7605a9ace4f283106aefa126d16316c59195616ca2b3cc0dbf5f1d22bd910bb69e2741571d8ef751ad96331afe86981b505975b00128531dc87858161fc31757adcf4e0f1a435a0d80c232fa791215fd86fbe5c63a8b24852", 0xe0, 0xb15}, {&(0x7f0000000540)="ad46bd0c3965df265e73f4eb900a57435aa2296cb12d9260561ff80a92923c613015f432aae16820dcf00cb90c9fc4fe74305e59720938077ccfaffb84b9bbeb556504e2378e41df889f4dde1ff093b8c960829961bdacc6e035555bd979f98daf5218ef98ab123f8db17b1560da06003167ae12da489c2d8bf171eae575ae6a0846a703fe98726ca2103b2aafe4b787ae140d97c1155db515c0133a3bfcb55435728742c53bce65ac3668af3c086ac116c205ee144e6f45", 0xb8, 0x10000}], 0x4, &(0x7f00000006c0)={[{'{]]]'}, {}, {'${'}, {'*'}]})
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x20)
link(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file1\x00')

[ 2874.061868] loop6: detected capacity change from 0 to 41948160
[ 2874.072568] loop3: detected capacity change from 0 to 135266304
[ 2874.072827] FAULT_INJECTION: forcing a failure.
[ 2874.072827] name failslab, interval 1, probability 0, space 0, times 0
[ 2874.076746] CPU: 0 PID: 37696 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 2874.078116] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2874.079758] Call Trace:
[ 2874.080125] nfs4: Unknown parameter '{]]]'
[ 2874.080282]  dump_stack+0x107/0x167
[ 2874.081935]  should_fail.cold+0x5/0xa
[ 2874.082686]  ? __delayacct_tsk_init+0x1b/0x80
[ 2874.083296] FAULT_INJECTION: forcing a failure.
[ 2874.083296] name failslab, interval 1, probability 0, space 0, times 0
[ 2874.083573]  should_failslab+0x5/0x20
[ 2874.083592]  kmem_cache_alloc+0x5b/0x310
[ 2874.083609]  ? prepare_creds+0x466/0x5e0
[ 2874.083632]  __delayacct_tsk_init+0x1b/0x80
[ 2874.083649]  copy_process+0x3319/0x7800
[ 2874.083675]  ? __lock_acquire+0xbb1/0x5b00
[ 2874.083705]  ? lock_downgrade+0x6d0/0x6d0
[ 2874.083731]  ? __cleanup_sighand+0xb0/0xb0
[ 2874.092700]  ? perf_trace_lock+0xac/0x490
[ 2874.093544]  ? perf_trace_lock+0xac/0x490
[ 2874.094387]  kernel_clone+0xe7/0x980
[ 2874.095140]  ? create_io_thread+0xf0/0xf0
[ 2874.095978]  ? lock_downgrade+0x6d0/0x6d0
[ 2874.096808]  ? find_held_lock+0x2c/0x110
[ 2874.097634]  ? ksys_write+0x12d/0x260
[ 2874.098411]  __do_sys_clone+0xc8/0x110
[ 2874.099192]  ? kernel_clone+0x980/0x980
[ 2874.100002]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2874.100939]  ? vfs_write+0x354/0xb10
[ 2874.101712]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2874.102769]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2874.103818]  do_syscall_64+0x33/0x40
[ 2874.104566]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2874.105588] RIP: 0033:0x7f87f4e1cb19
[ 2874.106328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2874.110016] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2874.111545] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 2874.112969] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2874.114394] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 2874.115833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2874.117269] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
[ 2874.118730] CPU: 1 PID: 37693 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 2874.120284] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2874.122110] Call Trace:
[ 2874.122701]  dump_stack+0x107/0x167
[ 2874.123531]  should_fail.cold+0x5/0xa
[ 2874.124529]  ? anon_vma_fork+0x1ff/0x640
[ 2874.125606]  should_failslab+0x5/0x20
[ 2874.126572]  kmem_cache_alloc+0x5b/0x310
[ 2874.127620]  anon_vma_fork+0x1ff/0x640
[ 2874.128501]  copy_process+0x7218/0x7800
[ 2874.129428]  ? __cleanup_sighand+0xb0/0xb0
[ 2874.130373]  ? perf_trace_lock+0xac/0x490
[ 2874.131320]  ? perf_trace_lock+0xac/0x490
[ 2874.132302]  kernel_clone+0xe7/0x980
[ 2874.133238]  ? create_io_thread+0xf0/0xf0
[ 2874.134172]  ? lock_downgrade+0x6d0/0x6d0
[ 2874.135093]  ? find_held_lock+0x2c/0x110
[ 2874.136021]  ? ksys_write+0x12d/0x260
[ 2874.136886]  __do_sys_clone+0xc8/0x110
[ 2874.137753]  ? kernel_clone+0x980/0x980
[ 2874.138642]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2874.139687]  ? vfs_write+0x354/0xb10
[ 2874.140540]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2874.141705]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2874.142858]  do_syscall_64+0x33/0x40
[ 2874.143705]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2874.144845] RIP: 0033:0x7fd16660db19
[ 2874.145676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2874.149745] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2874.151443] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 2874.153024] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2874.154600] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 2874.156198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2874.157777] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
[ 2874.162050] loop7: detected capacity change from 0 to 135266304
[ 2874.170662] FAULT_INJECTION: forcing a failure.
[ 2874.170662] name failslab, interval 1, probability 0, space 0, times 0
[ 2874.173067] CPU: 0 PID: 37706 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 2874.174400] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2874.176019] Call Trace:
[ 2874.176535]  dump_stack+0x107/0x167
[ 2874.177245]  should_fail.cold+0x5/0xa
[ 2874.177986]  ? create_object.isra.0+0x3a/0xa20
[ 2874.178876]  should_failslab+0x5/0x20
[ 2874.179619]  kmem_cache_alloc+0x5b/0x310
[ 2874.180413]  create_object.isra.0+0x3a/0xa20
[ 2874.181258]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2874.182245]  kmem_cache_alloc+0x159/0x310
[ 2874.183059]  anon_vma_clone+0xdc/0x590
[ 2874.183829]  anon_vma_fork+0x82/0x640
[ 2874.184563]  ? __vm_enough_memory+0x184/0x360
[ 2874.185436]  copy_process+0x7218/0x7800
[ 2874.186234]  ? __cleanup_sighand+0xb0/0xb0
[ 2874.187055]  ? perf_trace_lock+0xac/0x490
[ 2874.187868]  ? perf_trace_lock+0xac/0x490
[ 2874.188635]  kernel_clone+0xe7/0x980
[ 2874.189313]  ? create_io_thread+0xf0/0xf0
[ 2874.190082]  ? lock_downgrade+0x6d0/0x6d0
[ 2874.190832]  ? find_held_lock+0x2c/0x110
[ 2874.191587]  ? ksys_write+0x12d/0x260
[ 2874.192289]  __do_sys_clone+0xc8/0x110
[ 2874.192995]  ? kernel_clone+0x980/0x980
[ 2874.193721]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2874.194568]  ? vfs_write+0x354/0xb10
[ 2874.195273]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2874.196229]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2874.197169]  do_syscall_64+0x33/0x40
[ 2874.197859]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2874.198789] RIP: 0033:0x7f81e84c4b19
[ 2874.199477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2874.202821] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2874.204211] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 2874.205511] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2874.206813] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2874.208108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2874.209395] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
[ 2874.261880] EXT4-fs (loop7): VFS: Can't find ext4 filesystem
05:48:08 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 33)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:48:08 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[])
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, 0x0)

05:48:08 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 53)

05:48:08 executing program 3:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140), 0x40001, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = dup2(r2, r1)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
r4 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000001240)={{0x1, 0x1, 0x18, <r5=>r0, {0x40bb3421, 0x5}}, './file0\x00'})
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r2, &(0x7f0000001280)={0xb0000020})
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1})
getsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f00000013c0)={{{@in=@multicast2, @in=@local}}, {{@in=@private}, 0x0, @in=@local}}, &(0x7f0000001200)=0x147)
sendmsg$nl_generic(r4, &(0x7f0000001380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000001340)={&(0x7f0000005240)=ANY=[@ANYBLOB="dc1300003d0001002bbd7000ffdbdf2516000000c2005880863a0bee01c253b63d65d976ea751de5cdab67759af85cc17b66639966464f8e960422df110f7bf86f2491ddb04cebe14b2d559524227b5bc699c14e07a61532807fcd6dd0f120fcf4b937b7c9dba7a57740901bcaf78e5484520f59f4bdeb01768e520812de9fc3946e4de3c6dbdd07d252e9fce97a763851407a8c764e7d9c875ecd2b485c1e1e0fc9c5fdb25c7f0deb8fa6460dbc4b2674bc85be3dd5171065c8e6c0e595fb29306edaf03b897b4b67e6fa8838fce62c533f3efb03ab00000c007100040000000000000008004d8004006b000f16ea6ec9a00ff15b38a0488686dee2da358556973ff3aead6708e3b3fc710e707bd420d2c850c1dbee7f1d8033b99e0c5b8dc778e6fa0db8f22ca867102254c5c6692517f3aba6bb2efbb4df07c6ac14a8a522eec4916938907b78253416254bf264f040906128d5c193857e791c71bd6bbed8f35d71f36994b411285b532a9ad61a07bc4a90d0bba948ca52dff04d513bc40ec75029938d7a995b8a2ea97f4e92044d3faacb9e77ef6d00a21dcf619bf79042527ddf63c1576a908beabdf26f3edbff8cc05b40f2d537fc6ede7595d30313a8f603c00d901ed7a8d6b83bf8b3207816cb1ff0c7a705f90b4a85c1440ceb390edbb2e562fee5ac06d5aef666c6224361d2d3e134770b8e5dc69291425660d50790fd10d0f8be282fd0fbd924afe84e1d8df045ac6ba08ac6af472285c4a34c8e34b6b8f67494a69e48d8d2ad3a2110e32a57c2a6058b0fcfbc72806b72cc45746cc2efa36abc39702be4e38b4eb7e5f718a3437e7c3b78eb548a24694e655e762ed43c372d7ddb3a98d82104251f42eb07f88c74c521a354c34f2ccddf81c1fb52e99f4590ea3f6decce3bb6e7138accb5dc82aa135be76a4dab2a9d39864acd28e65042df070b37f8317154b3aa5184ff3d7f56f1f8d1c6e294fc9b9232d24a4c6f86361efaa78ae66ac7ef0b0c55542283790f8b2da6357601009716d12f42dbc8d14c47b4f188b190927e8f325ff6949aefbb7a0f4b74ec95948b62ef53b23cc30e6bafc37375584fcb8d2883b415468c00bc5291182d20dc37d6311ed01eb6f1b68df9ffc14baa1382494b58266221410ecbe4a4fd7ed09826acf8c4b2a9653ec307e604d591ded35def3413dc36cfa4633729f19b1b4b606a39228eaa93a47fac273278ac875bcf5e443b17b51f511c5359b761377947f365e87d0c1a50a4fa2535dcd543f7198ab952e5d22d67b681e5542597b1eb8194735da4aba5f3044657fbcf48710db53f0f1bddcae773a2ea79d5c158237cf563f04a48101c45ee94f1917e4d4bfb61d2c33171ac3a8e94dd3f41e066c4f969d6b8192bd01a1ca44c160789258831631f814f2a1a1e6feda767483bb4b493a681f22e752074b17473fdb113e49fd65fa98803c93eefdf7397040140e7c0e153cde59f913b2baa18079a91db2a3aefe55cd4eaf7aa349b3da6b95d92f20a0bd06c578f348566021406a40cb190aad32cc6feecce3c26857c47733b1275629c237016b34f0a1b6c33e0755bf652206c172485192270ac3784e92c18c7bd3f5cce7d5423e787a6ead60a13c7ee5eff7f5219a1a0098def44a867a02ac0eca5006a99f52b1e2a47992aa5244f115e08ddd0641fc1148aa3be9748c5d4374833c598d9a85d803b401647df21a7539c93bc541668156a8bfc243d7b08b7b222a10f4a8d9fa2b233a78c783423d02c20d4b1c7a58d9f2db59dd0f927f72a62708fd5dc8ebdbad674e847563ee9465046ecacc518d5a5d8c7a574eff4caefa9e4ab826b5b451a369c893b4fface22fce871a64c1bbdf1abe6904e2e921625be825fb0f1e6f3eabc27ed10640ff30011847abc9c63eae7c1947cfa9d04c21e1cfc059769c15261dc22ef62498bb322fe86eabaeceffe3f37041f62f9339dc8ec0f7f41484efbb738f38f63293a7725178809ea6f51c7a07c0eeac72be4d5f86bebdcd01778c69a65bc3755836c6e872f967d84d4c7892a3ffa60163e8ddd4e40ac7a543d3a9e4150bf1e483d436ff84de4cf8f95f71ee475365b91339a39d9088a16dab0baffe52284dca01e63b1e58cf61abb9903df8575df9b5d0d5d894868de0b55463a02324bd3a9a1175122c672d47d4415eba99a84bde78b31d014ab9f74c3e20fb5621db6f50c9408e085483cf5e00c542f8db7c6702b1d198f3bae89c1e1da7d0435e9c2c603349a45999f4b46b3c3d072351e05db96dab7cb572fb4c518203d8e9160083645f06e9ab5d502bcd36441f1c51b9fcb0162f94d8cf409be673d88d18e8f7b62ae386994c578f226fe659d1c38f2616c8fcd09e2970a172194da56c7e0fc26e311ffcecff1868916bf0997166595d68b41b39df6a881fc9132a1f4eb7bd9345a6794f7b3e9d3a060189179c354c0b2fdf7a2326a5c37b68c409e0cea1a056c1b20319c47622737080968f4515a097312c98508bf8d71d132f784558f2ffdafbc79c60332ad9aa771bbdcb965fc17bcef9140eadc25590fa69a151dbe492ad6c4d42f6a53776748323017f877cbcda8b2194a101198376ade052b99f4d13fea6efda3523c5f68ce5d72a97f0ba4629f5f96fc5b926ffc10da1c90528d2c0b93ed22ec18a112a875a172dd3812346a27aeab34e439895ebaad3e3ec0860cfbb82807505cc76f89dc7a65b35845c339760bb0ddcb7fba83fa52d7ef4b9107f51a4f7df3dcfde2a98e92de313d40afa290a2deae0390ed0d838eae28cae97741b7c6ed8a3e5018a607e64c1f90f22ab2dd54bc61c8947cd6e220a160e0747a8cb4416020dda98f73bfbf76afefd48a971457e24b16713fce1313d821e1bbebbfc5aa684cf17646bd074fb6cc4cdeb96ef810d3b854e080ed4721c5f81758a74dd7da37cf835ad5723ddf352f0c3ba3bf60325607caa42c80f15e0de0d1f85ded51855338adc1f7252e849a9e2e7979471f86cb0b01dc85c846dab2b8e4823eef364801ad4d7e59e1d08e1f317cfc28b1c97a7854bd2d4cb21c398381929b30eb603343b4156981c6549aba926d4d3dd36ce34620df9876f84abe55e3b78d2f85ff7a3f4b22651f05c9ae16a76281af0dd0b02934bf342c976ea6b31bc0cfa1b7d8d6934c49b965f0c956f3ef1a8f05170db828e7d7cb4521656e23d4f01f82a5158c8c25f58d0d6efde1853f7d1967dcf9430f6a0374b3a7955499cd77cfd0b17a2656b01b07f8c9e5d21d70384650c24b065e05429af7424e3af0abb7c7b8edc95fa4ca6c3db4204e5fb33ebb6c195a4acf7d6a39e0918bfe7d7d421927410fdb8064f24f2ccc6388fbc701322c01d1001b0a5bf73b32c9572509ef2d5e772904994ccf3eae772c3901b76c1ee19afbdfc788eb8a73d768886ba43cf0c626ff759eaae3a7349495e54c507cf95d69d99e797e53c6ada1eca559c554873f8d28416a86995d3e014555bd67d4ee5cf0cee596769add91612fdfe63e68358f8d42faf39d42d5d2dca238e084ec2ef43ac866840a7785d3181f9d0895b475268bbd40140985ae4754219cca227c1ab458f8b0c56958a5af1008c0d4d1d1d0850e812b7636eb67e51e423a7385d70d2671615458d55a4108147b5893fbe759b088088838919d565b40ff299a59819de17a954186c06c5fe8139740f0bf93b336f9cd9baaef5a13c953504a752d6c16a4bf5666bdcc7a648ffbdf77611da8bd1decc77b6867fcd23ef83a180ef155cee6cd6f39d751a0b0be9cbe4efffacec4c62e72d516960c4660e51547bd9ab07893858732cca67487d4b485f3f22d2274564bbb5ef2b12b15bdd3cf713ff8f4cd0187adae0d768875e307482008754c572d4b2617e644c419367332bdff17bb655d4057bd73475a702284f8dbbc6216885fe09afca93820e107996cba579b0301b2f9f8a08635e81e24409fdff1aeda0949395872ef118bbdc4b4dab7d67c33537f92df3255abf61f947d8ce9ee8f45a7afde4a37e7a51e14a6f8ded14b8215775ec895c1b11f69699b7ca66e4c6e4aa01f869021ceacb6fa6c561178c62f3dad1b12f210aa14f2cfc770e9a4e442a43be7553a7cbd6ee7825c58e0b294d155ef0de037ceda6ea996c981467409b9a91d86d496cedda2bede64dfeb1d023db63bdd2078415381d0ecd7ebe493c4ffb4d8baa2600796bff5a054373d81baf45f4e76274bd6694da96648862af57b2f2652442a8b46fbdcb437ed0f404ad774942df2282aee9fd2cf38f09ffb9d613c08818b5db5f56756ef8f04b769452c385c74f1397e147afdfece83f43fc67fab22428eda3a62272093271f6a955c47c69d36fa181feee98aef1d1ef494c0f53fb2c2e1c18dd2d09880c8fb36b66d6ddabe3ae27845ce425f2bf12cc696e667fff73b021b08aaca37ceb1bebd197190c889fef91837558a2651650a7517e64997ffc2bb9c3d6946967cd8ed09ab5c29bc50cbad48a9925118b0f097d8b073ad7b2b06771569705f78c504d7c9aae1ce8a568a981b161d8f4a02a6f2fb20dbdd95f1ed34aabc2331ae95994028365ac03115589711091ed41123849c33ae9f9e63b17d3b3da3b43d651fe75e829f39e6d0fd0d20b36363989b8c73d3ab5e3f45a6385b5b64fd4184ac182f1d06e7b93812b49b07138f829bdbdec3448aab5c724eadb2bfac9770c5a512bca152667ebe747923ca3c8948d9af95762e678a9dd2931eca82202f0633aea3269151b293d7b1a51002387f011a2a08a34df41272d083631d1a7d74ee066341338b9980ee816a01aa34fbbc8edfb355f3f15d9d0b1f6bd2d238518a276716e3161ae42cee627deb7f559acf93143cb510567af299ec6f63ffaaf8809138702c57e976aafcf5c3f38ace0cd71a8fc9e160817d37f750182b7611283de4c945446ffc0374e60b1a430cff26ba6737237d5c0a29cd1b9c656dfcaed28dc78dbb9380dc7ce64371f452bf5d720b7e22e7fbe969a5f7a8f28fee84e1b78241065679f152bfc9607dfbe1157bd3a551c25499ef1b0299acb8edeb6f3e671a2541917c32fb820b6550d19d23da0b8201be6e0c5a42cc48e1ade4c6bd4d558384258de683866fb1611267c110f2ac0eced802e694c58def14cfdf32306db82ee65809ba0c5bb6393eaa2cf854569891efec0531c428ca5f009aa4ac90856f5de3ae72da755d87bae4d1bca1ccea574074b25634020baea4222d1540cc41e36d9f2b9505b1470ce85f74aaa94577efc6c2f06461581d7f5c11fcedfef6a6d6b7a1525e7a9f1e9befc7c0d917248e487ec70b1baa4fe414e9be7e0addfea93d9001fdb4fc6b66b586f7d7ed311a455864dfe03dac2b598cf094bf9cfacad5c7e26bf6e7ecd3b31386c532491a869ff7d4118b08fd6cec739aa7f66fe915c038f6d6ff57eed918525c5addcd4683804786ef3765151866aa21aac8024fd8617ebfc066de566adde2052fb2abf1e771b1b91b20b101ba2ee4aff6084ac21c75f0ee937af132049aac462827847b3944fc3bcac237cdfe970613ab8d58dfb701ee095695fec1d3178e491d7413c776cc0fb7379344e909dde7258c78ef8623ed195d7322567cc554bd427cd3d2254305c0e487ca333952a5597fb8e3d7c7c3c2ecdecd253197ecf29e6ede7bfd9833f162659655a8516bfdbba60e3392ab4f761970e5deee31c53310024c3b6a8a339978d0a53eb3c452e5584f72663beddb12c5ea9d4f0c9495a10388e657b227c9d7ace27235d7486d50ea0ad6de5ebf2cafdcdc9d57d077f96f6059a6c2397be83c7a9f2efa7db4f803e56df9bf4acaf5550e0f13abcbe6f1954ded939e1bc1ad4a6dfce2a761c8bf0fd58af8bea12fd39ef3f2bf729aa3547af8442df2e9603df01a41b1e814e14d073458fe1512f4b9a15f227c5b3e69c881a26b647d2b7bbac284efc7c5a159049f5f70f7023bd115cc4f93dcc47ac76f798f4837f3390079d0fbe8367609ea425343d2125c060392fc33a63c9184409408df982ae5db2c1e5c53dbcad357f6c0b7519e0882288e1ea34e4514092f1daef2b7a077cbd45f96a7b68d223c12f13d73d83330617c36cb160718fb3a43650b5fceb8c31d0f8064cad987da01b165b215fe1584d356a8cd9f8e4e34d0af77670940b2cbb0f5834e752da4e7b8021f5c0e591fd8b09f382526cc7c9de2f7e81aad89dc45e7f1650f4dbaeeef5157f63f7e85e2ac3099e597742dd8f3ca93357bd2969bbd41d928cfcb72057ec76f068fc7149f3b9cdcff2076e7f14109d6edf99f648e36cc5b967500274e5a380172804455a61c0c36e6a58e23a2f42242c6856bb38ec635f65428865182b5567569bf8f6328a80d85ef996cf997d73f478f37fe68735e83d79a1c8a2582c5932d0c66aa70c8942a0d4f006f131c4a9f5a2d5a85d958f339fb951743196752f84cb0052ab078b8d845fab654060386bf3b8bfb8ee22f73950a65de879c9be5d34351a8a6ad575184dd90826c8a992f0524a3dc221b7422af4fe55e5c45f967e51383d6eac7536d10a55a423ad3d29ef671ba51a74ace73fdfc4280d4cc78d438573efbe6ed9843076b3a5e5763bc4356a00eca13018565dd6d791b0105d7aca70f5c4f3f6975f020ba617418c43b9b1516ecbebdcef0de0d5d4d809750ec84103bf925c862d11e6036eb4f287a4e493565ecb76edb1b0c709d4dc5d2c8c035b945de4d14005800ff010000000000000000000000000001a4008f807e00010005800850fd7f56b1fc2e70122299c96cc0f8714fed606caac0374a532062b28ade4f375367cbc948983ba0ba63fb2b89cdc8b00c0719bc6f3237206770089ee9fd086c78c7032f972c737a04025955a9f08c60b9108b2de875192ed3fad00e2bc3271ababdf2ecb0f5074f95c8", @ANYRESOCT, @ANYBLOB="a81d6f9e4f7a05518fc85e6e9c77cf10f96b01ad3dea08177aba52453ee6a79ea672ff8c511c07e071000c668535bfef7c22282f80ece9aeb2a72ede26eda193333a380d4d53c1e1c38dd4f2553a036a2e81eb794e64039578477e65dda2019108f50b96cafeae9aa7c73ae6d554dab8d9f652d48c1e59806ffbe39b66712f27f21574c6118816b7db112fd1eda9dd3589d8fb6414008400fe8000000000000000000000000000aa000000"], 0x13dc}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000001780)=ANY=[@ANYBLOB="d6e9935ebc6058d898bb4dc77cf658f708cd8d121af4384519d5321b7e23a4c63b72450bb232fc021e1b29e812b04622b49ab5e8f988a0", @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\t./file0\x00'])
r6 = syz_io_uring_setup(0x1433, &(0x7f0000000080)={0x0, 0x7fb1, 0x0, 0x0, 0x111}, &(0x7f00000a0000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f00000011c0))
r7 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
ioctl$SNAPSHOT_GET_IMAGE_SIZE(r7, 0x8008330e, &(0x7f0000001180))
mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x100000d, 0x40010, r3, 0x10000000)
io_uring_register$IORING_REGISTER_BUFFERS(r6, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000002e00)=""/4109, 0x100d}], 0x2)
io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0)
syz_io_uring_setup(0x5, &(0x7f0000000080)={0x0, 0x0, 0x1}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100), &(0x7f0000000540))

[ 2874.398240] FAULT_INJECTION: forcing a failure.
[ 2874.398240] name failslab, interval 1, probability 0, space 0, times 0
[ 2874.400298] CPU: 0 PID: 37862 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 2874.401439] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2874.402852] Call Trace:
[ 2874.403376]  dump_stack+0x107/0x167
[ 2874.404077]  should_fail.cold+0x5/0xa
[ 2874.404794]  ? anon_vma_fork+0xf1/0x640
[ 2874.405516]  should_failslab+0x5/0x20
[ 2874.406117]  kmem_cache_alloc+0x5b/0x310
[ 2874.406769]  anon_vma_fork+0xf1/0x640
[ 2874.407411]  ? __vm_enough_memory+0x184/0x360
[ 2874.408233]  copy_process+0x7218/0x7800
[ 2874.409019]  ? __cleanup_sighand+0xb0/0xb0
[ 2874.409784]  ? perf_trace_lock+0xac/0x490
[ 2874.410553]  ? perf_trace_lock+0xac/0x490
[ 2874.411327]  kernel_clone+0xe7/0x980
[ 2874.411944]  ? create_io_thread+0xf0/0xf0
[ 2874.412614]  ? lock_downgrade+0x6d0/0x6d0
[ 2874.413261]  ? find_held_lock+0x2c/0x110
[ 2874.413912]  ? ksys_write+0x12d/0x260
[ 2874.414535]  __do_sys_clone+0xc8/0x110
[ 2874.415169]  ? kernel_clone+0x980/0x980
[ 2874.415831]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2874.416585]  ? vfs_write+0x354/0xb10
[ 2874.417191]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2874.418033]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2874.418872]  do_syscall_64+0x33/0x40
[ 2874.419485]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2874.420303] RIP: 0033:0x7f81e84c4b19
[ 2874.420898] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2874.423765] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2874.424970] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 2874.426099] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2874.427216] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2874.428363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2874.429493] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
05:48:08 executing program 7:
r0 = getpgrp(0x0)
r1 = pidfd_open(r0, 0x0)
r2 = fork()
move_pages(r2, 0x1, &(0x7f0000000100)=[&(0x7f0000ffa000/0x1000)=nil], 0x0, 0x0, 0x0)
move_pages(r2, 0x6, &(0x7f0000000200)=[&(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil], 0x0, &(0x7f0000000240)=[0x0, 0x0, 0x0], 0x0)
r3 = fork()
move_pages(r3, 0x1, &(0x7f0000000100)=[&(0x7f0000ffa000/0x1000)=nil], 0x0, 0x0, 0x0)
clone3(&(0x7f0000000380)={0x20004000, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180), {0x15}, &(0x7f00000001c0)=""/205, 0xcd, &(0x7f00000002c0)=""/88, &(0x7f0000000340)=[r0, r2, r3], 0x3}, 0x58)
r4 = dup(r1)
setns(r4, 0x4000000)
ioctl$BLKFRASET(r4, 0x1264, &(0x7f00000000c0)=0x843)
prlimit64(0x0, 0x9, &(0x7f00000017c0), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0xff, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10018, 0x0, 0x0, 0x8, 0x7}, 0x0, 0xd, 0xffffffffffffffff, 0x0)
prlimit64(0xffffffffffffffff, 0xd, 0x0, &(0x7f0000000080))
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
setresuid(0xffffffffffffffff, r5, 0x0)
setreuid(0xffffffffffffffff, r5)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
io_setup(0x2d47, &(0x7f0000000000))

05:48:08 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 9)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

[ 2874.482786] loop6: detected capacity change from 0 to 41948160
[ 2874.507929] FAULT_INJECTION: forcing a failure.
[ 2874.507929] name failslab, interval 1, probability 0, space 0, times 0
[ 2874.510660] CPU: 1 PID: 37922 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 2874.512138] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2874.513871] Call Trace:
[ 2874.514429]  dump_stack+0x107/0x167
[ 2874.515198]  should_fail.cold+0x5/0xa
[ 2874.516028]  ? create_object.isra.0+0x3a/0xa20
[ 2874.517005]  should_failslab+0x5/0x20
[ 2874.517804]  kmem_cache_alloc+0x5b/0x310
[ 2874.518677]  create_object.isra.0+0x3a/0xa20
[ 2874.519608]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2874.520693]  kmem_cache_alloc+0x159/0x310
[ 2874.521571]  anon_vma_fork+0x1ff/0x640
[ 2874.522402]  copy_process+0x7218/0x7800
[ 2874.523285]  ? __cleanup_sighand+0xb0/0xb0
[ 2874.524187]  ? perf_trace_lock+0xac/0x490
[ 2874.525064]  ? perf_trace_lock+0xac/0x490
[ 2874.525951]  kernel_clone+0xe7/0x980
[ 2874.526731]  ? create_io_thread+0xf0/0xf0
[ 2874.527628]  ? lock_downgrade+0x6d0/0x6d0
[ 2874.528524]  ? find_held_lock+0x2c/0x110
[ 2874.529410]  ? ksys_write+0x12d/0x260
[ 2874.530242]  __do_sys_clone+0xc8/0x110
[ 2874.531048]  ? kernel_clone+0x980/0x980
[ 2874.531921]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2874.532917]  ? vfs_write+0x354/0xb10
[ 2874.533742]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2874.534878]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2874.535966]  do_syscall_64+0x33/0x40
[ 2874.536795]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2874.537918] RIP: 0033:0x7fd16660db19
[ 2874.538740] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2874.542694] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2874.544378] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 2874.545890] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2874.547467] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 2874.549009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2874.550530] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
05:48:08 executing program 2:
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/94, 0x5e}], 0x1, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)="ee", 0x1}], 0x100000000000037f)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = dup(r3)
recvmmsg(r4, &(0x7f0000007940)=[{{0x0, 0x200000, 0x0}}], 0x500, 0x20000022, 0x0)
r5 = fspick(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x1)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r4, 0xc018937e, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000001df000018000000", @ANYRES32=r5, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00.\x00'])
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sendfile(r0, r2, &(0x7f0000000000)=0xffffffffffffffff, 0x1)
fork()
socket$inet6(0xa, 0xa, 0x3ff)

[ 2874.595924] FAULT_INJECTION: forcing a failure.
[ 2874.595924] name failslab, interval 1, probability 0, space 0, times 0
[ 2874.598638] CPU: 1 PID: 37931 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 2874.600159] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2874.601898] Call Trace:
[ 2874.602482]  dump_stack+0x107/0x167
[ 2874.603295]  should_fail.cold+0x5/0xa
[ 2874.604132]  ? create_object.isra.0+0x3a/0xa20
[ 2874.605132]  should_failslab+0x5/0x20
[ 2874.605973]  kmem_cache_alloc+0x5b/0x310
[ 2874.606871]  create_object.isra.0+0x3a/0xa20
[ 2874.607838]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2874.608950]  kmem_cache_alloc+0x159/0x310
[ 2874.609857]  ? prepare_creds+0x466/0x5e0
[ 2874.610753]  __delayacct_tsk_init+0x1b/0x80
[ 2874.611709]  copy_process+0x3319/0x7800
[ 2874.612587]  ? __lock_acquire+0xbb1/0x5b00
[ 2874.613524]  ? lock_downgrade+0x6d0/0x6d0
[ 2874.614422]  ? __cleanup_sighand+0xb0/0xb0
[ 2874.615347]  ? perf_trace_lock+0xac/0x490
05:48:08 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5b, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_read_part_table(0x4, 0x3, &(0x7f0000000300)=[{0x0, 0x0, 0x7fff}, {&(0x7f00000000c0)="c38cf7bc4643814e0c3c102f3b75e3c485e1953666867ff0b760954b5332fb483e5202228f1d3639fb7e217fc1641ed544264d6d64acb87d45fd283a67394a4e2e2701aa50bb03876578363361aeef9122b3f11fc180a7a88078783617379e9d50a70aaa5a7cb9416764cc79f78aaa19e3233560c4a9b6170a115d98d65791cb814e7913658915c75934144bdfad8f323895925d58061f0cfee517911f", 0x9d, 0xf4b2}, {&(0x7f0000000180)="5bffa097ec44ff12ea1e69793d84533c7cb8a98876a1d69640b9350e43bd6dbde6d292e3ec889a2f997ed8ca47e1ce40613b86425c9456f874799fb3e850dbcfeb73af445005e7561b8047b6d9437d7a6c73b62e7124fb2699949fe472ecbf145e1c365cd2287639641d1a0c04144114d1bc776d64b3bf20c3e73b4249f23d53201bfb8491e7b24e3c110cf6fa7d1d67d5ee06beeb1646190fdbb6bc2b1b44a917d0612a21f3a5a8a4911756e842a9b14ac53892cdeca6ea25b9228b5bc75aed64cee705e38f18640770a2a4d5d901853a031c6cc4cddff8c22897481b3c52649adbfe44f9e62e445b1bbfc9af83", 0xee, 0x7}])
r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
fallocate(r1, 0x0, 0x0, 0x8000)
ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000280))
readv(r0, &(0x7f0000002500)=[{&(0x7f0000000500)=""/4096, 0x1000}, {0x0}], 0x2)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000440), 0x10d741, 0x0)
timerfd_create(0x0, 0x0)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000380), 0x58000, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_SCRNMAP(r2, 0x4b36, 0x0)
sendfile(r2, 0xffffffffffffffff, &(0x7f00000002c0)=0x1f, 0x8)
ioctl$TCSBRK(r2, 0x5409, 0x400)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
signalfd4(r3, &(0x7f0000000400)={[0xe9]}, 0x8, 0x800)
r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x8c)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x10, r4, 0x0)

[ 2874.616254]  ? perf_trace_lock+0xac/0x490
[ 2874.617286]  kernel_clone+0xe7/0x980
[ 2874.618103]  ? create_io_thread+0xf0/0xf0
[ 2874.619000]  ? lock_downgrade+0x6d0/0x6d0
[ 2874.619911]  ? find_held_lock+0x2c/0x110
[ 2874.620797]  ? ksys_write+0x12d/0x260
[ 2874.621638]  __do_sys_clone+0xc8/0x110
[ 2874.622483]  ? kernel_clone+0x980/0x980
[ 2874.623356]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2874.624360]  ? vfs_write+0x354/0xb10
[ 2874.625193]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2874.626329]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2874.627459]  do_syscall_64+0x33/0x40
[ 2874.628266]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2874.629378] RIP: 0033:0x7f87f4e1cb19
05:48:08 executing program 0:
mlockall(0x7)
shmat(0xffffffffffffffff, &(0x7f0000800000/0x800000)=nil, 0x1000)

[ 2874.630183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2874.634154] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2874.635720] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 2874.637188] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2874.638629] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 2874.640112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2874.641570] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
[ 2874.662815] loop3: detected capacity change from 0 to 124928
05:48:08 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 34)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

[ 2874.746978] FAULT_INJECTION: forcing a failure.
[ 2874.746978] name failslab, interval 1, probability 0, space 0, times 0
[ 2874.749751] CPU: 1 PID: 38040 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 2874.751237] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2874.752985] Call Trace:
[ 2874.753549]  dump_stack+0x107/0x167
[ 2874.754334]  should_fail.cold+0x5/0xa
[ 2874.755143]  ? create_object.isra.0+0x3a/0xa20
[ 2874.756127]  should_failslab+0x5/0x20
[ 2874.756936]  kmem_cache_alloc+0x5b/0x310
[ 2874.757804]  create_object.isra.0+0x3a/0xa20
[ 2874.758732]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2874.759820]  kmem_cache_alloc+0x159/0x310
[ 2874.760734]  anon_vma_fork+0xf1/0x640
[ 2874.761536]  ? __vm_enough_memory+0x184/0x360
[ 2874.762485]  copy_process+0x7218/0x7800
[ 2874.763374]  ? __cleanup_sighand+0xb0/0xb0
[ 2874.764275]  ? perf_trace_lock+0xac/0x490
[ 2874.765168]  ? perf_trace_lock+0xac/0x490
[ 2874.766053]  kernel_clone+0xe7/0x980
[ 2874.766852]  ? create_io_thread+0xf0/0xf0
[ 2874.767737]  ? lock_downgrade+0x6d0/0x6d0
[ 2874.768607]  ? find_held_lock+0x2c/0x110
[ 2874.769471]  ? ksys_write+0x12d/0x260
[ 2874.770296]  __do_sys_clone+0xc8/0x110
[ 2874.771120]  ? kernel_clone+0x980/0x980
[ 2874.771978]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2874.772964]  ? vfs_write+0x354/0xb10
[ 2874.773773]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2874.774878]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2874.776004]  do_syscall_64+0x33/0x40
[ 2874.776792]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2874.777895] RIP: 0033:0x7f81e84c4b19
[ 2874.778708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2874.782709] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2874.784387] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 2874.785945] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2874.787488] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2874.789045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2874.790597] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
05:48:25 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 54)

05:48:25 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 35)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:48:25 executing program 2:
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/94, 0x5e}], 0x1, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)="ee", 0x1}], 0x100000000000037f)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sendfile(r0, r2, &(0x7f0000000000)=0xffffffffffffffff, 0x1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = dup(r3)
recvmmsg(r4, &(0x7f0000007940)=[{{0x0, 0x200000, 0x0}}], 0x500, 0x20000022, 0x0)
mkdirat(r4, &(0x7f0000000100)='./file0\x00', 0x8)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendfile(r5, r2, &(0x7f00000000c0)=0x7ff, 0x5)
fork()
socket$inet6(0xa, 0xa, 0x3ff)

05:48:25 executing program 0:
mlockall(0x7)
r0 = shmget$private(0x0, 0x1000, 0x1c10, &(0x7f0000ffd000/0x1000)=nil)
shmat(r0, &(0x7f0000800000/0x800000)=nil, 0xc000)
shmget(0x2, 0x3000, 0x54000000, &(0x7f0000e24000/0x3000)=nil)
r1 = shmget(0x0, 0x4000, 0x100, &(0x7f0000ffa000/0x4000)=nil)
r2 = shmget$private(0x0, 0x1000, 0x1c10, &(0x7f0000ffd000/0x1000)=nil)
shmat(r2, &(0x7f0000800000/0x800000)=nil, 0xc000)
shmat(r2, &(0x7f0000cc7000/0x4000)=nil, 0x1000)
shmat(r1, &(0x7f000084b000/0x2000)=nil, 0x3000)

05:48:25 executing program 3:
keyctl$session_to_parent(0x12)
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x96, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = getpid()
r2 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x4f, 0x5, 0x20, 0xff, 0x0, 0x3, 0x1, 0x4, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x2, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x7fff, 0x1, @perf_config_ext={0x7, 0x9}, 0x2, 0xfff, 0x1f, 0xd, 0x7fff, 0x8, 0x4, 0x0, 0x2, 0x0, 0x401}, r1, 0x5, r0, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>r2}, './file0\x00'})
perf_event_open(&(0x7f0000000100)={0x3, 0x80, 0x40, 0x9, 0x1, 0xc3, 0x0, 0x100000000, 0x681a3, 0x3, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x200, 0x0, @perf_bp={&(0x7f00000000c0)}, 0x118, 0xf9e1, 0xfff, 0x9, 0x2, 0xff, 0x1f, 0x0, 0x7, 0x0, 0x4cea}, r1, 0xf, r3, 0x2)

05:48:25 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 10)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:48:25 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[])
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, 0x0)

05:48:25 executing program 7:
r0 = memfd_create(&(0x7f0000000140)='\x13\x97\x02\xd8 \xea\xc8\xf3\xad\xd9\x02\rp*\xb3\x9a\xbc\xc1\xb0\xba\x1eo\xfd1\xa3\x8e\x1c\x03Iq\xdcf{\xd8\xc1e\xcd\xc3`\x9b\x8b\xc9\xe2\xd2\xd5\xb9\xdd\x85w\xed\x92\xbf\xb6\x1c\xa7\x8b\x1f.\xd1\x16\xeb\f#\x83\xce\xa3\xcb`\xdb\\\x01\v!\xbb\x1aR\x11/\xef\xb0\xecL\xd3\x99{\x81\xc6N9\x00\x00\x00\x00\x00\x00\x00\x00', 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x108000})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x7, 0x0, 0x0, 0x99}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x30, 0x1e, 0xc21, 0x0, 0x0, {0x7}, [@typed={0x8, 0x3, 0x0, 0x0, @u32}, @typed={0x14, 0x8, 0x0, 0x0, @ipv6=@private2}]}, 0x30}}, 0x0)
pipe(&(0x7f0000000040))
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4)
fork()

[ 2891.027981] netlink: 'syz-executor.7': attribute type 8 has an invalid length.
[ 2891.037887] loop6: detected capacity change from 0 to 41948160
05:48:25 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x8042, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000340), 0x6}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
write$binfmt_script(r0, &(0x7f0000000940)=ANY=[@ANYBLOB="3b7e40cfbf2b9dc436027ee0a55be0b8a0007f55bc70010000009821e679c1c0d7816206010000000000006a650681f74efe43d2d55b9de20d13a838060000ec2654483350e1987b76b50e370b669cc5aa1cbe0500d5738cbcad48a5e29a35cbfee6e137f84e181e23a88d4a000000763a9633cbe51c9846ceabd3fc18e16489039138f20c6904ae56b7925a869054ebf70f5802f1680aab4cc23b1756896e2520dfa6c1f3a9752c686f992e6769c569e3b97ca6c296676968d8301c29c0454ead399383454af00f37df95ed4130a96007f3cd404bb619dfc65f2ca5a4252e"], 0xee)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_WDS_PEER(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x28, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="32fe80f33b27"}]}, 0x28}}, 0x0)
connect(r2, &(0x7f00000000c0)=@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x4, 0x2, 0x0, 0x1, {0xa, 0x4e23, 0x9, @private2, 0x7}}}, 0x80)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r1, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, &(0x7f0000000080)=ANY=[@ANYRESHEX=r0, @ANYRESOCT=r1, @ANYRESDEC], 0x108)
setsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x36, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000040))

[ 2891.051623] FAULT_INJECTION: forcing a failure.
[ 2891.051623] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2891.054824] CPU: 1 PID: 38169 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 2891.056313] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2891.058084] Call Trace:
[ 2891.058653]  dump_stack+0x107/0x167
[ 2891.059442]  should_fail.cold+0x5/0xa
[ 2891.060260]  __alloc_pages_nodemask+0x182/0x600
[ 2891.061250]  ? __lockdep_reset_lock+0x180/0x180
[ 2891.062241]  ? __lockdep_reset_lock+0x180/0x180
[ 2891.063232]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 2891.064545]  alloc_pages_current+0x187/0x280
[ 2891.065490]  pte_alloc_one+0x16/0x1a0
[ 2891.066308]  __pte_alloc+0x1d/0x330
[ 2891.067097]  copy_page_range+0x1b62/0x3810
[ 2891.068059]  ? up_write+0x191/0x550
[ 2891.068836]  ? vm_iomap_memory+0x190/0x190
[ 2891.069738]  ? downgrade_write+0x3a0/0x3a0
[ 2891.070652]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 2891.071822]  ? __vma_link_rb+0x540/0x700
[ 2891.072694]  copy_process+0x759b/0x7800
[ 2891.073580]  ? __cleanup_sighand+0xb0/0xb0
[ 2891.074478]  ? perf_trace_lock+0xac/0x490
[ 2891.075372]  ? perf_trace_lock+0xac/0x490
[ 2891.076278]  kernel_clone+0xe7/0x980
[ 2891.077078]  ? create_io_thread+0xf0/0xf0
[ 2891.077962]  ? lock_downgrade+0x6d0/0x6d0
[ 2891.078843]  ? find_held_lock+0x2c/0x110
[ 2891.079725]  ? ksys_write+0x12d/0x260
[ 2891.080552]  __do_sys_clone+0xc8/0x110
[ 2891.081384]  ? kernel_clone+0x980/0x980
[ 2891.082231]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2891.083217]  ? vfs_write+0x354/0xb10
[ 2891.084041]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2891.085157]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2891.086268]  do_syscall_64+0x33/0x40
[ 2891.087062]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2891.088166] RIP: 0033:0x7fd16660db19
[ 2891.088957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2891.092876] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2891.094495] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 2891.096022] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2891.097543] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 2891.099064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2891.100595] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
[ 2891.117172] FAULT_INJECTION: forcing a failure.
[ 2891.117172] name failslab, interval 1, probability 0, space 0, times 0
[ 2891.119738] CPU: 1 PID: 38170 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 2891.121215] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2891.122965] Call Trace:
[ 2891.123535]  dump_stack+0x107/0x167
[ 2891.124316]  should_fail.cold+0x5/0xa
[ 2891.125129]  ? dup_fd+0x89/0xf40
[ 2891.125857]  should_failslab+0x5/0x20
[ 2891.126664]  kmem_cache_alloc+0x5b/0x310
[ 2891.127543]  dup_fd+0x89/0xf40
[ 2891.128234]  ? security_task_alloc+0xe6/0x260
[ 2891.129188]  copy_process+0x197e/0x7800
[ 2891.130042]  ? __lock_acquire+0xbb1/0x5b00
[ 2891.130967]  ? __cleanup_sighand+0xb0/0xb0
[ 2891.131869]  ? perf_trace_lock+0xac/0x490
[ 2891.132756]  ? perf_trace_lock+0xac/0x490
[ 2891.133644]  kernel_clone+0xe7/0x980
[ 2891.134434]  ? create_io_thread+0xf0/0xf0
[ 2891.135311]  ? lock_downgrade+0x6d0/0x6d0
[ 2891.136195]  ? find_held_lock+0x2c/0x110
[ 2891.137062]  ? ksys_write+0x12d/0x260
[ 2891.137881]  __do_sys_clone+0xc8/0x110
05:48:25 executing program 7:
ftruncate(0xffffffffffffffff, 0x0)
r0 = open(&(0x7f0000000140)='./file1\x00', 0x101000, 0x0)
statx(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
io_setup(0x3, &(0x7f0000000000)=<r2=>0x0)
r3 = inotify_init1(0x0)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
inotify_add_watch(r3, &(0x7f0000000000)='./file0\x00', 0x43)
dup3(r4, r3, 0x0)
r5 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0)
io_submit(r2, 0x2, &(0x7f0000000380)=[&(0x7f0000001080)={0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x3000000}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
ioctl$sock_ipv6_tunnel_SIOCADD6RD(r0, 0x89f9, &(0x7f0000000300)={'syztnl1\x00', &(0x7f0000000240)={'sit0\x00', 0x0, 0x29, 0x2, 0x6a, 0x4, 0x10, @private1, @private2={0xfc, 0x2, '\x00', 0x21}, 0x20, 0x0, 0x61, 0x7}})
sendmsg$netlink(r1, &(0x7f0000000340)={&(0x7f0000000200)=@proc={0x10, 0x0, 0x25dfdbfb, 0x20}, 0xc, &(0x7f00000002c0)=[{&(0x7f00000004c0)={0xc4, 0x20, 0x10, 0x70bd28, 0x25dfdbfc, "", [@generic="5173a48a1693b2aedb6163e68e2ee3edf3835d8b5f41bf03613605f715bf96f88e383e5b6c43600a7a56bdc5210709edd9442c", @generic="81da9c1b963dbb3d00f64cbd7325f2655303070b6a4352bd6d7294bb736ec8e91d5d89417057c3641b0cae0f7feab2c638b6d4f9fbc7c99cd7acf5478a36f553065091a3fc356755e6d36a5dbe3ba25b3a7107404f97bfbb053007092dccd79fd75d8ca080c73b36d071d7dd", @typed={0x8, 0x55, 0x0, 0x0, @pid}, @typed={0xc, 0x35, 0x0, 0x0, @u64}]}, 0xc4}, {&(0x7f00000010c0)=ANY=[@ANYBLOB="b40200002b00000426bd7000fcdbdf25afc8ff1e795acf7dad24c9b09ed86b90affcfeaede6d3622589c9e3044c4047a1b693d52c2acdb3e14bbe161c7385ea0bb22c5acf681071df98aa0ba3f353ab5f4e0305dd37253d1d73ec32296053f7c4d8354a54abedcd8596b48594d4535c3f47540769fdbfea09d14e296b610efe4f424e4946cc0c8927f5bec26ce717ae2ada49c9b9071aafc278512be7fe7060569868b4adaf05c14c21c611455084a6b08008d007f000001a9014880cc00e47154db4e147ed24d4d940012cd4fa118395039f4bd8a98d750e279ed345f3f97ba282e0040d4aeed989be385130595b49fb2682de61c56d87d8fceac4ac76f2fd2d283e905cf3369a05077258e15ad0bfe2e8493a30f3cfdcdaf29434f0bb3441d4424e9ece5c038be8eaa5fa75ff4e58592898db46a057dbfc4d8b30460915e747ceaea2d09b70f314041114d8a4b70ad3c37afbcab139bb78b141fc9c81a54b45229e98753fa04e7de74d518d7a8bc29665480097e478a250091a968b4eb4928953d446e53da951c8418b76db41452c3e0674800f89cfd3a04b02f85c7aea53dd3d5fe5317fc28fea38ea12c177541559ef9e03afece48f7d3d26697cc4a1eac29248c482578f1c6f87fc323c9725c14ec2d0600f010d67602fcb7aafa9d981e0adb87eb7c2cdc8795bb31cfec01a5d076aeba745c925fa2ca956df995549947f7870352cb2798cd6d3575af936542e4f50c0003000600000000000000080057000300000009006f0027215c5e00000000090064007369743000000000140011000042000000d1f612b086ae76e9e3d4737e4c8bc296ffdde1a6ac6c5b483b4e72f3d6381268f80d9e43215a63e5578749e53f6544e879df28182e3c7cd022db903cf4e3c4e3483ce1bc5b384dcfac72616823107400c48cc224df16deae07c2d4e469171945d59853def5e86e856ec6e88822cd7dccee9898360873d7399a19b843863d273a278e9b0c8b0c85928a65b87f0f9af974164ac328004a4e49c5a12770002decf559d0857549b18dd6369ebef17e1f574a28bfc3a9ba8d08313efb18cd84d3ae3a2cf2ed994880a43c71f62618e2f7e427f92e2784fa7242e422f2d4ce017d365bbd02d8102b6b977fea0a1e0771ef9e7d18d6675d750eb60f400f9de0444c235d4ef7ffc1eb65e325a3e40f847e08c474f2a495a8b48cec70f109f94a8ab27e323b7dffff0d5d35cf73ac486c4064ee7211f405343de615dc961538748f99e15acc72c7869a8d9f1b87745b9fc06dd4b1b167470d1700d177d22bfb0426ddc25a0b1c00000000000000000000000000006831a93839459d0ffb84cddfa96fac0b708ee394b750619119ae26a4ba789420c8b76276675e508549b3e873dd23cbcadfbc425bf6c1b7f8b4f04825f71e42b6e70385ca0301d674bc0e6a7194d7415c6efabb81428146d163a1f1b46af489256a588cc31fa4bb7f90a01d75e4aa641400"/1073], 0x2b4}], 0x2, 0x0, 0x0, 0xd040}, 0x240080c0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
socket$inet6_udp(0xa, 0x2, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000005c0)=ANY=[@ANYBLOB="ffff00001d00210c00000000160000000400020008000c0000000000551b8381b0903d95e62f8c86215956039a0409d05dc40466fd2a85c96d80f86fdeb89bf6b040eb9867aad208ac1c092066bae103e6d26d55f1a175ac2e49f237b99f38089b9927e7dbfff9a048ed810a18ae8bf954e5feafae3bf141c00bdc3dc0bdd034a2ae6dd7acb2863a239f90e21c6d405662bf08efb72b5daccdff203ba484dda84e7e0fc0926686115b1a6a6614afd7447d5262f5e173e5d47c02130f83f4f4703beedf98fe1268a515fb104e1bd4d89140e2642520f0658c273eb4b5e222be83d4330833dc89108237ea255ab2417a70799468568276fb120f32533b12631b73c8a75d0199901f49889fb253eb6918b062584fa89006f400000000006bd4de377c2f191162005aaa37b4466d8dd90dcafc18cd865ac4878c1349bfcdf0fce995f8e6cb96e11fac420b551084ef4b6add1801b3670d599a08b5f3a8d90fc721b5553d0300000000000000000000000012420cf82d27860b632dccec77851e14b6281fcce123c97f70c1e46f55850c21b25c13e2296b5b55988341"], 0x1c}}, 0x0)

[ 2891.138937]  ? kernel_clone+0x980/0x980
[ 2891.139903]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2891.140891]  ? vfs_write+0x354/0xb10
[ 2891.141701]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2891.142813]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2891.143920]  do_syscall_64+0x33/0x40
[ 2891.144717]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2891.145806] RIP: 0033:0x7f87f4e1cb19
[ 2891.146600] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2891.150481] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2891.152105] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 2891.153619] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2891.155131] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 2891.156666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2891.158186] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
[ 2891.194140] FAULT_INJECTION: forcing a failure.
[ 2891.194140] name failslab, interval 1, probability 0, space 0, times 0
[ 2891.196788] CPU: 1 PID: 38179 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 2891.198241] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2891.199991] Call Trace:
[ 2891.200546]  dump_stack+0x107/0x167
[ 2891.201312]  should_fail.cold+0x5/0xa
[ 2891.202114]  ? anon_vma_fork+0x1ff/0x640
[ 2891.202962]  should_failslab+0x5/0x20
[ 2891.203771]  kmem_cache_alloc+0x5b/0x310
[ 2891.204628]  anon_vma_fork+0x1ff/0x640
[ 2891.205453]  copy_process+0x7218/0x7800
[ 2891.206336]  ? __cleanup_sighand+0xb0/0xb0
[ 2891.207222]  ? perf_trace_lock+0xac/0x490
[ 2891.208130]  ? perf_trace_lock+0xac/0x490
[ 2891.209025]  kernel_clone+0xe7/0x980
[ 2891.209823]  ? create_io_thread+0xf0/0xf0
[ 2891.210703]  ? lock_downgrade+0x6d0/0x6d0
[ 2891.211592]  ? find_held_lock+0x2c/0x110
[ 2891.212460]  ? ksys_write+0x12d/0x260
[ 2891.213290]  __do_sys_clone+0xc8/0x110
[ 2891.214123]  ? kernel_clone+0x980/0x980
[ 2891.214966]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2891.215963]  ? vfs_write+0x354/0xb10
[ 2891.216775]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2891.217884]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2891.218981]  do_syscall_64+0x33/0x40
[ 2891.219777]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2891.220861] RIP: 0033:0x7f81e84c4b19
[ 2891.221649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2891.225567] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2891.227181] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 2891.228713] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2891.230224] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2891.231748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2891.233275] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
05:48:25 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[])
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, 0x0)

05:48:25 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 55)

05:48:25 executing program 0:
mlockall(0x7)
shmat(0x0, &(0x7f0000800000/0x800000)=nil, 0x0)

[ 2891.383169] FAULT_INJECTION: forcing a failure.
[ 2891.383169] name failslab, interval 1, probability 0, space 0, times 0
[ 2891.384697] CPU: 0 PID: 38476 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 2891.385502] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2891.386454] Call Trace:
[ 2891.386762]  dump_stack+0x107/0x167
[ 2891.387182]  should_fail.cold+0x5/0xa
[ 2891.387635]  ? ptlock_alloc+0x1d/0x70
[ 2891.388072]  should_failslab+0x5/0x20
[ 2891.388507]  kmem_cache_alloc+0x5b/0x310
[ 2891.388981]  ptlock_alloc+0x1d/0x70
[ 2891.389409]  pte_alloc_one+0x68/0x1a0
[ 2891.389853]  __pte_alloc+0x1d/0x330
[ 2891.390280]  copy_page_range+0x1b62/0x3810
[ 2891.390791]  ? up_write+0x191/0x550
[ 2891.391209]  ? vm_iomap_memory+0x190/0x190
[ 2891.391703]  ? downgrade_write+0x3a0/0x3a0
[ 2891.392188]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 2891.392805]  ? __vma_link_rb+0x540/0x700
[ 2891.393271]  copy_process+0x759b/0x7800
[ 2891.393745]  ? __cleanup_sighand+0xb0/0xb0
[ 2891.394229]  ? perf_trace_lock+0xac/0x490
[ 2891.394708]  ? perf_trace_lock+0xac/0x490
[ 2891.395187]  kernel_clone+0xe7/0x980
[ 2891.395625]  ? create_io_thread+0xf0/0xf0
[ 2891.396097]  ? lock_downgrade+0x6d0/0x6d0
[ 2891.396570]  ? find_held_lock+0x2c/0x110
[ 2891.397039]  ? ksys_write+0x12d/0x260
[ 2891.397629]  __do_sys_clone+0xc8/0x110
[ 2891.398198]  ? kernel_clone+0x980/0x980
[ 2891.398666]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2891.399200]  ? vfs_write+0x354/0xb10
[ 2891.399657]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2891.400262]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2891.400858]  do_syscall_64+0x33/0x40
[ 2891.401285]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2891.401874] RIP: 0033:0x7fd16660db19
[ 2891.402299] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2891.404413] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2891.405283] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 2891.406095] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2891.406906] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 2891.407733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2891.408556] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
05:48:39 executing program 0:
mlockall(0x7)
shmat(0x0, &(0x7f0000800000/0x800000)=nil, 0xc000)
r0 = shmat(0x0, &(0x7f00009ff000/0x2000)=nil, 0x2000)
shmdt(r0)

05:48:39 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x100)
sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000140)={&(0x7f0000000540)=ANY=[@ANYBLOB="0000000040ccbd1fe55c034cf23627b1e4ca90fe22bdc1e3666ad1f8863cde9a6a1b856d11d0a779157b7c277fc4aa8c6bd8965a9534ef535795818af2022d065301778a1175edec526732b1662b7ff1fe81e1024e216a2c87ed8895bf7ddc2f76501144df86cd3a1452a9930da9a4c4cef55e4265b987fcf35f911ce077cd547a5fc58ed8f4bf698afc697e129c1eb06daa785c37e05debf6e71559d0f5de7969c0f28431e92809729dd05ab0b74cc105ef57cb3f7031ff09516c241725f0087b1daa46e9145e05ca45e5666f6f54ee3fa44c9ad6794b3ab41c44f8d0a226878fe553de0df6f0deeeac3ca32eda8ab355081809c5bbf86ae78f84fcd7003b8b3e6d918e35306bd8e2e1d2df71be892ba64a64ceea0f71d9ab213eec636d1620f3d5a36903e560fbf5ca3f99849dc7f052d72a2802bf46772b2ea970c12382ff3aabb31d8f64d2c4385d2378242f7aec6f11d85f7098f149692ebbe77ada84d4ff68b47d334f55e65f2f94e081fb29041594896cd9b9915c46ecac53a98897e2ef8f4270ef4155cb1f315d35b5cd26cc2934df62529a09a0a15473a60008000000000000feab095d921ca628f5fed2fee3262c6921ee06a4165e28f1c6d0eba6b722151962aa0f87e468a726d66b2ebd8ecf6abd0e84081938e7013bd5e6bbce05", @ANYRES16=0x0, @ANYBLOB="000425bd7000fedbdf252e0000000c00990006000000670000000a004f0050505050505000001e00940095011e0400000000000000040000001d000000060007000000090000"], 0x4c}, 0x1, 0x0, 0x0, 0x4008000}, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$BTRFS_IOC_RESIZE(0xffffffffffffffff, 0x50009403, &(0x7f0000000240)={{r1}, {@void, @actul_num={@val=0x2b, 0x7, 0x45}}})
r3 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/attr/keycreate\x00', 0x2, 0x0)
sendmsg$TIPC_NL_PUBL_GET(r1, &(0x7f00000003c0)={&(0x7f0000000100), 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x5c, 0x0, 0x20, 0x70bd28, 0x25dfdbfb, {}, [@TIPC_NLA_MEDIA={0x10, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}]}]}, @TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x7fff}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x10001}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x4}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x3}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x8}]}, @TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4000005}, 0x0)
write$binfmt_elf64(r3, &(0x7f0000000780)={{0x7f, 0x45, 0x4c, 0x46, 0xd1, 0x0, 0x81, 0x7, 0x81, 0x2, 0x6, 0x3, 0x2a7, 0x40, 0x60, 0x7, 0xb96b, 0x38, 0x2, 0x20, 0x1}, [{0x3, 0x4, 0x0, 0xffffffff, 0x2, 0x3, 0x8, 0x5}, {0x6474e551, 0x218, 0x2, 0x81, 0xe05, 0x5, 0x7f, 0x6}], "cc8cb62938e7cfc5459da1e68900a4704c76d4b62e23d03dcdb3609d824cdbbd2e4746df254cfee6f65c614d9983df680837795eb8def199de51214dda3bb6db42922238124b167550811fbd0325751ed0b5c713491585743994d979", ['\x00']}, 0x20c)
syz_genetlink_get_family_id$ethtool(&(0x7f0000001700), 0xffffffffffffffff)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_EEE_SET(r5, &(0x7f0000002800)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)={0x14, r4, 0x1, 0x0, 0x0, {0xa}}, 0x14}}, 0x0)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)={0x18, r4, 0xb0b, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}]}, 0x18}}, 0x0)
sendmsg$NL80211_CMD_RELOAD_REGDB(r1, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x14, r2, 0x1, 0x70bd2c, 0x25dfdbfe, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40811}, 0x84)

05:48:39 executing program 2:
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/94, 0x5e}], 0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f00000000c0)=ANY=[@ANYBLOB="1008000000176f17ff0f8867", @ANYRES32=<r0=>0xffffffffffffffff, @ANYBLOB="ffff000f52696c6530000098cfadc0b7"])
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f00000001c0)={0x20002003})
r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x20000000}, 0x0, 0x2000, 0x0, 0x0, 0x100000000000, 0x0, 0x4}, 0x0, 0xfffffffffffffffb, r0, 0x0)
r2 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
writev(r2, &(0x7f00000002c0)=[{&(0x7f0000000080)="ee", 0x1}], 0x100000000000037f)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000100)=0x8)
sendfile(r1, r3, &(0x7f0000000000)=0xffffffffffffffff, 0x1)
fork()
r4 = memfd_create(&(0x7f0000000180)='/proc/thread-self/attr/fscreate\x00', 0x2)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x81f8943c, &(0x7f0000000500))
socket$inet6(0xa, 0xa, 0x3ff)

05:48:39 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffff, 0x7}, 0x48080, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1}, 0x1b)
syncfs(0xffffffffffffffff)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
mknod$loop(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
setxattr$incfs_metadata(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340), 0x0, 0x0, 0x0)
listxattr(&(0x7f0000000080)='./file0\x00', 0x0, 0x12)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0x2, 0x3}, 0x6)
syncfs(r2)

05:48:39 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) (fail_nth: 1)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:48:39 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 11)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:48:39 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 36)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:48:39 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 56)

[ 2905.751904] FAULT_INJECTION: forcing a failure.
[ 2905.751904] name failslab, interval 1, probability 0, space 0, times 0
[ 2905.754556] CPU: 0 PID: 38522 Comm: syz-executor.6 Not tainted 5.10.235 #1
[ 2905.756015] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2905.757748] Call Trace:
[ 2905.758305]  dump_stack+0x107/0x167
[ 2905.759075]  should_fail.cold+0x5/0xa
[ 2905.759890]  ? __do_sys_memfd_create+0xfb/0x450
[ 2905.760874]  should_failslab+0x5/0x20
[ 2905.761669]  __kmalloc+0x72/0x390
[ 2905.762400]  __do_sys_memfd_create+0xfb/0x450
[ 2905.763335]  ? ksys_write+0x1a9/0x260
[ 2905.764137]  ? memfd_file_seals_ptr+0x170/0x170
[ 2905.765113]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2905.766223]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2905.767288]  do_syscall_64+0x33/0x40
[ 2905.768077]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2905.769149] RIP: 0033:0x7fe01fe92b19
[ 2905.769926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2905.773791] RSP: 002b:00007fe01d407f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 2905.775384] RAX: ffffffffffffffda RBX: 0000000020000180 RCX: 00007fe01fe92b19
[ 2905.776884] RDX: 0000000002801400 RSI: 0000000000000000 RDI: 00007fe01feec0fb
[ 2905.778396] RBP: 0000000000000002 R08: 0000001001000a00 R09: ffffffffffffffff
[ 2905.779908] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000
[ 2905.781407] R13: 00000000200000c0 R14: 0000000002801400 R15: 0000000020000240
[ 2905.808897] FAULT_INJECTION: forcing a failure.
[ 2905.808897] name failslab, interval 1, probability 0, space 0, times 0
[ 2905.811821] CPU: 1 PID: 38518 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 2905.813552] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2905.815615] Call Trace:
[ 2905.816229]  dump_stack+0x107/0x167
[ 2905.817073]  should_fail.cold+0x5/0xa
[ 2905.817953]  ? create_object.isra.0+0x3a/0xa20
[ 2905.819011]  should_failslab+0x5/0x20
[ 2905.819899]  kmem_cache_alloc+0x5b/0x310
[ 2905.820840]  create_object.isra.0+0x3a/0xa20
[ 2905.821854]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2905.823019]  kmem_cache_alloc+0x159/0x310
[ 2905.823993]  dup_fd+0x89/0xf40
[ 2905.824728]  ? audit_filter_inodes+0x40/0x40
[ 2905.825893]  ? security_task_alloc+0xe6/0x260
[ 2905.827108]  copy_process+0x197e/0x7800
[ 2905.828106]  ? __lock_acquire+0xbb1/0x5b00
[ 2905.829324]  ? __cleanup_sighand+0xb0/0xb0
[ 2905.830307]  ? perf_trace_lock+0xac/0x490
[ 2905.831400]  ? perf_trace_lock+0xac/0x490
[ 2905.832524]  kernel_clone+0xe7/0x980
[ 2905.833423]  ? create_io_thread+0xf0/0xf0
[ 2905.834609]  ? lock_downgrade+0x6d0/0x6d0
[ 2905.835739]  ? find_held_lock+0x2c/0x110
[ 2905.836889]  ? ksys_write+0x12d/0x260
[ 2905.837894]  __do_sys_clone+0xc8/0x110
[ 2905.838980]  ? kernel_clone+0x980/0x980
[ 2905.840126]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2905.841425]  ? vfs_write+0x354/0xb10
[ 2905.842537]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2905.843760]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2905.845208]  do_syscall_64+0x33/0x40
[ 2905.846342]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2905.847508] RIP: 0033:0x7f87f4e1cb19
[ 2905.848531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2905.853632] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2905.855694] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 2905.857593] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2905.859449] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 2905.861345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2905.863256] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
[ 2905.868986] FAULT_INJECTION: forcing a failure.
[ 2905.868986] name failslab, interval 1, probability 0, space 0, times 0
[ 2905.871766] CPU: 1 PID: 38521 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 2905.873342] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2905.875212] Call Trace:
[ 2905.875833]  dump_stack+0x107/0x167
[ 2905.876673]  should_fail.cold+0x5/0xa
[ 2905.877539]  ? create_object.isra.0+0x3a/0xa20
[ 2905.878583]  should_failslab+0x5/0x20
[ 2905.879458]  kmem_cache_alloc+0x5b/0x310
[ 2905.880393]  create_object.isra.0+0x3a/0xa20
[ 2905.881377]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2905.882526]  kmem_cache_alloc+0x159/0x310
[ 2905.883475]  anon_vma_fork+0x1ff/0x640
[ 2905.884371]  copy_process+0x7218/0x7800
[ 2905.885316]  ? __cleanup_sighand+0xb0/0xb0
[ 2905.886260]  ? perf_trace_lock+0xac/0x490
[ 2905.887198]  ? perf_trace_lock+0xac/0x490
[ 2905.888146]  kernel_clone+0xe7/0x980
[ 2905.888984]  ? create_io_thread+0xf0/0xf0
[ 2905.889908]  ? lock_downgrade+0x6d0/0x6d0
[ 2905.890839]  ? find_held_lock+0x2c/0x110
[ 2905.891767]  ? ksys_write+0x12d/0x260
[ 2905.892636]  __do_sys_clone+0xc8/0x110
[ 2905.893506]  ? kernel_clone+0x980/0x980
[ 2905.894397]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2905.895439]  ? vfs_write+0x354/0xb10
[ 2905.896299]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2905.897469]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2905.898622]  do_syscall_64+0x33/0x40
[ 2905.899454]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2905.900589] RIP: 0033:0x7f81e84c4b19
[ 2905.901408] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2905.905462] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2905.907150] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 2905.908733] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2905.910303] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2905.911884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2905.913461] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
[ 2905.934976] FAULT_INJECTION: forcing a failure.
[ 2905.934976] name failslab, interval 1, probability 0, space 0, times 0
[ 2905.937847] CPU: 0 PID: 38571 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 2905.939423] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2905.941213] Call Trace:
[ 2905.941780]  dump_stack+0x107/0x167
[ 2905.942558]  should_fail.cold+0x5/0xa
[ 2905.943371]  ? create_object.isra.0+0x3a/0xa20
[ 2905.944365]  should_failslab+0x5/0x20
[ 2905.945179]  kmem_cache_alloc+0x5b/0x310
[ 2905.946040]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 2905.947318]  create_object.isra.0+0x3a/0xa20
[ 2905.948261]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2905.949352]  kmem_cache_alloc+0x159/0x310
[ 2905.950241]  ptlock_alloc+0x1d/0x70
[ 2905.951017]  pte_alloc_one+0x68/0x1a0
[ 2905.951844]  __pte_alloc+0x1d/0x330
[ 2905.952643]  copy_page_range+0x1b62/0x3810
[ 2905.953608]  ? up_write+0x191/0x550
[ 2905.954399]  ? vm_iomap_memory+0x190/0x190
[ 2905.955306]  ? downgrade_write+0x3a0/0x3a0
[ 2905.956227]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 2905.957375]  ? __vma_link_rb+0x540/0x700
[ 2905.958247]  copy_process+0x759b/0x7800
[ 2905.959130]  ? __cleanup_sighand+0xb0/0xb0
[ 2905.960045]  ? perf_trace_lock+0xac/0x490
[ 2905.960944]  ? perf_trace_lock+0xac/0x490
[ 2905.961845]  kernel_clone+0xe7/0x980
[ 2905.962654]  ? create_io_thread+0xf0/0xf0
[ 2905.963559]  ? lock_downgrade+0x6d0/0x6d0
[ 2905.964442]  ? find_held_lock+0x2c/0x110
[ 2905.965330]  ? ksys_write+0x12d/0x260
[ 2905.966162]  __do_sys_clone+0xc8/0x110
[ 2905.966988]  ? kernel_clone+0x980/0x980
[ 2905.967854]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2905.968847]  ? vfs_write+0x354/0xb10
[ 2905.969660]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2905.970776]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2905.971903]  do_syscall_64+0x33/0x40
[ 2905.972693]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2905.973783] RIP: 0033:0x7fd16660db19
[ 2905.974573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2905.978511] RSP: 002b:00007fd163b62188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2905.980150] RAX: ffffffffffffffda RBX: 00007fd166721020 RCX: 00007fd16660db19
[ 2905.981671] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2905.983196] RBP: 00007fd163b621d0 R08: 0000000000000000 R09: 0000000000000000
[ 2905.984721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2905.986239] R13: 00007ffde777d1af R14: 00007fd163b62300 R15: 0000000000022000
05:48:40 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) (fail_nth: 2)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:48:40 executing program 3:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x200000, 0x0)
mount(&(0x7f00000000c0)=@filename='./file0\x00', &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='proc\x00', 0x0, 0x0)
mount(&(0x7f0000000000)=@filename='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='cramfs\x00', 0x10, &(0x7f0000000140)='proc\x00')
bind$unix(0xffffffffffffffff, &(0x7f0000000200)=@abs={0x0, 0x0, 0x4e20}, 0x6e)

[ 2906.284885] FAULT_INJECTION: forcing a failure.
[ 2906.284885] name failslab, interval 1, probability 0, space 0, times 0
[ 2906.287693] CPU: 0 PID: 38690 Comm: syz-executor.6 Not tainted 5.10.235 #1
[ 2906.289165] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2906.290929] Call Trace:
[ 2906.291510]  dump_stack+0x107/0x167
[ 2906.292304]  should_fail.cold+0x5/0xa
[ 2906.293126]  ? create_object.isra.0+0x3a/0xa20
[ 2906.294110]  should_failslab+0x5/0x20
[ 2906.294925]  kmem_cache_alloc+0x5b/0x310
[ 2906.295810]  create_object.isra.0+0x3a/0xa20
[ 2906.296770]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2906.297901]  __kmalloc+0x16e/0x390
[ 2906.298661]  __do_sys_memfd_create+0xfb/0x450
[ 2906.299621]  ? ksys_write+0x1a9/0x260
[ 2906.300428]  ? memfd_file_seals_ptr+0x170/0x170
[ 2906.301410]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2906.302510]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2906.303609]  do_syscall_64+0x33/0x40
[ 2906.304396]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2906.305475] RIP: 0033:0x7fe01fe92b19
[ 2906.306258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2906.310153] RSP: 002b:00007fe01d407f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 2906.311786] RAX: ffffffffffffffda RBX: 0000000020000180 RCX: 00007fe01fe92b19
[ 2906.313282] RDX: 0000000002801400 RSI: 0000000000000000 RDI: 00007fe01feec0fb
[ 2906.314786] RBP: 0000000000000002 R08: 0000001001000a00 R09: ffffffffffffffff
[ 2906.316293] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000
[ 2906.317798] R13: 00000000200000c0 R14: 0000000002801400 R15: 0000000020000240
05:48:40 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 12)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:48:40 executing program 2:
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/94, 0x5e}], 0x1, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)="ee", 0x1}], 0x100000000000037f)
ioctl$BTRFS_IOC_BALANCE_V2(r0, 0xc4009420, &(0x7f0000000500)={0x1, 0x7, {0x7fff, @struct={0x5, 0x5}, 0x0, 0x2, 0x2020000000000000, 0x4, 0x7f, 0x6, 0x3, @usage=0xae6, 0x5, 0x0, [0x7ff, 0x4, 0x826, 0x10000, 0x800]}, {0x3ff, @usage=0x2, <r2=>0x0, 0x0, 0x0, 0xe9, 0x9, 0xffffffff, 0x2, @usage=0x4, 0x7fff, 0x7c0, [0x0, 0x1, 0x6, 0x8, 0x0, 0x3]}, {0x7f, @struct={0x6, 0x7}, 0x0, 0x400, 0x9bc, 0x3, 0x23f, 0x8, 0x80, @usage=0xffffffff, 0xe142, 0x4, [0x1, 0x0, 0x5284a02a, 0x9, 0x1, 0x1]}, {0x2, 0x3, 0x9}})
ioctl$BTRFS_IOC_SCRUB_PROGRESS(r0, 0xc400941d, &(0x7f0000000900)={r2, 0x7, 0x1f, 0x1})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sendfile(r0, r3, &(0x7f0000000000)=0xffffffffffffffff, 0x1)
fork()
socket$inet6(0xa, 0xa, 0x3ff)

05:48:40 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 37)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

[ 2906.418100] FAULT_INJECTION: forcing a failure.
[ 2906.418100] name failslab, interval 1, probability 0, space 0, times 0
[ 2906.420780] CPU: 0 PID: 38744 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 2906.422236] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2906.423980] Call Trace:
[ 2906.424537]  dump_stack+0x107/0x167
[ 2906.425308]  should_fail.cold+0x5/0xa
[ 2906.426107]  ? alloc_fdtable+0x84/0x280
[ 2906.426947]  should_failslab+0x5/0x20
[ 2906.427758]  kmem_cache_alloc_trace+0x55/0x320
[ 2906.428710]  ? rwlock_bug.part.0+0x90/0x90
[ 2906.429600]  alloc_fdtable+0x84/0x280
[ 2906.430396]  dup_fd+0x92e/0xf40
[ 2906.431103]  copy_process+0x197e/0x7800
[ 2906.431934]  ? __lock_acquire+0xbb1/0x5b00
[ 2906.432838]  ? __cleanup_sighand+0xb0/0xb0
[ 2906.433724]  ? perf_trace_lock+0xac/0x490
[ 2906.434595]  ? perf_trace_lock+0xac/0x490
[ 2906.435467]  kernel_clone+0xe7/0x980
[ 2906.436254]  ? create_io_thread+0xf0/0xf0
[ 2906.437115]  ? lock_downgrade+0x6d0/0x6d0
[ 2906.437980]  ? find_held_lock+0x2c/0x110
[ 2906.438833]  ? ksys_write+0x12d/0x260
[ 2906.439652]  __do_sys_clone+0xc8/0x110
[ 2906.440477]  ? kernel_clone+0x980/0x980
[ 2906.441308]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2906.442280]  ? vfs_write+0x354/0xb10
[ 2906.443075]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2906.444180]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2906.445257]  do_syscall_64+0x33/0x40
[ 2906.446043]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2906.447111] RIP: 0033:0x7f87f4e1cb19
[ 2906.447901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2906.451751] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2906.453343] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 2906.454970] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2906.456660] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 2906.458382] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2906.459990] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
[ 2906.487876] loop6: detected capacity change from 0 to 41948160
05:48:40 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 57)

[ 2906.524745] FAT-fs (loop6): Unrecognized mount option "" or missing value
[ 2906.534991] FAULT_INJECTION: forcing a failure.
[ 2906.534991] name failslab, interval 1, probability 0, space 0, times 0
[ 2906.537788] CPU: 1 PID: 38749 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 2906.539256] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2906.541016] Call Trace:
[ 2906.541586]  dump_stack+0x107/0x167
[ 2906.542362]  should_fail.cold+0x5/0xa
[ 2906.543173]  ? create_object.isra.0+0x3a/0xa20
[ 2906.544156]  should_failslab+0x5/0x20
[ 2906.544964]  kmem_cache_alloc+0x5b/0x310
[ 2906.545835]  create_object.isra.0+0x3a/0xa20
[ 2906.546765]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2906.547860]  kmem_cache_alloc+0x159/0x310
[ 2906.548754]  anon_vma_fork+0xf1/0x640
[ 2906.549562]  ? __vm_enough_memory+0x184/0x360
[ 2906.550524]  copy_process+0x7218/0x7800
[ 2906.551410]  ? __cleanup_sighand+0xb0/0xb0
[ 2906.552308]  ? perf_trace_lock+0xac/0x490
[ 2906.553189]  ? perf_trace_lock+0xac/0x490
[ 2906.554073]  kernel_clone+0xe7/0x980
[ 2906.554863]  ? create_io_thread+0xf0/0xf0
[ 2906.555743]  ? lock_downgrade+0x6d0/0x6d0
[ 2906.556609]  ? find_held_lock+0x2c/0x110
[ 2906.557469]  ? ksys_write+0x12d/0x260
[ 2906.558284]  __do_sys_clone+0xc8/0x110
[ 2906.559099]  ? kernel_clone+0x980/0x980
[ 2906.559943]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2906.560914]  ? vfs_write+0x354/0xb10
[ 2906.561718]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2906.562817]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2906.563914]  do_syscall_64+0x33/0x40
[ 2906.564697]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2906.565771] RIP: 0033:0x7f81e84c4b19
[ 2906.566556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2906.570423] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2906.572035] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 2906.573530] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2906.575206] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2906.576717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2906.578216] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
05:48:40 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5b, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_read_part_table(0x4, 0x3, &(0x7f0000000300)=[{0x0, 0x0, 0x7fff}, {&(0x7f00000000c0)="c38cf7bc4643814e0c3c102f3b75e3c485e1953666867ff0b760954b5332fb483e5202228f1d3639fb7e217fc1641ed544264d6d64acb87d45fd283a67394a4e2e2701aa50bb03876578363361aeef9122b3f11fc180a7a88078783617379e9d50a70aaa5a7cb9416764cc79f78aaa19e3233560c4a9b6170a115d98d65791cb814e7913658915c75934144bdfad8f323895925d58061f0cfee517911f", 0x9d, 0xf4b2}, {&(0x7f0000000180)="5bffa097ec44ff12ea1e69793d84533c7cb8a98876a1d69640b9350e43bd6dbde6d292e3ec889a2f997ed8ca47e1ce40613b86425c9456f874799fb3e850dbcfeb73af445005e7561b8047b6d9437d7a6c73b62e7124fb2699949fe472ecbf145e1c365cd2287639641d1a0c04144114d1bc776d64b3bf20c3e73b4249f23d53201bfb8491e7b24e3c110cf6fa7d1d67d5ee06beeb1646190fdbb6bc2b1b44a917d0612a21f3a5a8a4911756e842a9b14ac53892cdeca6ea25b9228b5bc75aed64cee705e38f18640770a2a4d5d901853a031c6cc4cddff8c22897481b3c52649adbfe44f9e62e445b1bbfc9af83", 0xee, 0x7}])
r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
fallocate(r1, 0x0, 0x0, 0x8000)
ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000280))
readv(r0, &(0x7f0000002500)=[{&(0x7f0000000500)=""/4096, 0x1000}, {0x0}], 0x2)
timerfd_create(0x0, 0x0)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000380), 0x58000, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_SCRNMAP(r2, 0x4b36, 0x0)
sendfile(r2, 0xffffffffffffffff, &(0x7f00000002c0)=0x1f, 0x8)
ioctl$TCSBRK(r2, 0x5409, 0x400)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_WDS_PEER(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x28, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="32fe80f33b27"}]}, 0x28}}, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.net/syz1\x00', 0x200002, 0x0)
signalfd4(r5, &(0x7f0000000400)={[0xe9]}, 0x8, 0x800)
r6 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x8c)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x10, r6, 0x0)

05:48:40 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 38)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

[ 2906.661350] loop3: detected capacity change from 0 to 124928
05:48:40 executing program 0:
mlockall(0x7)
shmget$private(0x0, 0x1000, 0x78000000, &(0x7f0000c26000/0x1000)=nil)
r0 = shmget$private(0x0, 0x1000, 0x1c10, &(0x7f0000ffd000/0x1000)=nil)
shmat(r0, &(0x7f0000800000/0x800000)=nil, 0xc000)
shmat(r0, &(0x7f0000d9d000/0x4000)=nil, 0x0)
shmget(0x0, 0x4000, 0x400, &(0x7f0000b2e000/0x4000)=nil)

05:48:40 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) (fail_nth: 3)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

[ 2906.726017] FAULT_INJECTION: forcing a failure.
[ 2906.726017] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2906.728824] CPU: 1 PID: 38862 Comm: syz-executor.6 Not tainted 5.10.235 #1
[ 2906.730292] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2906.732058] Call Trace:
[ 2906.732615]  dump_stack+0x107/0x167
[ 2906.733381]  should_fail.cold+0x5/0xa
[ 2906.734188]  _copy_from_user+0x2e/0x1b0
[ 2906.735026]  __do_sys_memfd_create+0x16d/0x450
[ 2906.735996]  ? memfd_file_seals_ptr+0x170/0x170
[ 2906.736975]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2906.738066]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2906.739156]  do_syscall_64+0x33/0x40
[ 2906.739957]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2906.741032] RIP: 0033:0x7fe01fe92b19
[ 2906.741810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2906.745678] RSP: 002b:00007fe01d407f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 2906.747279] RAX: ffffffffffffffda RBX: 0000000020000180 RCX: 00007fe01fe92b19
[ 2906.748793] RDX: 0000000002801400 RSI: 0000000000000000 RDI: 00007fe01feec0fb
[ 2906.750287] RBP: 0000000000000002 R08: 0000001001000a00 R09: ffffffffffffffff
[ 2906.751794] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000
[ 2906.753288] R13: 00000000200000c0 R14: 0000000002801400 R15: 0000000020000240
[ 2906.772797] FAULT_INJECTION: forcing a failure.
[ 2906.772797] name failslab, interval 1, probability 0, space 0, times 0
[ 2906.775604] CPU: 1 PID: 38863 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 2906.777069] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2906.778813] Call Trace:
[ 2906.779382]  dump_stack+0x107/0x167
[ 2906.780170]  should_fail.cold+0x5/0xa
[ 2906.780979]  ? create_object.isra.0+0x3a/0xa20
[ 2906.781947]  should_failslab+0x5/0x20
[ 2906.782765]  kmem_cache_alloc+0x5b/0x310
[ 2906.783656]  create_object.isra.0+0x3a/0xa20
[ 2906.784583]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2906.785669]  kmem_cache_alloc+0x159/0x310
[ 2906.786557]  anon_vma_fork+0x1ff/0x640
[ 2906.787394]  copy_process+0x7218/0x7800
[ 2906.788298]  ? __cleanup_sighand+0xb0/0xb0
[ 2906.789188]  ? perf_trace_lock+0xac/0x490
[ 2906.790067]  ? perf_trace_lock+0xac/0x490
[ 2906.790949]  kernel_clone+0xe7/0x980
[ 2906.791751]  ? create_io_thread+0xf0/0xf0
[ 2906.792624]  ? lock_downgrade+0x6d0/0x6d0
[ 2906.793492]  ? find_held_lock+0x2c/0x110
[ 2906.794352]  ? ksys_write+0x12d/0x260
[ 2906.795170]  __do_sys_clone+0xc8/0x110
[ 2906.796002]  ? kernel_clone+0x980/0x980
[ 2906.796840]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2906.797813]  ? vfs_write+0x354/0xb10
[ 2906.798617]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2906.799737]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2906.800822]  do_syscall_64+0x33/0x40
[ 2906.801612]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2906.802687] RIP: 0033:0x7f81e84c4b19
[ 2906.803469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2906.807349] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2906.808967] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 2906.810467] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2906.811980] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2906.813473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2906.814976] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
05:48:40 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 13)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:48:40 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) (fail_nth: 4)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

[ 2906.908647] FAULT_INJECTION: forcing a failure.
[ 2906.908647] name failslab, interval 1, probability 0, space 0, times 0
[ 2906.911237] CPU: 1 PID: 38867 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 2906.912696] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2906.914434] Call Trace:
[ 2906.914994]  dump_stack+0x107/0x167
[ 2906.915778]  should_fail.cold+0x5/0xa
[ 2906.916583]  ? vm_area_dup+0x78/0x290
[ 2906.917387]  should_failslab+0x5/0x20
[ 2906.918185]  kmem_cache_alloc+0x5b/0x310
[ 2906.919039]  ? lock_downgrade+0x6d0/0x6d0
[ 2906.919928]  vm_area_dup+0x78/0x290
[ 2906.920711]  ? _cond_resched+0x10/0x30
[ 2906.921529]  ? copy_page_range+0x24e9/0x3810
[ 2906.922491]  ? vm_area_alloc+0x110/0x110
[ 2906.923358]  ? vm_iomap_memory+0x190/0x190
[ 2906.924268]  ? __vma_link_rb+0x3bc/0x700
[ 2906.925126]  ? __sanitizer_cov_trace_pc+0x52/0x60
[ 2906.926137]  ? __vma_link_rb+0x540/0x700
[ 2906.926998]  copy_process+0x291b/0x7800
[ 2906.927881]  ? __cleanup_sighand+0xb0/0xb0
[ 2906.928771]  ? perf_trace_lock+0xac/0x490
[ 2906.929651]  ? perf_trace_lock+0xac/0x490
[ 2906.930535]  kernel_clone+0xe7/0x980
[ 2906.931324]  ? create_io_thread+0xf0/0xf0
[ 2906.932200]  ? lock_downgrade+0x6d0/0x6d0
[ 2906.933069]  ? find_held_lock+0x2c/0x110
[ 2906.933927]  ? ksys_write+0x12d/0x260
[ 2906.934743]  __do_sys_clone+0xc8/0x110
[ 2906.935569]  ? kernel_clone+0x980/0x980
[ 2906.936410]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2906.937379]  ? vfs_write+0x354/0xb10
[ 2906.938188]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2906.939286]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2906.940393]  do_syscall_64+0x33/0x40
[ 2906.941173]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2906.942249] RIP: 0033:0x7fd16660db19
[ 2906.943026] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2906.946881] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2906.948483] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 2906.949977] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2906.951470] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 2906.952972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2906.954468] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
[ 2906.969038] FAULT_INJECTION: forcing a failure.
[ 2906.969038] name failslab, interval 1, probability 0, space 0, times 0
[ 2906.971667] CPU: 1 PID: 38872 Comm: syz-executor.6 Not tainted 5.10.235 #1
[ 2906.973132] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2906.974871] Call Trace:
[ 2906.975423]  dump_stack+0x107/0x167
[ 2906.976202]  should_fail.cold+0x5/0xa
[ 2906.977006]  ? shmem_alloc_inode+0x18/0x40
[ 2906.977893]  should_failslab+0x5/0x20
[ 2906.978686]  kmem_cache_alloc+0x5b/0x310
[ 2906.979556]  ? shmem_destroy_inode+0x70/0x70
[ 2906.980477]  shmem_alloc_inode+0x18/0x40
[ 2906.981324]  ? shmem_destroy_inode+0x70/0x70
[ 2906.982243]  alloc_inode+0x63/0x240
[ 2906.983003]  new_inode+0x23/0x250
[ 2906.983776]  shmem_get_inode+0x15e/0xbc0
[ 2906.984642]  __shmem_file_setup+0xb8/0x320
[ 2906.985528]  ? _copy_from_user+0xfb/0x1b0
[ 2906.986407]  __do_sys_memfd_create+0x275/0x450
[ 2906.987371]  ? memfd_file_seals_ptr+0x170/0x170
[ 2906.988365]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2906.989468]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2906.990552]  do_syscall_64+0x33/0x40
[ 2906.990685] FAULT_INJECTION: forcing a failure.
[ 2906.990685] name failslab, interval 1, probability 0, space 0, times 0
[ 2906.991339]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2906.994687] RIP: 0033:0x7fe01fe92b19
[ 2906.995464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2906.999332] RSP: 002b:00007fe01d407f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 2907.000947] RAX: ffffffffffffffda RBX: 0000000020000180 RCX: 00007fe01fe92b19
[ 2907.002449] RDX: 0000000002801400 RSI: 0000000000000000 RDI: 00007fe01feec0fb
[ 2907.003956] RBP: 0000000000000002 R08: 0000001001000a00 R09: ffffffffffffffff
[ 2907.005454] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000
[ 2907.006941] R13: 00000000200000c0 R14: 0000000002801400 R15: 0000000020000240
[ 2907.008507] CPU: 0 PID: 38871 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 2907.009935] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2907.011667] Call Trace:
[ 2907.012211]  dump_stack+0x107/0x167
[ 2907.012963]  should_fail.cold+0x5/0xa
[ 2907.013752]  ? create_object.isra.0+0x3a/0xa20
[ 2907.014678]  should_failslab+0x5/0x20
[ 2907.015454]  kmem_cache_alloc+0x5b/0x310
[ 2907.016326]  create_object.isra.0+0x3a/0xa20
[ 2907.017247]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2907.018315]  kmem_cache_alloc_trace+0x151/0x320
[ 2907.019275]  ? rwlock_bug.part.0+0x90/0x90
[ 2907.020176]  alloc_fdtable+0x84/0x280
[ 2907.020976]  dup_fd+0x92e/0xf40
[ 2907.021678]  copy_process+0x197e/0x7800
[ 2907.022507]  ? __lock_acquire+0xbb1/0x5b00
[ 2907.023420]  ? __cleanup_sighand+0xb0/0xb0
[ 2907.024325]  ? perf_trace_lock+0xac/0x490
[ 2907.025214]  ? perf_trace_lock+0xac/0x490
[ 2907.026083]  kernel_clone+0xe7/0x980
[ 2907.026862]  ? create_io_thread+0xf0/0xf0
[ 2907.027769]  ? lock_downgrade+0x6d0/0x6d0
[ 2907.028639]  ? find_held_lock+0x2c/0x110
[ 2907.029493]  ? ksys_write+0x12d/0x260
[ 2907.030311]  __do_sys_clone+0xc8/0x110
[ 2907.031109]  ? kernel_clone+0x980/0x980
[ 2907.031949]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2907.032906]  ? vfs_write+0x354/0xb10
[ 2907.033711]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2907.034791]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2907.035864]  do_syscall_64+0x33/0x40
[ 2907.036642]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2907.037689] RIP: 0033:0x7f87f4e1cb19
[ 2907.038463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2907.042226] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2907.043792] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 2907.045255] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2907.046716] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 2907.048185] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2907.049647] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
05:48:41 executing program 3:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
io_submit(0x0, 0x1, &(0x7f0000000400)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x2, 0xffffffffffffffff, &(0x7f0000000540)="4fa961a32c46292c4c203b03c6cfcb7f41a36b2033c451524efa095f3259d324fe60cf5baa606c7c29d5626c6a425a3357a6ef9b122793056fe62dc737af44a1070dcbaede3f1a1a803aeec79b506e019ba9a0faad0ffeddee88e9c7f880a2b88dd7ec8a16c3670691b02178a9efe72a78122fdafe8be129a52b1b4d82cc8adf2f88522df22ee2ca034bd40b6be1e2b77c7b9594a599c877", 0x98, 0x0, 0x0, 0x3}])
syz_usb_connect$cdc_ecm(0x4, 0x0, 0x0, 0x0)
timer_delete(0x0)
perf_event_open(&(0x7f0000001d80)={0x3, 0x80, 0x0, 0x0, 0xfd, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800, 0x80000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0)
clock_gettime(0x0, &(0x7f00000003c0)={<r0=>0x0, <r1=>0x0})
timer_settime(0x0, 0x0, &(0x7f0000000440)={{}, {r0, r1+60000000}}, &(0x7f0000000700))
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=<r2=>0x0)
timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @thr={&(0x7f0000000600)="1a90741b478736dcb3b315064fc9e72c4608370b13bc2cb637529112fc303e1776468566db550164e33a10b0631194d0c525a6de03dea72ca7919d9f8026f6731bde01f3232df675dccf6cfdc168550c74433af885e6c95d44c46a6227103177f847898edf0b69b5bb4ce7cb18c9b532190cab9007de662870fd202b7c55fc84576b9e25c32997e5ebfb4bf56dacbc75625e461c5efcef9c8d5ad29e03c5acb0699a5bf8fca88e223ab1b91bd8b79f91aeddb32d54049112fa", &(0x7f00000006c0)="d268db7656a375b39a1a8696902ef074b8ab"}}, &(0x7f0000000340))
timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=<r3=>0x0)
clock_gettime(0x0, &(0x7f00000000c0))
clock_gettime(0x0, &(0x7f0000000100))
timer_gettime(r3, &(0x7f0000000080))
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_WDS_PEER(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000880)=ANY=[@ANYBLOB="200080001b6e8839819bbb617420250ea2e48f9ff5628a41913ea46c0c1e65b62fd779b29e17dafe92e6590aa4b67cdf8aac6ceaa3ddfe2276d3ca673ef55010a665262c5ad8984b8ce51c46234376b615f094885e16e0d2d040ddda2319d5fe40835666e6db78d32ca8a97beeb151df0dd7fc0d91e71dad1424e73eb32a9d659ebb6b32c2e77a000000c4d40000000000000000", @ANYRES16=r4, @ANYBLOB="010000000000000000004200000008000300", @ANYRES32=r5, @ANYBLOB="0a007480f3060000000000008ccfad514473920e2229f1455e490d37edf743e13fde09f7d103ec17c2ffe17831b474ea24a855456d98dd2e2e4c550183fedfc42961010a235640aac64dea40ec5ee4cba6000df743333e117454636182eb48bc7f2ba2cc9a5298803b346ddd47297bf2a0ea49bdb704e6418870697468d122ceef89bdf5e9e93b8631f9e3f08ae4f0b2"], 0x28}}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
timer_create(0x6, &(0x7f0000000240)={0x0, 0x4, 0x4, @tid=r2}, &(0x7f00000002c0))
clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58)

05:48:59 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 14)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:48:59 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 39)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:48:59 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 58)

05:48:59 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) (fail_nth: 5)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:48:59 executing program 7:
sendmsg$NL80211_CMD_SET_WDS_PEER(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x28, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="32fe80f33b27"}]}, 0x28}}, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000440), 0x840, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_WDS_PEER(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x28, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="32fe80f33b27"}]}, 0x28}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), r5)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_WDS_PEER(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x28, r6, 0x200, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random='\x00\x00\x00\x00 \x00'}]}, 0x28}}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_SET_WDS_PEER(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="01800000", @ANYRES16=r9, @ANYBLOB="010000000000000000004200000008000300", @ANYRES32=r10, @ANYBLOB="0a00060032fe80f33b270000"], 0x28}}, 0x0)
r11 = io_uring_setup(0x7435, &(0x7f0000000480)={0x0, 0x288b, 0x1, 0x3, 0x2bd})
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000040)=[{&(0x7f0000000180)="06b13b56ca6e5226ce5441aba602a79c4b1895081474c5c9bf6d0c8b2f8dc0f5010fb8f5be45422e3fb5f3a7ebe09de4f4b35d2bb3b01aed5f74849086ef8206277fcddaff1569f0ae5da2a2d7cffec28c77f4c71082c0d2d1dd4b393774200cfda4895c1cae09f4a866b6421df55eb5f9e50f6610723fc361a5b1420ffac3877fd44684f2d5838e606ef4701c2675d278bb8b6d4e317eacc35c9aeadcd562b783a68c69e690525fbb47e6472917a7b52816853751bb9e4ed285d9bef71c01e3c4eeb1559c7677d3b33bfd0856a9599a1bb583be59e62533452997be5451c434d8feb0a0e7174d409abae319ab", 0xed}, {&(0x7f0000000280)="a60421f4532fc577c06dbd05d09ab6b47024eebdba8b0ad0f31676cb8499e1a8dc6ee3e58e04b3ef36cad80e8b507153a7bba7799dcbc5265ad81b322fea055416c9c61a6b25a393b38869dc1ac80469afd36fa086a972d2e51364ccb57e0dc5bc0e8353a403163f646b6b0c136ba73f1ffb71b049", 0x75}], 0x2, &(0x7f0000000500)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xffffffffffffffff}}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00}}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00}}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, r1, 0xffffffffffffffff, r2, r5, r8, r11]}}], 0x130, 0x1}, 0x20040004)
r12 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$packet_drop_memb(0xffffffffffffffff, 0x107, 0x2, &(0x7f0000000000)={0x0, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x10)
setsockopt$SO_ATTACH_FILTER(r12, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f00000000c0)=[{0x48, 0x0, 0x0, 0x80000001}, {0x6}]}, 0x10)

05:48:59 executing program 3:
fallocate(0xffffffffffffffff, 0x2, 0x9, 0xffffffffffffffff)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000040)={0x4, 0xc1, 0xb4700000, 0x3ff, 0x73cf})
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
syz_io_uring_setup(0x3a74, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x4000, 0x284}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f00000001c0))
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_WDS_PEER(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x28, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="32fe80f33b27"}]}, 0x28}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000140)={0x80000001, 0xc5, 0x6fa7f7bb, 0x1, 0x5})
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000002e00)={0x7, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r3=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r4=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r5=>0x0}], 0x4, "9755154351ac9a"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004d940)={0x8, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}], 0x4, "711addf3f468ee"})
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd, 0x0, 0x0}, 0x80000001)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet6(r1, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000080)='K', 0x1}], 0x1}}], 0x7ffff000, 0x0)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0)

[ 2925.160214] FAULT_INJECTION: forcing a failure.
[ 2925.160214] name failslab, interval 1, probability 0, space 0, times 0
[ 2925.162557] CPU: 0 PID: 38896 Comm: syz-executor.6 Not tainted 5.10.235 #1
[ 2925.163855] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2925.165372] Call Trace:
[ 2925.165878]  dump_stack+0x107/0x167
[ 2925.166557]  should_fail.cold+0x5/0xa
[ 2925.167261]  ? create_object.isra.0+0x3a/0xa20
[ 2925.168119]  should_failslab+0x5/0x20
[ 2925.168818]  kmem_cache_alloc+0x5b/0x310
[ 2925.169569]  create_object.isra.0+0x3a/0xa20
[ 2925.170379]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2925.171322]  kmem_cache_alloc+0x159/0x310
[ 2925.172104]  ? shmem_destroy_inode+0x70/0x70
[ 2925.172915]  shmem_alloc_inode+0x18/0x40
[ 2925.173661]  ? shmem_destroy_inode+0x70/0x70
[ 2925.174474]  alloc_inode+0x63/0x240
[ 2925.175156]  new_inode+0x23/0x250
[ 2925.175812]  shmem_get_inode+0x15e/0xbc0
[ 2925.176571]  __shmem_file_setup+0xb8/0x320
[ 2925.177350]  ? _copy_from_user+0xfb/0x1b0
[ 2925.178115]  __do_sys_memfd_create+0x275/0x450
[ 2925.178966]  ? memfd_file_seals_ptr+0x170/0x170
[ 2925.179849]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2925.180818]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2925.181773]  do_syscall_64+0x33/0x40
[ 2925.182456]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2925.183399] RIP: 0033:0x7fe01fe92b19
[ 2925.184092] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2925.187488] RSP: 002b:00007fe01d407f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 2925.188885] RAX: ffffffffffffffda RBX: 0000000020000180 RCX: 00007fe01fe92b19
[ 2925.190185] RDX: 0000000002801400 RSI: 0000000000000000 RDI: 00007fe01feec0fb
[ 2925.191485] RBP: 0000000000000002 R08: 0000001001000a00 R09: ffffffffffffffff
[ 2925.192795] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000
[ 2925.194095] R13: 00000000200000c0 R14: 0000000002801400 R15: 0000000020000240
05:48:59 executing program 0:
mlockall(0x7)
shmat(0x0, &(0x7f0000e78000/0x2000)=nil, 0x0)
r0 = shmget$private(0x0, 0x2000, 0x401, &(0x7f0000ffe000/0x2000)=nil)
shmat(r0, &(0x7f0000ffd000/0x3000)=nil, 0x1000)
r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil)
r2 = shmat(r1, &(0x7f0000ffe000/0x2000)=nil, 0x4000)
shmdt(r2)
shmdt(r2)

[ 2925.212192] FAULT_INJECTION: forcing a failure.
[ 2925.212192] name failslab, interval 1, probability 0, space 0, times 0
[ 2925.212701] FAULT_INJECTION: forcing a failure.
[ 2925.212701] name failslab, interval 1, probability 0, space 0, times 0
[ 2925.215008] CPU: 1 PID: 38897 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 2925.218385] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2925.220285] Call Trace:
[ 2925.220883]  dump_stack+0x107/0x167
[ 2925.221708]  should_fail.cold+0x5/0xa
[ 2925.222562]  ? kvmalloc_node+0x119/0x170
[ 2925.223490]  should_failslab+0x5/0x20
[ 2925.224349]  __kmalloc_node+0x76/0x420
[ 2925.225231]  kvmalloc_node+0x119/0x170
[ 2925.226103]  alloc_fdtable+0xd3/0x280
[ 2925.226957]  dup_fd+0x92e/0xf40
[ 2925.227712]  copy_process+0x197e/0x7800
[ 2925.228634]  ? __lock_acquire+0xbb1/0x5b00
[ 2925.229615]  ? __cleanup_sighand+0xb0/0xb0
[ 2925.230562]  ? perf_trace_lock+0xac/0x490
[ 2925.231507]  ? perf_trace_lock+0xac/0x490
[ 2925.232450]  kernel_clone+0xe7/0x980
[ 2925.233295]  ? create_io_thread+0xf0/0xf0
[ 2925.234226]  ? lock_downgrade+0x6d0/0x6d0
[ 2925.235161]  ? find_held_lock+0x2c/0x110
[ 2925.236090]  ? ksys_write+0x12d/0x260
[ 2925.236966]  __do_sys_clone+0xc8/0x110
[ 2925.237840]  ? kernel_clone+0x980/0x980
[ 2925.238738]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2925.239785]  ? vfs_write+0x354/0xb10
[ 2925.240629]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2925.241796]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2925.242935]  do_syscall_64+0x33/0x40
[ 2925.243774]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2925.244915] RIP: 0033:0x7f87f4e1cb19
[ 2925.245745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2925.249820] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2925.251505] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 2925.253099] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2925.254681] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 2925.256269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2925.257850] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
[ 2925.259470] CPU: 0 PID: 38890 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 2925.260696] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2925.262141] Call Trace:
[ 2925.262601]  dump_stack+0x107/0x167
[ 2925.263238]  should_fail.cold+0x5/0xa
[ 2925.263909]  ? __pmd_alloc+0x94/0x5e0
[ 2925.264585]  should_failslab+0x5/0x20
[ 2925.265260]  kmem_cache_alloc+0x5b/0x310
[ 2925.265976]  __pmd_alloc+0x94/0x5e0
[ 2925.266620]  copy_page_range+0x2bd8/0x3810
[ 2925.267340]  ? perf_trace_lock+0xac/0x490
[ 2925.268080]  ? lock_chain_count+0x20/0x20
[ 2925.268837]  ? up_write+0x191/0x550
[ 2925.269487]  ? vm_iomap_memory+0x190/0x190
[ 2925.270219]  ? downgrade_write+0x3a0/0x3a0
[ 2925.270966]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 2925.271923]  ? __vma_link_rb+0x540/0x700
[ 2925.272640]  copy_process+0x759b/0x7800
[ 2925.273369]  ? __cleanup_sighand+0xb0/0xb0
[ 2925.274107]  ? perf_trace_lock+0xac/0x490
[ 2925.274842]  ? perf_trace_lock+0xac/0x490
[ 2925.275581]  kernel_clone+0xe7/0x980
[ 2925.276251]  ? create_io_thread+0xf0/0xf0
[ 2925.276976]  ? lock_downgrade+0x6d0/0x6d0
[ 2925.277694]  ? find_held_lock+0x2c/0x110
[ 2925.278401]  ? ksys_write+0x12d/0x260
[ 2925.279069]  __do_sys_clone+0xc8/0x110
[ 2925.279746]  ? kernel_clone+0x980/0x980
[ 2925.280446]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2925.281248]  ? vfs_write+0x354/0xb10
[ 2925.281276] FAULT_INJECTION: forcing a failure.
[ 2925.281276] name failslab, interval 1, probability 0, space 0, times 0
[ 2925.281905]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2925.281922]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2925.281941]  do_syscall_64+0x33/0x40
[ 2925.281957]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2925.281968] RIP: 0033:0x7f81e84c4b19
[ 2925.281983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2925.281992] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2925.293829] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 2925.295032] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2925.296250] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2925.297453] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2925.298664] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
[ 2925.299915] CPU: 1 PID: 38898 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 2925.301419] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2925.303190] Call Trace:
[ 2925.303765]  dump_stack+0x107/0x167
[ 2925.304551]  should_fail.cold+0x5/0xa
[ 2925.305369]  ? create_object.isra.0+0x3a/0xa20
[ 2925.306352]  should_failslab+0x5/0x20
[ 2925.307170]  kmem_cache_alloc+0x5b/0x310
[ 2925.308060]  create_object.isra.0+0x3a/0xa20
[ 2925.309006]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2925.310120]  kmem_cache_alloc+0x159/0x310
[ 2925.311012]  vm_area_dup+0x78/0x290
[ 2925.311819]  ? _cond_resched+0x10/0x30
[ 2925.312892]  ? copy_page_range+0x24e9/0x3810
05:48:59 executing program 2:
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/94, 0x5e}], 0x1, 0x0)
perf_event_open(&(0x7f00000000c0)={0x5, 0x80, 0x2, 0x6, 0x7, 0xff, 0x0, 0x3, 0x100, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x7, 0x4, @perf_config_ext={0x8000}, 0x18000, 0x4, 0x8, 0x5, 0x3, 0x4, 0x2, 0x0, 0x1, 0x0, 0x80}, 0xffffffffffffffff, 0xe, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000000)={0x0, 0x2, 0x6, @local}, 0x10)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'lo\x00', <r3=>0x0})
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000000)={r3, 0x2, 0x6, @local}, 0x10)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f00000029c0)={@local, @private, <r4=>0x0}, &(0x7f0000002a00)=0xc)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000002a40)={'dummy0\x00', <r5=>0x0})
[ 2925.314137]  ? vm_area_alloc+0x110/0x110
[ 2925.315192]  ? up_write+0x191/0x550
sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000043c0)=[{{&(0x7f0000000180)={0xa, 0x4e23, 0xf136, @empty, 0x80}, 0x1c, &(0x7f0000000440)=[{&(0x7f00000001c0)="221adb2565bf527f17364fcb05982e97983960e875594805ca8fc03d426d601e63a599518c719e282dc17dfab1c2c810416355afd0997b151ed5d7627734542d85f5d5ea8cb1c7414c12b887e25d8555ce87d81b0cabf53538cce8e96fd4a8d42a865be00848d29f9448a09ff4ece82c381d2bdf2981f4413ab37dadf71599e6502e049bb253617ded13cbab529667645f57b150ae4ab335b3f6494915273b2f5b9f168f35b543f9729c50cfa4c3a5e21e110453725202af3240a028f66a8acc80a67735fb0433cf7e1c49eed8932c9edfabdebd5b0203a92e43435bfee1f891c7c634db470a9cde9392563def7b9e046b1ffb0fb0", 0xf5}, {&(0x7f0000000300)="f26f26924b0f7d1915a3d1a225ba7ff151778246676ac43395d401b675f1cfccc97aa3a08e774b7cbff8479eb1f3d5552385cc24e4c019692e6b147a32dd5932db1e10f9971c06d1c5771c5ffadd757148a8d9c002d5d4bc06e12e4fc8296e14e11b5e3098c6aacd62de6abfadd2c602e5f7414b8241286cdf52bba45109fe82e6d96a6b66cd7b59a21884a40f33d60d0c37b363887863467cd09a1904db94f412e01f6092703b4ba417316c4a501a8f7a0c0b622319c7fb4a83b97a01fd031b84924c79ff926a05", 0xc8}, {&(0x7f0000000400)="70d042e489ad3f7b0e3e045269b0e7919bda0207e441b84ce24fb0aca713cb58bded6fb269c70491cdac4426423ca951e2a6d610ce4170e899ddd8ce", 0x3c}, {&(0x7f0000000500)="daef36245e2f57588d6df218e3b51d6c4c99279e7fe7234138371e2f7eec357b692c53f7f8d506f688ce1b59b56c55577975a442a05a94fb908158154a209247112413e1d81e93c46cf2977df915b3d349fd9054e8cae48b9b806c63cbf6", 0x5e}], 0x4, &(0x7f0000000580)=[@tclass={{0x14, 0x29, 0x43, 0x2}}, @dstopts_2292={{0x20, 0x29, 0x4, {0x21, 0x0, '\x00', [@padn={0x1, 0x2, [0x0, 0x0]}]}}}, @dstopts={{0x28, 0x29, 0x37, {0x2f, 0x1, '\x00', [@ra={0x5, 0x2, 0x5}, @pad1, @pad1]}}}, @dstopts_2292={{0x158, 0x29, 0x4, {0x5c, 0x27, '\x00', [@jumbo={0xc2, 0x4, 0x5}, @calipso={0x7, 0x40, {0x0, 0xe, 0x20, 0x20, [0x2bf3, 0x0, 0x7, 0x1, 0xa2c, 0x62, 0x1]}}, @generic={0x3, 0xe7, "bfa222a3d266f1c4841f3c2aec7323d7eba397b48244ef3b7ff4f70c639e79b6140cfec41b0608a1a56560114ea7f4e87482e153388797ead0836a92408d5c83bbecefc7b24c4238d4916ff78084d77de5635c94a1489e5a6efe036d3010cb4bce5d981439c52e56a02618495187b013eb7d338933c180402034edeb3880fdf719b53f8d57c160b4aaca8eba57b70114970fb984766eb71046394167d103eb309660cbd8987c85dee77200edd275db14431d3a4e6178d3ee4bfc165fcb1944d24c8df726f4d6246e230d4a555d6b383301a234da57c332b3fd919dbca39d016c9aadca6ba28450"}, @padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}]}}}, @hoplimit={{0x14, 0x29, 0x34, 0x3ff}}], 0x1d0}}, {{0x0, 0x0, &(0x7f0000000cc0)=[{&(0x7f0000001200)="11de426b4a9dae77bc5f38cd443d4ab5cbc1568372ce90980de14162bba747e29ac8d29157f08e75ec861e687432ce8720833092d5176df50eb502b8243031665623301f716b7471c0bce4bf059bce39849a055415b60b3f1fc68833e02c38828e27c182d0eb05be8829e6954bed307b4aa53fafb6504f7fc078f2e128f0d22634e1bf682ba916feccd6562726846bda97900f62a4d5851658cbd5dd14197c8de6bee302231c274ad0e4c9b47b061d9d0d37f7697b799ef033691dccdc3404eb747eb3ed6889bcedcf90819874b4c306ba7348e0f7a6e1242e8ef2dfd5084a08", 0xe0}, {&(0x7f0000000880)="b6d1b647f4e83249b4757dd7e7181b7de21c393d1000cd62718fd0ffb19ff8bf2a2fe2c9c4c726abecebaf1d54d7e96fd5127f20675a1ceb4a46e8845fa5fced9be746eabdc8eb9dff5984fc856ee3bdb574f11c2652926e5bba2f599a523c63375d3e192c0dd5bfd535576e49a5dc768c8267e6aa3eadae6665695d910d2033687948f77127df69abd6b2922a", 0x8d}, {&(0x7f0000000940)="feacbc5e299674cd7e49ce321fb7ca9937bc19eec936d584f1a643f6dac7da471f7a79500ae74058377a5f0c02c4681379f4e462e19914b8c5a5c666bec6bb4f53faa4a0ffc7", 0x46}, {&(0x7f00000009c0)="491d4ebbf87b35fad6ac8a6a3b01c6b5e015fa334115a4cc36ba106c00ba0eb421a8754346db", 0x26}, {&(0x7f0000000a00)="2f26de1b4843326c2ccaabbc62c81b71296e490880410338ebec8ff75e54bf49ee3c2841972e2d49274d858f866ac0180158a4d80a43e53a4d27f04323e58634dd986439a7aae2713abea9cec80a37f045b123f0c98dd1d9b1472f386b755a72188f1e92ec3f38c65cb3aad4323b5f9d593fe194f2fda81271388027e848c12930dfa309777bf2a3af1f285363a4a53709e10552684124521d952df219a49eee3b324bafb5dc41b0185552a2e75d6f4e2a0ffd7e388ea821d7a94dfef8f9b98beeeb11c7cb005ed24999909d", 0xcc}, {&(0x7f0000000b00)="30002482a8224798f1dd48f5e5883d203f00632829ad4a931479989960382beb4a262b4be22ee3ef", 0x28}, {&(0x7f0000000b40)="2f15017dd0764cb9dc4357e134398d820dd3553e4c0b51457faaf025574be9bab1699f64ec3798733e2ed235bc095689f9c6eec7d039e8df70925e", 0x3b}, {&(0x7f0000000b80)="4e13c1034373d349d5ef273559a2b89afe53e2648c03dd2d1601c6f32b877febbc4376a75b7fdbee383a9a553a7d034fb1985f4ab64d9294af288febf45ece09c50d52a3945d6b42671d07073fdfe95730c60f6a97bd5a404a983ac0f4c1c2da270e", 0x62}, {&(0x7f0000000c00)="ff8beb22c7a9f0f0679ba94ea30310b0cf198f0a6185dd1d10967009b2a88f061fbbad67561cd33e0dc3ff90204f2a74847c21729929bf753165c82fdba6b1d032", 0x41}, {&(0x7f0000000c80)="724b6111cd1d4b84078f082c86eadc9e29fa9df62b946146985063fa6fe80539f06220671f8933", 0x27}], 0xa, &(0x7f0000000d80)=ANY=[@ANYBLOB="a000000000000000290000003700000006100000000000001f4676e6cf32316d33df9463b5ca1eb1a8816db9f25f90d7983af376f87eda58118275fce99e7cc3521a71581344205c8155d6a80fa98e5a42efe1430ec4600f419abe0cc2d00c540728000000010805ff7f0900000000000000018000000000000003000000000000000400000000000000c91000000000000000000000ffffac1e00010000000024000000000000002900000032000000fe880000000000000000000000000101", @ANYRES32=0x0, @ANYBLOB="00000000140000000000000029000000080000004000000000000000d801000000000000290000003600000033370000000000003fdb6f850a41321e29f3711c56d6f223b486dacb65bd14ec49eb0fd0e62035371048387236aead0015a2a03a67d414e7582e0a55766941522cc5b3a236203be1b1faa9acca75250fe9d8af7937dbacb6993b38c169be1215376f9aaf0f4060dde98bfb0216abe734d81e6b1dfa61a52dd62e10330fff3355efdb01dbfca7a866a68e09aad9315ff300c1e73e0a0cf773f172baa0e733c5a70f35495448b9f75c8b9656547885f547368546c3784851e21d15f0fc58cd2152d49f0d348ea9dd6767d19e3d5baf89779baf155054470c7935077d856eaf7e60416ac88a23c2040000000304c1424fb403bf188a628596362d4b093a9fa2fd69eac2f0400e78380d0b67270b379bf2f08212f2e450c792bc189ff05bae14e8d0eb609c0076571a3836a72431f3512beeba3d50fb477be0f6cd77f8453bd59762fc42fc23ac7e6f09e1618b08fb1db61b3ddf6edee4c2aa78c65a808794c6f6bf10a8e55f5e2841577c172669320aada7730fd1812c1300807f371d805d97949d82c29080d387ff426a8027a6a051edcff9482cb0f6afba8f95b6cf88ed9eb813d26b538fc3556c2a88ed6db5092fc204e0ffff35c20400000fff240104c2040000f0ee0000000000"], 0x2b8}}, {{&(0x7f0000001040)={0xa, 0x4e23, 0x9, @dev={0xfe, 0x80, '\x00', 0x1e}, 0x4}, 0x1c, &(0x7f00000011c0)=[{&(0x7f0000001080)="eb73d17bb3c3dcce44e0775feff7f0f570f88e4ca2855e7963cf59252091580639a0fe57", 0x24}, {&(0x7f00000010c0)="5d9778583fe7e8b0fe10c4a94e523230a7714e33730d6608529970c8c5d52d0a77e2b7e79d4f666faea4413127059c5008f1bd71057acbfee8064fa8161d406e95f9daceff3aaee8f9b2fed1c06e9b795c89d0ecba5348b5b9f878", 0x5b}, {&(0x7f0000001140)="e34d9603cc9a", 0x6}], 0x3, &(0x7f0000001300)=[@hopopts={{0x18, 0x29, 0x36, {0x5a}}}, @dstopts_2292={{0x20, 0x29, 0x4, {0x3b, 0x1, '\x00', [@ra={0x5, 0x2, 0x5}, @ra={0x5, 0x2, 0x3ff}]}}}, @tclass={{0x14, 0x29, 0x43, 0x8000}}, @pktinfo={{0x24, 0x29, 0x32, {@local}}}, @dstopts_2292={{0x58, 0x29, 0x4, {0x8, 0x7, '\x00', [@ra={0x5, 0x2, 0x200}, @generic={0x81, 0x30, "3343ff6ba8130213f17f64c3fce088e39ace301bc5a19090b64beb9be9928206c4070b95c6a06c0eb5447076ebb72f13"}, @ra={0x5, 0x2, 0xffff}, @enc_lim={0x4, 0x1, 0x3f}]}}}, @dstopts={{0x100, 0x29, 0x37, {0xfe, 0x1c, '\x00', [@enc_lim={0x4, 0x1, 0x9}, @generic={0x5, 0x5f, "518e6decd0367e9b480dfa00037376ba9f10207c1ff69bb0f84af240ef4a14872a318639e9473848b94f20bd366cb35f1d8b4e6e20b44c106054aa5327bd62d6cfad330342f200722a4e3ac1f8c17f3096d118a38f5daa5b54ae28717309ba"}, @generic={0x0, 0x67, "1fe7bed638b3cf70226f31035d130e9f551822de84435a7f575d2898d5de81150c5392ed0f0435b0d24c52bb7ac1855310dc164040b454bc00f0f4ddc7460dec0f7c318de608807c1d033c4797580ab1cd81151b9384cd269bada19c6e5565e6fde1d4d9089f9c"}, @padn={0x1, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @jumbo={0xc2, 0x4, 0x4}, @enc_lim={0x4, 0x1, 0x7}]}}}, @rthdr_2292={{0x28, 0x29, 0x39, {0x4, 0x2, 0x1, 0x6, 0x0, [@mcast1]}}}, @hoplimit={{0x14, 0x29, 0x34, 0x80000000}}, @rthdrdstopts={{0x20, 0x29, 0x37, {0x73, 0x0, '\x00', [@enc_lim={0x4, 0x1, 0x2}]}}}], 0x230}}, {{&(0x7f0000001540)={0xa, 0x4e22, 0x2, @mcast2, 0x2}, 0x1c, &(0x7f0000001840)=[{&(0x7f0000001580)="c02e6f90b806894da5f9d53302df7aa24088f4b732eaf0979e236fe4c1aade79d130e846ca14ca0b889fe3068fd981e22e1b5563f9c57318fceb6d4eb1651ba192586f20cf906be8fd5dcf", 0x4b}, {&(0x7f0000001600)="89a90928a9445afdd088914a29f5c8193cba901607e170d50a743e0c9bccbbd34acd62e80bd21a572ebd6162a4f32b6570c4bb09b36822f27f58768b6514fa035c8beada470b427874d7528efc628c87b1f6ecc98429dc603a74d47041f271717402aa0d5286d1e14ce56b3e8c9d20bf5b2160fcd4ca6fdbaec441914fd526df2a5b5b980b4fc529e7a4f2f5509f", 0x8e}, {&(0x7f00000016c0)="bda8477894ae548baef220a0938b2763d2d8341a32be106f8dd4beb08c3756a7629d7929f3a053afa9396c01fef435daf401049ee57b6f359ce00bf87bfe48cde9b75c7319e0bf5f8efc828b741fc08a0857f77447ce5374236e2b265aba7a5dbcd3c1f00e35f276a6a55b3dfbbc9d36511f2da07d1bcf93df5fb7fddf5904ae8045ba21f3369bed1a9c19745b7c010284f3d8d057022d0b77", 0x99}, {&(0x7f0000001780)="271b29f3fe1a72485f7d6d7feb20373151272fa862c42d3402a3e4ea41d8a721372c9e92b935452ef534", 0x2a}, {&(0x7f00000017c0)="92b25c3ad047dc1815d3875b61902fab9644a14450847f1458c330310b143bcb3cc8662473ff41702db48fc2da73115e968de30b4fe7647e6b37af4c90797ea4a4e2ea2e66925385cd2479057bb7d407ccf55ce82ae33214a0594935c543de9529825f4dfb8cbb8d5f7e4d02fc40f0614d655388ea3f35dbf72e95d1a8", 0x7d}], 0x5, &(0x7f00000018c0)=[@dstopts_2292={{0x40, 0x29, 0x4, {0x0, 0x4, '\x00', [@calipso={0x7, 0x18, {0x0, 0x4, 0x4, 0x3735, [0x1000, 0x2]}}, @ra={0x5, 0x2, 0x55d}, @pad1]}}}, @hopopts={{0x28, 0x29, 0x36, {0x1d, 0x1, '\x00', [@padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}]}}}, @dstopts_2292={{0x20, 0x29, 0x4, {0x87, 0x0, '\x00', [@ra={0x5, 0x2, 0x800}]}}}, @hopopts={{0x20, 0x29, 0x36, {0x6, 0x0, '\x00', [@pad1]}}}, @dstopts_2292={{0x78, 0x29, 0x4, {0x88, 0xc, '\x00', [@calipso={0x7, 0x30, {0x2, 0xa, 0x6, 0x5, [0x9, 0xc659, 0x6, 0xffffffffffffffc0, 0xca000]}}, @enc_lim, @hao={0xc9, 0x10, @dev={0xfe, 0x80, '\x00', 0x1d}}, @jumbo={0xc2, 0x4, 0x40}, @ra={0x5, 0x2, 0x4}, @jumbo={0xc2, 0x4, 0x9}, @jumbo={0xc2, 0x4, 0x7fff}, @padn={0x1, 0x1, [0x0]}]}}}], 0x120}}, {{0x0, 0x0, &(0x7f0000001fc0)=[{&(0x7f0000001a00)}, {&(0x7f0000001b00)="2ee1bc928ae3c3fc7ae11db2b45acc87eafca1de0eab724f58b343f2c50451d132a04576b517883f4e514d5566b52ba9770ee7ce599fe6dc22f3e01a16122849d4b620800d56ad1c8a3349bddeaa0431f39c3b7968149a9074027d5bfb905801ae23e8dd4849695f95ce22563c050d705bd0b8f2c738b17f72d8f977b59e076323536dd33218edfe0524201905ea82a1479e0e7f084596ebfb1f7439", 0x9c}, {&(0x7f0000001bc0)="fd44d0b0e9488cbd5e4b7c5352133db52f0eca801df68f63d1cb2823edede0efa7bf3d655e335e59dfe30a7f0a349b972bd713894281ed94f0675ab269d226ed2c", 0x41}, {&(0x7f0000001c40)="39ae74378d5503d2c024e11fd8963c1724265692f545ff74b7253de32c0be1592c860c986c5445c313b80824f2d46033e3c132458829aee3c0969e9ba42f0c33ce7ca065a79587a977a6b181e3848eda16bd92309e13d6adafe59660c2ee19533752d8b43f9f5324eb2e52dd65123ada93804ec7dbd119f52331ef099bbed7a78b60cc9306c823", 0x87}, {&(0x7f0000001d00)="7a34fde498514f6f9bcf36840ed49d0d110dda65b8b9e3d6fa4c51d9bc0dbfba943431e583a16960eea64d7d53261c59f54ccf079b27f8be3e208d1991f01ceed7721347d6d46095ffda13ecf364cdb19178e554756a55fb9dcd209884cd52677c4593875b19d6ea94ea540c5bbbbae39c77343a61e6f3e36ae4147e25b3360eef5fc6618b9c470d556440c6c758b0e7576d5ee494731c7fa12a46d06499e0835dd1fa37af9a5ac9922eb2dd2a86e8043e83fb805a43ea26916c00bd77b176cf64853b4c0fb6f984c43c47861f109d7ce32f499f", 0xd4}, {&(0x7f0000001a40)="23bfff5fbbc8cede1bea0417f4ff766bd2a5bab1a2369dae2400ee0c46cecd6477434a41bcefcba97efe77f497", 0x2d}, {&(0x7f0000001e00)="37d21cebba0b151412254b669d290e0767f8da1e88d2643b5239ba85e94d861283bdd66f44b9d724d1e3de08e70603aebf0e0b3080c61005c75e273f6b42148f0c59ce949097ececad46d8203630b31da9ff5f70e20e49a1d3bf02d4b50d67328dad1d40f891fc83f06edf69e7f52e4befd793f0782c75c1a4653dbfd348e1ef387a56e033f25e7bef4feda4971175e5d4cbb3afbd191a6ced9c877c2864b16aabe273f66ff35287c1730490379d0eceb8227211bc5c", 0xb6}, {&(0x7f0000001f00)="9c695b0f0a9cc4d8ba81d35b70e0849cbd9125d8d449646ebc51914b59e0357f9cbcc686b651d983b6b4455e2f7ff31cff1610f94e2bfd786a110ef6664955b649f3c36c79b28e97bdcc73efa0af614719a2a600cb2e33569c7ab1736483bcc69409cff4783fcc9a9896eef436824ad1b2fba99e3c85d9eb38fc76c269a50576ae48f043", 0x84}], 0x8, &(0x7f0000002040)=[@pktinfo={{0x24, 0x29, 0x32, {@remote}}}, @rthdr_2292={{0x68, 0x29, 0x39, {0x33, 0xa, 0x0, 0x23, 0x0, [@empty, @loopback, @rand_addr=' \x01\x00', @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @loopback]}}}], 0x90}}, {{&(0x7f0000002100)={0xa, 0x4e21, 0x6, @private1={0xfc, 0x1, '\x00', 0x1}}, 0x1c, &(0x7f0000002180)=[{&(0x7f0000002140)="69a9ae2d8700cb49c24e4c9f9cbefb33146b62a1561af582235ecf9c19be7022e8749c9348f983386053b0f42fbcd6a43d0378bca471", 0x36}], 0x1}}, {{&(0x7f00000021c0)={0xa, 0x4e21, 0xff, @empty, 0x80}, 0x1c, &(0x7f0000002280)=[{&(0x7f0000002200)}, {&(0x7f0000002240)="1c446b2984422963afd0c4b7c2a74386e58185f3fd2e23832aa5868b58b96ba56335d334ff4c12ea8ec0d28c17f9e1b4c23add6739", 0x35}], 0x2, &(0x7f00000022c0)=[@rthdrdstopts={{0x138, 0x29, 0x37, {0x33, 0x23, '\x00', [@generic={0x29, 0x5e, "f380cbfd4e6f2fcad82775e4fc95a12cc488701ecd3ca99f282629c759d403a6b1c50ec0c33676cd893bc6b05cb057f495883f181ef3abed740bc86cfc4a46fb75071c8b0c94a3f2ca4e9609d607af4122ddacf6693fed8c6639890030c9"}, @generic={0x4, 0x7b, "7b05081e10c76d93572832becbaf7309eaa6e9bd37ed0f79ebc182fd485f3cf134ba02b32fc65b8af718b4bc6096f343673b8b248a73374f6f107d4c6f8d6c37d33df0865719046fd2b86f11bdd5c6d2cec4abcccc45baf4af82969ecf36941afcae5af94a25f9bcd79789358249db21e0b009645e5a33fa813fee"}, @padn={0x1, 0x2, [0x0, 0x0]}, @generic={0xe5, 0x38, "a149bae15644bf5a8659243d000bd1be9a1ac0b3313cb27d10826f889483effe9cef710ac19bab468ea385548f334dbb984914e5eb1d4632"}]}}}, @hoplimit_2292={{0x14}}, @dstopts_2292={{0xb8, 0x29, 0x4, {0xbc, 0x14, '\x00', [@padn={0x1, 0x2, [0x0, 0x0]}, @pad1, @generic={0x40, 0x88, "9e93dca0675278bce327f802f81ba750f5321ddaf16521410e38829feae13dcbdd1187fcf7204bd882bbb20c795a4535f2aaed2ef2c0f2d13689b1fe60e447696202d1e104cd5f1f840c46057dbbfc50c96ef4ed23a90a260aac1f450c5b2597e87b0494c9c60a9ab4a0a634a3fa6c5628213109348e82ad1d00406fdd0798151f6e6069c7ff5925"}, @enc_lim={0x4, 0x1, 0x4}, @padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @ra={0x5, 0x2, 0x1}]}}}, @hopopts={{0x28, 0x29, 0x36, {0x32, 0x2, '\x00', [@padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}]}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x9}}, @dontfrag={{0x14, 0x29, 0x3e, 0x6}}, @pktinfo={{0x24, 0x29, 0x32, {@dev={0xfe, 0x80, '\x00', 0x44}}}}, @flowinfo={{0x14, 0x29, 0xb, 0x3ac}}, @dontfrag={{0x14, 0x29, 0x3e, 0x1}}, @pktinfo={{0x24, 0x29, 0x32, {@mcast1, r3}}}], 0x2e0}}, {{&(0x7f00000025c0)={0xa, 0x4e24, 0x401, @private1, 0x5}, 0x1c, &(0x7f0000002940)=[{&(0x7f0000002600)="4a7051d1c3df1e33653520d8bbaf52e4e9a81381bbf5bfa388c12280c2966345b087205028e1f0f244c7744018ca68e782e26276887f1109182e25e270edffa5a978236d9d4e5c5418e179bd3657fef728f64affc8305d21e21478dc3a6e718f6ecdae91487a24b4e87362f74b54ef31f1e095d7f16f87a6333b26137f6b83f35aea7438f70bd5bde74043faad363ff5f165e376", 0x94}, {&(0x7f00000026c0)="3d3f6db08c8990d1215c5ebfe25a815f92b1be74d6950151e16c69be02cb8c8f31bc68b7eba6e65044b297998aabc48634fd2f5418aee00bbfa282faae21b021dc32a4244b8fe111d00adc50b444ec601224d503f3b33e834b0fd86e8c35f03ca3e808b9fb4e0edfb298fd37c812d16810dff1619eb874012e916d7542ad4e14cfeb2503c4a684bd3b95b45558e262b79598dfb92700db48a559bff9080b8404f951bef6f79f4ca1c1c2cf869108a8c781574a035f7408fbf29ff42532d2c79c05e2e38cd738dd21fcc1645e06dc73fb665c1de7dae9353882c105f521aec374fe265234380480a4", 0xe8}, {&(0x7f00000027c0)='&jm', 0x3}, {&(0x7f0000002800)="19a3db4f68b137a0a66b5b065b", 0xd}, {&(0x7f0000002840)="c2cacffdeafe4141a0e9b67265b6855247f8a692a08baff69eac249d0612c65844affef61792440550489ea76f511f4fcc8017cef6a5105e0837ae5a286ca9b02fa404d7db8888a58654326b5221c77de5752730f2f4f0b705f39aa2a4fc992b7289f31b71f453750a", 0x69}, {&(0x7f00000028c0)="27287a6e48accd6956db6e3927085c77a28e812083b9250a402d4d0a00a01210cd510220da709b11aaeaa95140d8a19fa79ae7910ab41ff5b65e28fe4c1d0de9499feb2827edb217bb47e7eab75c2870061ed203855fdd68a3ed9d4662f1c5e912f0fa023b03bc48868bc20aa5d4e619fc9b168427", 0x75}], 0x6, &(0x7f0000002a80)=[@rthdr={{0x48, 0x29, 0x39, {0x6c, 0x6, 0x2, 0x5, 0x0, [@private1, @private2={0xfc, 0x2, '\x00', 0x1}, @private0]}}}, @hopopts={{0x18, 0x29, 0x36, {0xc}}}, @dstopts_2292={{0x38, 0x29, 0x4, {0x0, 0x3, '\x00', [@pad1, @hao={0xc9, 0x10, @loopback}, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}]}}}, @pktinfo={{0x24, 0x29, 0x32, {@mcast2, r4}}}, @rthdr={{0x38, 0x29, 0x39, {0x32, 0x4, 0x2, 0x7f, 0x0, [@private0, @dev={0xfe, 0x80, '\x00', 0x1b}]}}}, @pktinfo={{0x24, 0x29, 0x32, {@dev={0xfe, 0x80, '\x00', 0x41}, r5}}}, @hopopts_2292={{0x40, 0x29, 0x36, {0x87, 0x4, '\x00', [@calipso={0x7, 0x20, {0x1, 0x6, 0x6, 0x55bd, [0x81, 0x6, 0x7]}}]}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0xfff}}], 0x178}}, {{&(0x7f0000002c00)={0xa, 0x4e24, 0x7, @private1={0xfc, 0x1, '\x00', 0x1}, 0x6}, 0x1c, &(0x7f0000002d80)=[{&(0x7f0000002c40)="d430e1e901269bfa7fe7ef243a416e2eb2f4e7fd96dca51b2eb3d833733726c0e5273ec863cc44c757bffa2dc87cb330af63e1a59e85b9f2d4a803e960a207980678bc", 0x43}, {&(0x7f0000002cc0)="a52e29f749998157b10071b33f9ef9543859f6d53efcabbff1bd7a45d812bfe476e5b7ce96f0c5f19d2834854e9bbe163994dc24b86eec308c29ed0000dfabc9efe76a380c508da0670312f66542fc48711a3fd7a483cce9af67ec5bc07089b04f5c1d63c1db30697c8da7009128a23c70bab4fa3a62dc06e95cd2fae7de781c61c826087c704498210626b7eecd8e19600628597f1cbb74e4", 0x99}], 0x2}}, {{&(0x7f0000002dc0)={0xa, 0x4e22, 0x6, @private2={0xfc, 0x2, '\x00', 0x1}, 0x2}, 0x1c, &(0x7f0000004300)=[{&(0x7f0000002e00)="331f955a2919c787aeb50a522fd16a54f38b81fe4a3fdc95d521884466c7c8c28eb26b1a", 0x24}, {&(0x7f0000002e40)="2aaf1ccec6e801c53a469b56c250734d76950730619ad56263453b6382d75bfcadb83ff2b5ed33008d2fc0f42bd44e79808fe6861fb99f9f2ab485d190a742e7f17fbce79b280e9cbaf3f87e0220994ba6818a8bb4b0ed61082150b223f80c0b91229fbe79d6728ce545ef88934de3173117ab72b2bb3a0cbad03f517bb17f639f523208b09cd8848011b227e2c6c571a6b994084d407df242e4f467d57229b4578e7e0138a87907cd982879a031297fe096ae0c290c873b9174911a4b850708b2cc4fa4c92582b99e75c965c107bdc8d9eefcdd10725ddcb49058a8ac9ef072353189857cbc5635716f1c07f5e446dc9d478c7ee0983288c48bca8a19729ae7fdb6a6e31b4ca2ef8b41df893deddc8ab11a3c171dfaa9f0f36f0c9a11ed432e082ac298bd4825dd0f6fac490b550b95a6e48ff99cf8c7b8436260a1dd2cfaea73ff77d5aa5afa0dcedca96dce2683e7031f33941a0f5f345da01b374765ecdd12fd4085b97d2ca091b7853258c17ec6fe66caa3a8da787a25ecbeac1bc5e688465b0ef40b3312ec0d2b837fef7505b8bc962870045c5cc941fb578b3aa2ab3c575d882af913311b1b766943039488624933b2377025d80631ba9828594cfb19674acfba5db6acef3ea36af65c47cd7922f1a3f328950e32208ad08ad64bb80c24f752beb941dcd96a5b91ead04fda602ce92cc4e758c33f92446a04e56d00a8a4c35009ef2531538feb42b858a88cfaed250f25ffd7c187c97d643438ea49507c2560fb7ebe50335e0619f9c9c00d27a2c8d18bcbee2a4a102f050773251c93445cefe1296d621caccfe35feb1d098fbf9588bb3c7123bd9c8048c35e0ceaad971feef97d1cd49a7bf8f6de87bab263721a2da21f8edf8fe6cd1a0709b3be2b7f3d588091dbdb06aae5e0e980693f66182ce12eaeabd33ca093fc1326325df637787ec39812f916bd3a7959abd3ed51bde1e93cdae674393d6c288c3c0f9f1a85e9f12c0de3b2be4b21422c763c632c3112bc817597c366bf7ef5e6a8dcaa6dcb55f9548f00198f43d3b1b3519cbc5ec6b9ff9ffe36331ebe5ec3675cf90431efabeb656c616091d8babe0b360fede03f52d079157760c2c820058d3e60b13ec63ccad94a81915ffd92e2253cf5b3233e7902706edc9a05c4b7afc597ba3242592b4d4d4721249cba2d36fbebba02b9dbd1dad07a5bf627a7765afdd1860406466679a408df61aeff7c0a86b13a979cc8d4370bf4270cc709879208cccbe9bb8d35b3eaea446cefff9217265d144965100e37f47858941f680a86bd157b53b3668f018c89a9b9a2184a00cb3aaa1a60166a0c98d2f84756b7d972c1be98b1004ffe67a2ba078606f1c29e814ebad69e804f8d9907855dd7ab0ace5ef15cc5a9883f07c8b58784d19242fde55cad946603f3c6feb0ebca5b8b9a5eec55fcd814bc4ee4f8b330524f9428a1c6fbe55c4e65a2e25c8b4467914b71e317573129542b0e0d2d30c1669f66331762d40cd9d42f6a2ff26e59b4b1e9cd1db871f402d81a9137bbb14bb5046155a18015711b5f2c85ef35a60b61b6e024321c68eb62a67d2bdac9f5acaf8513e92fb2a65d80f22c558b787cc9662a2b63b04371fa8b13c128d0b6c9445a6bce23815cc8daf38b835ec17ed9158f7c1e05998b4c79a88dc100f06162db7540ee4b6972da1e0a1349ee4b3efdac675523610d5ed82458b280046489b4a693c34fadb8fa7b71fb241b7ca0863199976cd40ccaa7340ce655dcd9d01e74e28b07bd8bf34fc731c3ddd6696eb57388c324648f552417b9a3ccdf82b75f11a902879604f40ac0434d96f5a58bbfde286990bcbdb4ddd69bffe13756cfef3f3d03b3b38e9d5954ba5e5a67e79082c4f427251d5b19bf3f7f79a42929bebff388e8f7859b806e542d53c9921a3036f2e569746325bcfe7a19a30a0a17ea5c96069c39709f2f682b56cba1f94da5ef41556f78a618776d12579c472ff62fd5fa0d2963bd0e89ed39241dca8cc4993e92634a1e227de81816fb1c4cb7d1ab089ffeb149aa550084454e33835e9bd06bbd58021cb748493bf8df255179c293541d5f5b66d12de7be996fc02086b80f58b0c16e9c4ae2b684c5652d8859ce678acb9d8896ffeb3327bc7e72f66313ce48770801f411434908ca1be42a6cd8f5f75f2c2adc6f645a90cf3219ba37ec1a8a585800b96108c5b3a271449c945c4746c6652e5b535a3e0398ac3a7f31c5efd6759c15aebd81ec8fb51a64e6996fb0450a48c5b9671b40756dd3e57d98ef286fabbde47392e487d66a2d410f187613e3664535fe9c05ecb8e3d66808aded7375a0fd98e8aa53b7869a54abf7b0067ad6b0a7f4d5abbd7b4b79ec2bccb25ee99d2faebf1231dac6fae13bfc385bc47f4a8a4868ab73c4fefe8a315a49d2a706521400b4926edd716970a7f5b0af3965c5176dde1506e6fbef9979d151a7053a0f1e848a86c9827158b925838248566ed99d0a2d3dbfcc3e7e5eb9f1b0e61b4c419f5a1aa79b98767fa1650c33f754753023ec49ef407bb52327d52f2d19b816f3a3c6824d3e7cc333b427e49abe9b75cf31eb1c4f67190241259d955f1935e378df5dd203671e0273107e02165901e364b801a3d23ab0d0b4c079f73a4f072424cdce6d2948bd40582f109fc5ff504f3919ae457a7887ee4719b8c337b4a435f20bd0d6f1bc51e3c254e2b8a05f7cddb2b3a4b04c7747ad0b41f9af12de40893fcad8cc1231c57dbacaf39154f5711edd2618a644adb2491b2734058f538cfa7230f3bccbd030c378182e3c6560bd039c59b13a25319e469dbf3c49effd5428a61b86e5842e7d540d4635c10048d6db351c47e847955270aa7dd6ef1046e195013ce72950bba8e455797b05a8819223ec3f51a4c4fc9c1dbcced4e86bcfc7bf32892509003889b7ad034d26a9f0ac0c3452fe2c547b263b5da375476a52cef426919f8867311d9ec8a65226ef2e80bfaf1568f4d2ee9a45bff28275662a27495a6db9f5b51583b99bd0a4a4641245ff8451f8abdc8ea34d0f8a48cbd6b11adaa7921968a6833e3a90b85e555894fbeafb583a2b294cfb547b6f8e62ea654f52524fc8536dce64d66326a6df48828f8593879092342e723bea8eb07129441ee0c99a0b8c39283489b44869431d05667061b866f258d0bce9a64e8036e952d433a499f29ae579e824e1f26a33f9f6772bd94d105c9142aac9cdf97201735f32740ae3db5919225c4c51e67a0f4bd5c62c1f49a5939c15b9a76e86d4c4d84f88e538edf3e313a26e058d63c48597a4358dd69f683b0fe733795027d49fcdae2abb2ab8dd85f5d7ec7ef48226f890c0c1a79131bfdd48336f9cfc8198020d0a7ac25f092f10906a651ae724feb56cba9f586d47b6a93531cba6e171ffd2bd1c2938a24ad345e95951d602376ee3897227ea0b92ae68cfc08680602e4ebd6e8d7874ca582b3d93474e6f64f972a4bceb48b30a54f29a8d1d9f1997dc1de12f50a6b35361f5badbf26eca6afb2e76707a9357f978e08604c0177ca36c0ca1f8c23a587c318e57afa9b37f3d89072095652f87e6484a3e112c26f466daa17d12397fb6f5b21a228e57c06494c18ac7f7e47d0f9a228a2007cc6c777486eb0962d7d0395d13067064cdd831bf9cc339259553243eea271815b1e80cc5c9acb382ecccdba95d85ed6a8d3b40bf85e8d5e7a38960d771a1241a484796fccb71373f7255c2e4795a0f98f117c516788740849f2e6701b1aef40d2c8821e8bc0c69843479d2e29350b7e1bfe879a92e97a9c269285e8ba17628c00f94ae79787ed83558664d7cab1b1599ed5e4e27b2543eecef4c278a324dfd2c2d8d0d61e66ed8cfe335a321c349a8b010d73ae93c8082f4754f2b044b0cd2487e3f7e55b3c604278b543be912e0870943fba73501c16436f4ac36b0b75cb8a3abfd2fefcbebf185e5b882d6ae9bb70c7603891b0cbaea00a1bf133e86444f500092abf24532b40c15c447aaa6aec3493c5520c0deca090ec94731f1c3065e4121b67e803fd3ac8bfac8f7be30840c92fed6caff30fda6a9fa17a629b9ba162f1457093a32865b341a189444b3cbbb477694997c76dabc0c059f740c890df7245298864bea3c5f900d846754f495c2977c311685ac41a40db9c150714ace609e143838a07ecd6557ed25531668276c00ad8e8931a0710f99f6fff87f3b886348098a5bd0bfb5614867b1ac31ba43dd6892477532609cdb926e3ca2ead76c7fd97bb6b8abe90e3e9e1eadf275d891f62c9a5542b5c39750774e7660cd977baf478fc45bd683bf30f1ae68768fdbf5f0fff21a62286170a7dcce98c2d6c94928d5ab8f9b6638eeea3ba754127534401f41bfcbfda620bba32fa06cbebf8b2cb38460b8f88dcc7fc2cb4921c3627f1bb508f5a1f30787606912bb81ae40086f9539b8f33ca4a1ae0fdf29b10d5844db486df078eccac5f97d40b22ab2b6ced3d387b3ee091f677f3d94dc3ffc8812fa71c4fc8358230e2462f4e331c3517c0daa738088f6df325fc490da956aadf63738edd955f7be8853b509e14efdc4b88d42b447438a54a3d7b081eeb9e372da4b21545fcea1d357003a0177ceb25de0af5009f0b330313ec9200f0c401e363a8e4e3ec2f560e64392d1a8c77c3994ec005205c149cfbb349bcca8dd9cf20ce9ad159da6deeb0d2bc1ab1f3ed6f3a9dcd9211d8d007c4897393f8b1271b9862071f939ace678d7e7bae25f8bd2595e8207899e803d20b16d25e32e84db56d19f1236f77f08edf94e30b6b6777fd27abf38bf60052490bff378e64eca3e585ddcc07c0c3d420e495f8baeb09f3cf0939c932c49009b6b32fd7a059304fad45965921d0fddd4aee7e9708e06db0d30c08e703b927b7b0497f7bbb05cbddbeff4d5889fa9494a8826ddd809bfa781bf23670d674c45e38f2a45e488cf217592b09073d5b949e0c0002f5fe4b52063c56c7fd17073ede61a8c10b6904786de22a7f2a246cc3b0639dc72e3d7dad05cb268049b2d6276fb95dfb4a8e9bfcd1a92a2bc5800ff934a7a6f2c4335c3a8d61b2e944cf51e2701aeabc38c0a12d0ea07adecb941b4650332dce472ccadc8b55c91f39f4a75ef659261e52659000d7e4731ef783323f4c3f3e448be9d31a4e4a9ee4c4f59c6bbdbde71b97f22651fee0eae6faf38b17b684df22f9b55b4e78d1521a70595289bd8a8473749c75505b1b125d3bcd4eb15fe428ceea0a9a5ffc3ba5f8519167dc8d6617b67ac3cd7289f70b0dc437831336f838bf860ce6cde6b1cf8636bc2589d85ef29d4ecb83270b4d904ffb07a57c532ad5523c3243bf9d42b618463fb89a7520028806df4c1f41debd767f0966df7450929b072ab7478492f9fb59d15c75532e66b3c3773b2703b0aa89f3d8806b76eb91e3269b1ca0dcbdf4b2ffe0d48421e9f1d47dcc5237c8b48f57ab6a155edc8d406abfd8e81e08348e75d3cc33167963471a60582d8eee6eb972041dd0d6b504bd5f3b7ce217c46123332417ef46dc37f278015667acd97f0929b61ec00a4a7e90932649e603b1297eb8791cdc5b2f7b1e52c6e276726a1143593a13e420e13b090021aa952275e0f342c5d5b552935b0b0b2d1cf2d8056945972bc109686b6cfb0ac1d62b357fb1a2fe89ba47e56c42e7604deaf98aa36c9f8b8df77009aabcf4eb5839d576f614876972cfa7bf33164abd028562935ce2d91f3a173d85d5639ea990e74cfce25de7a48a28312e8fbdd00e560ce6850683d052754475e11dd59c34446f61a", 0x1000}, {&(0x7f0000003e40)="72b6068acee94798fe02bb39d33f9f7c70be05b75729031ecf7d2b92e58741f8c7c7ea2a8e3b0755e4bc3c441460032a3b89a409fe38a173a7547ee05335a04ff0324da35308012f007edd769c3b0fe8ce8c3340123fe732ab6ab5d80e51e9", 0x5f}, {&(0x7f0000003ec0)="918014015352ac963d776f4b42c083a4c94533c9e4d49658f91cef1c833307d5de162ea7a17596b65c1ab6d06e90ffac5f804f191c1af96e4f0274122a44e1a9cc82cb726527892fce8282a165aa8adf204d20e7a3b65e1159939626bf5870fd4e0812d942f306977cd8a20921861c326b180f7a36be524b7ace56ecef2eb3aa0a1f3caebfd2a196d5e69c6f3fd6babec1d3b7816b87d561b3cdacd46c61a170eaade4e400062eb0fc7967cf0d345f22315e5000979cbbc227f633a76b0000d3ba8e5faa292b9e3d71ec870373185fb75d5821d34531055767b0bd5e90a2", 0xde}, {&(0x7f0000003fc0)="6b5e311f0cafdec731518e4049ee2dbb545bc2c11f626930a783671b5a18cc9a7b8330df057a882fd9549a99de403c80e66dddd659fda925bf57f2942a1dc068faadc9fd567b9bdad20bd6081a5349b3eb827ef376684d847d97fce3a2c2402a54ed1298449a0ed5cacf0b03bcdf4296cc26735b6f5aedce2fbe943951311cace6ff179889e3cd39c1ba383af5eb113c90162689d3f52140ceff011955b379", 0x9f}, {&(0x7f0000004080)="452ae670231aa84fac8149a06fbaa1a5f27e6f7ebef9883d988a6fbf556340297bb0e28cb4104b77e39d651981e8eb478fb34fbbb14d53e8c81783cb8b1dac5181", 0x41}, {&(0x7f0000004100)="e418502b01d4fcf4a24793ecb6e414c4adb141bbace1ed61023b70401db046166625d001269b95ca3420fe7d3c8ae250f6d5e26481eeb200f5b7893ea25ac0221da203e723e48b191d84f2a4864eaf82a51a1560959360a62b660e227532bb1539ee391f5b1dcfb4c2c966334e", 0x6d}, {&(0x7f0000004180)="f97c2d07ac25f84da1ed07f383aef3f545c421b8a7e5b12ff5813c94d54443ae4fe7e41bb9d2889b70c2aacd7ac5070697643d7b0155bdf5fb62e0afe4ec2ee1dce928de3e6b41cbca286a38b79b1f89513cf79f6d91180113f9ddda5e5f2454c0258fba79f062f26cf186130b1a079f4d417c2aa342154ee0a38327cd320ff4e548a771373c0e636789fac48a83bae63789ef5c094f33b637a32c26883fb78ee7b36e3d1b2f87a7fec2", 0xaa}, {&(0x7f0000004240)="8885ab99934eb1fa839bac22d6f2f1aca586a7c933d2a46d873d06b5e104e27d42b9924d6f3cb172b64dd53154088ad53f16824a13d5ab5324e55fd4ace49cceb2edecf492a118d3aef218048388e268a638127deaab97b0fefda8532d2898525bec84722acebc48f6142508f548c9b4a3105d25ed4889d402fe7eca71056d73dabfccde283b7eb59712c51b573088a3d3c3b12b57bc30102b737d5df50fa9ad3a67cabcaef4ffe658be8b", 0xab}], 0x9}}], 0xa, 0x4001)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sendfile(r0, r6, &(0x7f0000000000)=0xffffffffffffffff, 0x1)
fork()
socket$inet6(0xa, 0xa, 0x3ff)

[ 2925.316137]  ? vm_iomap_memory+0x190/0x190
[ 2925.317237]  ? downgrade_write+0x3a0/0x3a0
[ 2925.318118]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 2925.319275]  ? __vma_link_rb+0x540/0x700
[ 2925.320158]  copy_process+0x291b/0x7800
[ 2925.321013]  ? __cleanup_sighand+0xb0/0xb0
[ 2925.321916]  ? perf_trace_lock+0xac/0x490
[ 2925.322785]  ? perf_trace_lock+0xac/0x490
[ 2925.323676]  kernel_clone+0xe7/0x980
[ 2925.324456]  ? create_io_thread+0xf0/0xf0
[ 2925.325307]  ? lock_downgrade+0x6d0/0x6d0
[ 2925.326152]  ? find_held_lock+0x2c/0x110
[ 2925.326979]  ? ksys_write+0x12d/0x260
[ 2925.327774]  __do_sys_clone+0xc8/0x110
[ 2925.328567]  ? kernel_clone+0x980/0x980
[ 2925.329373]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2925.330312]  ? vfs_write+0x354/0xb10
[ 2925.331115]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2925.332184]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2925.333274]  do_syscall_64+0x33/0x40
[ 2925.334032]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2925.335066] RIP: 0033:0x7fd16660db19
[ 2925.335835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2925.339544] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2925.341099] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 2925.342616] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2925.344398] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 2925.346180] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2925.347958] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
05:48:59 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 15)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

[ 2925.375310] loop6: detected capacity change from 0 to 41948160
[ 2925.417636] FAT-fs (loop6): Unrecognized mount option "" or missing value
[ 2925.473181] FAULT_INJECTION: forcing a failure.
[ 2925.473181] name failslab, interval 1, probability 0, space 0, times 0
[ 2925.475052] CPU: 0 PID: 38911 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 2925.476057] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2925.477236] Call Trace:
[ 2925.477624]  dump_stack+0x107/0x167
[ 2925.478149]  should_fail.cold+0x5/0xa
[ 2925.478697]  ? create_object.isra.0+0x3a/0xa20
[ 2925.479352]  should_failslab+0x5/0x20
[ 2925.479909]  kmem_cache_alloc+0x5b/0x310
[ 2925.480498]  create_object.isra.0+0x3a/0xa20
[ 2925.481121]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2925.481869]  __kmalloc_node+0x1ae/0x420
[ 2925.482440]  kvmalloc_node+0x119/0x170
[ 2925.483026]  alloc_fdtable+0xd3/0x280
[ 2925.483570]  dup_fd+0x92e/0xf40
[ 2925.484076]  copy_process+0x197e/0x7800
[ 2925.484651]  ? __lock_acquire+0xbb1/0x5b00
[ 2925.485313]  ? __cleanup_sighand+0xb0/0xb0
[ 2925.485917]  ? perf_trace_lock+0xac/0x490
[ 2925.486535]  ? perf_trace_lock+0xac/0x490
[ 2925.487153]  kernel_clone+0xe7/0x980
[ 2925.487705]  ? create_io_thread+0xf0/0xf0
[ 2925.488330]  ? lock_downgrade+0x6d0/0x6d0
[ 2925.488940]  ? find_held_lock+0x2c/0x110
[ 2925.489540]  ? ksys_write+0x12d/0x260
[ 2925.490111]  __do_sys_clone+0xc8/0x110
[ 2925.490678]  ? kernel_clone+0x980/0x980
[ 2925.491260]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2925.491925]  ? vfs_write+0x354/0xb10
[ 2925.492494]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2925.493237]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2925.494013]  do_syscall_64+0x33/0x40
[ 2925.494544]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2925.495268] RIP: 0033:0x7f87f4e1cb19
[ 2925.495801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2925.498406] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2925.499486] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 2925.500505] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2925.501523] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 2925.502546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2925.503556] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
05:48:59 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 40)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:48:59 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 59)

05:48:59 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) (fail_nth: 6)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

[ 2925.585816] FAULT_INJECTION: forcing a failure.
[ 2925.585816] name failslab, interval 1, probability 0, space 0, times 0
[ 2925.588412] CPU: 1 PID: 38914 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 2925.589871] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2925.591616] Call Trace:
[ 2925.592187]  dump_stack+0x107/0x167
[ 2925.593015]  should_fail.cold+0x5/0xa
[ 2925.593953]  ? create_object.isra.0+0x3a/0xa20
[ 2925.595076]  should_failslab+0x5/0x20
[ 2925.596026]  kmem_cache_alloc+0x5b/0x310
[ 2925.597035]  create_object.isra.0+0x3a/0xa20
[ 2925.598117]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2925.599368]  kmem_cache_alloc+0x159/0x310
[ 2925.600382]  __pmd_alloc+0x94/0x5e0
[ 2925.601287]  copy_page_range+0x2bd8/0x3810
[ 2925.602298]  ? perf_trace_lock+0xac/0x490
[ 2925.603317]  ? lock_chain_count+0x20/0x20
[ 2925.604366]  ? up_write+0x191/0x550
[ 2925.605232]  ? vm_iomap_memory+0x190/0x190
[ 2925.606229]  ? downgrade_write+0x3a0/0x3a0
[ 2925.607235]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 2925.608526]  ? __vma_link_rb+0x540/0x700
[ 2925.609495]  copy_process+0x759b/0x7800
[ 2925.610478]  ? __cleanup_sighand+0xb0/0xb0
[ 2925.611474]  ? perf_trace_lock+0xac/0x490
[ 2925.612474]  ? perf_trace_lock+0xac/0x490
[ 2925.613464]  kernel_clone+0xe7/0x980
[ 2925.614350]  ? create_io_thread+0xf0/0xf0
[ 2925.615329]  ? lock_downgrade+0x6d0/0x6d0
[ 2925.616311]  ? find_held_lock+0x2c/0x110
[ 2925.617275]  ? ksys_write+0x12d/0x260
[ 2925.618182]  __do_sys_clone+0xc8/0x110
[ 2925.619093]  ? kernel_clone+0x980/0x980
[ 2925.620033]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2925.621167]  ? vfs_write+0x354/0xb10
[ 2925.622157]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2925.623470]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2925.624691]  do_syscall_64+0x33/0x40
[ 2925.625565]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2925.626766] RIP: 0033:0x7f81e84c4b19
[ 2925.627637] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2925.631934] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2925.633763] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 2925.635456] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2925.637225] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2925.638942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2925.640676] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
[ 2925.722685] FAULT_INJECTION: forcing a failure.
[ 2925.722685] name failslab, interval 1, probability 0, space 0, times 0
[ 2925.725645] CPU: 1 PID: 39014 Comm: syz-executor.6 Not tainted 5.10.235 #1
[ 2925.727146] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2925.728924] Call Trace:
[ 2925.729488]  dump_stack+0x107/0x167
[ 2925.730266]  should_fail.cold+0x5/0xa
[ 2925.731090]  ? security_inode_alloc+0x34/0x160
[ 2925.732092]  should_failslab+0x5/0x20
[ 2925.732906]  kmem_cache_alloc+0x5b/0x310
[ 2925.733797]  security_inode_alloc+0x34/0x160
[ 2925.734743]  inode_init_always+0xa4e/0xd10
[ 2925.735661]  ? shmem_destroy_inode+0x70/0x70
[ 2925.736627]  alloc_inode+0x84/0x240
[ 2925.737420]  new_inode+0x23/0x250
[ 2925.738183]  shmem_get_inode+0x15e/0xbc0
[ 2925.739070]  __shmem_file_setup+0xb8/0x320
[ 2925.739986]  ? _copy_from_user+0xfb/0x1b0
[ 2925.740892]  __do_sys_memfd_create+0x275/0x450
[ 2925.741877]  ? memfd_file_seals_ptr+0x170/0x170
[ 2925.742891]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2925.744160]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2925.745343]  do_syscall_64+0x33/0x40
[ 2925.746163]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2925.747289] RIP: 0033:0x7fe01fe92b19
[ 2925.748115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2925.752175] RSP: 002b:00007fe01d407f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 2925.753910] RAX: ffffffffffffffda RBX: 0000000020000180 RCX: 00007fe01fe92b19
[ 2925.755494] RDX: 0000000002801400 RSI: 0000000000000000 RDI: 00007fe01feec0fb
[ 2925.757095] RBP: 0000000000000002 R08: 0000001001000a00 R09: ffffffffffffffff
[ 2925.758656] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000
[ 2925.760239] R13: 00000000200000c0 R14: 0000000002801400 R15: 0000000020000240
[ 2925.779945] FAULT_INJECTION: forcing a failure.
[ 2925.779945] name failslab, interval 1, probability 0, space 0, times 0
[ 2925.782747] CPU: 1 PID: 38999 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 2925.784458] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2925.786435] Call Trace:
[ 2925.787086]  dump_stack+0x107/0x167
[ 2925.787889]  should_fail.cold+0x5/0xa
[ 2925.788701]  ? vm_area_dup+0x78/0x290
[ 2925.789514]  should_failslab+0x5/0x20
[ 2925.790324]  kmem_cache_alloc+0x5b/0x310
[ 2925.791194]  ? lock_downgrade+0x6d0/0x6d0
[ 2925.792093]  vm_area_dup+0x78/0x290
[ 2925.792888]  ? _cond_resched+0x10/0x30
[ 2925.793716]  ? copy_page_range+0x24e9/0x3810
[ 2925.794703]  ? vm_area_alloc+0x110/0x110
[ 2925.795579]  ? vm_iomap_memory+0x190/0x190
[ 2925.796493]  ? up_write+0x191/0x550
[ 2925.797272]  ? downgrade_write+0x3a0/0x3a0
[ 2925.798174]  ? down_write_killable+0x180/0x180
[ 2925.799148]  ? __vma_link_rb+0x540/0x700
[ 2925.800030]  copy_process+0x291b/0x7800
[ 2925.800917]  ? __cleanup_sighand+0xb0/0xb0
[ 2925.801828]  ? perf_trace_lock+0xac/0x490
[ 2925.803395]  ? perf_trace_lock+0xac/0x490
[ 2925.804536]  kernel_clone+0xe7/0x980
[ 2925.805335]  ? create_io_thread+0xf0/0xf0
[ 2925.806216]  ? lock_downgrade+0x6d0/0x6d0
[ 2925.807109]  ? find_held_lock+0x2c/0x110
[ 2925.808000]  ? ksys_write+0x12d/0x260
[ 2925.808825]  __do_sys_clone+0xc8/0x110
[ 2925.809659]  ? kernel_clone+0x980/0x980
[ 2925.810514]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2925.811506]  ? vfs_write+0x354/0xb10
[ 2925.812332]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2925.813455]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2925.814567]  do_syscall_64+0x33/0x40
[ 2925.815361]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2925.816462] RIP: 0033:0x7fd16660db19
[ 2925.817261] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2925.821199] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2925.822825] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 2925.824357] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2925.825877] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 2925.827400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2925.828937] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
05:49:20 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) (fail_nth: 7)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:49:20 executing program 0:
mlockall(0x7)
shmat(0x0, &(0x7f0000ff5000/0xa000)=nil, 0x1000)
shmat(0x0, &(0x7f0000800000/0x800000)=nil, 0xc000)
shmctl$SHM_INFO(0x0, 0xe, &(0x7f0000000000)=""/45)

05:49:20 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 41)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:49:20 executing program 2:
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/94, 0x5e}], 0x1, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/attr/sockcreate\x00', 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)="ee", 0x1}], 0x100000000000037f)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sendfile(r0, r2, &(0x7f0000000000)=0xffffffffffffffff, 0x1)
fork()
socket$inet6(0xa, 0xa, 0x3ff)
perf_event_open(&(0x7f0000000180)={0x5, 0x80, 0xe1, 0x1f, 0x1, 0x5, 0x0, 0x7, 0x2, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={&(0x7f0000000200)}, 0x28, 0x12000000000000, 0x43, 0x1, 0x7, 0x0, 0x7, 0x0, 0x1, 0x0, 0x5}, 0xffffffffffffffff, 0xa, 0xffffffffffffffff, 0x8)
fcntl$notify(r0, 0x402, 0x11)

05:49:20 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 60)

05:49:20 executing program 7:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$EVIOCSCLOCKID(0xffffffffffffffff, 0x400445a0, &(0x7f0000000280)=0x8)
syz_usb_connect$cdc_ecm(0x0, 0xfffffffffffffcba, 0x0, 0x0)
timer_delete(0x0)
timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x4, @tid=0xffffffffffffffff}, &(0x7f0000000040)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timer_gettime(r0, &(0x7f00000002c0))
timer_delete(r0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0)
clone3(&(0x7f0000000880)={0x20000, &(0x7f0000000640), &(0x7f00000003c0), &(0x7f0000000400), {0xd}, &(0x7f0000000700), 0x0, &(0x7f0000000740)=""/224, &(0x7f0000000840)=[0xffffffffffffffff], 0x1}, 0x58)
fsetxattr$security_ima(0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000ac0)=ANY=[@ANYBLOB="040041b2042131d734a29ade8b0360792e8a53b0e02e668b3ca330f8b59aa7134170c5612d31161d11a6fbcd060200000024c5df091650478277b5405e62aba026eb436609209c45f379ded06400f18bcdde5eabc96bc52a72b288ef8e8d6c8201676b82e9ffc81985cabb4355c826bca259bd0dfd7397c81e880390f7118889a1b8f858430699a64f3107c5f47baebeaa56000000000000000029f7cfc5f87b6bb6d3c602f209a2aabeb298f08d65919ee41a214607c00774aa1c77e26391d2166fc59fc63a79db3192dfa1a84467ec07cb50e2ea1993a8bbbb1858e4422c6abd082b3754499a0f1406a6b9da003d50ec13a2a1633b83a0ac23914893e3730008000000dfd13672ea507188ac3799f84dc5feb7c30eccc2f8c3c6f6f390ed893e3df2d29efd9e3c471400a62cc65587d5ce2c4d723d2d02aa483147b430b361435e1f01dc5a3bf626957002a84006985e839e17639e0b607d5e50349af65f4f2bbd4d0346f1fdc1b2cffe4d20ca9404add59e86ba6adaaadf1d204882ab6c333951c4d1524ce9bcd4beaaa6b1d48329038ca4b24fdd5c7c0819d5c856a569abbe57c2c143709acff8b295c477a25e79ebd49229bd7f2832789d17c7e1e81a516f736faa5f78ca4ec4073f2b26e28f6edd1beb747919f888890f14b3fd7aec1f8bd4f3ae3327459786fb19842dae42aa95cb3f20619c51b098f0f13ca7a757b0cd23bdee854874363a11ff7b3784da3b78494040ab0e1c566c29cba52a7d0a20b11f98951e624b0cd5e1f2ee516bb3bdb0901fc92d53358c1562d539f040a9f920f052626b4dcc070663a9f2dcebbf0c233a2dc307975f5f48ee74d68a5b9b67b6b5f92cef18a93e656b15e3aca7031d9e2b7f139420b5f7dab41000"/655], 0x4, 0x1)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000100)=<r1=>0x0)
capset(&(0x7f0000000240)={0x20080522, r1}, &(0x7f0000000300)={0x800, 0x3, 0x7, 0xd7, 0x8000, 0x6})
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140))
timer_create(0x7, &(0x7f0000000180)={0x0, 0x3, 0x2, @thr={&(0x7f0000000d80)="bc23e7577de1d40de87d2446cd752757f734f9be5c5032feb290480ede128e1d43ae72c9fffd46f46cf15227c736476ae1c7c20f4ccf8c5d86ccb93ca96c3ff5d986b7335196c655cf5cc32b8e8f7ad8d4ec05a0a1891c9b5f3d954041dbb7d199da0c876cce5443ee299492106835e12114070703896d4463754a1da01df2a031cd033ba3593937d4928005be1e39fbf253ce745414ae1223a8126661f79c244aa984e793f14f04340f218bf66b4182627381a2cce372dc9b626dc58b55eb2e588378638a9ec41335e3637411f0f8a3fae7c8e303a794e6ed86274dce9dfe28f25dadd62d7775352e685a1addd329d221b738ef4bd460abd83c1b538ea59254d8e94fb8a91edee3de343c528ccf207781f7082da316260382b5bb1e1597c83ea0bcc226eef7da50ba10a6eaa9bbd3c7feb1de6fb529d700d4939199bfc7e68d1445dffbbe67a08439798b928b322bef4a53f81e48fd03f3112ca7d9d5fdcf63a404a1bf61bf327611492889df2613bd9e757abb9668e9a736061f6663aaa66db101d3dca73ef1998aaa4b51f2b5f46f7f685a8858c4e572aa8755a78f0cebbd6985b23dd59886167e97c0ad781768de6dbcd36afc03923782b554a39ce070660697f3f5ab21a93320c8498fcf3b801d605614f7829d17b1791596e7de4b46943fd39b57e4bc4d728d99fed404007931403639689ff8dd0a56afe6545273b45c36f041b01b9833f5cdbfd950a5fd853da8e70a5a35dd8bf337555c67e06d5dc820dd1c655157ad093550cd67d75d76b6b990519a3045dfdd88116ab9141cec7088c95ab9b9f25133beebac281ed3765f9c61de45514a0cf8ac1677e9d72f65e81232aa75001d0bec713673744ffc54c6989ec2fe0f94bde4075a58069c6d43576c113e7ab9dd5c5699882ee79dab14883474101fab339b776544e6f5be31abcdf5379bab1f1e1ab5ce6eb2e4370ae5bfa96f2554c6f233e55313d701882fe801b979444039504780601747640bd1c1927a0e9ef67e18650ca86be6eaacc2dbb1ea6391b751bbd4eb43f91a5506184639e70e48f06c93cf701b9f005fcba124c3dbc41ecd5aeefd121a783addbf93f516cfb8920e938d74cf583a8464a6912cddc0214a94f9faf0c0d69bca6e57d91157b0e9c1200de53d9b905c9d9c04d585681467677e12a67b0d46e32b488c3dee0e27c0b8a58d199d296fda3f3aceb0284e48ec1987632f2deb2de86904b9f7a6e7e01b5f4e8c27208da12c54880c173bf5825ac4b1f6e9e477f5ad4401c1703542084b80f4a391dd31e92b22edae843929ce146fcf874cb8d5f1f1d67227ea21f520ed55e4a922122be2754788e1076e89c44a2e8714f968452f7c9db7289cec87773335daa823f87d87807eab0fb23f72934eea453470b1efb7f4bdd8a0a0315b1944ecea7c372e7f7299a1aa62f2d5afbe9a4b1d88f2a94d07db4c7877337f9280af2f1ad0ec267fc86e1bd7bd30fafbaec2ae3d2f3dc09598a1c954a026ae8c33d418cd3111ab6ad66d83a8ba9e6d502b4b41a6dd5b58ca348f30a29d7d07c69f4dcf0776f0b0d1bd2c387ebb419925fe6971d43ec10e6be8492ae43853eed13553464f65ef2365418a4f497217c0c6c4fd81b1a5393055dd6f942be582cef486d4f5f4f6d5c76d895f67581eaee0be0c62043ae6f4c49c1c965440c124e3d58aac59c019944564ec68dbada28cd33427cb635502b40f846255ea968536ce062786493e1cd1de6f9f878239246cf35998b5adeeb704799206b5671b57233a74e6a46e9679d0e717339ee97b0a4b6e2792b5f00b0896edfded257dd9b447b27f1ee4ef1210bcd8fd61dfddd5a75f35380cc4f0696a186d869610d327a87ec2750a4cb92d55944a69007e8c76177bd798f0c58c6a8906fcef64f0c389c000d8545e733bad39accb746a35effb43c241e38bbd1a2af67402cb49f70af812b05869de91770461b39066a56daed0766531aef280e7404955aff9000bf9a722836f70b0851d8f97e2d4c1b27b0c99016bebe25bed52079b71e30d51b5a7f3960dbc077ec5089253831e34765bd023f1ea722cc1a433bdf0477f724c556d94a54873b3508619ef7d2241b0b0b7ddf6aec02b5161eb373f280049d31de48944a95aaefca419aa517f953563be28a3169f914d09895673f6e331a5d9080a1011662b408f14e79a992e1bc2cf7334ae5fe022d176ca4d6c030b78020779fe96057294e7ac6c419e988d6396f40714bce2d9e8f156c4f592ed9d0784015ebd562c1748d6f1dddcaf08a2b7856f88059b267b96b097efa990c49fe2fad34fb7ad662fc354c193bad7eb161cf3cb3965cec7280cac062c8ccea742224828086fc24ef624f164820b4e1951f5c0856784b3b3468fd39abbf12bfaeaf0ad0950e31da91709328a2f2bf5c9f74b42a03a893362353033ba71ef99465462ee077da0400877dfbca87f08f498ad13acc0fd9c9edfab650f38b0d138bf29ad781f2044e2c3797cb5b12556e02e15f06ed232843da8f38918bb5ea9539046443152f91269653a8367d7b5e3178d8a29959142e3b8b29d395f685a783d9c4d3d9f24255dcb3395af29f8fd138c88d4e9e8a18ffc37bb7166ed7f621a30569d06f69caa6f301405145cd8fb328b0bbe851eb89f47396077857068a7cde7b89e8fb4729506df4f6e2e15ce7bdebba18177e05bb32c8d54c665fc61868324420384a38adb0c8c7746eb82b653e5b9243c8c8c48a794e5d9c9cdbde2290e76d7204ee424762b0e74b41ee4310df79e64a6b664183e3fdf616b58ecbd474a55eb3dfa168c98448145138e9a114ce8f4fbf9e5c894742b70b76da88dae2866483eee5c0dadccf644c0621ad5bfbdce61cfa2fd6f2a9a2cdde42f645e119f775e7b9ff8febf88da78d3b6af919780663ba7146478a8aeca355a50adaf287ce9a007d4099ce2e6af785dfb11ecafef7367babe8fee50db035479f4c1008ae33453b5891ebc06851841e116206292990c6bb0ebd36ab4c54e85cfa5531de52e6f286f3c635e26c3b0589f8cb8148450416715d3605f28a74365c0723fa4df1ce8e1c71a837f5a594932ffe9ad1268a2241cb1a69979aa9f97ee6560374146abe5d3572cc08dea06fdc1fd22a0bf9bbed817188fa5bd6d2a1151890b64b5d3db9ebb3e47a08ab3cfeba50f24c01a7f771f366c0831c550f1670ca952c095c79e1a90361e420dd104377966db5f0d10ba77809a33afe2753180aa8a5036b590b1e8c84cbf4f06bf0db8d6f4ee61ef8e3d954155c7e2993849bb3dae04e96a02871aad9009036bf548efd2ac3a0c562f3170824e1b80ca997e858f23c20a499d812733906837ae0e95bec6cdf6a97325e1c36368a5f8f0ef8bc2c1346a2edbc13bec9db1f41d2664c62fb4bf520c2bd3c845fcb398d2f5a00a7c63f6d8eb206ffd8eddb452738585857277fb6f9b37a1f3a971b6b102240e569105a366d72d7582d27bbab89c362319cfabf47abd103d7837f191dc4a792d323f5e398292096668a591b5a8441853740a61bfb8203231b2973f3db527fc3de05d406c752121a0039c613af0abbba15c7edf5294d476e8ad583fccc3aa8bb465e91143349941361f304ea0e818d458a03ff45ea83568c3884f4d6f03236845ffed19424dda1e36d992807f50de6f327dca01503d9ffbb6eb7c15a775d197e021b9a64055c8bb7f967aae71aa292e9690c246f23e98ca076be3f7d58ed861483b73a3f63255bb129d3f3f0261a3b878c9049677e4fcc65c287793b1156cc5d52efc8a046d0235a7bd694dd1bd34b5dc5082d95e08c59b0fe365499c4340c36188daec6bbc6f261ad6465efad46d09aa2798721bc4c869c681ee83678d2250fc729f9e504798a23eada1a72ef53a713ddd8bdeeaf1971759a7cfbb6416086cc097d9cad3fe5c004f1a945e59c035815586125c2a198789c4c51f4d07d469565a384ae33f8ad61a22ce81af6b8d509591b227e634e4f434000f3649dd46a685fe6af2c9ffc25e094361448d94108dd73831a5fc3e02675a96550ffe88b0162e609989735311d26699d17bb333e983a39b179b2082a062d875f61614e2218d9f60163a4d9628f4287bf0342fb62595986f011168915821e4f8a7de9506e5fbdc013406b29b604fff4e76d5079db481620ec401a9c410c331661840b7695287ce3361dfa69c6952631d3716f6b2d4f14f58204fa7e3152f9407de39af04f3c55c946de8ccdd4a9f89a4b31f9f7784b486172b265ff15d726b6b84a9543f01ebdb7bb94081b7d6120714e885840ed79c8df1330ed53a6f36fdf4f88b4b105ce543d8e78cb6c20147fc0c9740d905a30a8d702ae43e5efc9a14935ac0138cb6067ec7d0116069c6ed5a9da6a0ecf2215ef9f908ccb28120f590bbdba18143bc0dcab7957211715f23085d32b749ef346cb78ade79dc082787ba13f2114776de7438098528de541ce298f8a644b6fcfaf5e63fa00b99f6cb90b7b1cb3da433da8dda975d1a53b56c7657bd8b285ee5e4542d59cb3557ef3a5c05eaca8c7d7c6f4c6183c76a41fe8ccb42c7e0c7b16292801e5ef6a8d1e4343359cf002eeb848a353a8acbc445d938d04231461e3c10a7ab3e2699045fb1d910fbb21b47d0b5e44a89b413b52accf3921a29d5d27a1174b6c72bfd939f8a7c7122ea793122c74e9bfe15cb207991a99651d33a5685207d668f6a705aa77a8b6a0d7efa1aa76728f307000fc93586f69fd9c13501ee08c727445c52affb5201de47026d610503fa8d1e90d3d3a0b1de2044aa503afb41783d6351caf29c2bf9e9e8cd7d80be1e598ac7f0d5c2b966df42aa8995a27dd5c77305ea306c5cc24850e2a82ff022fca280f35032690b5b54d5d418f559d1b5c0b1c50c3c5959551dc70dadcd8ab10efb13b5c7e33f8868c2a1f5d7667dbf66ff12e8791ee8ede260654138ddf4a9d2ef32e03599443ff9d95daf490330e4111922a53b9b33559dfb1cc9ea10dc24210b84ac732d4b9fc000d85e728822e4853646584eb5bd7a3a9024f933698d3bcd9942ea290aa32f08dde08e59016fe3f6b99df31e6473038fc13e9d300dea5a78e5dafbfd523d37f11a150fc19d99912b1caf0a33266eba92f8620b5e6b8941eff4a2a2fd9dd467d16508f32f88f16fdd9f877f529fa80d0fe7db143d359b4a5726bc164ade81b59d72f5f57f0d56866129e6fbf1d41421b601f4d50549a82e33dc453ad6fb91d623b0a3ee88491be2435b9c79fc1ce4eb2b50e490afba769d8ec28b695b7e4ecbb979252440641779e57bb39e9440bf48b0f07db5e8e8aef49edb371b6da1fd3d09c4f95de77d93f1a4c7d6718040323a0b8a900e7a87a863bf9ef4b90256efe9c21453da54126ec1097539dd77a8843bda1c06c329fe059f53d197ca20b9f7bb0706d3ebdafa1befce4db7a0e1d1dc88643c36af8f87edf46d2cf428bfe2aa4d3c600470e44e49fa022424019402b2ee110216c72a086e4f7576a6641ee9503bad25138be130e69bb5a5bbcea0903c5ee34387f36c60aab9be789d9d4b72193ab7a538af4f94bbbbc7beb62686a485fc40088074f099b4beae5530e60aba099a1755dbb50b0637b0f65a20a18d86f7e4d802f7a55bea4e1fdcd17a2d4dd0bd95c94c958fe1e9b5b816cb25dd344d1a79c4a262f2a1c02335d27042a37356f92528f29b064a8a6583bb12e0224cdafec0865aa7a28cd89f909324bb27a4ea4b8d8ee05ea904d3585d24706401f65cb04506892200a7dfc47dbd1d2a00c1b731edfe7c12dd29", &(0x7f00000004c0)="9f66b910e908a6d91c6c470cc9cfa4eddf002eed3a2510d561c2eb80b2bf6cfe0e90d230c4f33848485829ee80c0736a0686d0972ee0a272efea6188504dedf385bccef41adb638bccd21f46f46e6cb334f890e5d944c0453bc4d2e1f4dc44a1735c6bbc01bf75a8fcf543"}}, &(0x7f0000000340))
socket$netlink(0x10, 0x3, 0x0)
ioctl$KDGKBMETA(0xffffffffffffffff, 0x4b62, &(0x7f00000000c0))
timer_create(0x5, &(0x7f00000005c0)={0x0, 0x0, 0x4}, &(0x7f0000000600))
clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58)

05:49:20 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 16)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:49:20 executing program 3:
fallocate(0xffffffffffffffff, 0x2, 0x9, 0xffffffffffffffff)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000040)={0x4, 0xc1, 0xb4700000, 0x3ff, 0x73cf})
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
syz_io_uring_setup(0x3a74, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x4000, 0x284}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f00000001c0))
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_WDS_PEER(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x28, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="32fe80f33b27"}]}, 0x28}}, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000140)={0x80000001, 0xc5, 0x6fa7f7bb, 0x1, 0x5})
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000002e00)={0x7, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r3=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r4=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r5=>0x0}], 0x4, "9755154351ac9a"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004d940)={0x8, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}], 0x4, "711addf3f468ee"})
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd, 0x0, 0x0}, 0x80000001)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet6(r1, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000080)='K', 0x1}], 0x1}}], 0x7ffff000, 0x0)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0)

[ 2946.318021] FAULT_INJECTION: forcing a failure.
[ 2946.318021] name failslab, interval 1, probability 0, space 0, times 0
[ 2946.320626] CPU: 1 PID: 39137 Comm: syz-executor.6 Not tainted 5.10.235 #1
[ 2946.322018] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2946.323674] Call Trace:
[ 2946.324213]  dump_stack+0x107/0x167
[ 2946.324926]  should_fail.cold+0x5/0xa
[ 2946.325676]  ? create_object.isra.0+0x3a/0xa20
[ 2946.326565]  should_failslab+0x5/0x20
[ 2946.327304]  kmem_cache_alloc+0x5b/0x310
[ 2946.328124]  create_object.isra.0+0x3a/0xa20
[ 2946.328989]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2946.330000]  kmem_cache_alloc+0x159/0x310
[ 2946.330843]  security_inode_alloc+0x34/0x160
[ 2946.331720]  inode_init_always+0xa4e/0xd10
[ 2946.332566]  ? shmem_destroy_inode+0x70/0x70
[ 2946.333441]  alloc_inode+0x84/0x240
[ 2946.334163]  new_inode+0x23/0x250
[ 2946.334860]  shmem_get_inode+0x15e/0xbc0
[ 2946.335685]  __shmem_file_setup+0xb8/0x320
[ 2946.336536]  ? _copy_from_user+0xfb/0x1b0
[ 2946.337368]  __do_sys_memfd_create+0x275/0x450
[ 2946.338274]  ? memfd_file_seals_ptr+0x170/0x170
[ 2946.339209]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2946.340266]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2946.341295]  do_syscall_64+0x33/0x40
[ 2946.342040]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2946.343063] RIP: 0033:0x7fe01fe92b19
[ 2946.343817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2946.346258] FAULT_INJECTION: forcing a failure.
[ 2946.346258] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 2946.347495] RSP: 002b:00007fe01d407f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 2946.347518] RAX: ffffffffffffffda RBX: 0000000020000180 RCX: 00007fe01fe92b19
[ 2946.347531] RDX: 0000000002801400 RSI: 0000000000000000 RDI: 00007fe01feec0fb
[ 2946.347542] RBP: 0000000000000002 R08: 0000001001000a00 R09: ffffffffffffffff
[ 2946.347553] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000
[ 2946.347565] R13: 00000000200000c0 R14: 0000000002801400 R15: 0000000020000240
[ 2946.360023] CPU: 0 PID: 39140 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 2946.361496] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2946.363261] Call Trace:
[ 2946.363828]  dump_stack+0x107/0x167
[ 2946.364615]  should_fail.cold+0x5/0xa
[ 2946.365430]  __alloc_pages_nodemask+0x182/0x600
[ 2946.366422]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 2946.367689]  ? find_held_lock+0x2c/0x110
[ 2946.368565]  ? __pmd_alloc+0x2db/0x5e0
[ 2946.369391]  ? lock_downgrade+0x6d0/0x6d0
[ 2946.370265]  ? do_raw_spin_lock+0x121/0x260
[ 2946.371181]  alloc_pages_current+0x187/0x280
[ 2946.372129]  pte_alloc_one+0x16/0x1a0
[ 2946.372937]  __pte_alloc+0x1d/0x330
[ 2946.373710]  copy_page_range+0x1b62/0x3810
[ 2946.374602]  ? perf_trace_lock+0xac/0x490
[ 2946.375480]  ? lock_chain_count+0x20/0x20
[ 2946.376414]  ? up_write+0x191/0x550
[ 2946.377185]  ? vm_iomap_memory+0x190/0x190
[ 2946.378083]  ? downgrade_write+0x3a0/0x3a0
[ 2946.378983]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 2946.380133]  ? __vma_link_rb+0x540/0x700
[ 2946.380215] FAULT_INJECTION: forcing a failure.
[ 2946.380215] name failslab, interval 1, probability 0, space 0, times 0
[ 2946.380997]  copy_process+0x759b/0x7800
[ 2946.381057]  ? __cleanup_sighand+0xb0/0xb0
[ 2946.381078]  ? perf_trace_lock+0xac/0x490
[ 2946.381111]  ? perf_trace_lock+0xac/0x490
[ 2946.381142]  kernel_clone+0xe7/0x980
[ 2946.387531]  ? create_io_thread+0xf0/0xf0
[ 2946.388413]  ? lock_downgrade+0x6d0/0x6d0
[ 2946.389283]  ? find_held_lock+0x2c/0x110
[ 2946.390155]  ? ksys_write+0x12d/0x260
[ 2946.390985]  __do_sys_clone+0xc8/0x110
[ 2946.391806]  ? kernel_clone+0x980/0x980
[ 2946.392656]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2946.393634]  ? vfs_write+0x354/0xb10
[ 2946.394452]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2946.395566]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2946.396669]  do_syscall_64+0x33/0x40
[ 2946.397461]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2946.398544] RIP: 0033:0x7f81e84c4b19
[ 2946.399329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2946.403229] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2946.404852] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 2946.406358] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2946.407861] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2946.409372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2946.410883] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
[ 2946.412601] CPU: 1 PID: 39146 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 2946.414000] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2946.415680] Call Trace:
[ 2946.416236]  dump_stack+0x107/0x167
[ 2946.416977]  should_fail.cold+0x5/0xa
[ 2946.417748]  ? kvmalloc_node+0x119/0x170
[ 2946.418572]  should_failslab+0x5/0x20
[ 2946.419333]  __kmalloc_node+0x76/0x420
[ 2946.420151]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2946.421159]  kvmalloc_node+0x119/0x170
[ 2946.421939]  alloc_fdtable+0x13f/0x280
[ 2946.422719]  dup_fd+0x92e/0xf40
[ 2946.423393]  copy_process+0x197e/0x7800
[ 2946.424209]  ? __lock_acquire+0xbb1/0x5b00
[ 2946.425074]  ? __cleanup_sighand+0xb0/0xb0
[ 2946.425920]  ? perf_trace_lock+0xac/0x490
[ 2946.426759]  ? perf_trace_lock+0xac/0x490
[ 2946.427593]  kernel_clone+0xe7/0x980
[ 2946.428350]  ? create_io_thread+0xf0/0xf0
[ 2946.429183]  ? lock_downgrade+0x6d0/0x6d0
[ 2946.430010]  ? find_held_lock+0x2c/0x110
[ 2946.430822]  ? ksys_write+0x12d/0x260
[ 2946.431594]  __do_sys_clone+0xc8/0x110
[ 2946.432373]  ? kernel_clone+0x980/0x980
[ 2946.433161]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2946.434082]  ? vfs_write+0x354/0xb10
[ 2946.434843]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2946.435894]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2946.436930]  do_syscall_64+0x33/0x40
[ 2946.437683]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2946.438698] RIP: 0033:0x7f87f4e1cb19
[ 2946.439441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2946.443100] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2946.444751] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 2946.446236] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2946.447721] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 2946.449222] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2946.450708] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
[ 2946.467024] loop6: detected capacity change from 0 to 41948160
[ 2946.503081] FAT-fs (loop6): Unrecognized mount option "" or missing value
[ 2946.513623] FAULT_INJECTION: forcing a failure.
[ 2946.513623] name failslab, interval 1, probability 0, space 0, times 0
[ 2946.516308] CPU: 0 PID: 39145 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 2946.517806] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2946.519579] Call Trace:
[ 2946.520165]  dump_stack+0x107/0x167
[ 2946.520955]  should_fail.cold+0x5/0xa
[ 2946.521785]  ? create_object.isra.0+0x3a/0xa20
[ 2946.522776]  should_failslab+0x5/0x20
[ 2946.523600]  kmem_cache_alloc+0x5b/0x310
[ 2946.524494]  create_object.isra.0+0x3a/0xa20
[ 2946.525427]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2946.526528]  kmem_cache_alloc+0x159/0x310
[ 2946.527418]  vm_area_dup+0x78/0x290
[ 2946.528229]  ? _cond_resched+0x10/0x30
[ 2946.529048]  ? copy_page_range+0x24e9/0x3810
[ 2946.530021]  ? vm_area_alloc+0x110/0x110
[ 2946.530893]  ? vm_iomap_memory+0x190/0x190
[ 2946.531804]  ? up_write+0x191/0x550
[ 2946.532590]  ? downgrade_write+0x3a0/0x3a0
[ 2946.533485]  ? down_write_killable+0x180/0x180
[ 2946.534461]  ? __vma_link_rb+0x540/0x700
[ 2946.535342]  copy_process+0x291b/0x7800
[ 2946.536230]  ? __cleanup_sighand+0xb0/0xb0
[ 2946.537128]  ? perf_trace_lock+0xac/0x490
[ 2946.538021]  ? perf_trace_lock+0xac/0x490
[ 2946.538910]  kernel_clone+0xe7/0x980
[ 2946.539710]  ? create_io_thread+0xf0/0xf0
[ 2946.540595]  ? lock_downgrade+0x6d0/0x6d0
[ 2946.541472]  ? find_held_lock+0x2c/0x110
[ 2946.542346]  ? ksys_write+0x12d/0x260
[ 2946.543171]  __do_sys_clone+0xc8/0x110
[ 2946.544006]  ? kernel_clone+0x980/0x980
[ 2946.544858]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2946.545841]  ? vfs_write+0x354/0xb10
[ 2946.546666]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2946.547778]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2946.548893]  do_syscall_64+0x33/0x40
[ 2946.549691]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2946.550778] RIP: 0033:0x7fd16660db19
[ 2946.551569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2946.555485] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2946.557110] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 2946.558622] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2946.560144] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 2946.561656] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2946.563171] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
05:49:20 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 42)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

[ 2946.696255] FAULT_INJECTION: forcing a failure.
[ 2946.696255] name failslab, interval 1, probability 0, space 0, times 0
[ 2946.698851] CPU: 1 PID: 39223 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 2946.700312] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2946.702042] Call Trace:
[ 2946.702607]  dump_stack+0x107/0x167
[ 2946.703373]  should_fail.cold+0x5/0xa
[ 2946.704188]  ? ptlock_alloc+0x1d/0x70
[ 2946.704985]  should_failslab+0x5/0x20
[ 2946.705782]  kmem_cache_alloc+0x5b/0x310
[ 2946.706649]  ptlock_alloc+0x1d/0x70
[ 2946.707421]  pte_alloc_one+0x68/0x1a0
[ 2946.708234]  __pte_alloc+0x1d/0x330
[ 2946.708988]  copy_page_range+0x1b62/0x3810
[ 2946.709853]  ? perf_trace_lock+0xac/0x490
[ 2946.710692]  ? lock_chain_count+0x20/0x20
[ 2946.711580]  ? up_write+0x191/0x550
[ 2946.712336]  ? vm_iomap_memory+0x190/0x190
[ 2946.713193]  ? downgrade_write+0x3a0/0x3a0
[ 2946.714061]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 2946.715169]  ? __vma_link_rb+0x540/0x700
[ 2946.716016]  copy_process+0x759b/0x7800
[ 2946.716887]  ? __cleanup_sighand+0xb0/0xb0
[ 2946.717748]  ? perf_trace_lock+0xac/0x490
[ 2946.718599]  ? perf_trace_lock+0xac/0x490
[ 2946.719452]  kernel_clone+0xe7/0x980
[ 2946.720219]  ? create_io_thread+0xf0/0xf0
[ 2946.721059]  ? lock_downgrade+0x6d0/0x6d0
[ 2946.721899]  ? find_held_lock+0x2c/0x110
[ 2946.722737]  ? ksys_write+0x12d/0x260
[ 2946.723537]  __do_sys_clone+0xc8/0x110
[ 2946.724337]  ? kernel_clone+0x980/0x980
[ 2946.725175]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2946.726117]  ? vfs_write+0x354/0xb10
[ 2946.726898]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2946.727972]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2946.729023]  do_syscall_64+0x33/0x40
[ 2946.729784]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2946.730825] RIP: 0033:0x7f81e84c4b19
[ 2946.731580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2946.735332] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2946.736901] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 2946.738349] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2946.739800] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2946.741250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2946.742702] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
05:49:20 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) (fail_nth: 8)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:49:20 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 17)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

[ 2946.828916] FAULT_INJECTION: forcing a failure.
[ 2946.828916] name failslab, interval 1, probability 0, space 0, times 0
[ 2946.831355] CPU: 0 PID: 39264 Comm: syz-executor.6 Not tainted 5.10.235 #1
[ 2946.832779] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2946.834472] Call Trace:
[ 2946.835018]  dump_stack+0x107/0x167
[ 2946.835765]  should_fail.cold+0x5/0xa
[ 2946.836560]  ? __d_alloc+0x2a/0x990
[ 2946.837303]  should_failslab+0x5/0x20
[ 2946.837883] FAULT_INJECTION: forcing a failure.
[ 2946.837883] name failslab, interval 1, probability 0, space 0, times 0
[ 2946.838073]  kmem_cache_alloc+0x5b/0x310
[ 2946.838099]  ? trace_hardirqs_on+0x5b/0x180
[ 2946.842138]  __d_alloc+0x2a/0x990
[ 2946.842854]  d_alloc_pseudo+0x19/0x70
[ 2946.843627]  alloc_file_pseudo+0xce/0x250
[ 2946.844480]  ? alloc_file+0x5a0/0x5a0
[ 2946.845257]  ? shmem_get_inode+0x55c/0xbc0
[ 2946.846123]  __shmem_file_setup+0x144/0x320
[ 2946.847003]  ? _copy_from_user+0xfb/0x1b0
[ 2946.847852]  __do_sys_memfd_create+0x275/0x450
[ 2946.848798]  ? memfd_file_seals_ptr+0x170/0x170
[ 2946.849751]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2946.850827]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2946.851887]  do_syscall_64+0x33/0x40
[ 2946.852660]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2946.853703] RIP: 0033:0x7fe01fe92b19
[ 2946.854457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2946.858207] RSP: 002b:00007fe01d407f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 2946.859765] RAX: ffffffffffffffda RBX: 0000000020000180 RCX: 00007fe01fe92b19
[ 2946.861197] RDX: 0000000002801400 RSI: 0000000000000000 RDI: 00007fe01feec0fb
[ 2946.862636] RBP: 0000000000000002 R08: 0000001001000a00 R09: ffffffffffffffff
[ 2946.864072] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000
[ 2946.865511] R13: 00000000200000c0 R14: 0000000002801400 R15: 0000000020000240
[ 2946.866988] CPU: 1 PID: 39265 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 2946.868480] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2946.870224] Call Trace:
[ 2946.870787]  dump_stack+0x107/0x167
[ 2946.871562]  should_fail.cold+0x5/0xa
[ 2946.872435]  ? create_object.isra.0+0x3a/0xa20
[ 2946.873351]  should_failslab+0x5/0x20
[ 2946.874108]  kmem_cache_alloc+0x5b/0x310
[ 2946.874921]  create_object.isra.0+0x3a/0xa20
[ 2946.875790]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2946.876819]  __kmalloc_node+0x1ae/0x420
[ 2946.877620]  kvmalloc_node+0x119/0x170
[ 2946.878393]  alloc_fdtable+0x13f/0x280
[ 2946.879161]  dup_fd+0x92e/0xf40
[ 2946.879830]  copy_process+0x197e/0x7800
[ 2946.880645]  ? __lock_acquire+0xbb1/0x5b00
[ 2946.881504]  ? __cleanup_sighand+0xb0/0xb0
[ 2946.882343]  ? perf_trace_lock+0xac/0x490
[ 2946.883178]  ? perf_trace_lock+0xac/0x490
[ 2946.884019]  kernel_clone+0xe7/0x980
[ 2946.884781]  ? create_io_thread+0xf0/0xf0
[ 2946.885599]  ? lock_downgrade+0x6d0/0x6d0
[ 2946.886413]  ? find_held_lock+0x2c/0x110
[ 2946.887229]  ? ksys_write+0x12d/0x260
[ 2946.888016]  __do_sys_clone+0xc8/0x110
[ 2946.888795]  ? kernel_clone+0x980/0x980
[ 2946.889597]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2946.890512]  ? vfs_write+0x354/0xb10
[ 2946.891280]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2946.892363]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2946.893387]  do_syscall_64+0x33/0x40
[ 2946.894133]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2946.895148] RIP: 0033:0x7f87f4e1cb19
[ 2946.895902] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2946.899569] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2946.901093] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 2946.902520] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2946.903941] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 2946.905349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2946.906773] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
05:49:21 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 43)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:49:21 executing program 2:
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/94, 0x5e}], 0x1, 0x0)
r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r0, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
syz_io_uring_submit(r0, 0x0, &(0x7f0000000240)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index=0xa, 0x0, 0x0, 0x0, 0x1}, 0x6)
r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, @perf_config_ext, 0x0, 0x0, 0x80000001}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
writev(r2, &(0x7f00000002c0)=[{&(0x7f0000000080)="ee", 0x1}], 0x100000000000037f)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, r3)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sendfile(r1, r3, &(0x7f0000000000)=0xffffffffffffffff, 0x1)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_WDS_PEER(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x28, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="32fe80f33b27"}]}, 0x28}}, 0x0)
writev(r4, &(0x7f0000000280)=[{&(0x7f0000000180)="b9b9704876c08392af70253238ffbdcdcef630730ae503d83479d32fc09cdb2cb615c86b69db84b52af722340eae618a90e5e9a1525e276fa5b9e75ea87046912e5ad1a575f6781a3b32c4e3bddae74a7dd2ab2f222905e927a469776ea441dd5711eb155dc888b92f33ecac083d3a01f280439a9987f8a90ef5c0b9ca218c2eb69790d37752659b2e6468d24fcfbb9b2cb2", 0x92}, {&(0x7f0000000300)="d251598641ff422cfdd61305fcd3cb1c24bd3616d1d404d44ae2ab862674a2fb931fc01796e31cd47d089b4258454aa6109d1aa48d829b37673f6097b2d03fc02b9d325dbd4076c3f786c5e405ab1e4512ea389ed3baad378bf8f7bcf5656c9564f04631d17b7d46547bf039b644e82870", 0x71}], 0x2)
fork()
fallocate(r3, 0x11, 0x7fffffff, 0x20000)
socket$inet6(0xa, 0xa, 0x3ff)

05:49:21 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 61)

05:49:21 executing program 0:
mlockall(0x7)
shmat(0x0, &(0x7f0000800000/0x800000)=nil, 0xc000)
r0 = shmget(0x2, 0x4000, 0x0, &(0x7f000082e000/0x4000)=nil)
shmctl$SHM_UNLOCK(r0, 0xc)

[ 2947.029132] FAULT_INJECTION: forcing a failure.
[ 2947.029132] name failslab, interval 1, probability 0, space 0, times 0
[ 2947.031642] CPU: 1 PID: 39271 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 2947.033038] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2947.034704] Call Trace:
[ 2947.035240]  dump_stack+0x107/0x167
[ 2947.035975]  should_fail.cold+0x5/0xa
[ 2947.036739]  ? vm_area_dup+0x78/0x290
[ 2947.037506]  should_failslab+0x5/0x20
[ 2947.038273]  kmem_cache_alloc+0x5b/0x310
[ 2947.039089]  ? lock_downgrade+0x6d0/0x6d0
[ 2947.039769] FAULT_INJECTION: forcing a failure.
[ 2947.039769] name failslab, interval 1, probability 0, space 0, times 0
[ 2947.039925]  vm_area_dup+0x78/0x290
[ 2947.042749]  ? _cond_resched+0x10/0x30
[ 2947.043533]  ? copy_page_range+0x24e9/0x3810
[ 2947.044458]  ? vm_area_alloc+0x110/0x110
[ 2947.045270]  ? vm_iomap_memory+0x190/0x190
[ 2947.046117]  ? up_write+0x191/0x550
[ 2947.046843]  ? downgrade_write+0x3a0/0x3a0
[ 2947.047680]  ? down_write_killable+0x180/0x180
[ 2947.048651]  ? __vma_link_rb+0x540/0x700
[ 2947.049467]  copy_process+0x291b/0x7800
[ 2947.050299]  ? __cleanup_sighand+0xb0/0xb0
[ 2947.051147]  ? perf_trace_lock+0xac/0x490
[ 2947.051994]  ? perf_trace_lock+0xac/0x490
[ 2947.052833]  kernel_clone+0xe7/0x980
[ 2947.053598]  ? create_io_thread+0xf0/0xf0
[ 2947.054418]  ? lock_downgrade+0x6d0/0x6d0
[ 2947.055250]  ? find_held_lock+0x2c/0x110
[ 2947.056077]  ? ksys_write+0x12d/0x260
[ 2947.056860]  __do_sys_clone+0xc8/0x110
[ 2947.057630]  ? kernel_clone+0x980/0x980
[ 2947.058415]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2947.059346]  ? vfs_write+0x354/0xb10
[ 2947.060120]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2947.061158]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2947.062185]  do_syscall_64+0x33/0x40
[ 2947.062925]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2947.063953] RIP: 0033:0x7fd16660db19
[ 2947.064701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2947.068369] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2947.069888] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 2947.071310] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2947.072742] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 2947.074176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2947.075597] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
[ 2947.077067] CPU: 0 PID: 39269 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 2947.078352] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2947.079822] Call Trace:
[ 2947.080480]  dump_stack+0x107/0x167
[ 2947.081172]  should_fail.cold+0x5/0xa
[ 2947.081851]  ? create_object.isra.0+0x3a/0xa20
[ 2947.082671]  should_failslab+0x5/0x20
[ 2947.083361]  kmem_cache_alloc+0x5b/0x310
[ 2947.084104]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 2947.085189]  create_object.isra.0+0x3a/0xa20
[ 2947.085989]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2947.086920]  kmem_cache_alloc+0x159/0x310
[ 2947.087679]  ptlock_alloc+0x1d/0x70
[ 2947.088360]  pte_alloc_one+0x68/0x1a0
[ 2947.089047]  __pte_alloc+0x1d/0x330
[ 2947.089720]  copy_page_range+0x1b62/0x3810
[ 2947.090494]  ? perf_trace_lock+0xac/0x490
[ 2947.091242]  ? lock_chain_count+0x20/0x20
[ 2947.092044]  ? up_write+0x191/0x550
[ 2947.092711]  ? vm_iomap_memory+0x190/0x190
[ 2947.093476]  ? downgrade_write+0x3a0/0x3a0
[ 2947.094249]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 2947.095231]  ? __vma_link_rb+0x540/0x700
[ 2947.095988]  copy_process+0x759b/0x7800
[ 2947.096721]  ? __cleanup_sighand+0xb0/0xb0
[ 2947.097489]  ? perf_trace_lock+0xac/0x490
[ 2947.098251]  ? perf_trace_lock+0xac/0x490
[ 2947.099002]  kernel_clone+0xe7/0x980
[ 2947.099669]  ? create_io_thread+0xf0/0xf0
[ 2947.100426]  ? lock_downgrade+0x6d0/0x6d0
[ 2947.101163]  ? find_held_lock+0x2c/0x110
[ 2947.101907]  ? ksys_write+0x12d/0x260
[ 2947.102612]  __do_sys_clone+0xc8/0x110
[ 2947.103308]  ? kernel_clone+0x980/0x980
[ 2947.104041]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2947.104860]  ? vfs_write+0x354/0xb10
[ 2947.105548]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2947.106494]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2947.107426]  do_syscall_64+0x33/0x40
[ 2947.108103]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2947.109021] RIP: 0033:0x7f81e84c4b19
[ 2947.109683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2947.112992] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2947.114352] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 2947.115624] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2947.116948] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2947.118217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2947.119495] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
05:49:21 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) (fail_nth: 9)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:49:21 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 62)

05:49:21 executing program 2:
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/94, 0x5e}], 0x1, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)="ee", 0x1}], 0x100000000000037f)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sendfile(r0, r2, &(0x7f0000000000)=0xffffffffffffffff, 0x1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_WDS_PEER(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x28, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="32fe80f33b27"}]}, 0x28}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r3, {0x10001}}, './file0\x00'})
fork()
move_pages(0x0, 0x1, &(0x7f0000000100)=[&(0x7f0000ffa000/0x1000)=nil], 0x0, 0x0, 0x0)
move_pages(0x0, 0x6, &(0x7f0000000200)=[&(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil], 0x0, &(0x7f0000000240)=[0x0, 0x0, 0x0], 0x0)
r6 = signalfd(r1, &(0x7f0000000240)={[0x5]}, 0x8)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x6, 0x1, 0x2, 0x0, 0x0, 0x8, 0x20001, 0xc, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0xfffff6cc, 0x1, @perf_bp={&(0x7f0000000180), 0x5}, 0x40001, 0xfff, 0x6, 0x1, 0xce80, 0x80000000, 0x6e38, 0x0, 0xffff, 0x0, 0x11d1}, 0x0, 0x7, r6, 0x0)
socket$inet6(0xa, 0xa, 0x3ff)

[ 2947.325892] FAULT_INJECTION: forcing a failure.
[ 2947.325892] name failslab, interval 1, probability 0, space 0, times 0
[ 2947.327877] CPU: 0 PID: 39481 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 2947.328986] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2947.330271] Call Trace:
[ 2947.330700]  dump_stack+0x107/0x167
[ 2947.331265]  should_fail.cold+0x5/0xa
[ 2947.331887]  ? create_object.isra.0+0x3a/0xa20
[ 2947.332292] FAULT_INJECTION: forcing a failure.
[ 2947.332292] name failslab, interval 1, probability 0, space 0, times 0
[ 2947.332585]  should_failslab+0x5/0x20
[ 2947.332601]  kmem_cache_alloc+0x5b/0x310
[ 2947.332629]  create_object.isra.0+0x3a/0xa20
[ 2947.336672]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2947.337449]  kmem_cache_alloc+0x159/0x310
[ 2947.338104]  vm_area_dup+0x78/0x290
[ 2947.338682]  ? _cond_resched+0x10/0x30
[ 2947.339268]  ? copy_page_range+0x24e9/0x3810
[ 2947.339986]  ? vm_area_alloc+0x110/0x110
[ 2947.340619]  ? vm_iomap_memory+0x190/0x190
[ 2947.341258]  ? up_write+0x191/0x550
[ 2947.341822]  ? downgrade_write+0x3a0/0x3a0
[ 2947.342466]  ? down_write_killable+0x180/0x180
[ 2947.343167]  ? __vma_link_rb+0x540/0x700
[ 2947.343792]  copy_process+0x291b/0x7800
[ 2947.344435]  ? __cleanup_sighand+0xb0/0xb0
[ 2947.345080]  ? perf_trace_lock+0xac/0x490
[ 2947.345752]  ? perf_trace_lock+0xac/0x490
[ 2947.346373]  kernel_clone+0xe7/0x980
[ 2947.346943]  ? create_io_thread+0xf0/0xf0
[ 2947.347558]  ? lock_downgrade+0x6d0/0x6d0
[ 2947.348177]  ? find_held_lock+0x2c/0x110
[ 2947.348794]  ? ksys_write+0x12d/0x260
[ 2947.349375]  __do_sys_clone+0xc8/0x110
[ 2947.349968]  ? kernel_clone+0x980/0x980
[ 2947.350555]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2947.351235]  ? vfs_write+0x354/0xb10
[ 2947.351826]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2947.352607]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2947.353367]  do_syscall_64+0x33/0x40
[ 2947.353925]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2947.354680] RIP: 0033:0x7fd16660db19
[ 2947.355234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2947.357971] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2947.359124] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 2947.360195] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2947.361241] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 2947.362288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2947.363343] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
[ 2947.364452] CPU: 1 PID: 39483 Comm: syz-executor.6 Not tainted 5.10.235 #1
[ 2947.365841] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2947.367465] Call Trace:
[ 2947.368009]  dump_stack+0x107/0x167
[ 2947.368724]  should_fail.cold+0x5/0xa
[ 2947.369488]  ? create_object.isra.0+0x3a/0xa20
[ 2947.370393]  should_failslab+0x5/0x20
[ 2947.371146]  kmem_cache_alloc+0x5b/0x310
[ 2947.371958]  create_object.isra.0+0x3a/0xa20
[ 2947.372837]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2947.373841]  kmem_cache_alloc+0x159/0x310
[ 2947.374666]  __d_alloc+0x2a/0x990
[ 2947.375359]  d_alloc_pseudo+0x19/0x70
[ 2947.376125]  alloc_file_pseudo+0xce/0x250
[ 2947.376954]  ? alloc_file+0x5a0/0x5a0
[ 2947.377714]  ? shmem_get_inode+0x55c/0xbc0
[ 2947.378561]  __shmem_file_setup+0x144/0x320
[ 2947.379417]  ? _copy_from_user+0xfb/0x1b0
[ 2947.380251]  __do_sys_memfd_create+0x275/0x450
[ 2947.381164]  ? memfd_file_seals_ptr+0x170/0x170
[ 2947.382091]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2947.383123]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2947.384152]  do_syscall_64+0x33/0x40
[ 2947.384899]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2947.385913] RIP: 0033:0x7fe01fe92b19
[ 2947.386644] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2947.390263] RSP: 002b:00007fe01d407f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 2947.391761] RAX: ffffffffffffffda RBX: 0000000020000180 RCX: 00007fe01fe92b19
[ 2947.393176] RDX: 0000000002801400 RSI: 0000000000000000 RDI: 00007fe01feec0fb
[ 2947.394562] RBP: 0000000000000002 R08: 0000001001000a00 R09: ffffffffffffffff
[ 2947.395956] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000
[ 2947.397355] R13: 00000000200000c0 R14: 0000000002801400 R15: 0000000020000240
[ 2947.504883] loop6: detected capacity change from 0 to 41948160
[ 2947.514673] FAT-fs (loop6): Unrecognized mount option "" or missing value
05:49:42 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 18)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:49:42 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 63)

05:49:42 executing program 7:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
close_range(r0, 0xffffffffffffffff, 0x0)
r1 = dup2(r0, r0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0)
r2 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0)
pipe(&(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r4, 0xc018937b, &(0x7f0000000040)=ANY=[@ANYBLOB="010002004b01000018000000", @ANYRES32=<r5=>r2, @ANYRES32, @ANYRES32=0xee01, @ANYBLOB='./file0\x00'])
ioctl$EXT4_IOC_GROUP_EXTEND(r5, 0x40086607, &(0x7f0000000080)=0xc0)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
syz_mount_image$nfs(&(0x7f0000000240), &(0x7f00000002c0)='./file0/../file0\x00', 0x40000000001, 0x7, &(0x7f0000000940)=[{&(0x7f0000000300)="b09456e1cc1abe3be01b5ab628f4f34a9a6cc65a92f9877ae3771e21d09c820335483bdc14c4696a6b7661a1c0cd40bf760bbd9d7976fb11c6db4c32f90d212b2447c78c0bb70e2341b9135a36e3d037b1", 0x51, 0xffffffffffffffff}, {&(0x7f00000003c0)="734392bf111e34ad89833539b8bc9d0c90f5905723c06cb62a77178037bdf869a9e9f9cf93423b1c6c08e00a09fffd1739e62303500b707c15a15ce9cff7d35d67b8f1929ea5dbb86e30efc44374d16ea8b43e80ec4d305a95b6b85adc47c8abfc", 0x61, 0x1}, {&(0x7f0000000440)="ffdd14b2d545b969616d54fa413948ca8c884e05a5e0b29fda45678de5b6ea9b32040cfbe28f87c93cf898c2624a360384a71f96dc79194b8c9cf744da855ca0b5aaf22f51db7f7c1cf4850f245977421e5f993e2c5e97146ac61139caedb63455f06e0ac29e00f522a151c2774de3ac62b0621adbe8f1cfca71952a01bd410dbd0731eb96367acfaef362026b898c9311a95951a302f26d1b3d3c6fb59470b3ce9e99d98277d23940f8e92a64207f20951d9407895b748c482f265db1", 0xbd, 0x5}, {&(0x7f00000006c0)="609bbda7ee281a8d6592be0f93dd130886f017cf421486ae39e164802d03ac8f4ab3cd67708b2fe12a8a5caae3f0bc3bcea25cd891e46174a107d2ea116897945b08ee734b6d4eb21f52530fe66cc87e5552f1246680d6b8ac9bf05fe17c620dbd059df7cdb6067915af78604052fde7cb1d18418744b7e9f4a9f5b436", 0x7d, 0x6b6}, {&(0x7f0000000740)="f9c235fc20b77ac3bb3b491edd83fa3f548e6991f8fa4c1b215a1cb2fd0faaecf4273c8144b56f17c478f3ab0544c6d7218a2c84127a6c97413aed63e3b4b1212cfd17d0790610b55b931fb210f94a3dc7f765f59c349e35a56a70740d9ec9788ee832786372a6756726d4eb00000092d34ce4fdb9c34c6d50106ec37b3cca3f39f0646c54e9da48a4d715326a21b6fab12dc7f65de2bd285c5d9630ec9c23a1471d0ae3ad8de4b59c", 0xa9}, {&(0x7f0000000800)="06e3a50a5991ef47401fe8c47a1e181afb137f872ca67c36b5594c94bd281bc597bb852690f0cfc211573888bf7d1ed0b82ad9523180ae1c80b248d35607b039bdd5da9a2e74c8c5a0d0ddf1fccfa4cc5c391b4afe20965cf042d7ee22b56b4441a12e5284a256893881aff7d3361e12c65596d08805f5cae0a3c39213b3522cf3aacff7f136540d0e3732aca014eab317e966", 0x93, 0x800000000}, {&(0x7f00000008c0)="7e75059c63d775735289098a9ccbcd7c6de9c360e06a1e3b86c10e683060fbef832dad602f72b8c9668118bdebd03ee1e8a246ff7c36ac2a4f6e90d1c8eb131d63f3acf6f786b4589d053ee1256c", 0x4e, 0x3ff}], 0x1, &(0x7f0000000680)=ANY=[@ANYRES16=r6])
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000200), 0x200)
dup3(r7, r6, 0x80000)
ioctl$F2FS_IOC_GET_FEATURES(r5, 0x8004f50c, &(0x7f0000000100))
move_mount(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', r4, &(0x7f00000005c0)='./file0\x00', 0x50)
close_range(r6, 0xffffffffffffffff, 0x0)
ioctl$HIDIOCINITREPORT(0xffffffffffffffff, 0x550c, 0x20000000)
recvmmsg(0xffffffffffffffff, &(0x7f0000007940)=[{{0x0, 0x200000, 0x0}}], 0x500, 0x20000022, 0x0)
move_mount(r5, &(0x7f0000000600)='./file1\x00', 0xffffffffffffffff, &(0x7f0000000640)='./file0\x00', 0x20)
fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000140)=0x7c0283a40842d60c)
mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x8, &(0x7f0000000500)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB="2c7766646e21fa965117f383e642a92b297a946f3d", @ANYRESHEX=r4, @ANYBLOB=',\x00'])

05:49:42 executing program 0:
mlockall(0x7)
mlockall(0x3)
r0 = shmget$private(0x0, 0x1000, 0x1c10, &(0x7f0000ffd000/0x1000)=nil)
shmat(r0, &(0x7f0000800000/0x800000)=nil, 0xc000)
shmat(r0, &(0x7f0000fac000/0x2000)=nil, 0x7000)
mlockall(0x1)
mlockall(0x2)
mlockall(0x4)
shmat(0x0, &(0x7f0000fad000/0x1000)=nil, 0xc000)
shmat(0x0, &(0x7f0000fac000/0x4000)=nil, 0x6000)

05:49:42 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) (fail_nth: 10)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:49:42 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 44)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:49:42 executing program 2:
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/94, 0x5e}], 0x1, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)="ee", 0x1}], 0x100000000000037f)
sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x14, 0x0, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sendfile(r0, r2, &(0x7f0000000000)=0xffffffffffffffff, 0x1)
fork()

05:49:42 executing program 3:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4ea0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
r1 = socket$packet(0x11, 0x3, 0x300)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_POLL_ADD={0x6, 0x5, 0x0, @fd_index=0x5, 0x0, 0x0, 0x0, {0x169}}, 0x6)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000080)={0x0, 0x1000}, 0x4)
ptrace$getregset(0x4204, 0x0, 0x6, &(0x7f0000000240)={&(0x7f00000001c0)=""/91, 0x5b})
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r2, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000001c00)=ANY=[@ANYBLOB="01000000010000003800000058710500000000000000f1daea2d97174edeaa140050a29df69cf380b74041e1756411d5a1c1a9314b4fa1227ee345b532ec7d16e263a48ef41a0ae8a0f2ea28c5bdf4680d86223ad45e31cbdccbe375baede4fd001bad5c85a31b008370feb9ac00281fbe2f6e826bc76580ee9a24c9b668603eb07ea471ec05e9b331ec048bcb56655fa3daba21b2e05552373e29afdca6d66f8215cdd09eafc38cdce51017769c5119c61f2203368c7ccd952abbba131435e2325af57ebc223eb25a385cdb1ba3e86b601ce878da43e56d6eac0ed753a4c215f1d8d3e7e63d7716605fdd6a17fd0fb7b64444515c019f04925d7ff61d59246418df318b0eea863460c1c84a79cfadb637097eba87f58e7674e9", @ANYRESDEC, @ANYRES64])
ioctl$TUNGETDEVNETNS(0xffffffffffffffff, 0x54e3, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000000ac0)={0x9, [], 0x0, "46dacd8396fe92"})
readv(0xffffffffffffffff, &(0x7f0000000800)=[{&(0x7f0000000480)=""/164, 0xa4}, {&(0x7f0000000580)=""/160, 0xa0}, {&(0x7f0000000280)=""/9, 0x9}, {&(0x7f00000002c0)=""/8, 0x8}, {&(0x7f0000000680)=""/217, 0xd9}, {&(0x7f0000001e00)=""/4096, 0x1000}, {&(0x7f0000000780)=""/125, 0x7d}], 0x7)
sendmsg$inet6(r2, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x2)
r3 = socket$inet(0xa, 0x3, 0xff)
setsockopt$IP_VS_SO_SET_DELDEST(r3, 0x0, 0x488, &(0x7f0000000940)={{0x73, @broadcast, 0x4e24, 0x2, 'wrr\x00', 0x8, 0x2, 0x63}, {@multicast1, 0x4e21, 0x2, 0x2, 0x1}}, 0x44)
sendto(r3, &(0x7f0000000000)="d4f8dfaa394996add3afd1da13fac83014b8e5c45afa1a1f3ed44d2f6eaf6b5f9203bf69ab683862", 0x28, 0x3f00, &(0x7f0000000140)=@nl=@unspec={0x0, 0xff00, 0x0, 0xf5ffffff}, 0x80)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x49, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmmsg$inet6(r0, &(0x7f0000004d00), 0x0, 0x20000111)

[ 2968.059277] FAULT_INJECTION: forcing a failure.
[ 2968.059277] name failslab, interval 1, probability 0, space 0, times 0
[ 2968.061891] CPU: 0 PID: 39606 Comm: syz-executor.6 Not tainted 5.10.235 #1
[ 2968.063354] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2968.065118] Call Trace:
[ 2968.065680]  dump_stack+0x107/0x167
[ 2968.066458]  should_fail.cold+0x5/0xa
[ 2968.067302]  ? __alloc_file+0x21/0x320
[ 2968.068217]  should_failslab+0x5/0x20
[ 2968.069029]  kmem_cache_alloc+0x5b/0x310
[ 2968.069897]  __alloc_file+0x21/0x320
[ 2968.070697]  alloc_empty_file+0x6d/0x170
[ 2968.071591]  alloc_file+0x5e/0x5a0
[ 2968.072443]  alloc_file_pseudo+0x16a/0x250
[ 2968.073350]  ? alloc_file+0x5a0/0x5a0
[ 2968.074158]  ? shmem_get_inode+0x55c/0xbc0
[ 2968.075113]  __shmem_file_setup+0x144/0x320
[ 2968.076100]  ? _copy_from_user+0xfb/0x1b0
[ 2968.077024]  __do_sys_memfd_create+0x275/0x450
[ 2968.077993]  ? memfd_file_seals_ptr+0x170/0x170
[ 2968.079027]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2968.080226]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2968.081317]  do_syscall_64+0x33/0x40
[ 2968.082157]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2968.083314] RIP: 0033:0x7fe01fe92b19
[ 2968.084113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2968.088176] RSP: 002b:00007fe01d407f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 2968.089834] RAX: ffffffffffffffda RBX: 0000000020000180 RCX: 00007fe01fe92b19
[ 2968.091217] FAULT_INJECTION: forcing a failure.
[ 2968.091217] name failslab, interval 1, probability 0, space 0, times 0
[ 2968.091444] RDX: 0000000002801400 RSI: 0000000000000000 RDI: 00007fe01feec0fb
[ 2968.091458] RBP: 0000000000000002 R08: 0000001001000a00 R09: ffffffffffffffff
[ 2968.091470] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000
[ 2968.091482] R13: 00000000200000c0 R14: 0000000002801400 R15: 0000000020000240
[ 2968.100756] CPU: 1 PID: 39607 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 2968.102261] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2968.104080] Call Trace:
[ 2968.104656]  dump_stack+0x107/0x167
[ 2968.105424]  should_fail.cold+0x5/0xa
[ 2968.106275]  ? copy_fs_struct+0x45/0x340
[ 2968.107213]  should_failslab+0x5/0x20
[ 2968.108013]  kmem_cache_alloc+0x5b/0x310
[ 2968.108882]  copy_fs_struct+0x45/0x340
[ 2968.109706]  copy_process+0x3435/0x7800
[ 2968.110594]  ? __lock_acquire+0xbb1/0x5b00
[ 2968.111573]  ? __cleanup_sighand+0xb0/0xb0
[ 2968.112478]  ? perf_trace_lock+0xac/0x490
[ 2968.113394]  ? perf_trace_lock+0xac/0x490
[ 2968.114304]  kernel_clone+0xe7/0x980
[ 2968.115097]  ? create_io_thread+0xf0/0xf0
[ 2968.116009]  ? lock_downgrade+0x6d0/0x6d0
[ 2968.116921]  ? find_held_lock+0x2c/0x110
[ 2968.117824]  ? ksys_write+0x12d/0x260
[ 2968.118642]  __do_sys_clone+0xc8/0x110
[ 2968.119505]  ? kernel_clone+0x980/0x980
[ 2968.120424]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2968.121409]  ? vfs_write+0x354/0xb10
[ 2968.122213]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2968.123435]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2968.124539]  do_syscall_64+0x33/0x40
[ 2968.125326]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2968.126514] RIP: 0033:0x7f87f4e1cb19
[ 2968.127297] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2968.131450] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2968.133262] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 2968.134809] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2968.136360] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 2968.137916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2968.139464] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
[ 2968.146591] FAULT_INJECTION: forcing a failure.
[ 2968.146591] name failslab, interval 1, probability 0, space 0, times 0
[ 2968.150287] CPU: 1 PID: 39609 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 2968.151807] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2968.153621] Call Trace:
[ 2968.154196]  dump_stack+0x107/0x167
[ 2968.154994]  should_fail.cold+0x5/0xa
[ 2968.155816]  ? vm_area_dup+0x78/0x290
[ 2968.156654]  should_failslab+0x5/0x20
[ 2968.157495]  kmem_cache_alloc+0x5b/0x310
[ 2968.158430]  ? lock_downgrade+0x6d0/0x6d0
[ 2968.159458]  vm_area_dup+0x78/0x290
[ 2968.160312]  ? _cond_resched+0x10/0x30
[ 2968.161164]  ? copy_page_range+0x24e9/0x3810
[ 2968.162169]  ? vm_area_alloc+0x110/0x110
[ 2968.163099]  ? vm_iomap_memory+0x190/0x190
[ 2968.164048]  ? up_write+0x191/0x550
[ 2968.164871]  ? downgrade_write+0x3a0/0x3a0
[ 2968.165778]  ? down_write_killable+0x180/0x180
[ 2968.166763]  ? __vma_link_rb+0x540/0x700
[ 2968.167703]  copy_process+0x291b/0x7800
[ 2968.168668]  ? __cleanup_sighand+0xb0/0xb0
[ 2968.169583]  ? perf_trace_lock+0xac/0x490
[ 2968.170491]  ? perf_trace_lock+0xac/0x490
[ 2968.171397]  kernel_clone+0xe7/0x980
[ 2968.172255]  ? create_io_thread+0xf0/0xf0
[ 2968.173203]  ? lock_downgrade+0x6d0/0x6d0
[ 2968.174093]  ? find_held_lock+0x2c/0x110
[ 2968.175011]  ? ksys_write+0x12d/0x260
[ 2968.175872]  __do_sys_clone+0xc8/0x110
[ 2968.176727]  ? kernel_clone+0x980/0x980
[ 2968.177584]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2968.178586]  ? vfs_write+0x354/0xb10
[ 2968.179411]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2968.180559]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2968.181717]  do_syscall_64+0x33/0x40
[ 2968.182529]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2968.183645] RIP: 0033:0x7fd16660db19
[ 2968.184460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2968.188607] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2968.190260] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 2968.191808] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2968.193376] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 2968.194926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2968.196494] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
[ 2968.205822] FAULT_INJECTION: forcing a failure.
[ 2968.205822] name failslab, interval 1, probability 0, space 0, times 0
[ 2968.208605] CPU: 1 PID: 39611 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 2968.210146] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2968.212189] Call Trace:
[ 2968.212863]  dump_stack+0x107/0x167
[ 2968.213756]  should_fail.cold+0x5/0xa
[ 2968.214620]  ? vm_area_dup+0x78/0x290
[ 2968.215280] loop7: detected capacity change from 0 to 135266304
[ 2968.215426]  should_failslab+0x5/0x20
[ 2968.215448]  kmem_cache_alloc+0x5b/0x310
[ 2968.215469]  ? lock_downgrade+0x6d0/0x6d0
[ 2968.215493]  vm_area_dup+0x78/0x290
[ 2968.215536]  ? _cond_resched+0x10/0x30
[ 2968.221003]  ? copy_page_range+0x24e9/0x3810
[ 2968.221961]  ? vm_area_alloc+0x110/0x110
[ 2968.222827]  ? up_write+0x191/0x550
[ 2968.223590]  ? vm_iomap_memory+0x190/0x190
[ 2968.224494]  ? downgrade_write+0x3a0/0x3a0
[ 2968.225384]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 2968.226529]  ? __vma_link_rb+0x540/0x700
[ 2968.227379]  copy_process+0x291b/0x7800
[ 2968.228266]  ? __cleanup_sighand+0xb0/0xb0
[ 2968.229146]  ? trace_hardirqs_on+0x5b/0x180
[ 2968.230058]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2968.231210]  kernel_clone+0xe7/0x980
[ 2968.231997]  ? lock_downgrade+0x6d0/0x6d0
[ 2968.232878]  ? enqueue_hrtimer+0x177/0x2e0
[ 2968.233770]  ? create_io_thread+0xf0/0xf0
[ 2968.234649]  ? recalibrate_cpu_khz+0x10/0x10
[ 2968.235582]  ? ktime_get+0x158/0x1f0
[ 2968.236384]  __do_sys_clone+0xc8/0x110
[ 2968.237197]  ? kernel_clone+0x980/0x980
[ 2968.238032]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2968.239140]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2968.240306]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2968.241392]  do_syscall_64+0x33/0x40
[ 2968.242178]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2968.243256] RIP: 0033:0x7f81e84c4b19
[ 2968.244041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2968.247972] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2968.249584] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 2968.251084] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2968.252680] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2968.254167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2968.255666] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
05:49:42 executing program 3:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f00000000c0), 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3876, &(0x7f0000003480)={0x0, 0x0, 0x0, 0x0, 0x4}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
fadvise64(0xffffffffffffffff, 0x1f, 0xfffffffffffffffc, 0x4)
ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r3, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, 0x0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x10, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001)
listen(r3, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000240)='./file1\x00', 0x0, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0)
r5 = syz_io_uring_setup(0x2204, &(0x7f00000002c0), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r6=>0x0, &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000240)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd, 0x0, 0x0, 0xa2c0792771366ceb}, 0x0)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x11}}, 0x10)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/fib_triestat\x00')
syz_io_uring_submit(r8, r7, &(0x7f0000000100)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x5, 0x0, 0x4b98, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0x408001)

05:49:42 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 64)

05:49:42 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 45)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:49:42 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 19)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:49:42 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) (fail_nth: 11)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:49:42 executing program 7:
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = fork()
move_pages(r1, 0x1, &(0x7f0000000100)=[&(0x7f0000ffa000/0x1000)=nil], 0x0, 0x0, 0x0)
r2 = signalfd4(r0, &(0x7f00000003c0)={[0x4]}, 0x8, 0x80000)
clone3(&(0x7f0000000400)={0x142000000, &(0x7f0000000200), &(0x7f0000000240), &(0x7f0000000280), {0x19}, &(0x7f00000002c0)=""/31, 0x1f, &(0x7f0000000300)=""/109, &(0x7f0000000380)=[r1], 0x1, {r2}}, 0x58)
r3 = perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$int_in(r3, 0x5452, &(0x7f0000000000)=0x8001)
close_range(r3, 0xffffffffffffffff, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000180)=<r4=>0x0)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
perf_event_open(&(0x7f0000000100)={0x4, 0x80, 0x1f, 0xd1, 0x80, 0x4, 0x0, 0x2e, 0x10800, 0x4, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, @perf_bp={&(0x7f00000000c0), 0x8}, 0x1a80, 0x200, 0x1, 0x6, 0x1000, 0x1, 0x7, 0x0, 0x19d19bf7, 0x0, 0x1}, r4, 0xffffffffffffffff, r5, 0x2)

[ 2968.589680] FAULT_INJECTION: forcing a failure.
[ 2968.589680] name failslab, interval 1, probability 0, space 0, times 0
[ 2968.592198] CPU: 1 PID: 39833 Comm: syz-executor.6 Not tainted 5.10.235 #1
[ 2968.593664] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2968.595445] Call Trace:
[ 2968.596017]  dump_stack+0x107/0x167
[ 2968.596817]  should_fail.cold+0x5/0xa
[ 2968.597639]  ? create_object.isra.0+0x3a/0xa20
[ 2968.598621]  should_failslab+0x5/0x20
[ 2968.599430]  kmem_cache_alloc+0x5b/0x310
[ 2968.600320]  create_object.isra.0+0x3a/0xa20
[ 2968.601258]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2968.602354]  kmem_cache_alloc+0x159/0x310
[ 2968.603240]  __alloc_file+0x21/0x320
[ 2968.604041]  alloc_empty_file+0x6d/0x170
[ 2968.604935]  alloc_file+0x5e/0x5a0
[ 2968.605708]  alloc_file_pseudo+0x16a/0x250
[ 2968.606616]  ? alloc_file+0x5a0/0x5a0
[ 2968.607429]  ? shmem_get_inode+0x55c/0xbc0
[ 2968.608339]  __shmem_file_setup+0x144/0x320
[ 2968.609270]  ? _copy_from_user+0xfb/0x1b0
[ 2968.609719] FAULT_INJECTION: forcing a failure.
[ 2968.609719] name failslab, interval 1, probability 0, space 0, times 0
[ 2968.610169]  __do_sys_memfd_create+0x275/0x450
[ 2968.610199]  ? memfd_file_seals_ptr+0x170/0x170
[ 2968.614709]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2968.615844]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2968.617076]  do_syscall_64+0x33/0x40
[ 2968.617988]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2968.619228] RIP: 0033:0x7fe01fe92b19
[ 2968.620168] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2968.624255] RSP: 002b:00007fe01d407f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 2968.625974] RAX: ffffffffffffffda RBX: 0000000020000180 RCX: 00007fe01fe92b19
[ 2968.627652] RDX: 0000000002801400 RSI: 0000000000000000 RDI: 00007fe01feec0fb
[ 2968.629265] RBP: 0000000000000002 R08: 0000001001000a00 R09: ffffffffffffffff
[ 2968.630796] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000
[ 2968.632281] R13: 00000000200000c0 R14: 0000000002801400 R15: 0000000020000240
[ 2968.633799] CPU: 0 PID: 39826 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 2968.635679] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2968.637919] Call Trace:
[ 2968.638605] FAULT_INJECTION: forcing a failure.
[ 2968.638605] name failslab, interval 1, probability 0, space 0, times 0
[ 2968.641571]  dump_stack+0x107/0x167
[ 2968.642482]  should_fail.cold+0x5/0xa
[ 2968.643424]  ? create_object.isra.0+0x3a/0xa20
[ 2968.644575]  should_failslab+0x5/0x20
[ 2968.645509]  kmem_cache_alloc+0x5b/0x310
[ 2968.646515]  create_object.isra.0+0x3a/0xa20
[ 2968.647591]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2968.648862]  kmem_cache_alloc+0x159/0x310
[ 2968.649888]  vm_area_dup+0x78/0x290
[ 2968.650803]  ? _cond_resched+0x10/0x30
[ 2968.651762]  ? copy_page_range+0x24e9/0x3810
[ 2968.652909]  ? vm_area_alloc+0x110/0x110
[ 2968.653903]  ? vm_iomap_memory+0x190/0x190
[ 2968.654948]  ? up_write+0x191/0x550
[ 2968.655832]  ? downgrade_write+0x3a0/0x3a0
[ 2968.656880]  ? down_write_killable+0x180/0x180
[ 2968.657985]  ? __vma_link_rb+0x540/0x700
[ 2968.658995]  copy_process+0x291b/0x7800
[ 2968.660027]  ? __cleanup_sighand+0xb0/0xb0
[ 2968.661080]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2968.662409]  ? trace_hardirqs_on+0x5b/0x180
[ 2968.663505]  kernel_clone+0xe7/0x980
[ 2968.664450]  ? create_io_thread+0xf0/0xf0
[ 2968.665468]  ? lock_downgrade+0x6d0/0x6d0
[ 2968.666488]  ? find_held_lock+0x2c/0x110
[ 2968.667734]  ? ksys_write+0x12d/0x260
[ 2968.668944]  __do_sys_clone+0xc8/0x110
[ 2968.670114]  ? kernel_clone+0x980/0x980
[ 2968.671310]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2968.672891]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2968.674543]  ? __do_sys_vfork+0xd0/0xd0
[ 2968.675761]  do_syscall_64+0x33/0x40
[ 2968.676894]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2968.678421] RIP: 0033:0x7fd16660db19
[ 2968.679544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2968.685028] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2968.687296] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 2968.689412] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2968.691510] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 2968.693548] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2968.695648] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
[ 2968.697818] CPU: 1 PID: 39827 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 2968.699342] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2968.701152] Call Trace:
[ 2968.701750]  dump_stack+0x107/0x167
[ 2968.702521]  should_fail.cold+0x5/0xa
[ 2968.703400]  ? create_object.isra.0+0x3a/0xa20
[ 2968.704384]  should_failslab+0x5/0x20
[ 2968.705240]  kmem_cache_alloc+0x5b/0x310
[ 2968.706155]  create_object.isra.0+0x3a/0xa20
[ 2968.707078]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2968.708223]  kmem_cache_alloc+0x159/0x310
[ 2968.709204]  vm_area_dup+0x78/0x290
[ 2968.709994]  ? _cond_resched+0x10/0x30
[ 2968.710885]  ? copy_page_range+0x24e9/0x3810
[ 2968.711943]  ? vm_area_alloc+0x110/0x110
[ 2968.712851]  ? up_write+0x191/0x550
[ 2968.713646]  ? vm_iomap_memory+0x190/0x190
[ 2968.714631]  ? downgrade_write+0x3a0/0x3a0
[ 2968.715574]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 2968.716737]  ? __vma_link_rb+0x540/0x700
[ 2968.717668]  copy_process+0x291b/0x7800
[ 2968.718543]  ? __cleanup_sighand+0xb0/0xb0
[ 2968.719709]  ? perf_trace_lock+0xac/0x490
[ 2968.720967]  ? perf_trace_lock+0xac/0x490
[ 2968.722258]  kernel_clone+0xe7/0x980
[ 2968.723230]  ? create_io_thread+0xf0/0xf0
[ 2968.724249] FAULT_INJECTION: forcing a failure.
[ 2968.724249] name failslab, interval 1, probability 0, space 0, times 0
[ 2968.724439]  ? lock_downgrade+0x6d0/0x6d0
[ 2968.724465]  ? find_held_lock+0x2c/0x110
[ 2968.724509]  ? ksys_write+0x12d/0x260
[ 2968.724567]  __do_sys_clone+0xc8/0x110
[ 2968.724594]  ? kernel_clone+0x980/0x980
[ 2968.724631]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2968.734180]  ? vfs_write+0x354/0xb10
[ 2968.735140]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2968.736488]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2968.737672]  do_syscall_64+0x33/0x40
[ 2968.738475]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2968.739712] RIP: 0033:0x7f81e84c4b19
[ 2968.740696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2968.745482] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2968.747483] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 2968.749323] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2968.751081] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2968.752942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2968.754779] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
[ 2968.756599] CPU: 0 PID: 39831 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 2968.758338] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2968.760140] Call Trace:
[ 2968.760736]  dump_stack+0x107/0x167
[ 2968.761519]  should_fail.cold+0x5/0xa
[ 2968.762464]  ? create_object.isra.0+0x3a/0xa20
[ 2968.763626]  should_failslab+0x5/0x20
[ 2968.764514]  kmem_cache_alloc+0x5b/0x310
[ 2968.765495]  create_object.isra.0+0x3a/0xa20
[ 2968.766565]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2968.767802]  kmem_cache_alloc+0x159/0x310
[ 2968.768740]  copy_fs_struct+0x45/0x340
[ 2968.769600]  copy_process+0x3435/0x7800
[ 2968.770481]  ? __lock_acquire+0xbb1/0x5b00
[ 2968.771439]  ? __cleanup_sighand+0xb0/0xb0
[ 2968.772391]  ? perf_trace_lock+0xac/0x490
[ 2968.773316]  ? perf_trace_lock+0xac/0x490
[ 2968.774240]  kernel_clone+0xe7/0x980
[ 2968.775061]  ? create_io_thread+0xf0/0xf0
[ 2968.775970]  ? lock_downgrade+0x6d0/0x6d0
[ 2968.776954]  ? find_held_lock+0x2c/0x110
[ 2968.777895]  ? ksys_write+0x12d/0x260
[ 2968.778847]  __do_sys_clone+0xc8/0x110
[ 2968.779720]  ? kernel_clone+0x980/0x980
[ 2968.780712]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2968.781861]  ? vfs_write+0x354/0xb10
[ 2968.782745]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2968.783970]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2968.785273]  do_syscall_64+0x33/0x40
[ 2968.786203]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2968.787339] RIP: 0033:0x7f87f4e1cb19
[ 2968.788197] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2968.792282] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2968.793967] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 2968.795683] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2968.797263] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 2968.798822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2968.800398] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
[ 2968.818985] loop6: detected capacity change from 0 to 41948160
05:50:01 executing program 0:
mlockall(0x7)
shmat(0xffffffffffffffff, &(0x7f0000fd0000/0x4000)=nil, 0x2000)
r0 = shmget$private(0x0, 0x3000, 0x400, &(0x7f0000c26000/0x3000)=nil)
shmctl$SHM_INFO(r0, 0xe, &(0x7f0000000000)=""/42)
shmget$private(0x0, 0x3000, 0x20, &(0x7f0000fce000/0x3000)=nil)
r1 = shmget$private(0x0, 0x4000, 0x2, &(0x7f0000c26000/0x4000)=nil)
shmat(r1, &(0x7f0000c27000/0x4000)=nil, 0x1000)
shmat(r0, &(0x7f0000c24000/0x4000)=nil, 0xe000)
mlockall(0x0)
shmat(r0, &(0x7f0000fd1000/0x1000)=nil, 0x1000)
msync(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x5)

05:50:01 executing program 3:
mlockall(0x7)
mlockall(0x3)
r0 = shmget$private(0x0, 0x1000, 0x1c10, &(0x7f0000ffd000/0x1000)=nil)
shmat(r0, &(0x7f0000800000/0x800000)=nil, 0xc000)
shmat(r0, &(0x7f0000fac000/0x2000)=nil, 0x7000)
mlockall(0x1)
mlockall(0x2)
mlockall(0x4)
shmat(0x0, &(0x7f0000fad000/0x1000)=nil, 0xc000)
shmat(0x0, &(0x7f0000fac000/0x4000)=nil, 0x6000)

05:50:01 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 46)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:50:01 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 65)

05:50:01 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) (fail_nth: 12)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:50:01 executing program 2:
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001ec0), 0x4f, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket(0x21, 0x3, 0x40000)
recvmmsg(r0, &(0x7f00000016c0)=[{{&(0x7f0000000080)=@phonet, 0x80, &(0x7f0000000180)=[{&(0x7f0000000500)=""/4096, 0x1000}, {&(0x7f0000000100)=""/25, 0x19}], 0x2}, 0xfffffbff}, {{0x0, 0x0, &(0x7f0000001540)=[{&(0x7f00000001c0)=""/121, 0x79}, {&(0x7f0000000240)=""/235, 0xeb}, {&(0x7f0000000340)=""/24, 0x18}, {&(0x7f0000000380)=""/181, 0xb5}, {&(0x7f0000000440)=""/55, 0x37}, {&(0x7f0000001500)=""/32, 0x20}], 0x6, &(0x7f00000015c0)=""/229, 0xe5}}], 0x2, 0x0, &(0x7f0000001740))
openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sendfile(r0, r1, &(0x7f0000000000)=0xffffffffffffffff, 0x22000000001)
fork()
socket$inet6(0xa, 0xa, 0x3ff)

[ 2987.647883] FAULT_INJECTION: forcing a failure.
[ 2987.647883] name failslab, interval 1, probability 0, space 0, times 0
05:50:01 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 20)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

[ 2987.649587] CPU: 0 PID: 39955 Comm: syz-executor.6 Not tainted 5.10.235 #1
[ 2987.650608] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2987.651567] Call Trace:
[ 2987.651886]  dump_stack+0x107/0x167
[ 2987.652313]  should_fail.cold+0x5/0xa
[ 2987.652769]  ? security_file_alloc+0x34/0x170
[ 2987.653290]  should_failslab+0x5/0x20
[ 2987.653733]  kmem_cache_alloc+0x5b/0x310
[ 2987.654209]  security_file_alloc+0x34/0x170
[ 2987.654709]  __alloc_file+0xb7/0x320
[ 2987.655138]  alloc_empty_file+0x6d/0x170
[ 2987.655610]  alloc_file+0x5e/0x5a0
[ 2987.656022]  alloc_file_pseudo+0x16a/0x250
[ 2987.656524]  ? alloc_file+0x5a0/0x5a0
[ 2987.656975]  ? shmem_get_inode+0x55c/0xbc0
[ 2987.657474]  __shmem_file_setup+0x144/0x320
[ 2987.657972]  ? _copy_from_user+0xfb/0x1b0
[ 2987.658454]  __do_sys_memfd_create+0x275/0x450
[ 2987.658976]  ? memfd_file_seals_ptr+0x170/0x170
[ 2987.659518]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2987.660120]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2987.660762]  do_syscall_64+0x33/0x40
[ 2987.661195]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2987.661790] RIP: 0033:0x7fe01fe92b19
[ 2987.662214] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2987.664325] RSP: 002b:00007fe01d407f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 2987.665205] RAX: ffffffffffffffda RBX: 0000000020000180 RCX: 00007fe01fe92b19
[ 2987.666020] RDX: 0000000002801400 RSI: 0000000000000000 RDI: 00007fe01feec0fb
[ 2987.666835] RBP: 0000000000000002 R08: 0000001001000a00 R09: ffffffffffffffff
[ 2987.667655] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000
[ 2987.668488] R13: 00000000200000c0 R14: 0000000002801400 R15: 0000000020000240
05:50:01 executing program 7:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000300)=ANY=[])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000800)=ANY=[])
r1 = socket$netlink(0x10, 0x3, 0x0)
fallocate(r0, 0x1d, 0x401, 0x101)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f0000000240)=ANY=[@ANYBLOB="95b50000018fd33a76f1d2328800000018000000", @ANYRES32=<r2=>r0, @ANYBLOB="04a500006ccf5e00a30878ffff75db00808ebf8b85b5363cdf1595a0bee6cc6ec57b594af05d2bcaace304ab11b2f0de03bff4371a9012ef1c32b4b5c6366f172a140b3c90f6de5877ef5a6a3a26844c4bc8c82413041c010b22156a4c9a107723a5f2df0884ac7b2d8cf48af5dc01fc3d1d08a58cc865e3f2f712e1a4eabdc0986bd04ce4c590d9de030b3ca0239c52c979afa3e6e8c80f01000eba254f7d13aa0b68306d66d92477fe946e898db0c105dcd840f7493fb18419e1650c6d85855bcfce0de24d33a1d7f7f769c67b254395fd42942563aec8d52a2bd57bb267654ecbe0fbe41db350f6383fde95aa836c082a51ccb60581aca97e4acdba1cd9676899e37f061f3ad91a73563477e4999defd27e115ba69c303869706e98ccebdba8235cdc4daef5c33e68b8906dd656a1949a840467f08d36d8eadfb1866ffad06f334357055c222adb3c83e99054bf01bce552591d65a7920993e7d2b3d0"])
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x200000, 0x0)
openat(r3, &(0x7f0000000400)='./file1\x00', 0x0, 0x114)
faccessat(r1, &(0x7f0000000000)='./file1\x00', 0xb0)
r4 = socket$unix(0x1, 0x5, 0x0)
dup(r4)
read(r2, &(0x7f00000006c0)=""/135, 0x87)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x8001, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8008, 0x3, 0x0, 0x0, 0x7, 0x0, 0x90, 0x0, 0x81, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
preadv(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x4)
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x46800)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0)

[ 2987.683739] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 2987.702750] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2987.703811] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2987.704797] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 2987.708735] FAULT_INJECTION: forcing a failure.
[ 2987.708735] name failslab, interval 1, probability 0, space 0, times 0
[ 2987.710215] CPU: 0 PID: 39965 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 2987.711001] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2987.711947] Call Trace:
[ 2987.712287]  dump_stack+0x107/0x167
[ 2987.712807]  should_fail.cold+0x5/0xa
[ 2987.713327]  ? vm_area_dup+0x78/0x290
[ 2987.713849]  should_failslab+0x5/0x20
[ 2987.714416]  kmem_cache_alloc+0x5b/0x310
[ 2987.714968]  vm_area_dup+0x78/0x290
[ 2987.715444]  ? avc_has_perm_noaudit+0x1c9/0x3e0
[ 2987.716048]  ? lock_downgrade+0x6d0/0x6d0
[ 2987.716589]  ? _cond_resched+0x10/0x30
[ 2987.717098]  ? copy_page_range+0x24e9/0x3810
[ 2987.717660]  ? avc_has_perm_noaudit+0x1f7/0x3e0
[ 2987.718243]  ? avc_has_extended_perms+0xf40/0xf40
[ 2987.718864]  ? vm_area_alloc+0x110/0x110
[ 2987.719393]  ? selinux_vm_enough_memory+0x114/0x180
[ 2987.720049]  ? selinux_sb_statfs+0x250/0x250
[ 2987.720640]  ? up_write+0x191/0x550
[ 2987.721107]  ? percpu_counter_add_batch+0x8b/0x140
[ 2987.721752]  ? __vm_enough_memory+0x184/0x360
[ 2987.722363]  ? security_vm_enough_memory_mm+0x8b/0xc0
[ 2987.723079]  copy_process+0x291b/0x7800
[ 2987.723675]  ? __cleanup_sighand+0xb0/0xb0
[ 2987.724282]  ? perf_trace_lock+0xac/0x490
[ 2987.724875]  ? perf_trace_lock+0xac/0x490
[ 2987.725470]  kernel_clone+0xe7/0x980
[ 2987.726003]  ? create_io_thread+0xf0/0xf0
[ 2987.726578]  ? lock_downgrade+0x6d0/0x6d0
[ 2987.727183]  ? find_held_lock+0x2c/0x110
[ 2987.727800]  ? ksys_write+0x12d/0x260
[ 2987.728265]  __do_sys_clone+0xc8/0x110
[ 2987.728823]  ? kernel_clone+0x980/0x980
[ 2987.729336]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2987.729987]  ? vfs_write+0x354/0xb10
[ 2987.730501]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2987.731239]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2987.731923]  do_syscall_64+0x33/0x40
[ 2987.732460]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2987.733168] RIP: 0033:0x7f81e84c4b19
[ 2987.733678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2987.734885] FAULT_INJECTION: forcing a failure.
[ 2987.734885] name failslab, interval 1, probability 0, space 0, times 0
[ 2987.736218] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2987.736238] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 2987.736247] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2987.736256] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2987.736264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2987.736273] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
[ 2987.751177] CPU: 1 PID: 39961 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 2987.752570] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2987.754239] Call Trace:
[ 2987.754778]  dump_stack+0x107/0x167
[ 2987.755516]  should_fail.cold+0x5/0xa
[ 2987.756281]  ? vm_area_dup+0x78/0x290
[ 2987.757079]  should_failslab+0x5/0x20
[ 2987.757847]  kmem_cache_alloc+0x5b/0x310
[ 2987.758657]  ? lock_downgrade+0x6d0/0x6d0
[ 2987.759483]  vm_area_dup+0x78/0x290
[ 2987.760231]  ? _cond_resched+0x10/0x30
[ 2987.761025]  ? copy_page_range+0x24e9/0x3810
[ 2987.761966]  ? vm_area_alloc+0x110/0x110
[ 2987.762787]  ? vm_iomap_memory+0x190/0x190
[ 2987.763632]  ? up_write+0x191/0x550
[ 2987.764396]  ? downgrade_write+0x3a0/0x3a0
[ 2987.765250]  ? down_write_killable+0x180/0x180
[ 2987.766182]  ? __vma_link_rb+0x540/0x700
[ 2987.767005]  copy_process+0x291b/0x7800
[ 2987.767837]  ? __cleanup_sighand+0xb0/0xb0
[ 2987.768710]  ? perf_trace_lock+0xac/0x490
[ 2987.769572]  ? perf_trace_lock+0xac/0x490
[ 2987.770428]  kernel_clone+0xe7/0x980
[ 2987.771173]  ? create_io_thread+0xf0/0xf0
[ 2987.772009]  ? lock_downgrade+0x6d0/0x6d0
[ 2987.772861]  ? find_held_lock+0x2c/0x110
[ 2987.773703]  ? ksys_write+0x12d/0x260
[ 2987.774499]  __do_sys_clone+0xc8/0x110
[ 2987.775304]  ? kernel_clone+0x980/0x980
[ 2987.776104]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2987.777056]  ? vfs_write+0x354/0xb10
[ 2987.777822]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2987.778885]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2987.779937]  do_syscall_64+0x33/0x40
[ 2987.780703]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2987.781748] RIP: 0033:0x7fd16660db19
[ 2987.782497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2987.786186] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2987.787738] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 2987.789202] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2987.790630] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 2987.792067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2987.793516] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
[ 2987.810269] FAULT_INJECTION: forcing a failure.
[ 2987.810269] name failslab, interval 1, probability 0, space 0, times 0
[ 2987.812808] CPU: 1 PID: 39966 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 2987.814212] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2987.815863] Call Trace:
[ 2987.816420]  dump_stack+0x107/0x167
[ 2987.817169]  should_fail.cold+0x5/0xa
[ 2987.817934]  ? copy_process+0x1add/0x7800
[ 2987.818773]  should_failslab+0x5/0x20
[ 2987.819544]  kmem_cache_alloc+0x5b/0x310
[ 2987.820369]  ? _raw_spin_unlock+0x1a/0x30
[ 2987.821197]  copy_process+0x1add/0x7800
[ 2987.821994]  ? __lock_acquire+0xbb1/0x5b00
[ 2987.822871]  ? __cleanup_sighand+0xb0/0xb0
[ 2987.823713]  ? perf_trace_lock+0xac/0x490
[ 2987.824579]  ? perf_trace_lock+0xac/0x490
[ 2987.825414]  kernel_clone+0xe7/0x980
[ 2987.826155]  ? create_io_thread+0xf0/0xf0
[ 2987.826996]  ? lock_downgrade+0x6d0/0x6d0
[ 2987.827828]  ? find_held_lock+0x2c/0x110
[ 2987.828682]  ? ksys_write+0x12d/0x260
[ 2987.829475]  __do_sys_clone+0xc8/0x110
[ 2987.830255]  ? kernel_clone+0x980/0x980
[ 2987.831054]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2987.832005]  ? vfs_write+0x354/0xb10
[ 2987.832800]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2987.833858]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2987.834893]  do_syscall_64+0x33/0x40
[ 2987.835648]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2987.836687] RIP: 0033:0x7f87f4e1cb19
[ 2987.837433] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2987.841119] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2987.842765] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 2987.844430] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2987.846029] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
05:50:01 executing program 7:
perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00')
pread64(r0, &(0x7f0000001100)=""/4095, 0xae3, 0x6800)
r1 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r2=>0x0, &(0x7f00000000c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
syz_io_uring_submit(r4, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
r5 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x28a00, 0x0)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r4, 0x0, &(0x7f0000000300)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r5, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@tipc, 0x80, &(0x7f0000000040)=[{&(0x7f0000000200)=""/172, 0xac}], 0x1, &(0x7f0000000180)=""/16, 0x10}, 0x0, 0x5ef124e99e001681, 0x0, {0x2, r6}}, 0xc1)
r7 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000340), 0x50000, 0x0)
connect$inet6(r7, &(0x7f0000000380)={0xa, 0x4e21, 0x6, @private2={0xfc, 0x2, '\x00', 0x1}, 0xffffffcd}, 0x1c)
syz_open_dev$mouse(&(0x7f00000001c0), 0x523d, 0x0)
open$dir(&(0x7f00000000c0)='./file1\x00', 0xb2040, 0x4)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)

[ 2987.847686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2987.849262] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
05:50:02 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) (fail_nth: 13)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:50:02 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 47)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:50:02 executing program 2:
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/94, 0x5e}], 0x1, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)="ee", 0x1}], 0x100000000000037f)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
fcntl$getownex(r2, 0x10, &(0x7f00000000c0)={0x0, <r3=>0x0})
process_vm_readv(r3, &(0x7f0000000240)=[{&(0x7f0000000180)=""/140, 0x8c}, {&(0x7f0000000100)}, {&(0x7f0000000300)=""/208, 0xd0}], 0x3, &(0x7f0000000840)=[{&(0x7f0000000400)=""/67, 0x43}, {&(0x7f0000000500)=""/128, 0x80}, {&(0x7f0000000280)=""/17, 0x11}, {&(0x7f0000000580)}, {&(0x7f00000005c0)}, {&(0x7f0000000600)=""/204, 0xcc}, {&(0x7f0000000700)=""/73, 0x49}, {&(0x7f0000000780)=""/165, 0xa5}], 0x8, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r2)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sendfile(r0, r2, &(0x7f0000000000)=0xffffffffffffffff, 0x1)
fork()
socket$inet6(0xa, 0xa, 0x3ff)

[ 2987.969339] FAULT_INJECTION: forcing a failure.
[ 2987.969339] name failslab, interval 1, probability 0, space 0, times 0
[ 2987.971235] CPU: 0 PID: 40175 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 2987.972034] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2987.973032] Call Trace:
[ 2987.973344]  dump_stack+0x107/0x167
[ 2987.973763]  should_fail.cold+0x5/0xa
[ 2987.974199]  ? create_object.isra.0+0x3a/0xa20
[ 2987.974730]  should_failslab+0x5/0x20
[ 2987.975163]  kmem_cache_alloc+0x5b/0x310
[ 2987.975630]  create_object.isra.0+0x3a/0xa20
[ 2987.976141]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2987.976759]  kmem_cache_alloc+0x159/0x310
[ 2987.977253]  vm_area_dup+0x78/0x290
[ 2987.977693]  ? avc_has_perm_noaudit+0x1c9/0x3e0
[ 2987.978247]  ? lock_downgrade+0x6d0/0x6d0
[ 2987.978741]  ? _cond_resched+0x10/0x30
[ 2987.979197]  ? copy_page_range+0x24e9/0x3810
[ 2987.979733]  ? avc_has_perm_noaudit+0x1f7/0x3e0
[ 2987.980287]  ? avc_has_extended_perms+0xf40/0xf40
[ 2987.980875]  ? vm_area_alloc+0x110/0x110
[ 2987.981373]  ? selinux_vm_enough_memory+0x114/0x180
[ 2987.981975]  ? selinux_sb_statfs+0x250/0x250
[ 2987.982515]  ? up_write+0x191/0x550
[ 2987.982963]  ? percpu_counter_add_batch+0x8b/0x140
[ 2987.983541]  ? __vm_enough_memory+0x184/0x360
[ 2987.984068]  ? security_vm_enough_memory_mm+0x8b/0xc0
[ 2987.984674]  copy_process+0x291b/0x7800
[ 2987.985152]  ? __cleanup_sighand+0xb0/0xb0
[ 2987.985650]  ? perf_trace_lock+0xac/0x490
[ 2987.986139]  ? perf_trace_lock+0xac/0x490
[ 2987.986622]  kernel_clone+0xe7/0x980
[ 2987.987055]  ? create_io_thread+0xf0/0xf0
[ 2987.987542]  ? lock_downgrade+0x6d0/0x6d0
[ 2987.988015]  ? find_held_lock+0x2c/0x110
[ 2987.988506]  ? ksys_write+0x12d/0x260
[ 2987.988959]  __do_sys_clone+0xc8/0x110
[ 2987.989411]  ? kernel_clone+0x980/0x980
[ 2987.989880]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2987.990414]  ? vfs_write+0x354/0xb10
[ 2987.990854]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2987.991462]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2987.992072]  do_syscall_64+0x33/0x40
[ 2987.992525]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2987.993121] RIP: 0033:0x7f81e84c4b19
[ 2987.993572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2987.995710] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2987.996604] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 2987.997431] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2987.998250] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2987.999071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2987.999903] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
[ 2988.002694] FAULT_INJECTION: forcing a failure.
[ 2988.002694] name failslab, interval 1, probability 0, space 0, times 0
[ 2988.004238] CPU: 0 PID: 40178 Comm: syz-executor.6 Not tainted 5.10.235 #1
[ 2988.005071] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2988.006047] Call Trace:
[ 2988.006357]  dump_stack+0x107/0x167
[ 2988.006799]  should_fail.cold+0x5/0xa
[ 2988.007259]  ? create_object.isra.0+0x3a/0xa20
[ 2988.007803]  should_failslab+0x5/0x20
[ 2988.008250]  kmem_cache_alloc+0x5b/0x310
[ 2988.008734]  ? percpu_ref_put_many.constprop.0+0x4e/0x110
[ 2988.009367]  create_object.isra.0+0x3a/0xa20
[ 2988.009872]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2988.010469]  kmem_cache_alloc+0x159/0x310
[ 2988.010946]  security_file_alloc+0x34/0x170
[ 2988.011448]  __alloc_file+0xb7/0x320
[ 2988.011879]  alloc_empty_file+0x6d/0x170
[ 2988.012369]  alloc_file+0x5e/0x5a0
[ 2988.012779]  alloc_file_pseudo+0x16a/0x250
[ 2988.013273]  ? alloc_file+0x5a0/0x5a0
[ 2988.013715]  ? shmem_get_inode+0x55c/0xbc0
[ 2988.014206]  __shmem_file_setup+0x144/0x320
[ 2988.014711]  ? _copy_from_user+0xfb/0x1b0
[ 2988.015192]  __do_sys_memfd_create+0x275/0x450
[ 2988.015728]  ? memfd_file_seals_ptr+0x170/0x170
[ 2988.016278]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2988.016894]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2988.017489]  do_syscall_64+0x33/0x40
[ 2988.017926]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2988.018526] RIP: 0033:0x7fe01fe92b19
[ 2988.018952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2988.021099] RSP: 002b:00007fe01d407f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f
[ 2988.021984] RAX: ffffffffffffffda RBX: 0000000020000180 RCX: 00007fe01fe92b19
[ 2988.022810] RDX: 0000000002801400 RSI: 0000000000000000 RDI: 00007fe01feec0fb
[ 2988.023627] RBP: 0000000000000002 R08: 0000001001000a00 R09: ffffffffffffffff
[ 2988.024453] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000008100000
[ 2988.025279] R13: 00000000200000c0 R14: 0000000002801400 R15: 0000000020000240
05:50:02 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 21)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:50:02 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 66)

[ 2988.161968] FAULT_INJECTION: forcing a failure.
[ 2988.161968] name failslab, interval 1, probability 0, space 0, times 0
[ 2988.163447] CPU: 0 PID: 40296 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 2988.164234] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2988.165191] Call Trace:
[ 2988.165496]  dump_stack+0x107/0x167
[ 2988.165909]  should_fail.cold+0x5/0xa
[ 2988.166347]  ? create_object.isra.0+0x3a/0xa20
[ 2988.166869]  should_failslab+0x5/0x20
[ 2988.167304]  kmem_cache_alloc+0x5b/0x310
[ 2988.167784]  create_object.isra.0+0x3a/0xa20
[ 2988.168307]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2988.168898]  kmem_cache_alloc+0x159/0x310
[ 2988.169378]  copy_process+0x1add/0x7800
[ 2988.169838]  ? __lock_acquire+0xbb1/0x5b00
[ 2988.170335]  ? __cleanup_sighand+0xb0/0xb0
[ 2988.170821]  ? perf_trace_lock+0xac/0x490
[ 2988.171302]  ? perf_trace_lock+0xac/0x490
[ 2988.171785]  kernel_clone+0xe7/0x980
[ 2988.172211]  ? create_io_thread+0xf0/0xf0
[ 2988.172700]  ? lock_downgrade+0x6d0/0x6d0
[ 2988.173174]  ? find_held_lock+0x2c/0x110
[ 2988.173650]  ? ksys_write+0x12d/0x260
[ 2988.174097]  __do_sys_clone+0xc8/0x110
[ 2988.174546]  ? kernel_clone+0x980/0x980
[ 2988.175004]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2988.175538]  ? vfs_write+0x354/0xb10
[ 2988.175981]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2988.176600]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2988.177194]  do_syscall_64+0x33/0x40
[ 2988.177628]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2988.178230] RIP: 0033:0x7f87f4e1cb19
[ 2988.178661] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2988.180778] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2988.181655] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 2988.182482] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2988.183300] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 2988.184114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2988.184941] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
[ 2988.219601] loop6: detected capacity change from 0 to 41948160
[ 2988.247642] FAT-fs (loop6): Unrecognized mount option "" or missing value
[ 2988.264686] FAULT_INJECTION: forcing a failure.
[ 2988.264686] name failslab, interval 1, probability 0, space 0, times 0
[ 2988.266206] CPU: 0 PID: 40361 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 2988.267017] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2988.267987] Call Trace:
[ 2988.268299]  dump_stack+0x107/0x167
[ 2988.268740]  should_fail.cold+0x5/0xa
[ 2988.269202]  ? ptlock_alloc+0x1d/0x70
[ 2988.269651]  should_failslab+0x5/0x20
[ 2988.270102]  kmem_cache_alloc+0x5b/0x310
[ 2988.270575]  ptlock_alloc+0x1d/0x70
[ 2988.271001]  pte_alloc_one+0x68/0x1a0
[ 2988.271436]  __pte_alloc+0x1d/0x330
[ 2988.272036]  copy_page_range+0x1b62/0x3810
[ 2988.272561]  ? vm_iomap_memory+0x190/0x190
[ 2988.273050]  ? up_write+0x191/0x550
[ 2988.273471]  ? downgrade_write+0x3a0/0x3a0
[ 2988.273956]  ? down_write_killable+0x180/0x180
[ 2988.274480]  ? __vma_link_rb+0x540/0x700
[ 2988.274961]  copy_process+0x759b/0x7800
[ 2988.275436]  ? __cleanup_sighand+0xb0/0xb0
[ 2988.276177]  ? perf_trace_lock+0xac/0x490
[ 2988.276682]  ? perf_trace_lock+0xac/0x490
[ 2988.277167]  kernel_clone+0xe7/0x980
[ 2988.277596]  ? create_io_thread+0xf0/0xf0
[ 2988.278067]  ? lock_downgrade+0x6d0/0x6d0
[ 2988.278541]  ? find_held_lock+0x2c/0x110
[ 2988.279012]  ? ksys_write+0x12d/0x260
[ 2988.279459]  __do_sys_clone+0xc8/0x110
[ 2988.279908]  ? kernel_clone+0x980/0x980
[ 2988.280374]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2988.280907]  ? vfs_write+0x354/0xb10
[ 2988.281348]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2988.281956]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2988.282552]  do_syscall_64+0x33/0x40
[ 2988.282982]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2988.283576] RIP: 0033:0x7fd16660db19
[ 2988.284006] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2988.286185] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2988.287087] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 2988.287932] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 2988.288784] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 2988.289628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2988.290470] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
05:50:21 executing program 3:
mlockall(0x7)
mlockall(0x3)
r0 = shmget$private(0x0, 0x1000, 0x1c10, &(0x7f0000ffd000/0x1000)=nil)
shmat(r0, &(0x7f0000800000/0x800000)=nil, 0xc000)
shmat(r0, &(0x7f0000fac000/0x2000)=nil, 0x7000)
mlockall(0x1)
mlockall(0x2)
mlockall(0x4)
shmat(0x0, &(0x7f0000fad000/0x1000)=nil, 0xc000)
shmat(0x0, &(0x7f0000fac000/0x4000)=nil, 0x6000)

05:50:21 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 48)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:50:21 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 22)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:50:21 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) (fail_nth: 14)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:50:21 executing program 0:
mlockall(0x7)
r0 = shmget$private(0x0, 0x4000, 0x78000000, &(0x7f0000d47000/0x4000)=nil)
shmat(r0, &(0x7f0000800000/0x800000)=nil, 0xc000)
shmat(r0, &(0x7f00008b4000/0x14000)=nil, 0xb000)
shmctl$SHM_UNLOCK(r0, 0xc)

05:50:21 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r2 = inotify_init1(0x0)
inotify_add_watch(r2, &(0x7f0000000040)='.\x00', 0x2000003)
syz_io_uring_setup(0x3a75, 0x0, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
inotify_add_watch(r3, &(0x7f0000000080)='./file1\x00', 0x0)
sendfile(r0, r1, 0x0, 0x100000001)

05:50:21 executing program 2:
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/94, 0x5e}], 0x1, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1000005, 0x13, 0xffffffffffffffff, 0x8000000)
r2 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000340)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x1, 0x0, 0x44, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x1000)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r5, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @mcast2}, 0x80, &(0x7f0000000840)=[{&(0x7f0000000300)}, {0x0}, {0x0}], 0x3}, 0x0, 0x0, 0x0, {0x0, r6}}, 0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f00000000c0)=@IORING_OP_WRITE_FIXED={0x5, 0x5, 0x2004, @fd_index=0xa, 0x7, 0x100000000, 0x5, 0x2, 0x0, {0x1, r6}}, 0x3)
r7 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
writev(r7, &(0x7f00000002c0)=[{&(0x7f0000000080)="ee", 0x1}], 0x100000000000037f)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendfile(r0, r8, &(0x7f0000000000)=0xffffffffffffffff, 0x1)
fork()
socket$inet6(0xa, 0xa, 0x3ff)

05:50:21 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 67)

[ 3007.222174] FAULT_INJECTION: forcing a failure.
[ 3007.222174] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3007.225340] CPU: 1 PID: 40413 Comm: syz-executor.6 Not tainted 5.10.235 #1
[ 3007.226847] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3007.228676] Call Trace:
[ 3007.229252]  dump_stack+0x107/0x167
[ 3007.230041]  should_fail.cold+0x5/0xa
[ 3007.230880]  __alloc_pages_nodemask+0x182/0x600
[ 3007.231898]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 3007.233211]  ? lock_downgrade+0x6d0/0x6d0
[ 3007.234109]  ? lock_acquire+0x197/0x470
[ 3007.234990]  alloc_pages_vma+0xbb/0x410
[ 3007.235859]  shmem_alloc_page+0x10f/0x1e0
[ 3007.236762]  ? shmem_init_inode+0x20/0x20
[ 3007.237703]  ? percpu_counter_add_batch+0x8b/0x140
[ 3007.238792]  ? __vm_enough_memory+0x184/0x360
[ 3007.239794]  shmem_getpage_gfp.constprop.0+0x512/0x1920
[ 3007.240991]  ? shmem_unuse_inode+0xf60/0xf60
[ 3007.241968]  ? ktime_get_coarse_real_ts64+0x15a/0x190
[ 3007.243115]  ? iov_iter_fault_in_readable+0x9a/0x410
[ 3007.244233]  shmem_write_begin+0xf7/0x1d0
[ 3007.245168]  generic_perform_write+0x20a/0x4f0
[ 3007.246179]  ? page_cache_prev_miss+0x310/0x310
[ 3007.247212]  ? evict_inodes+0x470/0x470
[ 3007.248077]  ? generic_write_checks+0x2ad/0x390
[ 3007.249127]  __generic_file_write_iter+0x39d/0x5d0
[ 3007.250207]  generic_file_write_iter+0xdb/0x230
[ 3007.251236]  ? iov_iter_init+0x3c/0x130
[ 3007.251361] FAULT_INJECTION: forcing a failure.
[ 3007.251361] name failslab, interval 1, probability 0, space 0, times 0
[ 3007.252099]  new_sync_write+0x42c/0x660
[ 3007.252148]  ? new_sync_read+0x6f0/0x6f0
[ 3007.252176]  ? __x64_sys_pwrite64+0x201/0x260
[ 3007.252204]  ? lock_release+0x680/0x680
[ 3007.258264]  ? selinux_file_permission+0x92/0x520
[ 3007.259379]  ? security_file_permission+0xb1/0xe0
[ 3007.260443]  vfs_write+0x7c0/0xb10
[ 3007.261238]  __x64_sys_pwrite64+0x201/0x260
[ 3007.262187]  ? ksys_pwrite64+0x1b0/0x1b0
[ 3007.263079]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3007.264226]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3007.265378]  do_syscall_64+0x33/0x40
[ 3007.266201]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3007.267320] RIP: 0033:0x7fe01fe45ab7
[ 3007.268137] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b
[ 3007.272172] RSP: 002b:00007fe01d407f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
[ 3007.273851] RAX: ffffffffffffffda RBX: 00007fe01fedc970 RCX: 00007fe01fe45ab7
[ 3007.275405] RDX: 0000000000000017 RSI: 0000000020000140 RDI: 0000000000000005
[ 3007.276986] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff
[ 3007.278544] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000005
[ 3007.280096] R13: 0000000000000005 R14: 0000000020000180 R15: 0000000000000000
[ 3007.281712] CPU: 0 PID: 40405 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 3007.283250] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3007.285077] Call Trace:
[ 3007.285658]  dump_stack+0x107/0x167
[ 3007.286461]  should_fail.cold+0x5/0xa
[ 3007.287292]  ? vm_area_dup+0x78/0x290
[ 3007.288135]  should_failslab+0x5/0x20
[ 3007.288972]  kmem_cache_alloc+0x5b/0x310
[ 3007.289870]  vm_area_dup+0x78/0x290
[ 3007.290676]  ? avc_has_perm_noaudit+0x1c9/0x3e0
[ 3007.291690]  ? lock_downgrade+0x6d0/0x6d0
[ 3007.292610]  ? _cond_resched+0x10/0x30
[ 3007.293455]  ? copy_page_range+0x24e9/0x3810
[ 3007.294434]  ? avc_has_perm_noaudit+0x1f7/0x3e0
[ 3007.295445]  ? avc_has_extended_perms+0xf40/0xf40
[ 3007.296510]  ? vm_area_alloc+0x110/0x110
[ 3007.297415]  ? selinux_vm_enough_memory+0x114/0x180
[ 3007.298498]  ? selinux_sb_statfs+0x250/0x250
[ 3007.299448]  ? up_write+0x191/0x550
[ 3007.300250]  ? percpu_counter_add_batch+0x8b/0x140
[ 3007.301337]  ? __vm_enough_memory+0x184/0x360
[ 3007.302312]  ? security_vm_enough_memory_mm+0x8b/0xc0
[ 3007.303430]  copy_process+0x291b/0x7800
[ 3007.304333]  ? __cleanup_sighand+0xb0/0xb0
[ 3007.305267]  ? perf_trace_lock+0xac/0x490
[ 3007.306176]  ? perf_trace_lock+0xac/0x490
[ 3007.307089]  kernel_clone+0xe7/0x980
[ 3007.307906]  ? create_io_thread+0xf0/0xf0
[ 3007.308807]  ? lock_downgrade+0x6d0/0x6d0
[ 3007.309705]  ? find_held_lock+0x2c/0x110
[ 3007.310605]  ? ksys_write+0x12d/0x260
[ 3007.310790] FAULT_INJECTION: forcing a failure.
[ 3007.310790] name failslab, interval 1, probability 0, space 0, times 0
[ 3007.311442]  __do_sys_clone+0xc8/0x110
[ 3007.311462]  ? kernel_clone+0x980/0x980
[ 3007.311484]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3007.311502]  ? vfs_write+0x354/0xb10
[ 3007.311543]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3007.311573]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3007.319695]  do_syscall_64+0x33/0x40
[ 3007.320507]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3007.321638] RIP: 0033:0x7f81e84c4b19
[ 3007.322448] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3007.326491] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3007.328147] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 3007.329705] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3007.331255] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 3007.332815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3007.334368] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
[ 3007.335961] CPU: 1 PID: 40406 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 3007.337501] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3007.339316] Call Trace:
[ 3007.339895]  dump_stack+0x107/0x167
[ 3007.340713]  should_fail.cold+0x5/0xa
[ 3007.341553]  ? copy_process+0x1c5b/0x7800
[ 3007.342464]  should_failslab+0x5/0x20
[ 3007.343310]  kmem_cache_alloc+0x5b/0x310
[ 3007.344086] FAULT_INJECTION: forcing a failure.
[ 3007.344086] name failslab, interval 1, probability 0, space 0, times 0
[ 3007.344212]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3007.347719]  copy_process+0x1c5b/0x7800
[ 3007.348623]  ? __lock_acquire+0xbb1/0x5b00
[ 3007.349580]  ? __cleanup_sighand+0xb0/0xb0
[ 3007.350523]  ? perf_trace_lock+0xac/0x490
[ 3007.351436]  ? perf_trace_lock+0xac/0x490
[ 3007.352357]  kernel_clone+0xe7/0x980
[ 3007.353201]  ? create_io_thread+0xf0/0xf0
[ 3007.354100]  ? lock_downgrade+0x6d0/0x6d0
[ 3007.355004]  ? find_held_lock+0x2c/0x110
[ 3007.355901]  ? ksys_write+0x12d/0x260
[ 3007.356761]  __do_sys_clone+0xc8/0x110
[ 3007.357606]  ? kernel_clone+0x980/0x980
[ 3007.358476]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3007.359480]  ? vfs_write+0x354/0xb10
[ 3007.360315]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3007.361478]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3007.362613]  do_syscall_64+0x33/0x40
[ 3007.363434]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3007.364563] RIP: 0033:0x7f87f4e1cb19
[ 3007.365387] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3007.369440] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3007.371109] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 3007.372685] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3007.374250] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 3007.375815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3007.377391] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
[ 3007.378978] CPU: 0 PID: 40412 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 3007.380486] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3007.382287] Call Trace:
[ 3007.382851]  dump_stack+0x107/0x167
[ 3007.383632]  should_fail.cold+0x5/0xa
[ 3007.384469]  ? create_object.isra.0+0x3a/0xa20
[ 3007.385460]  should_failslab+0x5/0x20
[ 3007.386276]  kmem_cache_alloc+0x5b/0x310
[ 3007.387152]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 3007.388437]  create_object.isra.0+0x3a/0xa20
[ 3007.389388]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3007.390482]  kmem_cache_alloc+0x159/0x310
[ 3007.391378]  ptlock_alloc+0x1d/0x70
[ 3007.392156]  pte_alloc_one+0x68/0x1a0
[ 3007.392985]  __pte_alloc+0x1d/0x330
[ 3007.393773]  copy_page_range+0x1b62/0x3810
[ 3007.394732]  ? vm_iomap_memory+0x190/0x190
[ 3007.395636]  ? up_write+0x191/0x550
[ 3007.396422]  ? downgrade_write+0x3a0/0x3a0
[ 3007.397344]  ? down_write_killable+0x180/0x180
[ 3007.398323]  ? __vma_link_rb+0x540/0x700
[ 3007.399204]  copy_process+0x759b/0x7800
[ 3007.400099]  ? __cleanup_sighand+0xb0/0xb0
[ 3007.401011]  ? perf_trace_lock+0xac/0x490
[ 3007.401912]  ? perf_trace_lock+0xac/0x490
[ 3007.402816]  kernel_clone+0xe7/0x980
[ 3007.403623]  ? create_io_thread+0xf0/0xf0
[ 3007.404517]  ? lock_downgrade+0x6d0/0x6d0
[ 3007.405409]  ? find_held_lock+0x2c/0x110
[ 3007.406287]  ? ksys_write+0x12d/0x260
[ 3007.407117]  __do_sys_clone+0xc8/0x110
[ 3007.407951]  ? kernel_clone+0x980/0x980
[ 3007.408810]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3007.409873]  ? vfs_write+0x354/0xb10
[ 3007.410713]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3007.411840]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3007.412972]  do_syscall_64+0x33/0x40
[ 3007.413777]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3007.415184] RIP: 0033:0x7fd16660db19
[ 3007.415988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3007.419977] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3007.421629] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 3007.423162] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3007.424699] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 3007.426226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3007.427751] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
[ 3007.501972] loop6: detected capacity change from 0 to 41948160
05:50:21 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 49)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

[ 3007.581085] FAT-fs (loop6): Unrecognized mount option "" or missing value
05:50:21 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 23)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

[ 3007.737169] FAULT_INJECTION: forcing a failure.
[ 3007.737169] name failslab, interval 1, probability 0, space 0, times 0
[ 3007.739500] CPU: 0 PID: 40526 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 3007.740780] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3007.742241] Call Trace:
[ 3007.742708]  dump_stack+0x107/0x167
[ 3007.743336]  should_fail.cold+0x5/0xa
[ 3007.744009]  ? create_object.isra.0+0x3a/0xa20
[ 3007.744822]  should_failslab+0x5/0x20
[ 3007.745477]  kmem_cache_alloc+0x5b/0x310
[ 3007.746191]  create_object.isra.0+0x3a/0xa20
[ 3007.746955]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3007.747923]  kmem_cache_alloc+0x159/0x310
[ 3007.748685]  anon_vma_clone+0xdc/0x590
[ 3007.749389]  anon_vma_fork+0x82/0x640
[ 3007.750058]  ? __vm_enough_memory+0x184/0x360
[ 3007.750899]  copy_process+0x7218/0x7800
[ 3007.751675]  ? __cleanup_sighand+0xb0/0xb0
[ 3007.752457]  ? perf_trace_lock+0xac/0x490
[ 3007.753210]  ? perf_trace_lock+0xac/0x490
[ 3007.753973]  kernel_clone+0xe7/0x980
[ 3007.754663]  ? create_io_thread+0xf0/0xf0
[ 3007.755393]  ? lock_downgrade+0x6d0/0x6d0
[ 3007.756154]  ? find_held_lock+0x2c/0x110
[ 3007.756906]  ? ksys_write+0x12d/0x260
[ 3007.757623]  __do_sys_clone+0xc8/0x110
[ 3007.758306]  ? kernel_clone+0x980/0x980
[ 3007.759054]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3007.759946]  ? vfs_write+0x354/0xb10
[ 3007.760666]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3007.761638]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3007.762587]  do_syscall_64+0x33/0x40
[ 3007.763302]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3007.764283] RIP: 0033:0x7f81e84c4b19
[ 3007.765017] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3007.768405] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3007.769859] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 3007.771183] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3007.772502] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 3007.773899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3007.775362] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
[ 3007.802859] FAULT_INJECTION: forcing a failure.
[ 3007.802859] name failslab, interval 1, probability 0, space 0, times 0
[ 3007.805618] CPU: 1 PID: 40528 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 3007.807089] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3007.808875] Call Trace:
[ 3007.809453]  dump_stack+0x107/0x167
[ 3007.810245]  should_fail.cold+0x5/0xa
[ 3007.811077]  ? create_object.isra.0+0x3a/0xa20
[ 3007.812063]  should_failslab+0x5/0x20
[ 3007.812901]  kmem_cache_alloc+0x5b/0x310
[ 3007.813787]  create_object.isra.0+0x3a/0xa20
[ 3007.814733]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3007.815833]  kmem_cache_alloc+0x159/0x310
[ 3007.816743]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3007.817879]  copy_process+0x1c5b/0x7800
[ 3007.818755]  ? __lock_acquire+0xbb1/0x5b00
[ 3007.819680]  ? __cleanup_sighand+0xb0/0xb0
[ 3007.820583]  ? perf_trace_lock+0xac/0x490
[ 3007.821468]  ? perf_trace_lock+0xac/0x490
[ 3007.822352]  kernel_clone+0xe7/0x980
[ 3007.823147]  ? create_io_thread+0xf0/0xf0
[ 3007.824026]  ? lock_downgrade+0x6d0/0x6d0
[ 3007.824908]  ? find_held_lock+0x2c/0x110
[ 3007.825775]  ? ksys_write+0x12d/0x260
[ 3007.826591]  __do_sys_clone+0xc8/0x110
[ 3007.827412]  ? kernel_clone+0x980/0x980
[ 3007.828260]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3007.829261]  ? vfs_write+0x354/0xb10
[ 3007.830067]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3007.831186]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3007.832280]  do_syscall_64+0x33/0x40
[ 3007.833084]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3007.834171] RIP: 0033:0x7f87f4e1cb19
[ 3007.834961] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3007.838860] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
05:50:21 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 68)

[ 3007.840481] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 3007.842195] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3007.843703] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 3007.845226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3007.846729] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
05:50:21 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) (fail_nth: 15)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

[ 3007.932238] FAULT_INJECTION: forcing a failure.
[ 3007.932238] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3007.934264] CPU: 0 PID: 40537 Comm: syz-executor.6 Not tainted 5.10.235 #1
[ 3007.935558] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3007.936939] Call Trace:
[ 3007.937451]  dump_stack+0x107/0x167
[ 3007.938155]  should_fail.cold+0x5/0xa
[ 3007.938892]  iov_iter_copy_from_user_atomic+0x49b/0xdb0
[ 3007.939922]  ? shmem_write_begin+0xf7/0x1d0
[ 3007.940759]  ? shmem_write_begin+0x100/0x1d0
[ 3007.941610]  generic_perform_write+0x279/0x4f0
[ 3007.942493]  ? page_cache_prev_miss+0x310/0x310
[ 3007.943376]  ? evict_inodes+0x470/0x470
[ 3007.944130]  ? generic_write_checks+0x2ad/0x390
[ 3007.945032]  __generic_file_write_iter+0x39d/0x5d0
[ 3007.945982]  generic_file_write_iter+0xdb/0x230
[ 3007.946872]  ? iov_iter_init+0x3c/0x130
[ 3007.947639]  new_sync_write+0x42c/0x660
[ 3007.948394]  ? new_sync_read+0x6f0/0x6f0
[ 3007.949173]  ? __x64_sys_pwrite64+0x201/0x260
[ 3007.950038]  ? lock_release+0x680/0x680
[ 3007.950792]  ? selinux_file_permission+0x92/0x520
[ 3007.951710]  ? security_file_permission+0xb1/0xe0
[ 3007.952647]  vfs_write+0x7c0/0xb10
[ 3007.953335]  __x64_sys_pwrite64+0x201/0x260
[ 3007.954152]  ? ksys_pwrite64+0x1b0/0x1b0
[ 3007.954936]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3007.955944]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3007.956942]  do_syscall_64+0x33/0x40
[ 3007.957636]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3007.958604] RIP: 0033:0x7fe01fe45ab7
[ 3007.959310] Code: 08 89 3c 24 48 89 4c 24 18 e8 e5 f8 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 48 8b 74 24 08 8b 3c 24 b8 12 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 04 24 e8 15 f9 ff ff 48 8b
[ 3007.962738] RSP: 002b:00007fe01d407f20 EFLAGS: 00000293 ORIG_RAX: 0000000000000012
[ 3007.964175] RAX: ffffffffffffffda RBX: 00007fe01fedc970 RCX: 00007fe01fe45ab7
[ 3007.965522] RDX: 0000000000000017 RSI: 0000000020000140 RDI: 0000000000000005
[ 3007.966857] RBP: 0000000000000002 R08: 0000000000000000 R09: ffffffffffffffff
[ 3007.968193] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000005
[ 3007.969537] R13: 0000000000000005 R14: 0000000020000180 R15: 0000000000000000
[ 3007.975988] FAULT_INJECTION: forcing a failure.
[ 3007.975988] name failslab, interval 1, probability 0, space 0, times 0
[ 3007.978000] CPU: 0 PID: 40534 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 3007.979505] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3007.981055] Call Trace:
[ 3007.981547]  dump_stack+0x107/0x167
[ 3007.982232]  should_fail.cold+0x5/0xa
[ 3007.982944]  ? vm_area_dup+0x78/0x290
[ 3007.983659]  should_failslab+0x5/0x20
[ 3007.984366]  kmem_cache_alloc+0x5b/0x310
[ 3007.985125]  ? lock_downgrade+0x6d0/0x6d0
[ 3007.985891]  vm_area_dup+0x78/0x290
[ 3007.986579]  ? _cond_resched+0x10/0x30
[ 3007.987292]  ? copy_page_range+0x24e9/0x3810
[ 3007.988137]  ? vm_area_alloc+0x110/0x110
[ 3007.988902]  ? vm_iomap_memory+0x190/0x190
[ 3007.989686]  ? up_write+0x191/0x550
[ 3007.990364]  ? downgrade_write+0x3a0/0x3a0
[ 3007.991137]  ? down_write_killable+0x180/0x180
[ 3007.991996]  ? __vma_link_rb+0x540/0x700
[ 3007.992772]  copy_process+0x291b/0x7800
[ 3007.993535]  ? __cleanup_sighand+0xb0/0xb0
[ 3007.994314]  ? perf_trace_lock+0xac/0x490
[ 3007.995094]  ? perf_trace_lock+0xac/0x490
[ 3007.995861]  kernel_clone+0xe7/0x980
[ 3007.996562]  ? create_io_thread+0xf0/0xf0
[ 3007.997322]  ? lock_downgrade+0x6d0/0x6d0
[ 3007.998080]  ? find_held_lock+0x2c/0x110
[ 3007.998830]  ? ksys_write+0x12d/0x260
[ 3007.999542]  __do_sys_clone+0xc8/0x110
[ 3008.000249]  ? kernel_clone+0x980/0x980
[ 3008.000995]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3008.001840]  ? vfs_write+0x354/0xb10
[ 3008.002540]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3008.003490]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3008.004427]  do_syscall_64+0x33/0x40
[ 3008.005123]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3008.006078] RIP: 0033:0x7fd16660db19
[ 3008.006744] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3008.009776] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3008.010868] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 3008.012008] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3008.013202] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 3008.014367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3008.015533] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
[ 3008.055030] loop6: detected capacity change from 0 to 41948160
05:50:22 executing program 2:
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/94, 0x5e}], 0x1, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
r2 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f00000000c0)='devices.allow\x00', 0x2, 0x0)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000000)={0x0, 0x2, 0x6, @local}, 0x10)
r3 = socket$packet(0x11, 0x3, 0x300)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'lo\x00', <r5=>0x0})
setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f0000000000)={r5, 0x2, 0x6, @local}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r2, @ANYRES32=<r6=>0xee01, @ANYRES32=0xee00, @ANYBLOB='\x00'])
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000500)=@delpolicy={0x49c, 0x14, 0x1, 0x70bd2d, 0x25dfdbfd, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4e23, 0x5, 0x4e24, 0x1, 0xa, 0x20, 0x0, 0x11}, 0x6e6bb6, 0x1}, [@XFRMA_IF_ID={0x8, 0x1f, r5}, @sec_ctx={0x59, 0x8, {0x55, 0x8, 0x1, 0x0, 0x4d, "bbcd954186bbc97de496346800c2429ed55ccabd83253d14dccc5db23e476ae1ce2f8b096e69dedcbba80881ed9da2c20f8187cfeb4ebf728424d4a1b170054efc8c22791854ac429da4e1f2cb"}}, @sa={0xe4, 0x6, {{@in6=@mcast2, @in=@loopback, 0x4e23, 0x9c, 0x4e23, 0xfff, 0xa, 0x20, 0x20, 0x16, 0x0, r6}, {@in=@rand_addr=0x64010100, 0x4d4, 0x3c}, @in6=@remote, {0x7, 0x30, 0x3, 0x3, 0x800, 0x200, 0x7ff}, {0x9, 0x4, 0x30, 0x1}, {0x7fff, 0x7, 0x5}, 0x70bd29, 0x3500, 0x0, 0x0, 0x1, 0x80}}, @srcaddr={0x14, 0xd, @in=@broadcast}, @sec_ctx={0xf5, 0x8, {0xf1, 0x8, 0x1, 0x7f, 0xe9, "c107657692bb3cbd5ccfd76eda5722203511ca629379806a511e21214684f87d8f098b3163cedaee37f5c884247e0e9bc830d2a090c19fb4c84b2ffad90afba88388aab4bbe464ccc81fa7ab4d54f3596b549af31602cf3a2aa89dbdaa13d73587d18ec9894f46fc21121c0a1a80aa8a9942b98cc572aeae6befb4932dfe46fb3b3a11a2c4961e1c6fac23a8ba811bbbfeddd555ec4c30d96492d1ccddbc49d5cc2d94838d4a6cc83d034d574010fcae66244171b037dcda156d6395851c350d2fe0d88a16dddf164181e20d87a94e1cbb5c27a4964dc27452b538fb27bd290dc27ba3e23002813fcb"}}, @algo_auth_trunc={0x123, 0x14, {{'blake2s-128\x00'}, 0x6b8, 0x80, "ea15ce13409b8cb44df25e05f3ec053a510a3e5ef148e57404f68a40673cfc0ecd8bb60a7e01bca8bb9525b861bccc94df780fb4d352e163c01ce1c23b132fc9453f9a38a1763d3265f3ae99a53699b07c4b6aa836b6e8d2bce88c82776fd769263f08396d7990adf94ae016d284a84636b4a7b02df5993a20d6ca1fc986c183573db9e1bd486bb6e20cc12e6a7b103a43dba1571cf8c0690a293134addafe2ab55e5e904932d9bfef084da607e73b5341207e49e1a448d36e9d6a2ad5913fc058e6f28a5db42d0a4ea98c86a4757a10d0c1dbf6b0ea18"}}, @sec_ctx={0xd2, 0x8, {0xce, 0x8, 0x1, 0x80, 0xc6, "8bc603ddbc34b1886b2466695db256b3bafc287972d4419f8a920faf327bb58e738772d3e0ed94ff7d899168bc8e60009c7151b44c2b83468005ef97d8fa2c48fc0443fef20888667ad21070dee7e84ff3d37bed9a2bfd84ce1fa6414ccd21aa9cbb346d1ad10290a536ff184cdad6c859d25928db95acb3ff4d4058e5ea30b6599d2b4bd24e8adce5692562fd650844e86a051c6b16279de63cbfb61ff9cf4e17dfbf18545a2854b72451312cf0d786cd8f35f1a88a5e3c1ba0fbe2906aa24bf3997405d1b5"}}]}, 0x49c}, 0x1, 0x0, 0x0, 0x10}, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000100)={0x5})
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)="ee", 0x1}], 0x100000000000037f)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sendfile(r0, r7, &(0x7f0000000000)=0xffffffffffffffff, 0x1)
fork()
socket$inet6(0xa, 0xa, 0x3ff)

05:50:22 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 24)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:50:22 executing program 0:
mlockall(0x7)
mlockall(0x4)
shmat(0x0, &(0x7f0000e62000/0x1000)=nil, 0x1000)
shmat(0x0, &(0x7f0000800000/0x800000)=nil, 0xc000)

05:50:22 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 69)

[ 3008.148775] FAT-fs (loop6): Unrecognized mount option "" or missing value
[ 3008.215262] FAULT_INJECTION: forcing a failure.
[ 3008.215262] name failslab, interval 1, probability 0, space 0, times 0
[ 3008.216868] CPU: 0 PID: 40588 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 3008.217733] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3008.218839] Call Trace:
[ 3008.219215]  dump_stack+0x107/0x167
[ 3008.219707]  should_fail.cold+0x5/0xa
[ 3008.220213]  ? copy_process+0x24f5/0x7800
[ 3008.220773]  should_failslab+0x5/0x20
[ 3008.221288]  kmem_cache_alloc+0x5b/0x310
[ 3008.221850]  copy_process+0x24f5/0x7800
[ 3008.222422]  ? __lock_acquire+0xbb1/0x5b00
[ 3008.223034]  ? __cleanup_sighand+0xb0/0xb0
[ 3008.223616]  ? perf_trace_lock+0xac/0x490
[ 3008.224178]  ? perf_trace_lock+0xac/0x490
[ 3008.224748]  kernel_clone+0xe7/0x980
[ 3008.225225]  ? create_io_thread+0xf0/0xf0
[ 3008.225739]  ? lock_downgrade+0x6d0/0x6d0
[ 3008.226250]  ? find_held_lock+0x2c/0x110
[ 3008.226759]  ? ksys_write+0x12d/0x260
[ 3008.227240]  __do_sys_clone+0xc8/0x110
[ 3008.227747]  ? kernel_clone+0x980/0x980
[ 3008.228243]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3008.228841]  ? vfs_write+0x354/0xb10
[ 3008.229312]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3008.229963]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3008.230602]  do_syscall_64+0x33/0x40
[ 3008.231071]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3008.231732] RIP: 0033:0x7f87f4e1cb19
[ 3008.232217] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3008.234565] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3008.235533] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 3008.236430] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3008.237315] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 3008.238208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3008.239085] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
[ 3008.248749] FAULT_INJECTION: forcing a failure.
[ 3008.248749] name failslab, interval 1, probability 0, space 0, times 0
[ 3008.250251] CPU: 0 PID: 40598 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 3008.251137] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3008.252172] Call Trace:
[ 3008.252499]  dump_stack+0x107/0x167
[ 3008.252965]  should_fail.cold+0x5/0xa
[ 3008.253435]  ? create_object.isra.0+0x3a/0xa20
[ 3008.253998]  should_failslab+0x5/0x20
[ 3008.254474]  kmem_cache_alloc+0x5b/0x310
[ 3008.254975]  create_object.isra.0+0x3a/0xa20
[ 3008.255514]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3008.256150]  kmem_cache_alloc+0x159/0x310
[ 3008.256689]  vm_area_dup+0x78/0x290
[ 3008.257145]  ? _cond_resched+0x10/0x30
[ 3008.257631]  ? copy_page_range+0x24e9/0x3810
[ 3008.258184]  ? vm_area_alloc+0x110/0x110
[ 3008.258704]  ? vm_iomap_memory+0x190/0x190
[ 3008.259243]  ? up_write+0x191/0x550
[ 3008.259693]  ? downgrade_write+0x3a0/0x3a0
[ 3008.260211]  ? down_write_killable+0x180/0x180
[ 3008.260771]  ? __vma_link_rb+0x540/0x700
[ 3008.261282]  copy_process+0x291b/0x7800
[ 3008.261794]  ? __cleanup_sighand+0xb0/0xb0
[ 3008.262314]  ? perf_trace_lock+0xac/0x490
[ 3008.262837]  ? perf_trace_lock+0xac/0x490
[ 3008.263362]  kernel_clone+0xe7/0x980
[ 3008.263838]  ? create_io_thread+0xf0/0xf0
[ 3008.264345]  ? lock_downgrade+0x6d0/0x6d0
[ 3008.264859]  ? find_held_lock+0x2c/0x110
[ 3008.265361]  ? ksys_write+0x12d/0x260
[ 3008.265835]  __do_sys_clone+0xc8/0x110
[ 3008.266325]  ? kernel_clone+0x980/0x980
[ 3008.266815]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3008.267378]  ? vfs_write+0x354/0xb10
[ 3008.267850]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3008.268492]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3008.269097]  do_syscall_64+0x33/0x40
[ 3008.269553]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3008.270143] RIP: 0033:0x7fd16660db19
[ 3008.270596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3008.272744] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3008.273670] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 3008.274538] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3008.275396] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 3008.276270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3008.277146] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
05:50:40 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 50)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:50:40 executing program 3:
mlockall(0x7)
mlockall(0x3)
r0 = shmget$private(0x0, 0x1000, 0x1c10, &(0x7f0000ffd000/0x1000)=nil)
shmat(r0, &(0x7f0000800000/0x800000)=nil, 0xc000)
shmat(r0, &(0x7f0000fac000/0x2000)=nil, 0x7000)
mlockall(0x1)
mlockall(0x2)
mlockall(0x4)
shmat(0x0, &(0x7f0000fad000/0x1000)=nil, 0xc000)
shmat(0x0, &(0x7f0000fac000/0x4000)=nil, 0x6000)

05:50:40 executing program 0:
mlockall(0x7)
mlockall(0x6)
shmat(0x0, &(0x7f0000800000/0x800000)=nil, 0xc000)
mlockall(0x7)

05:50:40 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 70)

05:50:40 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) (fail_nth: 16)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:50:40 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BLKTRACESTART(0xffffffffffffffff, 0x1274, 0x0)
ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0)
r0 = add_key$keyring(&(0x7f0000000180), &(0x7f0000000280)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$setperm(0x5, r0, 0x0)
keyctl$get_security(0x11, r0, 0x0, 0x0)
getuid()
keyctl$chown(0x4, 0x0, 0x0, 0xffffffffffffffff)
add_key(&(0x7f00000000c0)='ceph\x00', &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x1}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000080)='K', 0x1}], 0x1}}], 0x400000000000095, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r2, 0x80, 0x0, 0x8, 0x1}, 0x7f)

[ 3026.100651] FAULT_INJECTION: forcing a failure.
[ 3026.100651] name failslab, interval 1, probability 0, space 0, times 0
[ 3026.103265] CPU: 0 PID: 40766 Comm: syz-executor.6 Not tainted 5.10.235 #1
[ 3026.104747] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3026.106431] Call Trace:
[ 3026.106973]  dump_stack+0x107/0x167
[ 3026.107716]  should_fail.cold+0x5/0xa
[ 3026.108504]  ? getname_flags.part.0+0x50/0x4f0
[ 3026.109491]  should_failslab+0x5/0x20
[ 3026.110267]  kmem_cache_alloc+0x5b/0x310
[ 3026.111134]  ? new_sync_write+0x499/0x660
[ 3026.111981]  getname_flags.part.0+0x50/0x4f0
[ 3026.112939]  getname+0x8e/0xd0
[ 3026.113605]  do_sys_openat2+0xf9/0x4d0
[ 3026.114440]  ? build_open_flags+0x6f0/0x6f0
[ 3026.115334]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3026.116334]  __x64_sys_openat+0x13f/0x1f0
[ 3026.117192]  ? __ia32_sys_open+0x1c0/0x1c0
[ 3026.118107]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3026.119175]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3026.120263]  do_syscall_64+0x33/0x40
[ 3026.121040]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3026.122121] RIP: 0033:0x7fe01fe45a04
[ 3026.122878] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 3026.126795] RSP: 002b:00007fe01d407ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 3026.128348] RAX: ffffffffffffffda RBX: 00007fe01fedc970 RCX: 00007fe01fe45a04
[ 3026.129809] RDX: 0000000000000002 RSI: 00007fe01d408000 RDI: 00000000ffffff9c
[ 3026.131274] RBP: 00007fe01d408000 R08: 0000000000000000 R09: ffffffffffffffff
[ 3026.132736] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[ 3026.134196] R13: 0000000000000005 R14: 00000000200001b0 R15: 0000000000000002
05:50:40 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 25)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

[ 3026.161133] FAULT_INJECTION: forcing a failure.
[ 3026.161133] name failslab, interval 1, probability 0, space 0, times 0
[ 3026.163699] CPU: 0 PID: 40762 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 3026.165137] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3026.166840] Call Trace:
[ 3026.167393]  dump_stack+0x107/0x167
[ 3026.168162]  should_fail.cold+0x5/0xa
[ 3026.168954]  ? anon_vma_clone+0xdc/0x590
[ 3026.169793]  should_failslab+0x5/0x20
[ 3026.170583]  kmem_cache_alloc+0x5b/0x310
[ 3026.171438]  anon_vma_clone+0xdc/0x590
[ 3026.172256]  anon_vma_fork+0x82/0x640
[ 3026.173075]  ? __vm_enough_memory+0x184/0x360
[ 3026.174014]  copy_process+0x7218/0x7800
[ 3026.174864]  ? __cleanup_sighand+0xb0/0xb0
[ 3026.175738]  ? perf_trace_lock+0xac/0x490
[ 3026.176596]  ? perf_trace_lock+0xac/0x490
[ 3026.177469]  kernel_clone+0xe7/0x980
[ 3026.178239]  ? create_io_thread+0xf0/0xf0
[ 3026.179091]  ? lock_downgrade+0x6d0/0x6d0
[ 3026.179936]  ? find_held_lock+0x2c/0x110
[ 3026.180777]  ? ksys_write+0x12d/0x260
[ 3026.181577]  __do_sys_clone+0xc8/0x110
[ 3026.182379]  ? kernel_clone+0x980/0x980
[ 3026.183196]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3026.184144]  ? vfs_write+0x354/0xb10
[ 3026.184951]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3026.186027]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3026.187092]  do_syscall_64+0x33/0x40
[ 3026.187854]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3026.188908] RIP: 0033:0x7f81e84c4b19
[ 3026.189682] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3026.193452] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3026.195014] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 3026.196470] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3026.197951] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 3026.199426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3026.200895] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
[ 3026.202336] FAULT_INJECTION: forcing a failure.
[ 3026.202336] name failslab, interval 1, probability 0, space 0, times 0
[ 3026.204803] CPU: 1 PID: 40774 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 3026.206282] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3026.207978] Call Trace:
[ 3026.208522]  dump_stack+0x107/0x167
[ 3026.209277]  should_fail.cold+0x5/0xa
[ 3026.210057]  ? create_object.isra.0+0x3a/0xa20
[ 3026.210995]  should_failslab+0x5/0x20
[ 3026.211781]  kmem_cache_alloc+0x5b/0x310
[ 3026.212612]  create_object.isra.0+0x3a/0xa20
[ 3026.213513]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3026.214560]  kmem_cache_alloc+0x159/0x310
[ 3026.215425]  copy_process+0x24f5/0x7800
[ 3026.216251]  ? __lock_acquire+0xbb1/0x5b00
[ 3026.217152]  ? __cleanup_sighand+0xb0/0xb0
[ 3026.218008]  ? perf_trace_lock+0xac/0x490
[ 3026.218856]  ? perf_trace_lock+0xac/0x490
[ 3026.219702]  kernel_clone+0xe7/0x980
[ 3026.220461]  ? create_io_thread+0xf0/0xf0
[ 3026.221309]  ? lock_downgrade+0x6d0/0x6d0
[ 3026.222145]  ? find_held_lock+0x2c/0x110
[ 3026.222970]  ? ksys_write+0x12d/0x260
[ 3026.223122] FAULT_INJECTION: forcing a failure.
[ 3026.223122] name failslab, interval 1, probability 0, space 0, times 0
[ 3026.223747]  __do_sys_clone+0xc8/0x110
[ 3026.223766]  ? kernel_clone+0x980/0x980
[ 3026.223786]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3026.223818]  ? vfs_write+0x354/0xb10
[ 3026.232851]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3026.233905]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3026.234972]  do_syscall_64+0x33/0x40
[ 3026.235717]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3026.236721] RIP: 0033:0x7f87f4e1cb19
[ 3026.237487] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3026.241152] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3026.242679] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 3026.244122] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3026.245573] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 3026.247009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3026.248409] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
[ 3026.249866] CPU: 0 PID: 40772 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 3026.251587] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3026.253324] Call Trace:
[ 3026.253885]  dump_stack+0x107/0x167
[ 3026.254664]  should_fail.cold+0x5/0xa
[ 3026.255476]  ? vm_area_dup+0x78/0x290
[ 3026.256468]  should_failslab+0x5/0x20
[ 3026.257450]  kmem_cache_alloc+0x5b/0x310
[ 3026.258319]  ? lock_downgrade+0x6d0/0x6d0
[ 3026.259257]  vm_area_dup+0x78/0x290
[ 3026.260080]  ? _cond_resched+0x10/0x30
[ 3026.261076]  ? copy_page_range+0x24e9/0x3810
[ 3026.262251]  ? vm_area_alloc+0x110/0x110
[ 3026.263287]  ? vm_iomap_memory+0x190/0x190
[ 3026.264368]  ? up_write+0x191/0x550
[ 3026.265306]  ? downgrade_write+0x3a0/0x3a0
[ 3026.266389]  ? down_write_killable+0x180/0x180
[ 3026.267568]  ? __vma_link_rb+0x540/0x700
[ 3026.268620]  copy_process+0x291b/0x7800
[ 3026.269726]  ? __cleanup_sighand+0xb0/0xb0
[ 3026.270815]  ? perf_trace_lock+0xac/0x490
[ 3026.271907]  ? perf_trace_lock+0xac/0x490
[ 3026.273021]  kernel_clone+0xe7/0x980
[ 3026.273989]  ? create_io_thread+0xf0/0xf0
[ 3026.275055]  ? lock_downgrade+0x6d0/0x6d0
[ 3026.276133]  ? find_held_lock+0x2c/0x110
[ 3026.277220]  ? ksys_write+0x12d/0x260
[ 3026.278231]  __do_sys_clone+0xc8/0x110
[ 3026.279235]  ? kernel_clone+0x980/0x980
[ 3026.280244]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3026.281470]  ? vfs_write+0x354/0xb10
[ 3026.282458]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3026.283781]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3026.285102]  do_syscall_64+0x33/0x40
[ 3026.286053]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3026.287346] RIP: 0033:0x7fd16660db19
[ 3026.288293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3026.292948] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3026.294863] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 3026.296670] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3026.298498] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 3026.300281] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3026.302038] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
05:50:40 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) (fail_nth: 17)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

[ 3026.488640] FAULT_INJECTION: forcing a failure.
[ 3026.488640] name failslab, interval 1, probability 0, space 0, times 0
[ 3026.491251] CPU: 0 PID: 40884 Comm: syz-executor.6 Not tainted 5.10.235 #1
[ 3026.492715] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3026.494490] Call Trace:
[ 3026.495051]  dump_stack+0x107/0x167
[ 3026.495827]  should_fail.cold+0x5/0xa
[ 3026.496640]  ? create_object.isra.0+0x3a/0xa20
[ 3026.497629]  should_failslab+0x5/0x20
[ 3026.498437]  kmem_cache_alloc+0x5b/0x310
[ 3026.499311]  create_object.isra.0+0x3a/0xa20
[ 3026.500248]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3026.501346]  kmem_cache_alloc+0x159/0x310
[ 3026.502236]  getname_flags.part.0+0x50/0x4f0
[ 3026.503175]  getname+0x8e/0xd0
[ 3026.503858]  do_sys_openat2+0xf9/0x4d0
[ 3026.504692]  ? build_open_flags+0x6f0/0x6f0
[ 3026.505628]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3026.506622]  __x64_sys_openat+0x13f/0x1f0
[ 3026.507500]  ? __ia32_sys_open+0x1c0/0x1c0
[ 3026.508414]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3026.509535]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3026.510639]  do_syscall_64+0x33/0x40
[ 3026.511427]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3026.512513] RIP: 0033:0x7fe01fe45a04
[ 3026.513307] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 3026.517241] RSP: 002b:00007fe01d407ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 3026.518866] RAX: ffffffffffffffda RBX: 00007fe01fedc970 RCX: 00007fe01fe45a04
[ 3026.520397] RDX: 0000000000000002 RSI: 00007fe01d408000 RDI: 00000000ffffff9c
[ 3026.521932] RBP: 00007fe01d408000 R08: 0000000000000000 R09: ffffffffffffffff
[ 3026.523456] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[ 3026.524984] R13: 0000000000000005 R14: 00000000200001b0 R15: 0000000000000002
05:50:40 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 51)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:50:40 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 71)

[ 3026.638070] loop6: detected capacity change from 0 to 41948160
05:50:40 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 26)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

[ 3026.655985] FAT-fs (loop6): Unrecognized mount option "" or missing value
05:50:40 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BLKTRACESTART(0xffffffffffffffff, 0x1274, 0x0)
ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0)
r0 = add_key$keyring(&(0x7f0000000180), &(0x7f0000000280)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$setperm(0x5, r0, 0x0)
keyctl$get_security(0x11, r0, 0x0, 0x0)
getuid()
keyctl$chown(0x4, 0x0, 0x0, 0xffffffffffffffff)
add_key(&(0x7f00000000c0)='ceph\x00', &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x1}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000080)='K', 0x1}], 0x1}}], 0x400000000000095, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x4, 0x0, @fd=r2, 0x80, 0x0, 0x8, 0x1}, 0x7f)

[ 3026.708838] FAULT_INJECTION: forcing a failure.
[ 3026.708838] name failslab, interval 1, probability 0, space 0, times 0
[ 3026.711158] CPU: 1 PID: 40889 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 3026.712440] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3026.713951] Call Trace:
[ 3026.714455]  dump_stack+0x107/0x167
[ 3026.715129]  should_fail.cold+0x5/0xa
[ 3026.715823]  ? create_object.isra.0+0x3a/0xa20
[ 3026.716670]  should_failslab+0x5/0x20
[ 3026.717379]  kmem_cache_alloc+0x5b/0x310
[ 3026.718127]  create_object.isra.0+0x3a/0xa20
[ 3026.718935]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3026.719878]  kmem_cache_alloc+0x159/0x310
[ 3026.720658]  anon_vma_fork+0xf1/0x640
[ 3026.721369]  ? __vm_enough_memory+0x184/0x360
[ 3026.722168]  copy_process+0x7218/0x7800
[ 3026.722930]  ? __cleanup_sighand+0xb0/0xb0
[ 3026.723694]  ? perf_trace_lock+0xac/0x490
[ 3026.724464]  ? perf_trace_lock+0xac/0x490
[ 3026.725237]  kernel_clone+0xe7/0x980
[ 3026.725911]  ? create_io_thread+0xf0/0xf0
[ 3026.726653]  ? lock_downgrade+0x6d0/0x6d0
[ 3026.727403]  ? find_held_lock+0x2c/0x110
[ 3026.728145]  ? ksys_write+0x12d/0x260
[ 3026.728850]  __do_sys_clone+0xc8/0x110
[ 3026.729552]  ? kernel_clone+0x980/0x980
[ 3026.730261]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3026.731104]  ? vfs_write+0x354/0xb10
[ 3026.731797]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3026.732742]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3026.733674]  do_syscall_64+0x33/0x40
[ 3026.734349]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3026.735272] RIP: 0033:0x7f81e84c4b19
[ 3026.735934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3026.739202] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3026.740561] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 3026.741864] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3026.743151] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 3026.744426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3026.745705] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
05:50:40 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) (fail_nth: 18)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

[ 3026.775653] FAULT_INJECTION: forcing a failure.
[ 3026.775653] name failslab, interval 1, probability 0, space 0, times 0
[ 3026.778657] CPU: 0 PID: 40891 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 3026.780172] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3026.781988] Call Trace:
[ 3026.782573]  dump_stack+0x107/0x167
[ 3026.783373]  should_fail.cold+0x5/0xa
[ 3026.784205]  ? create_object.isra.0+0x3a/0xa20
[ 3026.785213]  should_failslab+0x5/0x20
[ 3026.786039]  kmem_cache_alloc+0x5b/0x310
[ 3026.786930]  create_object.isra.0+0x3a/0xa20
[ 3026.787880]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3026.789005]  kmem_cache_alloc+0x159/0x310
[ 3026.789913]  vm_area_dup+0x78/0x290
[ 3026.790724]  ? _cond_resched+0x10/0x30
[ 3026.791569]  ? copy_page_range+0x24e9/0x3810
[ 3026.792569]  ? vm_area_alloc+0x110/0x110
[ 3026.793473]  ? vm_iomap_memory+0x190/0x190
[ 3026.794393]  ? up_write+0x191/0x550
[ 3026.795193]  ? downgrade_write+0x3a0/0x3a0
[ 3026.796109]  ? down_write_killable+0x180/0x180
[ 3026.797113]  ? __vma_link_rb+0x540/0x700
[ 3026.798009]  copy_process+0x291b/0x7800
[ 3026.798921]  ? __cleanup_sighand+0xb0/0xb0
[ 3026.799842]  ? perf_trace_lock+0xac/0x490
[ 3026.800766]  ? perf_trace_lock+0xac/0x490
[ 3026.801680]  kernel_clone+0xe7/0x980
[ 3026.802492]  ? create_io_thread+0xf0/0xf0
[ 3026.803393]  ? lock_downgrade+0x6d0/0x6d0
[ 3026.804288]  ? find_held_lock+0x2c/0x110
[ 3026.805190]  ? ksys_write+0x12d/0x260
[ 3026.806033]  __do_sys_clone+0xc8/0x110
[ 3026.806877]  ? kernel_clone+0x980/0x980
[ 3026.807740]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3026.808752]  ? vfs_write+0x354/0xb10
[ 3026.809586]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3026.810727]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3026.811851]  do_syscall_64+0x33/0x40
[ 3026.812663]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3026.813780] RIP: 0033:0x7fd16660db19
[ 3026.814588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3026.818565] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3026.820224] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 3026.821780] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3026.823325] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
05:50:40 executing program 0:
mlockall(0x7)
shmat(0x0, &(0x7f0000800000/0x800000)=nil, 0xc000)
r0 = shmget$private(0x0, 0x1000, 0x1c10, &(0x7f0000ffd000/0x1000)=nil)
shmat(r0, &(0x7f0000800000/0x800000)=nil, 0xc000)
shmat(r0, &(0x7f0000ffb000/0x2000)=nil, 0x7000)

[ 3026.824881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3026.826783] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
[ 3026.838324] FAULT_INJECTION: forcing a failure.
[ 3026.838324] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3026.840005] CPU: 1 PID: 40897 Comm: syz-executor.6 Not tainted 5.10.235 #1
[ 3026.840939] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3026.842000] Call Trace:
[ 3026.842163] FAULT_INJECTION: forcing a failure.
[ 3026.842163] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3026.842362]  dump_stack+0x107/0x167
[ 3026.845252]  should_fail.cold+0x5/0xa
[ 3026.845754]  strncpy_from_user+0x34/0x470
[ 3026.846286]  getname_flags.part.0+0x95/0x4f0
[ 3026.846848]  getname+0x8e/0xd0
[ 3026.847260]  do_sys_openat2+0xf9/0x4d0
[ 3026.847763]  ? build_open_flags+0x6f0/0x6f0
[ 3026.848318]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3026.848921]  __x64_sys_openat+0x13f/0x1f0
[ 3026.849448]  ? __ia32_sys_open+0x1c0/0x1c0
[ 3026.849993]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3026.850668]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3026.851321]  do_syscall_64+0x33/0x40
[ 3026.851798]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3026.852447] RIP: 0033:0x7fe01fe45a04
[ 3026.852925] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 3026.855290] RSP: 002b:00007fe01d407ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 3026.856303] RAX: ffffffffffffffda RBX: 00007fe01fedc970 RCX: 00007fe01fe45a04
[ 3026.857257] RDX: 0000000000000002 RSI: 00007fe01d408000 RDI: 00000000ffffff9c
[ 3026.858192] RBP: 00007fe01d408000 R08: 0000000000000000 R09: ffffffffffffffff
[ 3026.859128] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[ 3026.860045] R13: 0000000000000005 R14: 00000000200001b0 R15: 0000000000000002
[ 3026.860996] CPU: 0 PID: 40893 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 3026.862470] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3026.864213] Call Trace:
[ 3026.864804]  dump_stack+0x107/0x167
[ 3026.865577]  should_fail.cold+0x5/0xa
[ 3026.866382]  __alloc_pages_nodemask+0x182/0x600
[ 3026.867377]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 3026.868665]  alloc_pages_current+0x187/0x280
[ 3026.869593]  __get_free_pages+0xc/0xa0
[ 3026.870402]  pgd_alloc+0x84/0x4e0
[ 3026.871134]  ? pgd_page_get_mm+0x40/0x40
[ 3026.871987]  ? lockdep_init_map_type+0x2c7/0x780
[ 3026.872993]  ? lockdep_init_map_type+0x2c7/0x780
[ 3026.873987]  mm_init+0x670/0xab0
[ 3026.874697]  copy_process+0x254d/0x7800
[ 3026.875531]  ? __lock_acquire+0xbb1/0x5b00
[ 3026.876431]  ? __cleanup_sighand+0xb0/0xb0
[ 3026.877323]  ? perf_trace_lock+0xac/0x490
[ 3026.878200]  ? perf_trace_lock+0xac/0x490
[ 3026.879073]  kernel_clone+0xe7/0x980
[ 3026.879857]  ? create_io_thread+0xf0/0xf0
[ 3026.880715]  ? lock_downgrade+0x6d0/0x6d0
[ 3026.882047]  ? find_held_lock+0x2c/0x110
[ 3026.883191]  ? ksys_write+0x12d/0x260
[ 3026.884265]  __do_sys_clone+0xc8/0x110
[ 3026.885362]  ? kernel_clone+0x980/0x980
[ 3026.886361]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3026.887263]  ? vfs_write+0x354/0xb10
[ 3026.888006]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3026.889046]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3026.890051]  do_syscall_64+0x33/0x40
[ 3026.890782]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3026.891785] RIP: 0033:0x7f87f4e1cb19
[ 3026.892513] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3026.896120] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3026.897660] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 3026.899054] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3026.900488] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 3026.901926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3026.903348] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
05:50:41 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 52)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

[ 3027.152039] FAULT_INJECTION: forcing a failure.
[ 3027.152039] name failslab, interval 1, probability 0, space 0, times 0
[ 3027.154726] CPU: 1 PID: 41009 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 3027.156183] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3027.157934] Call Trace:
[ 3027.158494]  dump_stack+0x107/0x167
[ 3027.159264]  should_fail.cold+0x5/0xa
[ 3027.160067]  ? anon_vma_fork+0x1ff/0x640
[ 3027.160932]  should_failslab+0x5/0x20
[ 3027.161733]  kmem_cache_alloc+0x5b/0x310
[ 3027.162636]  anon_vma_fork+0x1ff/0x640
[ 3027.163464]  copy_process+0x7218/0x7800
[ 3027.164380]  ? __cleanup_sighand+0xb0/0xb0
[ 3027.165314]  ? perf_trace_lock+0xac/0x490
[ 3027.166233]  ? perf_trace_lock+0xac/0x490
[ 3027.167150]  kernel_clone+0xe7/0x980
[ 3027.167971]  ? create_io_thread+0xf0/0xf0
[ 3027.168881]  ? lock_downgrade+0x6d0/0x6d0
[ 3027.169781]  ? find_held_lock+0x2c/0x110
[ 3027.170681]  ? ksys_write+0x12d/0x260
[ 3027.171531]  __do_sys_clone+0xc8/0x110
[ 3027.172409]  ? kernel_clone+0x980/0x980
[ 3027.173271]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3027.174254]  ? vfs_write+0x354/0xb10
[ 3027.175063]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3027.176169]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3027.177268]  do_syscall_64+0x33/0x40
[ 3027.178054]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3027.179141] RIP: 0033:0x7f81e84c4b19
[ 3027.179929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3027.183842] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3027.185505] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 3027.187014] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3027.188520] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 3027.190034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3027.191545] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
05:50:56 executing program 3:
mlockall(0x7)
mlockall(0x3)
r0 = shmget$private(0x0, 0x1000, 0x1c10, &(0x7f0000ffd000/0x1000)=nil)
shmat(r0, &(0x7f0000800000/0x800000)=nil, 0xc000)
shmat(r0, &(0x7f0000fac000/0x2000)=nil, 0x7000)
mlockall(0x1)
mlockall(0x2)
mlockall(0x4)
shmat(0x0, &(0x7f0000fad000/0x1000)=nil, 0xc000)

05:50:56 executing program 2:
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/94, 0x5e}], 0x1, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)="ee", 0x1}], 0x100000000000037f)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sendfile(r0, r2, &(0x7f0000000000)=0xffffffffffffffff, 0x1)
fork()
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_WDS_PEER(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x28, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="32fe80f33b27"}]}, 0x28}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$SEG6(&(0x7f0000002dc0), 0xffffffffffffffff)
sendmsg$SEG6_CMD_SET_TUNSRC(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000004c0)={0x28, r7, 0x1, 0x0, 0x0, {}, [@SEG6_ATTR_DST={0x14, 0x1, @ipv4={'\x00', '\xff\xff', @remote}}]}, 0x28}}, 0x0)
sendmsg$SEG6_CMD_SETHMAC(r3, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000500)=ANY=[@ANYBLOB="7ea4404c3ada17fbf6b6d67d9e09f33ba93b36dd54c1d40146024bec06325a4afb6cc8673eb3fd847cb660cd886e8f97d3eb119d1fb13d5dac8ca13590fdeb071d17000000000000000000000000002b", @ANYRES16=r7, @ANYBLOB="010026bd7000fedbdf250100000018000400030000000300000009000000080000000000000008000300ffffffff080002004ac300000800030000800000080002006e266774080003000000000008000300ffffffff"], 0x5c}, 0x1, 0x0, 0x0, 0x802}, 0x8004)
socket$inet6(0xa, 0xa, 0x3ff)

05:50:56 executing program 7:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs2/custom1\x00', 0x800, 0x0)
ioctl$F2FS_IOC_FLUSH_DEVICE(r1, 0x4008f50a, &(0x7f0000000080)={0x1ff, 0x100})
sendmsg$IPCTNL_MSG_CT_GET_DYING(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x14, 0x6, 0x1, 0x201, 0x0, 0x0, {0x3, 0x0, 0x3}, ["", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x890}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="680000001000011400000000050000000200401700240064bff18a2685cf293c9c810000b54022c5f109c0d49d5335671094a010a404a7ee6795fa60eaebb035f12b52090a3b472f8336cd4c25ada6a9fecc0c1eafad0a0cb747de8f733f36cbd31b66296827bee0d29e8e4cc731ff1e0cdd850e970c978538443ca3f16b9a47f0035eb75546458914951e1503ca749a4ebd49b4477f5aa482aa7e72eeb28783bea8decbe398ce878ed43a9c358c43409b98e0f4d7b1f2880612ac88e9fefc07361a0fb94c4e5e60c92fc1f78134d8529a58d77df1b028efda9ab381f1fba0cfafc6f0601bdeed535f04696af46e944e485c6de244b53baf2a92c493830399133a4c83707e578c166e80cf927edcfac3cde8c474a8f846e94c416decf6133bfd8db2422be2952808691b01f0793a6cc157f5fce29fef12d5d1bb5ee55473ad4da69d9f0104c05d26a1a414f7d0ac77df8a7da20196609caffad52a51d97db7335f72120eb31078dde522710b856f894960aee5f8411d48187f0aba315926c5fe938ff7cbf9ad7fc88dbd2f1264dcfdf8ceede78644c99e6cdd15da7530ffa643152176a23c918a8d8d707cc5edbb7aaead899b8bd2d3707dd85a4bb79aacf01fd7081359ee145663223714a56717682d65152672eaac3938f59806cb2f7598390d807bce8005fbdc416d8e38d009594a26c2bc33b24e0f6bf50e8464df8db1ca4609eeb387f047471acaa7deb5c09b96f18edcb125d3e274b28cfa924c4ded32a138891eded67db8e95d0995604953ee402e8224edb4e107b7dfa02f6d04cfe7be551273f7d2350ffca11e376a9eadb882b368e231df3cad110ad51b431f30c96ce6fbc827e61c751daa6132759ace9f3062520000"], 0x68}}, 0x0)

05:50:56 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 72)

05:50:56 executing program 0:
mlockall(0x7)
shmat(0x0, &(0x7f0000800000/0x800000)=nil, 0xc000)
shmget(0x0, 0x2000, 0x400, &(0x7f0000ad0000/0x2000)=nil)

05:50:56 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 27)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:50:56 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 53)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:50:56 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) (fail_nth: 19)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

[ 3042.434147] FAULT_INJECTION: forcing a failure.
[ 3042.434147] name failslab, interval 1, probability 0, space 0, times 0
[ 3042.435810] CPU: 1 PID: 41020 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 3042.436740] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3042.437855] Call Trace:
[ 3042.438212]  dump_stack+0x107/0x167
[ 3042.438703]  should_fail.cold+0x5/0xa
[ 3042.439216]  ? create_object.isra.0+0x3a/0xa20
[ 3042.439829]  should_failslab+0x5/0x20
[ 3042.440344]  kmem_cache_alloc+0x5b/0x310
[ 3042.440897]  create_object.isra.0+0x3a/0xa20
[ 3042.441488]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3042.442152]  kmem_cache_alloc+0x159/0x310
[ 3042.442714]  copy_process+0x24f5/0x7800
[ 3042.443258]  ? __lock_acquire+0xbb1/0x5b00
[ 3042.443837]  ? __cleanup_sighand+0xb0/0xb0
[ 3042.444404]  ? perf_trace_lock+0xac/0x490
[ 3042.444975]  ? perf_trace_lock+0xac/0x490
[ 3042.445536]  kernel_clone+0xe7/0x980
[ 3042.446037]  ? create_io_thread+0xf0/0xf0
[ 3042.446591]  ? lock_downgrade+0x6d0/0x6d0
[ 3042.447145]  ? find_held_lock+0x2c/0x110
[ 3042.447697]  ? ksys_write+0x12d/0x260
[ 3042.448216]  __do_sys_clone+0xc8/0x110
[ 3042.448739]  ? kernel_clone+0x980/0x980
[ 3042.449269]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3042.449895]  ? vfs_write+0x354/0xb10
[ 3042.450404]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3042.451109]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3042.451804]  do_syscall_64+0x33/0x40
[ 3042.452304]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3042.453007] RIP: 0033:0x7f87f4e1cb19
[ 3042.453511] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3042.455982] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3042.457018] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 3042.457975] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3042.458929] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 3042.459879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3042.460836] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
[ 3042.466878] netlink: 84 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 3042.468677] FAULT_INJECTION: forcing a failure.
[ 3042.468677] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3042.470119] FAULT_INJECTION: forcing a failure.
[ 3042.470119] name failslab, interval 1, probability 0, space 0, times 0
[ 3042.471557] CPU: 0 PID: 41028 Comm: syz-executor.6 Not tainted 5.10.235 #1
[ 3042.474350] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3042.476140] Call Trace:
[ 3042.476715]  dump_stack+0x107/0x167
[ 3042.477518]  should_fail.cold+0x5/0xa
[ 3042.478345]  strncpy_from_user+0x34/0x470
[ 3042.479246]  getname_flags.part.0+0x95/0x4f0
[ 3042.480196]  getname+0x8e/0xd0
[ 3042.480902]  do_sys_openat2+0xf9/0x4d0
[ 3042.481747]  ? build_open_flags+0x6f0/0x6f0
[ 3042.482690]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3042.483697]  __x64_sys_openat+0x13f/0x1f0
[ 3042.484591]  ? __ia32_sys_open+0x1c0/0x1c0
[ 3042.485523]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3042.486658]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3042.487778]  do_syscall_64+0x33/0x40
[ 3042.488584]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3042.489705] RIP: 0033:0x7fe01fe45a04
[ 3042.490518] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 3042.494500] RSP: 002b:00007fe01d407ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 3042.496140] RAX: ffffffffffffffda RBX: 00007fe01fedc970 RCX: 00007fe01fe45a04
[ 3042.497687] RDX: 0000000000000002 RSI: 00007fe01d408000 RDI: 00000000ffffff9c
[ 3042.499229] RBP: 00007fe01d408000 R08: 0000000000000000 R09: ffffffffffffffff
[ 3042.500772] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[ 3042.502329] R13: 0000000000000005 R14: 00000000200001b0 R15: 0000000000000002
[ 3042.503895] CPU: 1 PID: 41024 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 3042.504853] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3042.505984] Call Trace:
[ 3042.506345]  dump_stack+0x107/0x167
[ 3042.506841]  should_fail.cold+0x5/0xa
[ 3042.507359]  ? create_object.isra.0+0x3a/0xa20
[ 3042.507982]  should_failslab+0x5/0x20
[ 3042.508504]  kmem_cache_alloc+0x5b/0x310
[ 3042.509066]  create_object.isra.0+0x3a/0xa20
[ 3042.509664]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3042.510358]  kmem_cache_alloc+0x159/0x310
[ 3042.510927]  anon_vma_fork+0xf1/0x640
[ 3042.511443]  ? __vm_enough_memory+0x184/0x360
[ 3042.512056]  copy_process+0x7218/0x7800
[ 3042.512625]  ? __cleanup_sighand+0xb0/0xb0
[ 3042.513210]  ? perf_trace_lock+0xac/0x490
[ 3042.513785]  ? perf_trace_lock+0xac/0x490
[ 3042.514358]  kernel_clone+0xe7/0x980
[ 3042.514868]  ? create_io_thread+0xf0/0xf0
[ 3042.515434]  ? lock_downgrade+0x6d0/0x6d0
[ 3042.515987]  ? find_held_lock+0x2c/0x110
[ 3042.516545]  ? ksys_write+0x12d/0x260
[ 3042.517074]  __do_sys_clone+0xc8/0x110
[ 3042.517608]  ? kernel_clone+0x980/0x980
[ 3042.518143]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3042.518773]  ? vfs_write+0x354/0xb10
[ 3042.519295]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3042.520002]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3042.520700]  do_syscall_64+0x33/0x40
[ 3042.521208]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3042.521906] RIP: 0033:0x7f81e84c4b19
[ 3042.522414] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3042.524940] FAULT_INJECTION: forcing a failure.
[ 3042.524940] name failslab, interval 1, probability 0, space 0, times 0
[ 3042.526438] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3042.527466] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 3042.528441] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3042.529420] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 3042.530394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3042.531366] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
[ 3042.532419] CPU: 0 PID: 41021 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 3042.533959] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3042.535773] Call Trace:
[ 3042.536350]  dump_stack+0x107/0x167
[ 3042.537163]  should_fail.cold+0x5/0xa
[ 3042.538004]  ? vm_area_dup+0x78/0x290
[ 3042.538847]  should_failslab+0x5/0x20
[ 3042.539687]  kmem_cache_alloc+0x5b/0x310
[ 3042.540588]  vm_area_dup+0x78/0x290
[ 3042.541409]  ? avc_has_perm_noaudit+0x1c9/0x3e0
[ 3042.542433]  ? lock_downgrade+0x6d0/0x6d0
[ 3042.543342]  ? perf_trace_lock+0xac/0x490
[ 3042.544254]  ? copy_page_range+0x24e9/0x3810
[ 3042.545231]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3042.546385]  ? __lockdep_reset_lock+0x180/0x180
[ 3042.547410]  ? avc_has_perm_noaudit+0x1f7/0x3e0
[ 3042.548436]  ? avc_has_extended_perms+0xf40/0xf40
[ 3042.549506]  ? copy_process+0x2b60/0x7800
[ 3042.550421]  ? vm_area_alloc+0x110/0x110
[ 3042.551325]  ? selinux_vm_enough_memory+0x114/0x180
[ 3042.552421]  ? selinux_sb_statfs+0x250/0x250
[ 3042.553389]  ? up_write+0x191/0x550
[ 3042.554193]  ? percpu_counter_add_batch+0x8b/0x140
[ 3042.555273]  ? __vm_enough_memory+0x184/0x360
[ 3042.556258]  ? security_vm_enough_memory_mm+0x8b/0xc0
[ 3042.557397]  copy_process+0x291b/0x7800
[ 3042.558306]  ? __cleanup_sighand+0xb0/0xb0
[ 3042.559227]  ? perf_trace_lock+0xac/0x490
[ 3042.560142]  ? perf_trace_lock+0xac/0x490
[ 3042.561066]  kernel_clone+0xe7/0x980
[ 3042.561889]  ? create_io_thread+0xf0/0xf0
[ 3042.562791]  ? lock_downgrade+0x6d0/0x6d0
[ 3042.563698]  ? find_held_lock+0x2c/0x110
[ 3042.564598]  ? ksys_write+0x12d/0x260
[ 3042.565458]  __do_sys_clone+0xc8/0x110
[ 3042.566311]  ? kernel_clone+0x980/0x980
[ 3042.567182]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3042.568194]  ? vfs_write+0x354/0xb10
[ 3042.569036]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3042.570179]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3042.571307]  do_syscall_64+0x33/0x40
[ 3042.572121]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3042.573258] RIP: 0033:0x7fd16660db19
[ 3042.574070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3042.578087] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3042.579747] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 3042.581307] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3042.582859] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 3042.584409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3042.585969] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
05:50:56 executing program 7:
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r0=>0x0})
sendmsg$NL80211_CMD_PROBE_CLIENT(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)={0x4c, 0x0, 0x300, 0x70bd27, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r0}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000000}, 0x400c000)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$binfmt_elf64(r1, &(0x7f0000000200)=ANY=[@ANYBLOB="7f454c4600000007000000000000000003003e000000810000000000030000005400000d02000097000001020000000000080000000038"], 0xaf2)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_WDS_PEER(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x28, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="32fe80f33b27"}]}, 0x28}}, 0x0)
dup2(r2, r1)
close(r1)
execveat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0, 0x0)

05:50:56 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 28)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:50:56 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 73)

[ 3042.689747] FAULT_INJECTION: forcing a failure.
[ 3042.689747] name failslab, interval 1, probability 0, space 0, times 0
[ 3042.691253] CPU: 1 PID: 41172 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 3042.692054] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3042.693030] Call Trace:
[ 3042.693347]  dump_stack+0x107/0x167
[ 3042.693776]  should_fail.cold+0x5/0xa
[ 3042.694223]  ? create_object.isra.0+0x3a/0xa20
[ 3042.694763]  should_failslab+0x5/0x20
[ 3042.695206]  kmem_cache_alloc+0x5b/0x310
[ 3042.695679]  create_object.isra.0+0x3a/0xa20
[ 3042.696180]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3042.696764]  kmem_cache_alloc+0x159/0x310
[ 3042.697261]  vm_area_dup+0x78/0x290
[ 3042.697697]  ? __lock_acquire+0xbb1/0x5b00
[ 3042.698194]  ? perf_trace_lock+0xac/0x490
[ 3042.698680]  ? __lockdep_reset_lock+0x180/0x180
[ 3042.699228]  ? vm_area_alloc+0x110/0x110
[ 3042.699705]  ? find_held_lock+0x2c/0x110
[ 3042.700183]  ? get_mm_exe_file+0x139/0x310
[ 3042.700678]  ? lock_downgrade+0x6d0/0x6d0
[ 3042.701167]  ? down_write_nested+0xe4/0x160
[ 3042.701669]  ? rwsem_down_write_slowpath+0xc30/0xc30
[ 3042.702259]  ? get_mm_exe_file+0x162/0x310
[ 3042.702750]  copy_process+0x291b/0x7800
[ 3042.703229]  ? __cleanup_sighand+0xb0/0xb0
[ 3042.703726]  ? perf_trace_lock+0xac/0x490
[ 3042.704213]  ? perf_trace_lock+0xac/0x490
[ 3042.704700]  kernel_clone+0xe7/0x980
[ 3042.705138]  ? create_io_thread+0xf0/0xf0
[ 3042.705616]  ? lock_downgrade+0x6d0/0x6d0
[ 3042.706095]  ? find_held_lock+0x2c/0x110
[ 3042.706570]  ? ksys_write+0x12d/0x260
[ 3042.707024]  __do_sys_clone+0xc8/0x110
[ 3042.707479]  ? kernel_clone+0x980/0x980
[ 3042.707949]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3042.708482]  ? vfs_write+0x354/0xb10
[ 3042.708926]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3042.709540]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3042.710136]  do_syscall_64+0x33/0x40
[ 3042.710571]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3042.711157] RIP: 0033:0x7f87f4e1cb19
[ 3042.711592] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3042.713720] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3042.714595] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 3042.715417] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3042.716243] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 3042.717078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3042.717900] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
05:50:56 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) (fail_nth: 20)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:50:56 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 54)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

[ 3042.769137] FAULT_INJECTION: forcing a failure.
[ 3042.769137] name failslab, interval 1, probability 0, space 0, times 0
[ 3042.771763] CPU: 0 PID: 41241 Comm: syz-executor.6 Not tainted 5.10.235 #1
[ 3042.773230] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3042.774993] Call Trace:
[ 3042.775555]  dump_stack+0x107/0x167
[ 3042.776323]  should_fail.cold+0x5/0xa
[ 3042.777137]  ? create_object.isra.0+0x3a/0xa20
[ 3042.778107]  should_failslab+0x5/0x20
[ 3042.778913]  kmem_cache_alloc+0x5b/0x310
[ 3042.779769]  create_object.isra.0+0x3a/0xa20
[ 3042.780700]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3042.781781]  kmem_cache_alloc+0x159/0x310
[ 3042.782655]  __alloc_file+0x21/0x320
[ 3042.783445]  alloc_empty_file+0x6d/0x170
[ 3042.784303]  path_openat+0xe6/0x2770
[ 3042.785103]  ? __lock_acquire+0x1657/0x5b00
[ 3042.786032]  ? path_lookupat+0x860/0x860
[ 3042.786892]  ? perf_trace_lock+0xac/0x490
[ 3042.787744]  ? lock_acquire+0x197/0x470
[ 3042.788574]  ? find_held_lock+0x2c/0x110
[ 3042.789445]  ? __lockdep_reset_lock+0x180/0x180
[ 3042.790422]  do_filp_open+0x190/0x3e0
[ 3042.791114] FAULT_INJECTION: forcing a failure.
[ 3042.791114] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3042.791218]  ? may_open_dev+0xf0/0xf0
[ 3042.793397]  ? alloc_fd+0x2e7/0x670
[ 3042.794170]  ? lock_downgrade+0x6d0/0x6d0
[ 3042.795045]  ? do_raw_spin_lock+0x121/0x260
[ 3042.795952]  ? rwlock_bug.part.0+0x90/0x90
[ 3042.796865]  ? _raw_spin_unlock+0x1a/0x30
[ 3042.797755]  ? alloc_fd+0x2e7/0x670
[ 3042.798543]  do_sys_openat2+0x171/0x4d0
[ 3042.799390]  ? build_open_flags+0x6f0/0x6f0
[ 3042.800314]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3042.801314]  __x64_sys_openat+0x13f/0x1f0
[ 3042.802193]  ? __ia32_sys_open+0x1c0/0x1c0
[ 3042.803098]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3042.804210]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3042.805313]  do_syscall_64+0x33/0x40
[ 3042.806100]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3042.807192] RIP: 0033:0x7fe01fe45a04
[ 3042.807981] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 3042.811890] RSP: 002b:00007fe01d407ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 3042.813522] RAX: ffffffffffffffda RBX: 00007fe01fedc970 RCX: 00007fe01fe45a04
[ 3042.815030] RDX: 0000000000000002 RSI: 00007fe01d408000 RDI: 00000000ffffff9c
[ 3042.816548] RBP: 00007fe01d408000 R08: 0000000000000000 R09: ffffffffffffffff
[ 3042.818068] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[ 3042.819578] R13: 0000000000000005 R14: 00000000200001b0 R15: 0000000000000002
[ 3042.821133] CPU: 1 PID: 41259 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 3042.821956] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3042.822901] Call Trace:
[ 3042.823210]  dump_stack+0x107/0x167
[ 3042.823627]  should_fail.cold+0x5/0xa
[ 3042.824071]  __alloc_pages_nodemask+0x182/0x600
[ 3042.824603]  ? __lockdep_reset_lock+0x180/0x180
[ 3042.825145]  ? __lockdep_reset_lock+0x180/0x180
[ 3042.825689]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 3042.826393]  alloc_pages_current+0x187/0x280
[ 3042.826900]  pte_alloc_one+0x16/0x1a0
[ 3042.827335]  __pte_alloc+0x1d/0x330
[ 3042.827756]  copy_page_range+0x1b62/0x3810
[ 3042.828262]  ? up_write+0x191/0x550
[ 3042.828685]  ? vm_iomap_memory+0x190/0x190
[ 3042.829175]  ? downgrade_write+0x3a0/0x3a0
[ 3042.829666]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 3042.830286]  ? __vma_link_rb+0x540/0x700
[ 3042.830754]  copy_process+0x759b/0x7800
[ 3042.831227]  ? __cleanup_sighand+0xb0/0xb0
[ 3042.831710]  ? perf_trace_lock+0xac/0x490
[ 3042.832186]  ? perf_trace_lock+0xac/0x490
[ 3042.832668]  kernel_clone+0xe7/0x980
[ 3042.833110]  ? create_io_thread+0xf0/0xf0
[ 3042.833580]  ? lock_downgrade+0x6d0/0x6d0
[ 3042.834048]  ? find_held_lock+0x2c/0x110
[ 3042.834518]  ? ksys_write+0x12d/0x260
[ 3042.834960]  __do_sys_clone+0xc8/0x110
[ 3042.835405]  ? kernel_clone+0x980/0x980
[ 3042.835864]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3042.836397]  ? vfs_write+0x354/0xb10
[ 3042.836834]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3042.837437]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3042.838028]  do_syscall_64+0x33/0x40
[ 3042.838466]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3042.839055] RIP: 0033:0x7f81e84c4b19
[ 3042.839480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3042.841587] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3042.842453] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 3042.843265] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3042.844089] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 3042.844912] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3042.845730] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
[ 3042.924985] FAULT_INJECTION: forcing a failure.
[ 3042.924985] name failslab, interval 1, probability 0, space 0, times 0
[ 3042.926477] CPU: 1 PID: 41352 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 3042.927258] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3042.928205] Call Trace:
[ 3042.928514]  dump_stack+0x107/0x167
[ 3042.928935]  should_fail.cold+0x5/0xa
[ 3042.929375]  ? vm_area_dup+0x78/0x290
[ 3042.929827]  should_failslab+0x5/0x20
[ 3042.930260]  kmem_cache_alloc+0x5b/0x310
[ 3042.930733]  ? lock_downgrade+0x6d0/0x6d0
[ 3042.931216]  vm_area_dup+0x78/0x290
[ 3042.931646]  ? _cond_resched+0x10/0x30
[ 3042.932090]  ? copy_page_range+0x24e9/0x3810
[ 3042.932612]  ? vm_area_alloc+0x110/0x110
[ 3042.933083]  ? vm_iomap_memory+0x190/0x190
[ 3042.933566]  ? up_write+0x191/0x550
[ 3042.933978]  ? downgrade_write+0x3a0/0x3a0
[ 3042.934458]  ? down_write_killable+0x180/0x180
[ 3042.934975]  ? __vma_link_rb+0x540/0x700
[ 3042.935437]  copy_process+0x291b/0x7800
[ 3042.935913]  ? __cleanup_sighand+0xb0/0xb0
[ 3042.936395]  ? perf_trace_lock+0xac/0x490
[ 3042.936870]  ? perf_trace_lock+0xac/0x490
[ 3042.937354]  kernel_clone+0xe7/0x980
[ 3042.937781]  ? create_io_thread+0xf0/0xf0
[ 3042.938248]  ? lock_downgrade+0x6d0/0x6d0
[ 3042.938719]  ? find_held_lock+0x2c/0x110
[ 3042.939192]  ? ksys_write+0x12d/0x260
[ 3042.939636]  __do_sys_clone+0xc8/0x110
[ 3042.940078]  ? kernel_clone+0x980/0x980
[ 3042.940544]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3042.941075]  ? vfs_write+0x354/0xb10
[ 3042.941518]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3042.942122]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3042.942718]  do_syscall_64+0x33/0x40
[ 3042.943146]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3042.943735] RIP: 0033:0x7fd16660db19
[ 3042.944158] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3042.946248] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3042.947115] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 3042.947922] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3042.948733] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 3042.949555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3042.950380] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
05:50:57 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 29)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:50:57 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = gettid()
capget(&(0x7f0000000080)={0x20071026, r1}, &(0x7f0000000100))
connect$inet6(0xffffffffffffffff, &(0x7f0000000240)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
utime(&(0x7f0000000140)='./file1\x00', 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000440)={@in6={{0xa, 0x400, 0x5, @mcast2, 0x4}}, 0x0, 0x0, 0x22, 0x0, "358f448a72968c9ae79f0a03cf056a4a433212daf39d2d5f47c72c791e28116bde717e2fc18646850e8b76af899de2be6496827da5a8c7e77f3928bdeadb9814e92f13410718a6823b9340c5707fd4ed"}, 0xd8)

[ 3043.022992] loop6: detected capacity change from 0 to 41948160
05:50:57 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 74)

[ 3043.032199] FAULT_INJECTION: forcing a failure.
[ 3043.032199] name failslab, interval 1, probability 0, space 0, times 0
[ 3043.033609] FAT-fs (loop6): Unrecognized mount option "" or missing value
[ 3043.035031] CPU: 0 PID: 41357 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 3043.037023] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3043.038751] Call Trace:
[ 3043.039329]  dump_stack+0x107/0x167
[ 3043.040105]  should_fail.cold+0x5/0xa
[ 3043.040914]  ? vm_area_dup+0x78/0x290
[ 3043.041718]  should_failslab+0x5/0x20
[ 3043.042509]  kmem_cache_alloc+0x5b/0x310
[ 3043.043368]  vm_area_dup+0x78/0x290
[ 3043.044139]  ? avc_has_perm_noaudit+0x1c9/0x3e0
[ 3043.045117]  ? lock_downgrade+0x6d0/0x6d0
[ 3043.045975]  ? copy_page_range+0x24e9/0x3810
[ 3043.046910]  ? avc_has_perm_noaudit+0x1f7/0x3e0
[ 3043.047884]  ? avc_has_extended_perms+0xf40/0xf40
[ 3043.048914]  ? vm_area_alloc+0x110/0x110
[ 3043.049770]  ? find_held_lock+0x2c/0x110
[ 3043.050634]  ? selinux_vm_enough_memory+0x114/0x180
[ 3043.051679]  ? selinux_sb_statfs+0x250/0x250
[ 3043.052602]  ? percpu_counter_add_batch+0x8b/0x140
[ 3043.053647]  ? __vm_enough_memory+0x184/0x360
[ 3043.054584]  ? security_vm_enough_memory_mm+0x8b/0xc0
[ 3043.055674]  copy_process+0x291b/0x7800
[ 3043.056545]  ? __cleanup_sighand+0xb0/0xb0
[ 3043.057441]  ? perf_trace_lock+0xac/0x490
[ 3043.058328]  ? perf_trace_lock+0xac/0x490
[ 3043.059212]  kernel_clone+0xe7/0x980
[ 3043.060005]  ? create_io_thread+0xf0/0xf0
[ 3043.060877]  ? lock_downgrade+0x6d0/0x6d0
[ 3043.061751]  ? find_held_lock+0x2c/0x110
[ 3043.062619]  ? ksys_write+0x12d/0x260
[ 3043.063443]  __do_sys_clone+0xc8/0x110
[ 3043.064263]  ? kernel_clone+0x980/0x980
[ 3043.065106]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3043.066079]  ? vfs_write+0x354/0xb10
[ 3043.066888]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3043.067994]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3043.069091]  do_syscall_64+0x33/0x40
[ 3043.069875]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3043.070953] RIP: 0033:0x7f87f4e1cb19
[ 3043.071741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3043.075614] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3043.077226] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 3043.078729] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3043.080233] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 3043.081745] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3043.083252] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
[ 3043.128046] FAULT_INJECTION: forcing a failure.
[ 3043.128046] name failslab, interval 1, probability 0, space 0, times 0
[ 3043.130666] CPU: 0 PID: 41363 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 3043.132119] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3043.133882] Call Trace:
[ 3043.134446]  dump_stack+0x107/0x167
[ 3043.135215]  should_fail.cold+0x5/0xa
[ 3043.136021]  ? anon_vma_clone+0xdc/0x590
[ 3043.136884]  should_failslab+0x5/0x20
[ 3043.137692]  kmem_cache_alloc+0x5b/0x310
[ 3043.138562]  anon_vma_clone+0xdc/0x590
[ 3043.139398]  anon_vma_fork+0x82/0x640
[ 3043.140209]  ? __vm_enough_memory+0x184/0x360
[ 3043.141167]  copy_process+0x7218/0x7800
[ 3043.142048]  ? __cleanup_sighand+0xb0/0xb0
[ 3043.142937]  ? perf_trace_lock+0xac/0x490
[ 3043.143832]  ? perf_trace_lock+0xac/0x490
[ 3043.144716]  kernel_clone+0xe7/0x980
[ 3043.145526]  ? create_io_thread+0xf0/0xf0
[ 3043.146402]  ? lock_downgrade+0x6d0/0x6d0
[ 3043.147267]  ? find_held_lock+0x2c/0x110
[ 3043.148130]  ? ksys_write+0x12d/0x260
[ 3043.148960]  __do_sys_clone+0xc8/0x110
[ 3043.149792]  ? kernel_clone+0x980/0x980
[ 3043.150630]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3043.151605]  ? vfs_write+0x354/0xb10
[ 3043.152415]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3043.153534]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3043.154624]  do_syscall_64+0x33/0x40
[ 3043.155416]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3043.156491] RIP: 0033:0x7fd16660db19
[ 3043.157279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3043.161138] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3043.162742] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 3043.164232] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3043.165742] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 3043.167239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3043.168744] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
05:51:12 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 30)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:51:12 executing program 3:
mlockall(0x7)
mlockall(0x3)
r0 = shmget$private(0x0, 0x1000, 0x1c10, &(0x7f0000ffd000/0x1000)=nil)
shmat(r0, &(0x7f0000800000/0x800000)=nil, 0xc000)
shmat(r0, &(0x7f0000fac000/0x2000)=nil, 0x7000)
mlockall(0x1)
mlockall(0x2)
mlockall(0x4)

05:51:12 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 75)

05:51:12 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 55)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:51:12 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) (fail_nth: 21)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:51:12 executing program 0:
mlockall(0x7)
shmat(0x0, &(0x7f0000800000/0x800000)=nil, 0xc000)
shmctl$SHM_INFO(0xffffffffffffffff, 0xe, &(0x7f0000000000)=""/130)

05:51:12 executing program 2:
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/94, 0x5e}], 0x1, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000200)={0x0, <r2=>0x0})
r3 = syz_open_dev$tty20(0xc, 0x4, 0x0)
r4 = syz_open_dev$hidraw(&(0x7f0000000780), 0x0, 0x400000)
r5 = accept4(0xffffffffffffffff, &(0x7f0000000a00)=@xdp, &(0x7f0000000a80)=0x80, 0x80400)
io_submit(0x0, 0x8, &(0x7f0000000b40)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x7, 0x744, r1, &(0x7f0000000100)="2c16aa04a1151f33d3", 0x9, 0x7, 0x0, 0x1}, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x3, 0x9, r0, &(0x7f0000000380)="c1920a84979ccd8af3351dfd4cbf222f27454673d4b0b96488b914d26c7a84e1a72f0fe44562bf2e34eb52970ca5430f82e2c13cd9f8eccf45974e9e9ec1f1b667b47777297230ba51ee2100ae7bdd196edd7851bddbcfccf35ab3b01179d0fb4bed233866df180a364e37497bfc9a4dda235838ff99c72dcd698c77ca9e0032b6639c5f902a57e691a150e4ad340a18915fb66843e7e5a5661d4f64f1b06d3e2b8694d16a7cbf71f66bdad61033966e49322a529abba32cb26c8ddc1707091084f9db5c73ff263148b9743704d6184e1ce420a130c9310a34b253544529cc11d35a2a02b219a971f227f48679001834cff8491e5339eaa9c24e41", 0xfb, 0x1, 0x0, 0x2}, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x7, 0x3f, 0xffffffffffffffff, &(0x7f0000000580)="534e667a91fb7c2097601fb46f0c3d866c8aca41a583204bcc45a8ccb85ad34a063f1f0f3a930a4089db7742825ed35221195caabdd95ae46ebfac83254c2c805c90bcc1732aac92ea98e1cdf3f58cfe86", 0x51, 0x4, 0x0, 0x1}, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x5, 0x80, r3, &(0x7f0000000680)="b8857f4673006742325f15844a7ecf564896393ca9c5f37508db5a328f1cfc104f648713587542e93394fde5c204d94e06b23a88ce3157754fe1ce15dedae8305a206079d94f2af901f2c362c6e8d71d2f2f2af809965cb357f7b31d5a015a7bd08ae5e9b2abe83f5f55860f9acf66ff0863a26b67418bdb6768bc08fab89f13c52f387a96165e6ae978598986711cc7073bd63df270179132552d38dfc962b903bd88f532830b", 0xa7, 0x1, 0x0, 0x1}, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x8, 0x3, r4, &(0x7f00000007c0)="4d3db46542770436e2368d4ba73a51fbcedd2ce02291b83686ca7e044a8072628f2cafb3fc03003b35b61a625e1c21dfd79d574dd4d4b0f9317f88e7e7a84ca17f91aa98dc262abf233f893a3cd5f9597ed434b4e09e6fd3f6f59b489738dc8d238ad58328bb6eab2ce5e3f8b453fcbdecd9765c42", 0x75, 0x4, 0x0, 0x1}, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x3, 0xfff, 0xffffffffffffffff, &(0x7f0000000880)="9ae79bce01adc1bfa12b359eb5a9c16ecc0715db40e2767a1bd28b37007df0f3aa6b46a35b6d07d592b0b7f11798b553f5fbb9c6e2431e336d414aec7ddd6f158c78a109850bb65ae5dda60556a38f2bceb2f5af89cfccb73b10b597287d1ea36306468ba7f0aedbe64f2654b10aebee29876a25fde5afc76f561110ff515f1b51f53acfcd867d7b2b", 0x89, 0x1000, 0x0, 0x2}, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x6, 0x0, 0xffffffffffffffff, &(0x7f0000000980)="82c6df0ffb8b324c0b38ae8619", 0xd, 0x1, 0x0, 0x2}, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x8, 0x7, r5, &(0x7f0000000ac0)="48d142423cda245f941dd0d63e0e5ddeb588ee2e6c0b1163e9ee4d09", 0x1c, 0x100000000, 0x0, 0x1}])
r6 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x1b, 0x7, 0x30, 0x81, 0x0, 0xff, 0x850c, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x2, 0x20}, 0x49808, 0xcf, 0x0, 0x2, 0x6, 0xa8cb, 0x100, 0x0, 0x31c, 0x0, 0x1}, r2, 0xa, r0, 0x8)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)="ee", 0x1}], 0x100000000000037f)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sendfile(r0, r7, &(0x7f0000000000)=0xffffffffffffffff, 0x1)
fork()
writev(r0, &(0x7f0000000100), 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r7)
socket$inet6(0xa, 0xa, 0x3ff)
pwrite64(r6, &(0x7f0000000300)="c504c86b5baabdd76ce9facc07526d8ed6bea8b580bfabb7e8f6037697fba82e0bbab865137838a729dc2389065e1c1f1ef5b9f142c89c854cc7bd2c4e5bf36b82ab55", 0x43, 0x40)

05:51:12 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x120, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = accept$inet(0xffffffffffffffff, 0x0, &(0x7f0000000000))
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r1, 0x50009418, &(0x7f0000000180)={{r0}, 0x0, 0x8, @inherit={0x60, &(0x7f0000000040)={0x0, 0x3, 0x7, 0xfffffffffffffff7, {0x14, 0x7, 0x0, 0xc4, 0x2}, [0x2, 0x20, 0x7]}}, @devid})
r2 = socket$inet(0x2, 0x3, 0x6)
r3 = socket$inet_icmp(0x2, 0x2, 0x1)
recvfrom$inet(r3, &(0x7f0000001180)=""/160, 0xa0, 0x40010001, &(0x7f00000000c0)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
connect$inet(r2, &(0x7f0000000140)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r2, &(0x7f0000000000), 0x400000d, 0x0)

[ 3058.599621] FAULT_INJECTION: forcing a failure.
[ 3058.599621] name failslab, interval 1, probability 0, space 0, times 0
[ 3058.599647] CPU: 0 PID: 41477 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 3058.599659] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3058.599667] Call Trace:
[ 3058.599695]  dump_stack+0x107/0x167
[ 3058.599720]  should_fail.cold+0x5/0xa
[ 3058.599744]  ? create_object.isra.0+0x3a/0xa20
[ 3058.599769]  should_failslab+0x5/0x20
[ 3058.599790]  kmem_cache_alloc+0x5b/0x310
05:51:12 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 56)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

[ 3058.599819]  create_object.isra.0+0x3a/0xa20
[ 3058.599837]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3058.599866]  kmem_cache_alloc+0x159/0x310
[ 3058.599897]  vm_area_dup+0x78/0x290
[ 3058.599929]  ? avc_has_perm_noaudit+0x1c9/0x3e0
[ 3058.599952]  ? lock_downgrade+0x6d0/0x6d0
[ 3058.599974]  ? copy_page_range+0x24e9/0x3810
05:51:12 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) (fail_nth: 22)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

[ 3058.600015]  ? avc_has_perm_noaudit+0x1f7/0x3e0
[ 3058.600048]  ? avc_has_extended_perms+0xf40/0xf40
[ 3058.600081]  ? vm_area_alloc+0x110/0x110
[ 3058.600099]  ? find_held_lock+0x2c/0x110
[ 3058.600132]  ? selinux_vm_enough_memory+0x114/0x180
[ 3058.600156]  ? selinux_sb_statfs+0x250/0x250
[ 3058.600183]  ? percpu_counter_add_batch+0x8b/0x140
[ 3058.600211]  ? __vm_enough_memory+0x184/0x360
[ 3058.600234]  ? security_vm_enough_memory_mm+0x8b/0xc0
[ 3058.600258]  copy_process+0x291b/0x7800
[ 3058.600321]  ? __cleanup_sighand+0xb0/0xb0
[ 3058.600342]  ? perf_trace_lock+0xac/0x490
[ 3058.600376]  ? perf_trace_lock+0xac/0x490
[ 3058.600409]  kernel_clone+0xe7/0x980
[ 3058.600435]  ? create_io_thread+0xf0/0xf0
[ 3058.600454]  ? lock_downgrade+0x6d0/0x6d0
05:51:12 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 31)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

[ 3058.600472]  ? find_held_lock+0x2c/0x110
[ 3058.600502]  ? ksys_write+0x12d/0x260
[ 3058.600540]  __do_sys_clone+0xc8/0x110
[ 3058.600561]  ? kernel_clone+0x980/0x980
[ 3058.600583]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3058.600602]  ? vfs_write+0x354/0xb10
[ 3058.600646]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3058.600668]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3058.600693]  do_syscall_64+0x33/0x40
[ 3058.600715]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3058.600729] RIP: 0033:0x7f87f4e1cb19
[ 3058.600750] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3058.600762] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3058.600785] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 3058.600797] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3058.600810] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 3058.600822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3058.600835] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
[ 3058.609555] FAULT_INJECTION: forcing a failure.
[ 3058.609555] name failslab, interval 1, probability 0, space 0, times 0
[ 3058.609577] CPU: 0 PID: 41478 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 3058.609589] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3058.609596] Call Trace:
[ 3058.609618]  dump_stack+0x107/0x167
[ 3058.609643]  should_fail.cold+0x5/0xa
[ 3058.609667]  ? ptlock_alloc+0x1d/0x70
[ 3058.609692]  should_failslab+0x5/0x20
[ 3058.609712]  kmem_cache_alloc+0x5b/0x310
[ 3058.609743]  ptlock_alloc+0x1d/0x70
[ 3058.609765]  pte_alloc_one+0x68/0x1a0
[ 3058.609788]  __pte_alloc+0x1d/0x330
[ 3058.609816]  copy_page_range+0x1b62/0x3810
[ 3058.609889]  ? up_write+0x191/0x550
[ 3058.609911]  ? vm_iomap_memory+0x190/0x190
[ 3058.609932]  ? downgrade_write+0x3a0/0x3a0
05:51:13 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 57)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

[ 3058.609959]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 3058.609985]  ? __vma_link_rb+0x540/0x700
[ 3058.610016]  copy_process+0x759b/0x7800
[ 3058.610079]  ? __cleanup_sighand+0xb0/0xb0
[ 3058.610100]  ? perf_trace_lock+0xac/0x490
[ 3058.610134]  ? perf_trace_lock+0xac/0x490
[ 3058.610174]  kernel_clone+0xe7/0x980
[ 3058.610200]  ? create_io_thread+0xf0/0xf0
[ 3058.610220]  ? lock_downgrade+0x6d0/0x6d0
[ 3058.610238]  ? find_held_lock+0x2c/0x110
[ 3058.610268]  ? ksys_write+0x12d/0x260
[ 3058.610306]  __do_sys_clone+0xc8/0x110
[ 3058.610326]  ? kernel_clone+0x980/0x980
[ 3058.610347]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3058.610366]  ? vfs_write+0x354/0xb10
[ 3058.610410]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3058.610432]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3058.610458]  do_syscall_64+0x33/0x40
[ 3058.610479]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3058.610493] RIP: 0033:0x7f81e84c4b19
[ 3058.610512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3058.610524] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3058.610547] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 3058.610559] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3058.610572] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 3058.610585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3058.610598] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
[ 3058.645347] FAULT_INJECTION: forcing a failure.
[ 3058.645347] name failslab, interval 1, probability 0, space 0, times 0
[ 3058.645591] CPU: 1 PID: 41489 Comm: syz-executor.6 Not tainted 5.10.235 #1
[ 3058.645603] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3058.645610] Call Trace:
[ 3058.645637]  dump_stack+0x107/0x167
[ 3058.645659]  should_fail.cold+0x5/0xa
[ 3058.645681]  ? security_file_alloc+0x34/0x170
[ 3058.645705]  should_failslab+0x5/0x20
[ 3058.645725]  kmem_cache_alloc+0x5b/0x310
[ 3058.645749]  security_file_alloc+0x34/0x170
[ 3058.645775]  __alloc_file+0xb7/0x320
[ 3058.645795]  alloc_empty_file+0x6d/0x170
[ 3058.645815]  path_openat+0xe6/0x2770
[ 3058.645835]  ? __lock_acquire+0x1657/0x5b00
[ 3058.645865]  ? path_lookupat+0x860/0x860
[ 3058.645885]  ? perf_trace_lock+0xac/0x490
[ 3058.645902]  ? lock_acquire+0x197/0x470
[ 3058.645920]  ? find_held_lock+0x2c/0x110
[ 3058.645942]  ? __lockdep_reset_lock+0x180/0x180
[ 3058.645968]  do_filp_open+0x190/0x3e0
[ 3058.645985]  ? may_open_dev+0xf0/0xf0
[ 3058.646009]  ? alloc_fd+0x2e7/0x670
[ 3058.646028]  ? lock_downgrade+0x6d0/0x6d0
[ 3058.646045]  ? do_raw_spin_lock+0x121/0x260
[ 3058.646062]  ? rwlock_bug.part.0+0x90/0x90
[ 3058.646092]  ? _raw_spin_unlock+0x1a/0x30
[ 3058.646108]  ? alloc_fd+0x2e7/0x670
[ 3058.646140]  do_sys_openat2+0x171/0x4d0
[ 3058.646163]  ? build_open_flags+0x6f0/0x6f0
[ 3058.646193]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3058.646217]  __x64_sys_openat+0x13f/0x1f0
[ 3058.646235]  ? __ia32_sys_open+0x1c0/0x1c0
[ 3058.646264]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3058.646284]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3058.646306]  do_syscall_64+0x33/0x40
[ 3058.646324]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3058.646337] RIP: 0033:0x7fe01fe45a04
[ 3058.646355] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 3058.646366] RSP: 002b:00007fe01d407ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 3058.646387] RAX: ffffffffffffffda RBX: 00007fe01fedc970 RCX: 00007fe01fe45a04
[ 3058.646399] RDX: 0000000000000002 RSI: 00007fe01d408000 RDI: 00000000ffffff9c
[ 3058.646410] RBP: 00007fe01d408000 R08: 0000000000000000 R09: ffffffffffffffff
[ 3058.646422] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[ 3058.646435] R13: 0000000000000005 R14: 00000000200001b0 R15: 0000000000000002
[ 3058.666673] FAULT_INJECTION: forcing a failure.
[ 3058.666673] name failslab, interval 1, probability 0, space 0, times 0
[ 3058.666695] CPU: 1 PID: 41482 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 3058.666705] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3058.666711] Call Trace:
[ 3058.666731]  dump_stack+0x107/0x167
[ 3058.666754]  should_fail.cold+0x5/0xa
[ 3058.666774]  ? create_object.isra.0+0x3a/0xa20
[ 3058.666796]  should_failslab+0x5/0x20
[ 3058.666814]  kmem_cache_alloc+0x5b/0x310
[ 3058.666841]  create_object.isra.0+0x3a/0xa20
[ 3058.666858]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3058.666884]  kmem_cache_alloc+0x159/0x310
[ 3058.666912]  vm_area_dup+0x78/0x290
[ 3058.666940]  ? avc_has_perm_noaudit+0x1c9/0x3e0
[ 3058.666960]  ? lock_downgrade+0x6d0/0x6d0
[ 3058.666977]  ? perf_trace_lock+0xac/0x490
[ 3058.666995]  ? copy_page_range+0x24e9/0x3810
[ 3058.667017]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3058.667039]  ? __lockdep_reset_lock+0x180/0x180
[ 3058.667067]  ? avc_has_perm_noaudit+0x1f7/0x3e0
[ 3058.667090]  ? avc_has_extended_perms+0xf40/0xf40
[ 3058.667112]  ? copy_process+0x2b60/0x7800
[ 3058.667142]  ? vm_area_alloc+0x110/0x110
[ 3058.667174]  ? selinux_vm_enough_memory+0x114/0x180
[ 3058.667196]  ? selinux_sb_statfs+0x250/0x250
[ 3058.667211]  ? up_write+0x191/0x550
[ 3058.667234]  ? percpu_counter_add_batch+0x8b/0x140
[ 3058.667259]  ? __vm_enough_memory+0x184/0x360
[ 3058.667279]  ? security_vm_enough_memory_mm+0x8b/0xc0
[ 3058.667301]  copy_process+0x291b/0x7800
[ 3058.667359]  ? __cleanup_sighand+0xb0/0xb0
[ 3058.667378]  ? perf_trace_lock+0xac/0x490
[ 3058.667409]  ? perf_trace_lock+0xac/0x490
[ 3058.667439]  kernel_clone+0xe7/0x980
[ 3058.667462]  ? create_io_thread+0xf0/0xf0
[ 3058.667480]  ? lock_downgrade+0x6d0/0x6d0
[ 3058.667496]  ? find_held_lock+0x2c/0x110
[ 3058.667523]  ? ksys_write+0x12d/0x260
[ 3058.667558]  __do_sys_clone+0xc8/0x110
[ 3058.667576]  ? kernel_clone+0x980/0x980
[ 3058.667595]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3058.667612]  ? vfs_write+0x354/0xb10
[ 3058.667652]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3058.667672]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3058.667695]  do_syscall_64+0x33/0x40
[ 3058.667714]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3058.667726] RIP: 0033:0x7fd16660db19
[ 3058.667746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3058.667757] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3058.667777] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 3058.667789] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3058.667801] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 3058.667812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3058.667824] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
[ 3058.849171] FAULT_INJECTION: forcing a failure.
[ 3058.849171] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3058.849196] CPU: 0 PID: 41518 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 3058.849208] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3058.849215] Call Trace:
[ 3058.849241]  dump_stack+0x107/0x167
[ 3058.849266]  should_fail.cold+0x5/0xa
[ 3058.849294]  __alloc_pages_nodemask+0x182/0x600
[ 3058.849316]  ? __lockdep_reset_lock+0x180/0x180
[ 3058.849343]  ? __lockdep_reset_lock+0x180/0x180
[ 3058.849365]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 3058.849417]  alloc_pages_current+0x187/0x280
[ 3058.849444]  pte_alloc_one+0x16/0x1a0
[ 3058.849467]  __pte_alloc+0x1d/0x330
[ 3058.849494]  copy_page_range+0x1b62/0x3810
[ 3058.849564]  ? up_write+0x191/0x550
[ 3058.849586]  ? vm_iomap_memory+0x190/0x190
[ 3058.849605]  ? downgrade_write+0x3a0/0x3a0
[ 3058.849630]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 3058.849655]  ? __vma_link_rb+0x540/0x700
[ 3058.849686]  copy_process+0x759b/0x7800
[ 3058.849747]  ? __cleanup_sighand+0xb0/0xb0
[ 3058.849768]  ? perf_trace_lock+0xac/0x490
[ 3058.849801]  ? perf_trace_lock+0xac/0x490
[ 3058.849833]  kernel_clone+0xe7/0x980
[ 3058.849859]  ? create_io_thread+0xf0/0xf0
[ 3058.849877]  ? lock_downgrade+0x6d0/0x6d0
[ 3058.849895]  ? find_held_lock+0x2c/0x110
[ 3058.849925]  ? ksys_write+0x12d/0x260
[ 3058.849962]  __do_sys_clone+0xc8/0x110
[ 3058.849982]  ? kernel_clone+0x980/0x980
[ 3058.850003]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3058.850022]  ? vfs_write+0x354/0xb10
[ 3058.850065]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3058.850088]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3058.850113]  do_syscall_64+0x33/0x40
[ 3058.850134]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3058.850148] RIP: 0033:0x7f81e84c4b19
[ 3058.850168] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3058.850179] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3058.850201] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 3058.850214] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3058.850226] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 3058.850238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3058.850251] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
[ 3058.857090] FAULT_INJECTION: forcing a failure.
[ 3058.857090] name failslab, interval 1, probability 0, space 0, times 0
[ 3058.857115] CPU: 1 PID: 41532 Comm: syz-executor.6 Not tainted 5.10.235 #1
[ 3058.857128] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3058.857135] Call Trace:
[ 3058.857163]  dump_stack+0x107/0x167
[ 3058.857186]  should_fail.cold+0x5/0xa
[ 3058.857211]  ? create_object.isra.0+0x3a/0xa20
[ 3058.857235]  should_failslab+0x5/0x20
[ 3058.857256]  kmem_cache_alloc+0x5b/0x310
05:51:13 executing program 7:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="2000002eee13035fd743e25a17ed2b005e00c5d5000000fc1d59a4d4539801e6f0a926490739000000000000"], 0x20}}, 0x0)
readv(r0, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/223, 0xdf}], 0x1)

[ 3058.857278]  ? percpu_ref_put_many.constprop.0+0x4e/0x110
[ 3058.857302]  create_object.isra.0+0x3a/0xa20
[ 3058.857319]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3058.857351]  kmem_cache_alloc+0x159/0x310
[ 3058.857378]  security_file_alloc+0x34/0x170
[ 3058.857399]  __alloc_file+0xb7/0x320
[ 3058.857419]  alloc_empty_file+0x6d/0x170
[ 3058.857440]  path_openat+0xe6/0x2770
[ 3058.857461]  ? __lock_acquire+0x1657/0x5b00
[ 3058.857492]  ? path_lookupat+0x860/0x860
[ 3058.857513]  ? perf_trace_lock+0xac/0x490
[ 3058.857530]  ? lock_acquire+0x197/0x470
[ 3058.857549]  ? find_held_lock+0x2c/0x110
[ 3058.857572]  ? __lockdep_reset_lock+0x180/0x180
[ 3058.857598]  do_filp_open+0x190/0x3e0
[ 3058.857616]  ? may_open_dev+0xf0/0xf0
[ 3058.857641]  ? alloc_fd+0x2e7/0x670
[ 3058.857661]  ? lock_downgrade+0x6d0/0x6d0
[ 3058.857679]  ? do_raw_spin_lock+0x121/0x260
[ 3058.857697]  ? rwlock_bug.part.0+0x90/0x90
[ 3058.857727]  ? _raw_spin_unlock+0x1a/0x30
[ 3058.857744]  ? alloc_fd+0x2e7/0x670
[ 3058.857777]  do_sys_openat2+0x171/0x4d0
[ 3058.857800]  ? build_open_flags+0x6f0/0x6f0
[ 3058.857832]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3058.857860]  __x64_sys_openat+0x13f/0x1f0
[ 3058.857881]  ? __ia32_sys_open+0x1c0/0x1c0
[ 3058.857910]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3058.857931]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3058.857954]  do_syscall_64+0x33/0x40
[ 3058.857974]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3058.857988] RIP: 0033:0x7fe01fe45a04
[ 3058.858007] Code: 84 00 00 00 00 00 44 89 54 24 0c e8 96 f9 ff ff 44 8b 54 24 0c 44 89 e2 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 89 44 24 0c e8 c8 f9 ff ff 8b 44
[ 3058.858018] RSP: 002b:00007fe01d407ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 3058.858040] RAX: ffffffffffffffda RBX: 00007fe01fedc970 RCX: 00007fe01fe45a04
[ 3058.858053] RDX: 0000000000000002 RSI: 00007fe01d408000 RDI: 00000000ffffff9c
[ 3058.858065] RBP: 00007fe01d408000 R08: 0000000000000000 R09: ffffffffffffffff
[ 3058.858077] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[ 3058.858088] R13: 0000000000000005 R14: 00000000200001b0 R15: 0000000000000002
[ 3058.886321] loop6: detected capacity change from 0 to 41948160
05:51:13 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 76)

[ 3059.256305] FAT-fs (loop6): Unrecognized mount option "" or missing value
05:51:13 executing program 2:
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/94, 0x5e}], 0x1, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x4}, 0x509, 0x0, 0x20, 0x0, 0x2000, 0x0, 0x5, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)="ee", 0x1}], 0x100000000000037f)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_WDS_PEER(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00e', @ANYRES16=0x0, @ANYBLOB="010000000000000000004200000008000300", @ANYRES32=r3, @ANYBLOB="0a00060032fe80f33b270000"], 0x28}}, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000001340)="cdf4b6f8c476497bb51c0603f06de30b202a10c4298cd1c506fa5c53e6001a160d82870dde538d92d67f65d384ff417e962356d4fbf5fb9fb2bc3faeaf421e36cc92a134e3d113fdcfc7e90a0eab0c0a3b83a8eba4a3c822547af392159c678bc308f6b119191a21478297a31b0a7b02a4d5a60726cceb1167cea64af97df42a47f4647fabf48e4917e03afcd315d75a", 0x90}, {&(0x7f0000001400)="0bc5f95e2c229e30d561ab834e021c3ad2c97a99c150f14c4d7db1be9120d5b7b5677d0962abd5e1551c2585e966c108e3f873ae56de5983a623681c42e05c3c08e8e841284c407e73d854ae758651192f8c50ab8f9213723e6a399bc771de5b9eaa32d970c4a7f31eb0d3b6fbfff5da66c8ff094b7a6c3ffd75d1bddfddc6f31be8255391a502349cf82c845b586a045973", 0x92}, {&(0x7f0000000380)="7f425f3a9d61fb64955411b6bcf07aadb253ae188b6539cfeeef38a98f8ab9f6b7d4e47a41788697391e8f0a22a757ad82bc52de9c1956a615018293eaed1c76", 0x40}], 0x3)
r4 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r5 = openat$pidfd(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r1, 0x84009422, &(0x7f0000000500)={0x0, 0x0, {0x0, @struct, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}})
ioctl$BTRFS_IOC_DEV_REPLACE(r5, 0xca289435, &(0x7f0000000900)={0x3, 0x0, @start={r6, 0x0, "f0557ed4b78302cf30c19c10a20ac863d19bb81066a40c42f0990c56c037922c5d0cdc54fc1ccce551a1b8fab1e4beaecd976ffed522ac75ffbe2c989338dc714fd4d1f70ba1e9963608f24777a8650d94f4917afb1563620c2f61c62d9d32ccc5401f2367b216f972c3232597881ed85cf0ba7076967c9dbc6607edbbd8590ecd07edec507c4f55396197423217be55047c7d1fae2d2958d1960f18bf2e6f7de7d28d96a4e1b9020c58103b278d30f6ca8d0e7023d54febba656fd5129e5f7cd54b9070729c94b2f5b80c1cea3a745db1288137ce6f5af1e9ae4330ed75128a18b9096e0ce8b6e55d3557d2dcf5451e7803b99698a96d276a3f2a857b094e9ea4a9d7624bc3ef9267afa1d7688d438d20cb738894fb92bcca3c9636448414b66701a3ecc2171de067493532b277aa8b53b84abb12e8d46bf8c3aece9ca2612a003ec8721cb014b58acf48694db8304a73b0ee7e90dc94b3c6f3eb85da0ccfc30ff7f53e267c3d8df8b9362a616dd4b7e4bdae9e72186848f319585e27ee1602cf25d193617844413839b16e87eaea53bb657e7205107349eaa123b6b9113fa7d41b8fa43608afdcc681ac32341f292700b43ddd766299c05f8cdac5db0487dcd7703c0976f23d3e5475da3f807c3773b3122b417b1b09007f1c3e813accb0799c554c2e5c7a507d0a1bad2c91a8fe46d0e47b730227f0a81283b6ebd3e00ccf9d28fb8164217eef774dd9476876f4b079c338e9ce50c68f6bafa4e323f7afd4dbd4f887cd230d29f33f74d9b81afcda0936a20e8047060cb3edb83c6a70e219836353c696984b61c8c1987ec54c16a47660ab85a786963e6b26b9b36deb3f219ff184a50193acc47563048e8fa270a05ec7085ce232bf2e26050ff761f39931c4c011aaba3ffdb9eaab140a42e59de39a3e24a7b60ded44ff64d245a6645b3a278c5c8a13efa7a952dde89a5e1e1ed39b66968bba996abc0c2848d9d066ecee671fd7a48f8c5b0b8383b1714ef9dde4cc92e0b29ff28ffaa55b629617da8a047ba1fe7cbeca714261165e7198f822b4f51a74fb5c86d222131a346c5a0126e5195d7b2054bc29fd0023bedd7904d6d65cac981e56b30c3955e723ece5c8f2c9fc0934ab856203bc4877cc8f1e985561fd5d0cc7f72815f7d73670624ecaa5149312a4aff7362d63410ac09432af8f5b1d3dfaeb7003bfb6a0f346148814eaba4d4dc3f7499718fded0dfd2140b07960ec137a19a1944f76010b994812a358d8a202b4ca73001326775c37c16e0c7eede90f7c24928faaf57d997ab1aca40f9d2163b04057cbc2781448cd1ffdd7aeceea160bed66a7a36d9c3d62c3a62ee12dcb91a4bc07f72763754252aa47a41ed0ac16be49bdf8d54f25dce1d85f64fcac0a9d25412ae434c73357caea80022d4569f913048c32145ce484cd1882d89ff7d0", "030c6299a4bf4d688c84282799573af182ed7c8989dae89ae201e0ae4798b50f1094f260ae2f26a3681c3ba6dc274bafc78e6282d887f9065cce11f1b6498b694148a520138562020a4c1175f90f85a7d7e7de3fe7f7f693753f7e2c8418bf5e0ceff237037a3aaf8a7cc5637e863691470f2684ad92f12119f0845434e59a473dafbd42b575e551630f7d620e45103512790cc7142f99a232512602513dd512bcdef073b616183ffdc24886fecde958c6ee092e9ecdfb3a0b3df84ec06fbc0c80126c18d0a1cbf16517cf40f5d3ed87efc6254d698539b49de1d5e291bdc17989bbb1bffb39e624befc4896eb2e45dc4f1829332c059c714fdc3c54d2c68426f334db6639cd1e2b36a1ab3b5d661078446ec86fc2ec981dce7873904771fcca7edef9ff0c3a4c3693bfe5ac40274b5502a08e97bc11c63d7ef321b747dba4097939d1c49936f892ff7e83070b2b45e7ef146ab83a47f2bd0331322bd2742fda6301e5df63a5d56f984c16dbd81d3715121828471e276720777d46c16db332bcf34acb6ffb79220fb96e5181b141ac927053a7957826d7331c08241174b3f5086b3fdd4dd2d4c4cb52c1ac43404c2846157c949166fd2aa054e87d96d3c1c432efdfecf73c9bef3ceb849de5613a895da1cf886d246ae9de95beef7142aa9e618703ed9daaa047a8c01ccebff10de1540933b02f5875ea92c9ce9a6af99c6f9da712903d7cfa259948fdaa266bddb3eace96a178a39b90c55a18cf76cc022317706bd23eb11496e0c1ed481fa705bbb9c2532d1edcee13ac9b906bf04a6669753a3667c2ef86fb473fab398ab15adf303b8d95b548664f7b6a9e75548ccad548f352ae0e7787af7e412c58cc820d66b1c7df8b6eba4c3fb87078fa5d748e2d48aa0479d67745cbd03db32322e9b862f94a56cda3f6f4807edecb6008cb3daaeeda1573ba1adb28e2802d7d1d20fa5accf04a7fc445c868390ad1ed315cffaa343508b3980ba1acb51d194bfc1d0a520c411663998a2ebd082d70d9d2cafc82c60d5e123ee309bb4ded1320feb753dfb0db93cb02cc434279f9e71f1ffcc71f9e32faa7674570b5e75512549837e2f4358bb1412e0a783530d7414c6a9627e934fd3aaf72196f8df6dc2958c44aba8912de96b93bc3ebc934c196cfdadc687f447474122958c213d1a8e327561e8f43b98e636a94c78bf84a237c000b513580d36517f4ce836792851c16dad3bb9c431ab7bcc170fb10a57ef6b5bd9f3d7ed7e48fc1df97a80682d37756243b85bfe42fe8389c35e73e8249c35e6a6bfe8dc2dc331c1a67daee877ffd62d26c3310259a0345ceae010c982c13b359509250d5bdced529e26a1b38008521acc64f9315bd4d5e4fd2bf73c1243263dbb9af4fc646570c855f13ac3d77767ff28b14778ef21ab4f48a65ba3cd755112495b1ac5b4aef"}, [0x4, 0x480000000, 0x0, 0x0, 0xf30c, 0x8, 0xb07, 0x7, 0x31f, 0x9, 0xfffffffffffff5d7, 0x4, 0x1ff, 0x7fff, 0x55, 0x20, 0x2, 0x100000000000000, 0xfffffffffffffffd, 0x7e3, 0x401, 0x800, 0x100000000, 0x8, 0x10001, 0x3f, 0x8, 0x200, 0x9, 0x4e, 0x3, 0x0, 0x8, 0x4, 0x8, 0x8, 0x920, 0xa3ab, 0x7, 0x0, 0x3, 0x876, 0x101, 0x6, 0x106, 0x101, 0x1, 0x10001, 0x0, 0xfffffffffffffffb, 0xcf, 0x40, 0x6, 0x4, 0x3, 0x1000, 0x0, 0x9, 0x218, 0x200, 0x969c, 0x8, 0x8, 0x40]})
fsetxattr$trusted_overlay_upper(r1, &(0x7f00000000c0), &(0x7f0000000180)={0x0, 0xfb, 0xb5, 0x0, 0x6, "ce8e973383a15b1662d7180bbbb53290", "f3b69f6b7d22616e45844c6dee0c600d94c186fd2d92a107b3cdbca63957ee30668b01de06ba288085eb3b7e223fee99db1e0abf440fb9fa0cd49933e109ed04300834b2b078d324589c255bb672f8275b3ddebeecb89e13720d16a1f17d6c517131021ddbf10815d08a3cb424f86d02601aad99d0f2c92fbde2929295275d016201acab80272996ad06c89a40368517f76e7f4fb1b632f9a6953b02578de4f6"}, 0xb5, 0x3)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sendfile(r0, r2, &(0x7f0000000000)=0xffffffffffffffff, 0x1)
fork()
r7 = open(&(0x7f0000000100)='./file0\x00', 0x300, 0x17f)
sendmsg$NL80211_CMD_GET_MESH_CONFIG(r7, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x14, r4, 0x400, 0x70bd28, 0x4ec5b61c, {{}, {@void, @void}}, ["", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x8c0}, 0x4040080)
socket$inet6(0xa, 0xa, 0x3ff)

[ 3059.304620] kauditd_printk_skb: 3 callbacks suppressed
[ 3059.304641] audit: type=1400 audit(1742968273.427:66): avc:  denied  { setattr } for  pid=41707 comm="syz-executor.2" name="fscreate" dev="proc" ino=52837 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=file permissive=1
[ 3059.339172] FAULT_INJECTION: forcing a failure.
[ 3059.339172] name failslab, interval 1, probability 0, space 0, times 0
[ 3059.341577] CPU: 0 PID: 41708 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 3059.342941] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3059.344537] Call Trace:
[ 3059.345075]  dump_stack+0x107/0x167
[ 3059.345797]  should_fail.cold+0x5/0xa
[ 3059.346552]  ? vm_area_dup+0x78/0x290
[ 3059.347307]  should_failslab+0x5/0x20
[ 3059.348057]  kmem_cache_alloc+0x5b/0x310
[ 3059.348864]  ? lock_downgrade+0x6d0/0x6d0
[ 3059.349681]  vm_area_dup+0x78/0x290
[ 3059.350409]  ? _cond_resched+0x10/0x30
[ 3059.351162]  ? copy_page_range+0x24e9/0x3810
[ 3059.352051]  ? vm_area_alloc+0x110/0x110
[ 3059.352833]  ? up_write+0x191/0x550
[ 3059.353544]  ? vm_iomap_memory+0x190/0x190
[ 3059.354351]  ? downgrade_write+0x3a0/0x3a0
[ 3059.355170]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 3059.356211]  ? __vma_link_rb+0x540/0x700
[ 3059.357003]  copy_process+0x291b/0x7800
[ 3059.357846]  ? __cleanup_sighand+0xb0/0xb0
[ 3059.358660]  ? perf_trace_lock+0xac/0x490
[ 3059.359468]  ? perf_trace_lock+0xac/0x490
[ 3059.360274]  kernel_clone+0xe7/0x980
[ 3059.360998]  ? create_io_thread+0xf0/0xf0
[ 3059.361815]  ? lock_downgrade+0x6d0/0x6d0
[ 3059.362580]  ? find_held_lock+0x2c/0x110
[ 3059.363370]  ? ksys_write+0x12d/0x260
[ 3059.364091] FAULT_INJECTION: forcing a failure.
[ 3059.364091] name failslab, interval 1, probability 0, space 0, times 0
[ 3059.366195]  __do_sys_clone+0xc8/0x110
[ 3059.366944]  ? kernel_clone+0x980/0x980
[ 3059.367702]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3059.368587]  ? vfs_write+0x354/0xb10
[ 3059.369322]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3059.370320]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3059.371314]  do_syscall_64+0x33/0x40
[ 3059.372024]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3059.372998] RIP: 0033:0x7f81e84c4b19
[ 3059.373717] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3059.377243] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3059.378693] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 3059.380055] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3059.381415] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 3059.382773] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3059.384128] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
05:51:13 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) (fail_nth: 23)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

[ 3059.385851] CPU: 1 PID: 41712 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 3059.387605] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3059.389386] Call Trace:
[ 3059.390085]  dump_stack+0x107/0x167
[ 3059.390865]  should_fail.cold+0x5/0xa
[ 3059.391689]  ? anon_vma_clone+0xdc/0x590
[ 3059.392703]  should_failslab+0x5/0x20
[ 3059.393616]  kmem_cache_alloc+0x5b/0x310
[ 3059.394493]  anon_vma_clone+0xdc/0x590
[ 3059.395335]  anon_vma_fork+0x82/0x640
[ 3059.396141]  ? __vm_enough_memory+0x184/0x360
[ 3059.397119]  copy_process+0x7218/0x7800
[ 3059.398008]  ? __cleanup_sighand+0xb0/0xb0
[ 3059.398910]  ? perf_trace_lock+0xac/0x490
[ 3059.399802]  ? perf_trace_lock+0xac/0x490
[ 3059.400693]  kernel_clone+0xe7/0x980
[ 3059.401506]  ? create_io_thread+0xf0/0xf0
[ 3059.402380]  ? lock_downgrade+0x6d0/0x6d0
[ 3059.403251]  ? find_held_lock+0x2c/0x110
[ 3059.404121]  ? ksys_write+0x12d/0x260
[ 3059.404943]  __do_sys_clone+0xc8/0x110
[ 3059.405781]  ? kernel_clone+0x980/0x980
[ 3059.406266] FAULT_INJECTION: forcing a failure.
[ 3059.406266] name failslab, interval 1, probability 0, space 0, times 0
[ 3059.408920]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3059.408938]  ? vfs_write+0x354/0xb10
[ 3059.408980]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3059.409002]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3059.409027]  do_syscall_64+0x33/0x40
[ 3059.409054]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3059.409083] RIP: 0033:0x7f87f4e1cb19
[ 3059.409103] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3059.409115] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3059.421187] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 3059.422689] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3059.424192] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 3059.425707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3059.427209] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
[ 3059.428753] CPU: 0 PID: 41713 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 3059.430045] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3059.431563] Call Trace:
[ 3059.432054]  dump_stack+0x107/0x167
[ 3059.432721]  should_fail.cold+0x5/0xa
[ 3059.433425]  ? down_write+0xe0/0x160
[ 3059.434103]  ? anon_vma_clone+0xdc/0x590
[ 3059.434854]  should_failslab+0x5/0x20
[ 3059.435555]  kmem_cache_alloc+0x5b/0x310
[ 3059.436306]  anon_vma_clone+0xdc/0x590
[ 3059.437048]  anon_vma_fork+0x82/0x640
[ 3059.437765]  ? __vm_enough_memory+0x184/0x360
[ 3059.438594]  copy_process+0x7218/0x7800
[ 3059.439355]  ? __cleanup_sighand+0xb0/0xb0
[ 3059.440126]  ? perf_trace_lock+0xac/0x490
[ 3059.440894]  ? perf_trace_lock+0xac/0x490
[ 3059.441677]  kernel_clone+0xe7/0x980
[ 3059.442364]  ? create_io_thread+0xf0/0xf0
[ 3059.443117]  ? lock_downgrade+0x6d0/0x6d0
[ 3059.443871]  ? find_held_lock+0x2c/0x110
[ 3059.444619]  ? ksys_write+0x12d/0x260
[ 3059.445339]  __do_sys_clone+0xc8/0x110
[ 3059.446052]  ? kernel_clone+0x980/0x980
[ 3059.446773]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3059.447614]  ? vfs_write+0x354/0xb10
[ 3059.448310]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3059.449273]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3059.450205]  do_syscall_64+0x33/0x40
[ 3059.450869]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3059.451746] RIP: 0033:0x7fd16660db19
[ 3059.452434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3059.456010] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3059.457682] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 3059.459234] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3059.460779] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 3059.462203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3059.463501] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
05:51:13 executing program 0:
mlockall(0x7)

[ 3059.498862] FAULT_INJECTION: forcing a failure.
[ 3059.498862] name failslab, interval 1, probability 0, space 0, times 0
[ 3059.502058] CPU: 1 PID: 41759 Comm: syz-executor.6 Not tainted 5.10.235 #1
[ 3059.503543] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3059.505334] Call Trace:
[ 3059.505909]  dump_stack+0x107/0x167
[ 3059.506697]  should_fail.cold+0x5/0xa
[ 3059.507526]  ? __kthread_create_on_node+0xd1/0x400
[ 3059.508585]  should_failslab+0x5/0x20
[ 3059.509413]  kmem_cache_alloc_trace+0x55/0x320
[ 3059.510402]  ? loop_info64_to_compat+0x5f0/0x5f0
[ 3059.511418]  __kthread_create_on_node+0xd1/0x400
[ 3059.512438]  ? __kthread_parkme+0x1d0/0x1d0
[ 3059.513395]  ? __mutex_lock+0x4fe/0x10b0
[ 3059.514270]  ? loop_configure+0xc8a/0x1410
[ 3059.515178]  ? do_raw_spin_unlock+0x4f/0x220
[ 3059.516124]  ? loop_info64_to_compat+0x5f0/0x5f0
[ 3059.517150]  kthread_create_on_node+0xbb/0x100
[ 3059.518132]  ? __kthread_create_on_node+0x400/0x400
[ 3059.519216]  ? lockdep_init_map_type+0x2c7/0x780
[ 3059.520234]  ? lockdep_init_map_type+0x2c7/0x780
[ 3059.521274]  loop_configure+0x3e7/0x1410
[ 3059.522161]  lo_ioctl+0xa57/0x16b0
[ 3059.522932]  ? avc_has_extended_perms+0x7f1/0xf40
[ 3059.523972]  ? loop_set_status_old+0x250/0x250
[ 3059.524959]  ? avc_ss_reset+0x180/0x180
[ 3059.525827]  ? find_held_lock+0x2c/0x110
[ 3059.526717]  ? __lock_acquire+0xbb1/0x5b00
[ 3059.527676]  ? selinux_bprm_creds_for_exec+0xb60/0xb60
[ 3059.528804]  ? generic_block_fiemap+0x60/0x60
[ 3059.529776]  ? lock_downgrade+0x6d0/0x6d0
[ 3059.530666]  ? build_open_flags+0x6f0/0x6f0
[ 3059.531599]  ? loop_set_status_old+0x250/0x250
[ 3059.532576]  blkdev_ioctl+0x291/0x710
[ 3059.533408]  ? blkdev_common_ioctl+0x1930/0x1930
[ 3059.534434]  ? selinux_file_ioctl+0xb6/0x270
[ 3059.535387]  block_ioctl+0xf9/0x140
[ 3059.536167]  ? blkdev_read_iter+0x1c0/0x1c0
[ 3059.537103]  __x64_sys_ioctl+0x19a/0x210
[ 3059.537984]  do_syscall_64+0x33/0x40
[ 3059.538785]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3059.539889] RIP: 0033:0x7fe01fe928d7
[ 3059.540688] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3059.544696] RSP: 002b:00007fe01d407f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3059.546366] RAX: ffffffffffffffda RBX: 00007fe01fedc970 RCX: 00007fe01fe928d7
[ 3059.547910] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006
[ 3059.549458] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff
[ 3059.550999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[ 3059.552757] R13: 0000000000000005 R14: 00000000200001b0 R15: 0000000000000002
05:51:32 executing program 3:
mlockall(0x7)
mlockall(0x3)
r0 = shmget$private(0x0, 0x1000, 0x1c10, &(0x7f0000ffd000/0x1000)=nil)
shmat(r0, &(0x7f0000800000/0x800000)=nil, 0xc000)
shmat(r0, &(0x7f0000fac000/0x2000)=nil, 0x7000)
mlockall(0x1)
mlockall(0x2)

05:51:32 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 77)

05:51:32 executing program 7:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000040)={<r3=>0xffffffffffffffff, 0x0, 0x0, 0x9})
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000000c0), 0xffffffffffffffff)
syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, &(0x7f0000000200), 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
sendmsg$IEEE802154_ADD_IFACE(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000002100000009001f00706879310000000005002000010000000c0005000000"], 0x34}}, 0x0)
r4 = openat(0xffffffffffffff9c, 0x0, 0x882c2, 0x0)
fallocate(r4, 0x0, 0x0, 0x1000002)
r5 = dup(0xffffffffffffffff)
ioctl$SNAPSHOT_GET_IMAGE_SIZE(r5, 0x8008330e, &(0x7f0000000100))
fgetxattr(r4, &(0x7f0000000140)=@random={'system.', '\x00'}, &(0x7f00000001c0)=""/220, 0xdc)
pwritev2(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000100)}], 0x1, 0x0, 0x0, 0x0)
finit_module(0xffffffffffffffff, 0x0, 0x0)
close_range(r3, 0xffffffffffffffff, 0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'caif0\x00'})

05:51:32 executing program 2:
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/94, 0x5e}], 0x1, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)="ee", 0x1}], 0x100000000000037f)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_WDS_PEER(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x28, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="32fe80f33b27"}]}, 0x28}}, 0x0)
ioctl$FS_IOC_FIEMAP(r3, 0xc020660b, &(0x7f0000000180)={0x9, 0x4, 0x2, 0x0, 0x5, [{0x8, 0x101, 0x6, '\x00', 0x108}, {0x1, 0x7, 0x55e9e4, '\x00', 0x2080}, {0x2, 0x2, 0x8c, '\x00', 0x4}, {0x3, 0x8, 0x0, '\x00', 0x2206}, {0x7ff, 0x5187a6bb, 0x10000, '\x00', 0x808}]})
sendfile(r0, r2, &(0x7f0000000000)=0xffffffffffffffff, 0x1)
fork()
socket$inet6(0xa, 0xa, 0x3ff)

05:51:32 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 58)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:51:32 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) (fail_nth: 24)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:51:32 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 32)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:51:32 executing program 0:
mlockall(0x0)
mlockall(0x5)
shmat(0x0, &(0x7f0000bed000/0x2000)=nil, 0x7000)
mlockall(0x6)

[ 3078.681340] FAULT_INJECTION: forcing a failure.
[ 3078.681340] name failslab, interval 1, probability 0, space 0, times 0
[ 3078.684684] CPU: 0 PID: 41941 Comm: syz-executor.6 Not tainted 5.10.235 #1
[ 3078.686498] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3078.688648] Call Trace:
[ 3078.689347]  dump_stack+0x107/0x167
[ 3078.690300]  should_fail.cold+0x5/0xa
[ 3078.691294]  ? create_object.isra.0+0x3a/0xa20
[ 3078.692492]  should_failslab+0x5/0x20
[ 3078.693495]  kmem_cache_alloc+0x5b/0x310
[ 3078.694521]  create_object.isra.0+0x3a/0xa20
[ 3078.695533]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3078.696713]  kmem_cache_alloc_trace+0x151/0x320
[ 3078.697804]  ? loop_info64_to_compat+0x5f0/0x5f0
[ 3078.698899]  __kthread_create_on_node+0xd1/0x400
[ 3078.699995]  ? __kthread_parkme+0x1d0/0x1d0
[ 3078.701006]  ? __mutex_lock+0x4fe/0x10b0
[ 3078.701961]  ? loop_configure+0xc8a/0x1410
[ 3078.702936]  ? do_raw_spin_unlock+0x4f/0x220
[ 3078.703957]  ? loop_info64_to_compat+0x5f0/0x5f0
[ 3078.705051]  kthread_create_on_node+0xbb/0x100
[ 3078.706123]  ? __kthread_create_on_node+0x400/0x400
[ 3078.707279]  ? lockdep_init_map_type+0x2c7/0x780
[ 3078.708376]  ? lockdep_init_map_type+0x2c7/0x780
[ 3078.709488]  loop_configure+0x3e7/0x1410
[ 3078.710447]  lo_ioctl+0xa57/0x16b0
[ 3078.711266]  ? avc_has_extended_perms+0x7f1/0xf40
[ 3078.712386]  ? loop_set_status_old+0x250/0x250
[ 3078.713450]  ? avc_ss_reset+0x180/0x180
[ 3078.714380]  ? find_held_lock+0x2c/0x110
[ 3078.715333]  ? __lock_acquire+0xbb1/0x5b00
[ 3078.716366]  ? selinux_bprm_creds_for_exec+0xb60/0xb60
[ 3078.717585]  ? generic_block_fiemap+0x60/0x60
[ 3078.718636]  ? lock_downgrade+0x6d0/0x6d0
[ 3078.719595]  ? build_open_flags+0x6f0/0x6f0
[ 3078.720602]  ? loop_set_status_old+0x250/0x250
[ 3078.720754] FAULT_INJECTION: forcing a failure.
[ 3078.720754] name failslab, interval 1, probability 0, space 0, times 0
[ 3078.721670]  blkdev_ioctl+0x291/0x710
[ 3078.721739]  ? blkdev_common_ioctl+0x1930/0x1930
[ 3078.721766]  ? selinux_file_ioctl+0xb6/0x270
[ 3078.721797]  block_ioctl+0xf9/0x140
[ 3078.727961]  ? blkdev_read_iter+0x1c0/0x1c0
[ 3078.728971]  __x64_sys_ioctl+0x19a/0x210
[ 3078.729930]  do_syscall_64+0x33/0x40
[ 3078.730803]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3078.731985] RIP: 0033:0x7fe01fe928d7
[ 3078.732860] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3078.737125] RSP: 002b:00007fe01d407f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3078.738918] RAX: ffffffffffffffda RBX: 00007fe01fedc970 RCX: 00007fe01fe928d7
[ 3078.740586] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006
[ 3078.742259] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff
[ 3078.743928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[ 3078.745593] R13: 0000000000000005 R14: 00000000200001b0 R15: 0000000000000002
[ 3078.747295] CPU: 1 PID: 41939 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 3078.748775] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3078.750542] Call Trace:
[ 3078.751111]  dump_stack+0x107/0x167
[ 3078.751875]  should_fail.cold+0x5/0xa
[ 3078.752681]  ? create_object.isra.0+0x3a/0xa20
[ 3078.753674]  should_failslab+0x5/0x20
[ 3078.754481]  kmem_cache_alloc+0x5b/0x310
[ 3078.755353]  create_object.isra.0+0x3a/0xa20
[ 3078.756280]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3078.757376]  kmem_cache_alloc+0x159/0x310
[ 3078.758265]  vm_area_dup+0x78/0x290
[ 3078.759059]  ? _cond_resched+0x10/0x30
[ 3078.759865]  ? copy_page_range+0x24e9/0x3810
[ 3078.760841]  ? vm_area_alloc+0x110/0x110
[ 3078.761735]  ? up_write+0x191/0x550
[ 3078.762509]  ? vm_iomap_memory+0x190/0x190
[ 3078.763396]  ? downgrade_write+0x3a0/0x3a0
[ 3078.764289]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 3078.765524]  ? __vma_link_rb+0x540/0x700
[ 3078.766393]  copy_process+0x291b/0x7800
[ 3078.767281]  ? __cleanup_sighand+0xb0/0xb0
[ 3078.768178]  ? perf_trace_lock+0xac/0x490
[ 3078.769077]  ? perf_trace_lock+0xac/0x490
[ 3078.769982]  kernel_clone+0xe7/0x980
[ 3078.770758]  ? create_io_thread+0xf0/0xf0
[ 3078.771628]  ? lock_downgrade+0x6d0/0x6d0
[ 3078.772496]  ? find_held_lock+0x2c/0x110
[ 3078.773396]  ? ksys_write+0x12d/0x260
[ 3078.774223]  __do_sys_clone+0xc8/0x110
[ 3078.775057]  ? kernel_clone+0x980/0x980
[ 3078.775908]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3078.776894]  ? vfs_write+0x354/0xb10
[ 3078.777728]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3078.778839]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3078.779968]  do_syscall_64+0x33/0x40
[ 3078.780877]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3078.780916] FAULT_INJECTION: forcing a failure.
[ 3078.780916] name failslab, interval 1, probability 0, space 0, times 0
[ 3078.784425] RIP: 0033:0x7f81e84c4b19
[ 3078.785272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3078.789567] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3078.791271] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 3078.792888] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3078.794463] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 3078.796113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3078.797712] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
[ 3078.799592] CPU: 0 PID: 41954 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 3078.801394] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3078.803293] Call Trace:
[ 3078.803900]  dump_stack+0x107/0x167
[ 3078.804743]  should_fail.cold+0x5/0xa
[ 3078.805632]  ? create_object.isra.0+0x3a/0xa20
[ 3078.806698]  should_failslab+0x5/0x20
[ 3078.807569]  kmem_cache_alloc+0x5b/0x310
[ 3078.808509]  create_object.isra.0+0x3a/0xa20
[ 3078.809517]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3078.810679]  kmem_cache_alloc+0x159/0x310
[ 3078.811637]  anon_vma_clone+0xdc/0x590
[ 3078.812535]  anon_vma_fork+0x82/0x640
[ 3078.813410]  ? __vm_enough_memory+0x184/0x360
[ 3078.814445]  copy_process+0x7218/0x7800
[ 3078.815399]  ? __cleanup_sighand+0xb0/0xb0
[ 3078.816366]  ? perf_trace_lock+0xac/0x490
[ 3078.817339]  ? perf_trace_lock+0xac/0x490
[ 3078.818305]  kernel_clone+0xe7/0x980
[ 3078.819165]  ? create_io_thread+0xf0/0xf0
[ 3078.820113]  ? lock_downgrade+0x6d0/0x6d0
[ 3078.821074]  ? find_held_lock+0x2c/0x110
[ 3078.822026]  ? ksys_write+0x12d/0x260
[ 3078.822914]  __do_sys_clone+0xc8/0x110
[ 3078.823806]  ? kernel_clone+0x980/0x980
[ 3078.824717]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3078.825775]  ? vfs_write+0x354/0xb10
[ 3078.826649]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3078.827844]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3078.829028]  do_syscall_64+0x33/0x40
[ 3078.829883]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3078.831045] RIP: 0033:0x7fd16660db19
[ 3078.831898] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3078.836044] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3078.837788] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 3078.839402] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3078.841032] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 3078.842664] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3078.844302] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
[ 3078.860217] FAULT_INJECTION: forcing a failure.
[ 3078.860217] name failslab, interval 1, probability 0, space 0, times 0
[ 3078.862921] CPU: 1 PID: 41945 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 3078.864372] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3078.866123] Call Trace:
[ 3078.866688]  dump_stack+0x107/0x167
[ 3078.867465]  should_fail.cold+0x5/0xa
[ 3078.868266]  ? create_object.isra.0+0x3a/0xa20
[ 3078.869234]  should_failslab+0x5/0x20
[ 3078.870047]  kmem_cache_alloc+0x5b/0x310
[ 3078.870904]  create_object.isra.0+0x3a/0xa20
[ 3078.871830]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3078.872902]  kmem_cache_alloc+0x159/0x310
[ 3078.873792]  vm_area_dup+0x78/0x290
[ 3078.874563]  ? avc_has_perm_noaudit+0x1c9/0x3e0
[ 3078.875535]  ? lock_downgrade+0x6d0/0x6d0
[ 3078.876405]  ? copy_page_range+0x24e9/0x3810
[ 3078.877350]  ? avc_has_perm_noaudit+0x1f7/0x3e0
[ 3078.878329]  ? avc_has_extended_perms+0xf40/0xf40
[ 3078.879349]  ? vm_area_alloc+0x110/0x110
[ 3078.880199]  ? find_held_lock+0x2c/0x110
[ 3078.881062]  ? selinux_vm_enough_memory+0x114/0x180
[ 3078.882123]  ? selinux_sb_statfs+0x250/0x250
[ 3078.883056]  ? percpu_counter_add_batch+0x8b/0x140
[ 3078.884084]  ? __vm_enough_memory+0x184/0x360
[ 3078.885025]  ? security_vm_enough_memory_mm+0x8b/0xc0
[ 3078.886112]  copy_process+0x291b/0x7800
[ 3078.886988]  ? __cleanup_sighand+0xb0/0xb0
[ 3078.887875]  ? perf_trace_lock+0xac/0x490
[ 3078.888773]  ? perf_trace_lock+0xac/0x490
[ 3078.889656]  kernel_clone+0xe7/0x980
[ 3078.890442]  ? create_io_thread+0xf0/0xf0
[ 3078.891447]  ? lock_downgrade+0x6d0/0x6d0
[ 3078.892334]  ? find_held_lock+0x2c/0x110
[ 3078.893205]  ? ksys_write+0x12d/0x260
[ 3078.894046]  __do_sys_clone+0xc8/0x110
[ 3078.894876]  ? kernel_clone+0x980/0x980
[ 3078.895724]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3078.896715]  ? vfs_write+0x354/0xb10
[ 3078.897539]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3078.898656]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3078.899768]  do_syscall_64+0x33/0x40
[ 3078.900561]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3078.901663] RIP: 0033:0x7f87f4e1cb19
[ 3078.902454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3078.906393] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3078.908020] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 3078.909556] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3078.911082] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 3078.912606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3078.914140] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
05:51:33 executing program 7:
r0 = syz_io_uring_setup(0x0, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000180), 0x0)
close(r0)
r1 = syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[@ANYRES16=0x0, @ANYRESDEC=r0])
execve(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000440)=[0x0])
mount$bind(&(0x7f00000002c0)='./file1\x00', &(0x7f0000000400)='./file0\x00', &(0x7f0000000480), 0x1800046, 0x0)
r2 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x3938700}, 0x1, 0x1, 0x0, {0x0, r2}}, 0xe466)
syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100)=<r3=>0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0xfe, 0x0, 0x0, 0xffffffffffffffa3, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_config_ext={0x4}, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0)
getsockname(0xffffffffffffffff, &(0x7f0000000300)=@nfc_llcp, &(0x7f0000000380)=0x80)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
getsockname(r4, &(0x7f0000000500)=@pppoe, &(0x7f0000000580)=0x80)
setreuid(0x0, 0xee01)
socket$inet6_udp(0xa, 0x2, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000140)=@IORING_OP_FADVISE={0x18, 0x88a4a5c437512118, 0x0, @fd_index=0xa, 0x5, 0x0, 0x3ff, 0x1, 0x1, {0x0, r2}}, 0x101)
mkdirat(r1, &(0x7f00000003c0)='./file0\x00', 0x1cd)

[ 3078.986600] loop6: detected capacity change from 0 to 41948160
[ 3079.008638] FAT-fs (loop6): Unrecognized mount option "" or missing value
[ 3079.018076] loop7: detected capacity change from 0 to 262144
[ 3079.039220] EXT4-fs (loop7): mounting ext2 file system using the ext4 subsystem
05:51:33 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 59)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:51:33 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) (fail_nth: 25)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

[ 3079.169649] FAULT_INJECTION: forcing a failure.
[ 3079.169649] name failslab, interval 1, probability 0, space 0, times 0
[ 3079.172230] CPU: 1 PID: 42164 Comm: syz-executor.6 Not tainted 5.10.235 #1
[ 3079.173685] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3079.175457] Call Trace:
[ 3079.176076]  dump_stack+0x107/0x167
[ 3079.176851]  should_fail.cold+0x5/0xa
[ 3079.177718]  ? __kernfs_new_node+0xd4/0x860
[ 3079.178720]  should_failslab+0x5/0x20
[ 3079.179601]  kmem_cache_alloc+0x5b/0x310
[ 3079.180132] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue
[ 3079.180551]  __kernfs_new_node+0xd4/0x860
[ 3079.180578]  ? mark_held_locks+0x9e/0xe0
[ 3079.180611]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 3079.185494]  ? trace_hardirqs_on+0x5b/0x180
[ 3079.186504]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 3079.187777]  kernfs_new_node+0x18d/0x250
[ 3079.188725]  kernfs_create_dir_ns+0x49/0x160
[ 3079.189774]  internal_create_group+0x793/0xb30
[ 3079.190838]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3079.192049]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 3079.193302]  ? trace_hardirqs_on+0x5b/0x180
[ 3079.194305]  ? sysfs_remove_group+0x170/0x170
[ 3079.195358]  ? blk_queue_flag_set+0x22/0x30
[ 3079.196352]  ? __loop_update_dio+0x2d2/0x690
[ 3079.197384]  loop_configure+0x953/0x1410
[ 3079.198343]  lo_ioctl+0xa57/0x16b0
[ 3079.199173]  ? avc_has_extended_perms+0x7f1/0xf40
[ 3079.200299]  ? loop_set_status_old+0x250/0x250
[ 3079.201366]  ? avc_ss_reset+0x180/0x180
[ 3079.202289]  ? find_held_lock+0x2c/0x110
[ 3079.203243]  ? __lock_acquire+0xbb1/0x5b00
[ 3079.204281]  ? selinux_bprm_creds_for_exec+0xb60/0xb60
[ 3079.205500]  ? generic_block_fiemap+0x60/0x60
[ 3079.206537]  ? lock_downgrade+0x6d0/0x6d0
[ 3079.207496]  ? build_open_flags+0x6f0/0x6f0
[ 3079.208530]  ? loop_set_status_old+0x250/0x250
[ 3079.209593]  blkdev_ioctl+0x291/0x710
[ 3079.210476]  ? blkdev_common_ioctl+0x1930/0x1930
[ 3079.211578]  ? selinux_file_ioctl+0xb6/0x270
[ 3079.212601]  block_ioctl+0xf9/0x140
[ 3079.213451]  ? blkdev_read_iter+0x1c0/0x1c0
[ 3079.214454]  __x64_sys_ioctl+0x19a/0x210
[ 3079.215402]  do_syscall_64+0x33/0x40
[ 3079.216270]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3079.217464] RIP: 0033:0x7fe01fe928d7
[ 3079.218324] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3079.222584] RSP: 002b:00007fe01d407f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3079.224344] RAX: ffffffffffffffda RBX: 00007fe01fedc970 RCX: 00007fe01fe928d7
[ 3079.226011] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006
[ 3079.227663] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff
[ 3079.229317] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[ 3079.230966] R13: 0000000000000005 R14: 00000000200001b0 R15: 0000000000000002
05:51:33 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 78)

05:51:33 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 33)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:51:33 executing program 2:
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/94, 0x5e}], 0x1, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x2, 0xffffffffffffffff, 0x0)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)="ee", 0x1}], 0x100000000000037f)
r2 = syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0)
syz_io_uring_submit(r5, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
syz_io_uring_setup(0x5647, &(0x7f00000000c0)={0x0, 0x27b8, 0x20, 0x1, 0x149}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000180), &(0x7f00000001c0)=<r6=>0x0)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000007940)=[{{0x0, 0x200000, 0x0}}], 0x500, 0x20000022, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000440)=@IORING_OP_RECVMSG={0xa, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000400)={&(0x7f0000000200)=@nl=@proc, 0x80, &(0x7f0000000280)=[{&(0x7f0000000300)=""/67, 0x43}, {&(0x7f0000000380)=""/82, 0x52}, {&(0x7f0000000500)=""/129, 0x81}, {&(0x7f00000005c0)=""/215, 0xd7}], 0x4, &(0x7f00000006c0)=""/158, 0x9e}, 0x0, 0x2000, 0x0, {0x3, r7}}, 0x40)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sendfile(r0, r8, &(0x7f0000000000)=0xffffffffffffffff, 0x1)
fork()
socket$inet6(0xa, 0xa, 0x3ff)

[ 3079.367609] FAULT_INJECTION: forcing a failure.
[ 3079.367609] name failslab, interval 1, probability 0, space 0, times 0
[ 3079.370475] CPU: 1 PID: 42240 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 3079.372081] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3079.374004] Call Trace:
[ 3079.374622]  dump_stack+0x107/0x167
[ 3079.375473]  should_fail.cold+0x5/0xa
[ 3079.376361]  ? vm_area_dup+0x78/0x290
[ 3079.377249]  should_failslab+0x5/0x20
[ 3079.378145]  kmem_cache_alloc+0x5b/0x310
[ 3079.379095]  vm_area_dup+0x78/0x290
[ 3079.379957]  ? _cond_resched+0x10/0x30
[ 3079.380859]  ? copy_page_range+0x24e9/0x3810
[ 3079.381930]  ? vm_area_alloc+0x110/0x110
[ 3079.382878]  ? up_write+0x191/0x550
[ 3079.383724]  ? vm_iomap_memory+0x190/0x190
[ 3079.384705]  ? downgrade_write+0x3a0/0x3a0
[ 3079.385702]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 3079.386963]  ? __vma_link_rb+0x540/0x700
[ 3079.387908]  copy_process+0x291b/0x7800
[ 3079.388868]  ? __cleanup_sighand+0xb0/0xb0
[ 3079.389856]  ? perf_trace_lock+0xac/0x490
[ 3079.390827]  ? perf_trace_lock+0xac/0x490
[ 3079.391793]  kernel_clone+0xe7/0x980
[ 3079.392661]  ? create_io_thread+0xf0/0xf0
[ 3079.393621]  ? lock_downgrade+0x6d0/0x6d0
[ 3079.394574]  ? find_held_lock+0x2c/0x110
[ 3079.395521]  ? ksys_write+0x12d/0x260
[ 3079.396422]  __do_sys_clone+0xc8/0x110
[ 3079.397324]  ? kernel_clone+0x980/0x980
[ 3079.398243]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3079.399313]  ? vfs_write+0x354/0xb10
[ 3079.400198]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3079.401425]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3079.402618]  do_syscall_64+0x33/0x40
[ 3079.403478]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3079.404657] RIP: 0033:0x7f81e84c4b19
[ 3079.405525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3079.409772] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3079.411527] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 3079.413182] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3079.414858] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 3079.416504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3079.418317] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
[ 3079.428858] loop6: detected capacity change from 0 to 41948160
05:51:33 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r1 = fcntl$dupfd(r0, 0x406, r0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x4, 0x12, r1, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup(r2)
recvmmsg(r3, &(0x7f0000007940)=[{{0x0, 0x200000, 0x0}}], 0x500, 0x20000022, 0x0)
sendmmsg$inet6(r3, &(0x7f0000000040), 0x0, 0x400a8c4)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000140), &(0x7f0000000180)=0xc)

[ 3079.487966] FAT-fs (loop6): Unrecognized mount option "" or missing value
[ 3079.527032] FAULT_INJECTION: forcing a failure.
[ 3079.527032] name failslab, interval 1, probability 0, space 0, times 0
[ 3079.529902] CPU: 1 PID: 42273 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 3079.531499] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3079.533419] Call Trace:
[ 3079.534035]  dump_stack+0x107/0x167
[ 3079.534881]  should_fail.cold+0x5/0xa
[ 3079.535764]  ? anon_vma_clone+0xdc/0x590
[ 3079.536707]  should_failslab+0x5/0x20
[ 3079.537678]  kmem_cache_alloc+0x5b/0x310
[ 3079.538631]  anon_vma_clone+0xdc/0x590
[ 3079.539547]  anon_vma_fork+0x82/0x640
[ 3079.540431]  ? __vm_enough_memory+0x184/0x360
[ 3079.541525]  copy_process+0x7218/0x7800
[ 3079.542502]  ? __cleanup_sighand+0xb0/0xb0
[ 3079.543507]  ? perf_trace_lock+0xac/0x490
[ 3079.544509]  ? perf_trace_lock+0xac/0x490
[ 3079.545492]  kernel_clone+0xe7/0x980
[ 3079.546026] FAULT_INJECTION: forcing a failure.
[ 3079.546026] name failslab, interval 1, probability 0, space 0, times 0
[ 3079.546364]  ? create_io_thread+0xf0/0xf0
[ 3079.546386]  ? lock_downgrade+0x6d0/0x6d0
[ 3079.546405]  ? find_held_lock+0x2c/0x110
[ 3079.546437]  ? ksys_write+0x12d/0x260
[ 3079.546478]  __do_sys_clone+0xc8/0x110
[ 3079.546499]  ? kernel_clone+0x980/0x980
[ 3079.546522]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3079.546541]  ? vfs_write+0x354/0xb10
[ 3079.546589]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3079.546612]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3079.546641]  do_syscall_64+0x33/0x40
[ 3079.560237]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3079.561467] RIP: 0033:0x7fd16660db19
[ 3079.562338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3079.566869] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3079.568633] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 3079.570334] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3079.572064] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 3079.573804] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3079.575558] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
[ 3079.577335] CPU: 0 PID: 42277 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 3079.578925] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3079.580757] Call Trace:
[ 3079.581509]  dump_stack+0x107/0x167
[ 3079.582432]  should_fail.cold+0x5/0xa
[ 3079.583295]  ? anon_vma_fork+0xf1/0x640
[ 3079.584185]  should_failslab+0x5/0x20
[ 3079.585040]  kmem_cache_alloc+0x5b/0x310
[ 3079.585965]  anon_vma_fork+0xf1/0x640
[ 3079.586818]  ? __vm_enough_memory+0x184/0x360
[ 3079.587841]  copy_process+0x7218/0x7800
[ 3079.588775]  ? __cleanup_sighand+0xb0/0xb0
[ 3079.589748]  ? perf_trace_lock+0xac/0x490
[ 3079.590694]  ? perf_trace_lock+0xac/0x490
[ 3079.591639]  kernel_clone+0xe7/0x980
[ 3079.592486]  ? create_io_thread+0xf0/0xf0
[ 3079.593431]  ? lock_downgrade+0x6d0/0x6d0
[ 3079.594372]  ? find_held_lock+0x2c/0x110
[ 3079.595316]  ? ksys_write+0x12d/0x260
[ 3079.596195]  __do_sys_clone+0xc8/0x110
[ 3079.597081]  ? kernel_clone+0x980/0x980
[ 3079.598053]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3079.599108]  ? vfs_write+0x354/0xb10
[ 3079.600003]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3079.601211]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3079.602418]  do_syscall_64+0x33/0x40
[ 3079.603283]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3079.604459] RIP: 0033:0x7f87f4e1cb19
[ 3079.605324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3079.609607] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3079.611391] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 3079.613092] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3079.614800] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 3079.616517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3079.618235] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
05:51:33 executing program 0:
mlockall(0x7)
shmat(0x0, &(0x7f00009d5000/0x1000)=nil, 0xe000)

05:51:54 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 34)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:51:54 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) (fail_nth: 26)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:51:54 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 60)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:51:54 executing program 7:
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x0)
read(0xffffffffffffffff, &(0x7f0000002880)=""/192, 0xc0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, 0x0)
fcntl$setflags(0xffffffffffffffff, 0x2, 0x1)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_GET_SURVEY(r0, 0x0, 0x20000881)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000180)='net/raw6\x00')
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000040)=ANY=[@ANYBLOB="00000000000020005a7600405acffcf5428c4d1c8c4ea8ce6f818ba7b25b5da47977f7797d1f79b8f559915b7bedeb653ac88be17645c513008d5bf05239565eebb07bc42a9cd0b5efd583668aab00020000000000000df3f0735016e8035cea3b903573968a9df114fefff2365b1b2ca84d0469cd37"])
fstatfs(0xffffffffffffffff, &(0x7f0000000200)=""/108)
pread64(r1, &(0x7f0000002100)=""/4083, 0xff3, 0x20000000000000)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r2, 0x0, 0x0, 0x1000002)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r4 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x100000001)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r2, 0x0)

05:51:54 executing program 2:
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/94, 0x5e}], 0x1, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(r1, 0x84009422, &(0x7f0000000500)={0x0, 0x0, {}, {}, {0x0, @struct}})
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)="ee", 0x1}], 0x100000000000037f)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sendfile(r0, r2, &(0x7f0000000000)=0xffffffffffffffff, 0x1)
fork()
socket$inet6(0xa, 0xa, 0x3ff)

05:51:54 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 79)

05:51:54 executing program 3:
mlockall(0x7)
mlockall(0x3)
r0 = shmget$private(0x0, 0x1000, 0x1c10, &(0x7f0000ffd000/0x1000)=nil)
shmat(r0, &(0x7f0000800000/0x800000)=nil, 0xc000)
shmat(r0, &(0x7f0000fac000/0x2000)=nil, 0x7000)
mlockall(0x1)

[ 3100.084820] FAULT_INJECTION: forcing a failure.
[ 3100.084820] name failslab, interval 1, probability 0, space 0, times 0
[ 3100.087851] CPU: 1 PID: 42504 Comm: syz-executor.6 Not tainted 5.10.235 #1
05:51:54 executing program 0:
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x7}}, './file0\x00'})
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = syz_mount_image$iso9660(&(0x7f0000000200), &(0x7f0000000240)='./file0\x00', 0x7fffffff, 0x4, &(0x7f00000015c0)=[{&(0x7f0000000280)="ca8690c3d797141a83793599614bcd72a1387320ff3dc9d4440920e5247517be51c0f481ddeda63d7c531a5163517a7bfe598d15198d6d1b69f14181c5d5f1402b59d90ee6d0c6d79f71b0cb7a1815e36222ee9712d595d75fd325f1b0f78eaaac6ae4f8630f8bb9cd7330b0a2a3da0bd00a089de18a04798dc6dbdb67b79c1d759c8e6484eed7717545ac675d188f0bfcfad57b5553db548aa242c0e7d014b79dac3ef4e5952f9512212d32c8aa4218b9eb4aac36193e30d1379caa47d74ad14f039f10", 0xc4, 0x80000000}, {&(0x7f0000000380)="2350ad72b8029c33ddf36d4b64396b81a82db4ffbef24d0b66bc9f52e1a5343da16025445a6c2e775861cb5f71d3de23a0e49f8be56ade8b0942ff3a466caa30a5e24977cc110fcf84cb2afb9683d71b20cad1d5118dcd066fd1c7bf8d79dd668f5967c2020059f079ff4eca580856ff29e1cf8d75c73d8d803fdd945fee5379a286e0ad0734581cc0a3c168217e70cca8e64b256e5a42db935d234c1716bbc072153c728a81398064f5b371c6e8b15616dbad93dcb9335bbe658b44d7597db76a2f6c012d08e54c1190dcf8e953dd5d6036e8e615b6684aa8903d85c6d69b67b067d64d05e379429dae4fdb7babe14d15790fa550ce5cd9a3", 0xf9, 0xfc2}, {&(0x7f0000000480)="5e6b5b7e63b396f0782e08c507ce0c81732bfa95cf7f2f29ccd03a56b7ce7cf74af47a85a71597a8fbac7c2502b8c616eeb361e055e677ffedf982d191a6e94d486cab6c7fce495c5c47d0f01e45a8805e04ecdc5a6d3e5d44e6926325e0b8c395755132691dd7dbd7b6d9d2ccf35965e497a22f2e024b7de4d5c2f041ebc565e1dfaf1d3d1834f10000007f46086750673dca0bef31db273a9dbbdfbc991a8884998e5a80a468a22c6cfd3b30d83167fc660b5f27", 0xb5, 0x100000000}, {&(0x7f00000005c0)="92d90621f2d2c1c9d9cf7d85591f53a8aa5bc6db3ceeb513e9304ea8b4cdf67244980bd5adc83ee080ef11abb88692f55b144032fd4789cd567cc20b2b4e8427214a19adedafe7dd1d07644d3cd7339b17f552eccfdf6d3a240c35249666de97da087b49a74fe9abd4b9cc0e902226cc8519a488e8601ad6aba9c929df45d044d07f01396097fa9416493689a3c9a8db773851e77d4e2bf7eb23f137a5ca146ef21a3961a120ba4dda89c27d52140b5394b88287c35d9925bc29bd7deb17742c189ec050c51a888fceaaeeb8b3e690268a514a4cbd3a267f186f376cab30242852de1c784c998fbb5cd6bdbd74d600876bf099116795c9516c2730a64963ca893ff369fcbffcd926756ccb0fe21776e4a01f4ecd5e7f5200a66e2e6bd9d3c1d9895762fa3358af59d45152cc198176ddbe6a076517885c9b03cd06286679f9a732cd9ec26b7eab7f81c843abbd816460d4b526d3e1486e4c6861debecaf341620819235ad11cf1fe171cf58802f3c71480c11e32b2f2f779e9597fa2a9f8d38da2d21e87022bfec9268625750a2c5a495475cfcf95393b743288a9a605a2c32891d5a3ac65e102c2e76451f9fdad9820ef664533f671a0e977a759fcd309e2874bdeacfc0d6a7231ceb7d63aa2edcf3a42065121311b00ff8ebba37189458c7974d2bef6b83d096fdc75b6085dc976cda9b0e30954a707ce18a0bd50209ab6b94a0066eb44d0b2a02d44de0a79165624ef238b0c2bedfe24a35a418eff24033b4a82fefeea9c9887f1a66f2fea1fdb2829f0952c06238a8a800eee0dabd51a9065420496bf972dc43d303a046497512a0f2e33aa2293a64cf288545bf7c152f639dbd619a5a211481ce5e738dd1e9cebbdcef45f49872fda2f65c5aa56f8660bad8b96ccfbf0d27868fa0538293cee2ea1e3051ccf8bf95445e99250c48f547c936d22bd7f7c16587b97d5e67d383ddb1de3c2738cd31c26ce1d88e860db4573296bb0ec82e01c74a343b6ea1efad667a1ef67945d28411ddb98e0b57f72329fb9433fb1b82bb01748c545473a312004b2c5ba3b44e434f592cead5cd2713868e7e211852a0ef4e257da1e0f642cee4b71cc882948ddf66ecaeac1c921ed426fc2af745126b37dcdcf9212f574904a8d8c94cebc38111bb1f629121a600f482d074668e1c696dee6603dcc63e4ac5d8680ff546b2b89e99aec6ed784672e21911e782af3a7fbb91cb8bd9836736da6f31688a83599f8a3b8b64b51c00b9ff7254320c928b8f8e0042c8132de2bccd62476b4f1ad55578cd5456f236bb123e420fc40a5719a7a0b7a1d88944fd228ef2831ba400406edc97fba5a56a0dabe9a45f5413e938f7dd13343c4a68bdb27f0c634489e63df7a5906ce23e660e2f187783ac0776ac05bf167a3000eebe1dabc86148913d5ebf39fe29ff26b4ae9fe5ab1da5672201c46a61b59e4c8aa0a6b9228cf2c1608f6caf86c89b1d7f21947b4392a1dc99594ba0fc425a02563b7f027857514d1a56d27b30b8873039b3a010abe604a8a87f94281f826ad3170e4d6dcf1deea50bd89ce64f7871d8eecfd9b65a787e7ea993cdd2a16deca78509abe5310b5aa8556e0a6205d76fa4b975b76a9f075158693d13180945f257a3bdfe7c72116d84dcf4c428261131a8fddb4465d3b677a4ab144831cca0680738702024df34e2febc80440c6fd0371e48c11251f290407d3e6a71836e564a19234be76aa5814e9a1871bbf580099096ffc8342339d52ca149953b1f3c200d35b0f9cd020295c40dd46f5b9b037503550d27b35564ff437469251014c1b7974d9e98227d978959ccafff3386d7539e2cd288650debc947f1998e8133f9bb03f9bf5ecefaf552992b227bdd5d8ea5d0655a4d6e98fe1c8b5c689d01d3efcd1cdba3ecd5b06bd841a86cf6b2e3714c6d30904e21c3fc3d3ef707acc7db0bcd2a52df318ece6d6740f103277324cf4019f94993edd2d16c029fbab0a5d73eff088efc028a603368544d2bfa5ece276bd7240db4b2715cf687eba13652b29e39fdf7d738a11ccde3bbce5763a2e1d0838dd04dab624946c6b792292c3bd5c7fbb9ba857fab71836b1ad3c6cdf4ad0ec30b5629dd3b69ced78dd125980fcc48482cbe79ac95a66a95243786af0e0873931243f0c3280f11c6902b177c10034cdc0e58523fb6b5e870a343c4c801a800776d014b3a71d6dceb9d4305a7dc56cb139df6da8507616130432e3f91342190dbf96a07ee77468ea16a1fc7283af3d7bea6bf1377f926fa46adb8ab17d70ffddee3c17a43c270ce013f73ba215114a91f98e7d147074450ff0eaf86644c4ea3a6da998463acc2611f43ea5a4ec86f7729426034b896662a22a92ce69d3bd69fc63f4242ac1336564800fcbcc0227e50823efe224b22719f3bab83c43e2ca22b1012dcb7b0fefb954c5255521536544fbd2b02e9e9809344916f1cf0339e31bd379063303cea4a78e4b38410d9e5fde2f12abf142859bd7b2c6c6ad5e9c025dd79f11a99be12696ce239df4bded0caa8db9a5ac420f80733f4c54cab5b887fe373fa47297481a94638fdd1be364b600e5a90804d32a527581b85a5c4b19d5c506baa8dcf1eb831468de19cb37aa06041ae11aa63c4e089dc42af3e8f12c33e68eb13b3e6d6dd5e263dcb16edcb2ca8c7952c7259acb169fa27ddef62edb83868373c6b603644e31d98e0a82e17a83609a7a099f8435ea224fa3a765627ac5705478eacbd93419472a58f01b9f8611b93bca1e32f185c7f0e97e06df36fa393cabdb2df4c441f1ebede32a3208c19286f5572e20e468f5c62d63d557cc54a059469a664a6c7bc61ff573129cda61acd30b5b69c65ba9d2da2cd21df8e6fa81d59ca252863c699a6a403180da138ac6e5fcb61d8534acae04d18a09132feb0a14e36bbd7f6266a3ecdfb96fe78d731507b9d2e7fc6c4e61504610cc4afa2d35a3319b0ba6d789c740ee5fcbb4dc47dd5a47d2a143a54c512d66ab5684bc17313f363f2027d9bc402407c6db6ba9f26001a774375e39d8cc5ded9818fdeff633d20249667bcdb738e55876ae3873f34834c062e16f067a7a62360b7103962394911f311a8787f99ed439f19f19e812b7415ac06a224a6ca4beb206e2a1991086eea877e2c26f1992a804e1b9a9f44844cb3539594164398700dcd7db9176cdabccf39fef745bb18e07ba6c097a44524b12ee6d9db1d4d2dd684987427b6f97cba936ff7f94888e0e365b3c9deafb0edf8af98c84773964838d24f86dc4bcddad77e62a829894236602c9f6df2b67942f06e7939a5c186b9bed03d0897320718ee881c005ebca10f6ef9c7f51dae9590b65b5dc8d4d2b73617906b40c2950dea5b4f9587c3d24cce2205004a01371c8c2bff9dbeb62365a3080715b90912331f098404be6cfa7536d2fedcbb4fb62a5f7187b0b4e3aa5202cb99eb3d2fa5149b94eee693fd35a8a8fe24050d6a8ae9d28ae733ad756d68f9662ff2cd991461cf846f396fed88f204f089a6375be54649c0041709d7c8d86b83426e2d7e88578cfc73efcf05da6b36a608fe75abc0bfa2e4546fd3e74aa45d4deaa61d16cf509c3a08bd93977e6ed1a08c13aa3e20181510673543271194f7ff8b4611bd4e4354a8a66278048b82a5070704e2a76854e63a2ce144a66008ae993669f4dab7f07ee76a14ede06d8de8b9161156d63d4cd449a43eb8661959deb23c1ba7838d46a2fa8070763cab7c5dda1ab878e20b317c4a16b16deb0ead3d1b3aa5a17cffe7cdda52bb65b4dc9da461039e0431e043938a96b2848531d08a4b440b915ae28984828b386b125c36c601b196967ae422fa3012190ade41facb7f68e96d492c0e0dd5eed9361b11316b49d29db988283a61da0ba2af437b05c7d3ca1b26164b587369f49a7eb6b33c56c11abd41a4bdccdac8f2a206cf7d82015a16b01ebf0e09f8c4e776084c66d481a0dcf497bba7eac4a1d61f5fb83e48aaccc0fa3dc3df28870f97e5516a28aacf883d96e0b101c290080c4bf69e481402b2c474cdfa144301b5741bd89a6188f91a4ff6f1a92fecb19dde43fffb2d8b547d518a390ddfba0767b9ac37f0ff0a4d346605fa47347b4f429348c7e9c2e3a530299194b4bfd608eaaccedaf72d350d59aa98a857e642e83c539c51374b964c849e0c25363909321ba697013136314f741339193ff0834fdfe0541d3dd9925e667d02693b88de7e49d5a9dced2b101cd08fa2faa465b829fd639d9f6980b439625f9ba6cbcb4743f5eeca0fa9b8b1e8b6a0755aec40aad9fb1aa97e1908b607f0bc57dcf6c94951c9bf969f3c781670355f142aa998d084eff884eb75b5503aa1a3aa9dbc2d777f33db45fcd8ba43393462f846230a28f88b16a1cd1a42943e01e65b1579088ecf03f7db51d0f97eca0bb13a109eb9c72766154803133ecec6d3b06d1db0f9bc16ca5b61db7e5a0f2be080fbc85925e4ca7e9d0cc35995e6f9c88a87c3489a8913f5a50b5d437c77eaac351c490d09960035cbf1654b0fcbde43b3af736048652a5241317cbeb5345f5295f4e262831d42d65a5f0d2a9b04f38b9fbacca686937dd0505690b8aa376c792ee5f4647cf51894fb3384db8a582b5776211fea8c23927cb8c9526c0725254d0063cd970f5ec1eaa8634f318a42fd2cb241d03d75c53d553375cbda5fdec7b98742c2c119c38963d2ba74e1373385d92ecc5d56a796a673c93ea00ca720aa1d4f5d22c5e68f417ad68a8977ee7216f34f991e918b7d82ed2595588046995558bf380fc335e357c1b5fe9acf530ad8d0cbcfe92e98a28c1edc2d9469f7b07f93c85828c5abce6dfcd9bb1a19b704cbfceacecfa781ace46253ee76fc04556f376f6b38d51b2a912041aba995677f2abf2103066d401b4b8441a49bd6c3f8d61e4ab558934d0a030896312caa4a19a1a0ecdef2b21c8a750c72924ffc24d83959819a020111c5e601291840639c4f67961ab39aa43a85dfc553c63aa21097a1d5f02e79063d745fe6190a009e0243b9c349259a0690316a6881b9a48572c9b71065db71c0b0c5a51db940b3956cbe4534cbe08e5baf980d5f0dafa79ff14414058c1960b31ed1941a0158a820b0e082f9a8e618ee0d3a753034d6244229c738c7789a755f3c5578ad86a3ae61465e9a01a09c2ec91c97ad0758453b02e5c33027e4e66981ff2d928493c79359ba2262134e6604463d1af23932d683c45ce0393ef520f1c9c08a27fb042108b9804267558274e44163da3e88fb937c9314318adbf931a1c024778160dc54c7ca958acc968b5876425f63c45e6a71af86a975fa32aca53828a6e6f9121945ebe5e32ea0c3d154d2ac9a25bb9b1c766bccdb86fbaca253c0a43a4abbabc6c9113a6deedb6575638eb16b67c6a12785c8b5c251a64fb82b981d23e317c4c79ed43f9a664556cb227208643e95f57449f95dccd927641ab054fb40b83d0892928b31e81cab8a269c03fce6a15e4ce363b4af45d62d935d767d283cdf151d938417ae9526f3eb1948d7fb2469babc23528e0e300e181154736d488c960b7fc1cd2672466bac5ef4424d1128a5915bc333c44a7a544fb170612bfac58e95c8c3cc4e724673e378c803c28d4753674d806ca15f52d59b168d92481a24bb9be4878652cf9ded0246abe2503a62b0866d9e70bebf8b052e94eea41e1200bd50ae09849b569b7572d5016c5cc9c58b495cf09031f04b5256003f1a29edc72b55fd36b60bc34c06461cafb8b100bf85cf0d50529fd533440d161ac", 0x1000, 0x9}], 0x1000004, &(0x7f0000001740)=ANY=[@ANYBLOB="6d61703d6f66662c726f6f74636f6e746578743d726f6f742c736d61636b6673726f6f743d5b2329e4212c6673636f6e746578743d73746166665f752c666f776e65723d", @ANYRESDEC=0x0, @ANYBLOB="2c7375626a975f747970653dffffffffffff2c646f6e745f61707072616973652cd69a747a6c738099a785c3759c69b1998b0c987740cd6e7eabc8532d401d2cf0ce09005191f696d27c65a71287855055bf2bcbfa2a46b54853b0d5de897894f29254abecaaef81e78497f4b6c134d52fed2bff0fdf13ecde7adece74bb2bc6b54b1d1c2f439c2993892de14f73d15645"])
openat(r2, &(0x7f0000000540)='./file0\x00', 0x200000, 0xcc773c6960a88931)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)={0x2c, 0x10, 0x1, 0x6, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}, @nested={0x10, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149"]}]}, 0x2c}}, 0x0)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), r1)
sendmsg$BATADV_CMD_GET_VLAN(r1, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x24, r3, 0x300, 0x70bd2b, 0x25dfdbfb, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x40}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x800)
r4 = socket$packet(0x11, 0x3, 0x300)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'lo\x00', <r6=>0x0})
setsockopt$packet_add_memb(r4, 0x107, 0x1, &(0x7f0000000000)={r6, 0x2, 0x6, @local}, 0x10)
sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000001840)={&(0x7f0000001640)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000001700)={&(0x7f0000001680)={0x60, r3, 0x300, 0x70bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x18}}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r6}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x2}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}]}, 0x60}}, 0x5)
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, r3, 0x2, 0x70bd2b, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @broadcast}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x5d}]}, 0x30}, 0x1, 0x0, 0x0, 0x4}, 0x50)
mlockall(0x7)
shmat(0x0, &(0x7f0000800000/0x800000)=nil, 0xc000)

[ 3100.089341] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3100.091438] Call Trace:
[ 3100.092008]  dump_stack+0x107/0x167
[ 3100.092789]  should_fail.cold+0x5/0xa
[ 3100.093617]  ? create_object.isra.0+0x3a/0xa20
[ 3100.094596]  should_failslab+0x5/0x20
[ 3100.095406]  kmem_cache_alloc+0x5b/0x310
[ 3100.096270]  ? __kernfs_new_node+0xd4/0x860
[ 3100.097190]  create_object.isra.0+0x3a/0xa20
[ 3100.098130]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3100.099220]  kmem_cache_alloc+0x159/0x310
[ 3100.100104]  __kernfs_new_node+0xd4/0x860
[ 3100.100995]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 3100.102010]  ? perf_trace_lock+0xac/0x490
[ 3100.102889]  ? perf_trace_lock+0xac/0x490
[ 3100.103769]  ? lock_chain_count+0x20/0x20
[ 3100.104655]  ? __lockdep_reset_lock+0x180/0x180
[ 3100.105646]  ? __lockdep_reset_lock+0x180/0x180
[ 3100.106642]  ? update_load_avg+0x162/0x1870
[ 3100.107560]  ? find_held_lock+0x2c/0x110
[ 3100.108429]  kernfs_new_node+0x18d/0x250
[ 3100.109293]  kernfs_create_dir_ns+0x49/0x160
[ 3100.110220]  internal_create_group+0x793/0xb30
[ 3100.111179]  ? set_user_nice.part.0+0x2fd/0x760
[ 3100.112144]  ? sysfs_remove_group+0x170/0x170
[ 3100.113081]  ? lockdep_init_map_type+0x2c7/0x780
[ 3100.114086]  ? blk_queue_flag_set+0x22/0x30
[ 3100.114987]  ? __loop_update_dio+0x2d2/0x690
[ 3100.115908]  loop_configure+0x953/0x1410
[ 3100.116783]  lo_ioctl+0xa57/0x16b0
[ 3100.117555]  ? avc_has_extended_perms+0x7f1/0xf40
[ 3100.118591]  ? loop_set_status_old+0x250/0x250
[ 3100.119560]  ? avc_ss_reset+0x180/0x180
[ 3100.120413]  ? find_held_lock+0x2c/0x110
[ 3100.121295]  ? __lock_acquire+0xbb1/0x5b00
[ 3100.122266]  ? selinux_bprm_creds_for_exec+0xb60/0xb60
[ 3100.123399]  ? generic_block_fiemap+0x60/0x60
[ 3100.124349]  ? lock_downgrade+0x6d0/0x6d0
[ 3100.124807] FAULT_INJECTION: forcing a failure.
[ 3100.124807] name failslab, interval 1, probability 0, space 0, times 0
[ 3100.125228]  ? build_open_flags+0x6f0/0x6f0
[ 3100.125257]  ? loop_set_status_old+0x250/0x250
[ 3100.129756]  blkdev_ioctl+0x291/0x710
[ 3100.130581]  ? blkdev_common_ioctl+0x1930/0x1930
[ 3100.131775]  ? selinux_file_ioctl+0xb6/0x270
[ 3100.132843]  block_ioctl+0xf9/0x140
[ 3100.133771]  ? blkdev_read_iter+0x1c0/0x1c0
[ 3100.134706]  __x64_sys_ioctl+0x19a/0x210
[ 3100.135587]  do_syscall_64+0x33/0x40
[ 3100.136392]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3100.137508] RIP: 0033:0x7fe01fe928d7
[ 3100.138311] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3100.142282] RSP: 002b:00007fe01d407f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3100.143929] RAX: ffffffffffffffda RBX: 00007fe01fedc970 RCX: 00007fe01fe928d7
[ 3100.145481] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006
[ 3100.147015] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff
[ 3100.148563] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[ 3100.150103] R13: 0000000000000005 R14: 00000000200001b0 R15: 0000000000000002
[ 3100.151689] CPU: 0 PID: 42496 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 3100.153627] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3100.155869] Call Trace:
[ 3100.156524]  dump_stack+0x107/0x167
[ 3100.157377]  should_fail.cold+0x5/0xa
[ 3100.158216] loop6: detected capacity change from 0 to 41948160
[ 3100.158260]  ? ___slab_alloc+0x155/0x700
[ 3100.158288]  ? create_object.isra.0+0x3a/0xa20
[ 3100.161490]  should_failslab+0x5/0x20
[ 3100.162356]  kmem_cache_alloc+0x5b/0x310
[ 3100.163301]  create_object.isra.0+0x3a/0xa20
[ 3100.164310]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3100.165485]  kmem_cache_alloc+0x159/0x310
[ 3100.166452]  anon_vma_clone+0xdc/0x590
[ 3100.167371]  anon_vma_fork+0x82/0x640
[ 3100.168242]  ? __vm_enough_memory+0x184/0x360
[ 3100.169278]  copy_process+0x7218/0x7800
[ 3100.170254]  ? __cleanup_sighand+0xb0/0xb0
[ 3100.171238]  ? perf_trace_lock+0xac/0x490
[ 3100.172187]  ? perf_trace_lock+0xac/0x490
[ 3100.173158]  kernel_clone+0xe7/0x980
[ 3100.174035]  ? create_io_thread+0xf0/0xf0
[ 3100.174993]  ? lock_downgrade+0x6d0/0x6d0
[ 3100.175934]  ? find_held_lock+0x2c/0x110
[ 3100.176880]  ? ksys_write+0x12d/0x260
[ 3100.177786]  __do_sys_clone+0xc8/0x110
[ 3100.178678]  ? kernel_clone+0x980/0x980
[ 3100.179608]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3100.180669]  ? vfs_write+0x354/0xb10
[ 3100.181554]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3100.182758]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3100.183933]  do_syscall_64+0x33/0x40
[ 3100.184795]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3100.185983] RIP: 0033:0x7fd16660db19
[ 3100.186841] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3100.191071] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3100.192798] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 3100.194465] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3100.196097] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 3100.197759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3100.199379] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
[ 3100.202683] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3100.208946] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=42562 comm=syz-executor.0
[ 3100.252240] FAULT_INJECTION: forcing a failure.
[ 3100.252240] name failslab, interval 1, probability 0, space 0, times 0
[ 3100.253645] FAULT_INJECTION: forcing a failure.
[ 3100.253645] name failslab, interval 1, probability 0, space 0, times 0
[ 3100.254850] CPU: 1 PID: 42509 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 3100.258712] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3100.260418] Call Trace:
[ 3100.260966]  dump_stack+0x107/0x167
[ 3100.261731]  should_fail.cold+0x5/0xa
[ 3100.262521]  ? create_object.isra.0+0x3a/0xa20
[ 3100.263466]  should_failslab+0x5/0x20
[ 3100.264251]  kmem_cache_alloc+0x5b/0x310
[ 3100.265097]  create_object.isra.0+0x3a/0xa20
[ 3100.266010]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3100.267063]  kmem_cache_alloc+0x159/0x310
[ 3100.267925]  anon_vma_fork+0xf1/0x640
[ 3100.268706]  ? __vm_enough_memory+0x184/0x360
[ 3100.269649]  copy_process+0x7218/0x7800
[ 3100.270514]  ? __cleanup_sighand+0xb0/0xb0
[ 3100.271385]  ? perf_trace_lock+0xac/0x490
[ 3100.272256]  ? perf_trace_lock+0xac/0x490
[ 3100.273117]  kernel_clone+0xe7/0x980
[ 3100.273905]  ? create_io_thread+0xf0/0xf0
[ 3100.274751]  ? lock_downgrade+0x6d0/0x6d0
[ 3100.275597]  ? find_held_lock+0x2c/0x110
[ 3100.276437]  ? ksys_write+0x12d/0x260
[ 3100.277235]  __do_sys_clone+0xc8/0x110
[ 3100.278045]  ? kernel_clone+0x980/0x980
[ 3100.278867]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3100.279821]  ? vfs_write+0x354/0xb10
[ 3100.280610]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3100.281702]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3100.282766]  do_syscall_64+0x33/0x40
[ 3100.283537]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3100.284580] RIP: 0033:0x7f87f4e1cb19
[ 3100.285335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3100.289078] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3100.290635] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 3100.292081] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3100.293536] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 3100.294980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3100.296431] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
[ 3100.297940] CPU: 0 PID: 42507 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 3100.299551] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3100.301454] Call Trace:
[ 3100.302080]  dump_stack+0x107/0x167
[ 3100.302914]  should_fail.cold+0x5/0xa
[ 3100.303795]  ? create_object.isra.0+0x3a/0xa20
[ 3100.304842]  should_failslab+0x5/0x20
[ 3100.305728]  kmem_cache_alloc+0x5b/0x310
[ 3100.306665]  create_object.isra.0+0x3a/0xa20
[ 3100.307680]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3100.308845]  kmem_cache_alloc+0x159/0x310
[ 3100.309820]  vm_area_dup+0x78/0x290
[ 3100.310675]  ? _cond_resched+0x10/0x30
[ 3100.311577]  ? copy_page_range+0x24e9/0x3810
[ 3100.312625]  ? vm_area_alloc+0x110/0x110
[ 3100.313575]  ? vm_iomap_memory+0x190/0x190
[ 3100.314545]  ? up_write+0x191/0x550
[ 3100.315393]  ? downgrade_write+0x3a0/0x3a0
[ 3100.316358]  ? down_write_killable+0x180/0x180
[ 3100.317400]  ? __vma_link_rb+0x540/0x700
[ 3100.318351]  copy_process+0x291b/0x7800
[ 3100.319296]  ? __cleanup_sighand+0xb0/0xb0
[ 3100.320274]  ? perf_trace_lock+0xac/0x490
[ 3100.321230]  ? perf_trace_lock+0xac/0x490
[ 3100.322195]  kernel_clone+0xe7/0x980
[ 3100.323043]  ? create_io_thread+0xf0/0xf0
[ 3100.323980]  ? lock_downgrade+0x6d0/0x6d0
[ 3100.324909]  ? find_held_lock+0x2c/0x110
[ 3100.325858]  ? ksys_write+0x12d/0x260
[ 3100.326733]  __do_sys_clone+0xc8/0x110
[ 3100.327631]  ? kernel_clone+0x980/0x980
[ 3100.328544]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3100.329609]  ? vfs_write+0x354/0xb10
[ 3100.330472]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3100.331672]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3100.332858]  do_syscall_64+0x33/0x40
[ 3100.333721]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3100.334889] RIP: 0033:0x7f81e84c4b19
[ 3100.335734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3100.339961] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3100.341722] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 3100.343348] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3100.344993] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 3100.346635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3100.348269] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
[ 3100.360942] loop0: detected capacity change from 0 to 135266304
05:51:54 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) (fail_nth: 27)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:51:54 executing program 7:
fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000001180)=0x1)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x200000c0}, 0x14050884)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000001200)=0x2, 0x4)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_io_uring_setup(0x1433, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x113}, &(0x7f00000a0000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000001300))
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000002e00)=""/4109, 0x100d}], 0x2)
syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000002a40)=<r4=>0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000580)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r5, 0xfffffffffffffe14, &(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @dev}}, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f00000011c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, {0x2}}, 0xe60)
io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x2203, &(0x7f00000002c0)={0x0, 0xfffffffe, 0x2, 0xfffffffe, 0x38c}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140))
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r7)

[ 3100.508073] FAULT_INJECTION: forcing a failure.
[ 3100.508073] name failslab, interval 1, probability 0, space 0, times 0
[ 3100.510573] CPU: 1 PID: 42722 Comm: syz-executor.6 Not tainted 5.10.235 #1
[ 3100.511854] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3100.513377] Call Trace:
[ 3100.513878]  dump_stack+0x107/0x167
[ 3100.514551]  should_fail.cold+0x5/0xa
[ 3100.514575]  ? __kernfs_new_node+0xd4/0x860
[ 3100.514605]  should_failslab+0x5/0x20
[ 3100.514624]  kmem_cache_alloc+0x5b/0x310
[ 3100.514650]  __kernfs_new_node+0xd4/0x860
[ 3100.518824]  ? kernfs_dop_revalidate+0x3a0/0x3a0
[ 3100.519681]  ? kernfs_add_one+0x36e/0x4d0
[ 3100.520444]  ? mutex_lock_io_nested+0xf30/0xf30
[ 3100.521291]  ? perf_trace_lock+0xac/0x490
[ 3100.522068]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3100.522948]  kernfs_new_node+0x18d/0x250
[ 3100.523689]  __kernfs_create_file+0x51/0x350
[ 3100.524499]  sysfs_add_file_mode_ns+0x221/0x560
[ 3100.525357]  internal_create_group+0x324/0xb30
[ 3100.526207]  ? sysfs_remove_group+0x170/0x170
[ 3100.527028]  ? lockdep_init_map_type+0x2c7/0x780
[ 3100.527894]  ? blk_queue_flag_set+0x22/0x30
[ 3100.528680]  ? __loop_update_dio+0x2d2/0x690
[ 3100.529495]  loop_configure+0x953/0x1410
[ 3100.530241]  lo_ioctl+0xa57/0x16b0
[ 3100.530894]  ? avc_has_extended_perms+0x7f1/0xf40
[ 3100.531776]  ? loop_set_status_old+0x250/0x250
[ 3100.532607]  ? avc_ss_reset+0x180/0x180
[ 3100.533328]  ? find_held_lock+0x2c/0x110
[ 3100.534084]  ? __lock_acquire+0xbb1/0x5b00
[ 3100.534891]  ? selinux_bprm_creds_for_exec+0xb60/0xb60
[ 3100.535845]  ? generic_block_fiemap+0x60/0x60
[ 3100.536656]  ? lock_downgrade+0x6d0/0x6d0
[ 3100.537407]  ? build_open_flags+0x6f0/0x6f0
[ 3100.538194]  ? loop_set_status_old+0x250/0x250
[ 3100.539013]  blkdev_ioctl+0x291/0x710
[ 3100.539694]  ? blkdev_common_ioctl+0x1930/0x1930
[ 3100.540560]  ? selinux_file_ioctl+0xb6/0x270
[ 3100.541355]  block_ioctl+0xf9/0x140
[ 3100.542018]  ? blkdev_read_iter+0x1c0/0x1c0
[ 3100.542800]  __x64_sys_ioctl+0x19a/0x210
[ 3100.543539]  do_syscall_64+0x33/0x40
[ 3100.544223]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3100.545146] RIP: 0033:0x7fe01fe928d7
[ 3100.545830] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 a4 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3100.549136] RSP: 002b:00007fe01d407f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 3100.550500] RAX: ffffffffffffffda RBX: 00007fe01fedc970 RCX: 00007fe01fe928d7
[ 3100.551759] RDX: 0000000000000005 RSI: 0000000000004c00 RDI: 0000000000000006
[ 3100.553030] RBP: 0000000000000006 R08: 0000000000000000 R09: ffffffffffffffff
[ 3100.554313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005
[ 3100.555588] R13: 0000000000000005 R14: 00000000200001b0 R15: 0000000000000002
05:51:54 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 61)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:51:54 executing program 7:
fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000001180)=0x1)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x200000c0}, 0x14050884)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000001200)=0x2, 0x4)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_io_uring_setup(0x1433, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x113}, &(0x7f00000a0000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000001300))
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000002e00)=""/4109, 0x100d}], 0x2)
syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000002a40)=<r4=>0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000580)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r5, 0xfffffffffffffe14, &(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @dev}}, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f00000011c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, {0x2}}, 0xe60)
io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x2203, &(0x7f00000002c0)={0x0, 0xfffffffe, 0x2, 0xfffffffe, 0x38c}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140))
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r7)

05:51:54 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 35)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:51:54 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 80)

05:51:54 executing program 2:
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/94, 0x5e}], 0x1, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)="ee", 0x1}], 0x100000000000037f)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = dup(r2)
recvmmsg(r3, &(0x7f0000007940)=[{{0x0, 0x200000, 0x0}}], 0x500, 0x20000022, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000580)={'tunl0\x00', &(0x7f0000000500)={'erspan0\x00', <r4=>0x0, 0x40, 0x8, 0x2, 0x4c6, {{0xd, 0x4, 0x2, 0x22, 0x34, 0x66, 0x0, 0x6, 0x4, 0x0, @multicast2, @empty, {[@timestamp_prespec={0x44, 0x14, 0x3c, 0x3, 0x3, [{@broadcast, 0x3}, {@broadcast, 0x4}]}, @generic={0x89, 0x7, "b8a14ed325"}, @ra={0x94, 0x4}, @end]}}}}})
sendmmsg$inet6(r3, &(0x7f0000000bc0)=[{{&(0x7f00000000c0)={0xa, 0x4e24, 0x4, @dev={0xfe, 0x80, '\x00', 0xd}, 0xfffffff9}, 0x1c, &(0x7f0000000400)=[{&(0x7f0000000100)="27489585a247e7a08feca0db1ba68f07bc5893d2780ec71189f5e96532d8306d95415dc745a9", 0x26}, {&(0x7f0000000180)="ad23c6d93111d9263b3828eebf6628e28e5be84e76b80227e41afacd76378b1b68a3ea52069ec826bf9995822677bf30034152316ee95ad7c5c80e89132a22b6d66cbb70c26b4405fb01d330dba6285d1b3e2bd712a820a386f91145467a2702bdeaefd394dc44ce99112f40f9184ad4081b275af5ca847f15e71d", 0x7b}, {&(0x7f0000000200)="1a34c8c855ab14775759e290b097bd1f4c9d81a68c0ff1912877be8f56b7ba0c99762e417cd68c7e607b46bc44c5fef48b2b9be4be54ec77a6b591ac34a6bcb2e7d2e02aa2db", 0x46}, {&(0x7f0000000300)="4649d2a74987c3faab20b39cc347c692f4debd64060994f496b9c88d3fca1e96af79158009fb6699c593b06ea2d9be70eb7a36bd9be194b86bff96146ce952bcae15249ee039e900b98761afd1ca68f6eb4dede9d2180c3456a892326bb80b80a7cd0c557a919f017bab6704d9cf2eab47f0da46949690949a2648300fcb6bb5067d4ca02df60b5f1674de6f3cfafeb445fb30afa14f5b40a03187755e274732c2e09c332aa162225d3b629ac471e6061b3b045be90a18ddfb9a4af2332b8524123209a8b1208995", 0xc8}, {&(0x7f0000000280)="10fb3d23e11166ed09c0d150309cff69cb29c3dcd3215bbcf7f40a9c903fe332cb2d6f", 0x23}], 0x5, &(0x7f00000005c0)=[@rthdr={{0x68, 0x29, 0x39, {0x3a, 0xa, 0x0, 0xff, 0x0, [@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x32}}, @dev={0xfe, 0x80, '\x00', 0x3d}, @dev={0xfe, 0x80, '\x00', 0xc}, @rand_addr=' \x01\x00', @private1={0xfc, 0x1, '\x00', 0x1}]}}}, @pktinfo={{0x24, 0x29, 0x32, {@dev={0xfe, 0x80, '\x00', 0x33}, r4}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x80000001}}, @hoplimit={{0x14, 0x29, 0x34, 0x3f}}, @pktinfo={{0x24, 0x29, 0x32, {@empty}}}, @dontfrag={{0x14, 0x29, 0x3e, 0x171}}], 0x100}}, {{&(0x7f00000006c0)={0xa, 0x4e20, 0x1000, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x80000000}, 0x1c, &(0x7f0000000880)=[{&(0x7f0000000700)="e567f9ad4bda2b40ded2e4805a1a6d023d6e319e4d2ad2056009b4c6f5", 0x1d}, {&(0x7f0000000740)="f4ca4a9780ca8047e1a979f107d3fa2d1f51b9e1ca96fecd3f", 0x19}, {&(0x7f0000000780)="4523048b910b75d591ea76cc5c52a481d4398769631ea6c9dd41e6b0c326703975638c46426cd99c3d091dc9890e356a7afbc80d1c22a2e4d606f41f222ccedcaf8782ab405cd51a664abe9e63fb536932073fec53e0a15918cfb1ac09cac38dacdebd5cab04fbf7c29e8b295b69d9c3653a985d35e91312182098f8655bfce6151b0225cc32979c0e6ee90b830944be72de66f5387c3ccde6612e858ef797d13c233354fb4863a829f204ff83d00e80fda0fa651d12f5656f296dfc48cbd28bda367b6e89c73a59b44b5ba98dd11cc7240dc3db6d40", 0xd6}], 0x3, &(0x7f00000008c0)=[@hoplimit={{0x14, 0x29, 0x34, 0x80000000}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x2}}, @dstopts_2292={{0x98, 0x29, 0x4, {0x2c, 0xf, '\x00', [@hao={0xc9, 0x10, @dev={0xfe, 0x80, '\x00', 0x1a}}, @jumbo={0xc2, 0x4, 0xffffff7f}, @enc_lim={0x4, 0x1, 0x2}, @jumbo={0xc2, 0x4, 0x80000000}, @calipso={0x7, 0x30, {0x3, 0xa, 0x6, 0x1414, [0x3, 0x7, 0x2, 0x2, 0xffff]}}, @enc_lim={0x4, 0x1, 0xff}, @hao={0xc9, 0x10, @private0}, @hao={0xc9, 0x10, @empty}]}}}, @dontfrag={{0x14, 0x29, 0x3e, 0x8}}, @dstopts_2292={{0x100, 0x29, 0x4, {0x2f, 0x1c, '\x00', [@pad1, @padn={0x1, 0xa, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @hao={0xc9, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @multicast2}}, @pad1, @generic={0x3f, 0x59, "bcc7f96ad42d2235ab1ca62157363c22b810532757cc9a081847e0f0645d3f6afefbc2b0c178d39c013a782ebee88a1dcdf75c8e9a5828b3a2fbda42f153a0d9b26c2a600f8fd2d0b72d7751c4b074af685abb125bc0f44fc0"}, @calipso={0x7, 0x50, {0x3, 0x12, 0x9e, 0x2, [0x8001, 0x100000000, 0x7, 0x7, 0x3, 0x80, 0x800, 0x8, 0x8]}}]}}}, @rthdr={{0x98, 0x29, 0x39, {0x2c, 0x10, 0x0, 0x3f, 0x0, [@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, @private2={0xfc, 0x2, '\x00', 0x1}, @local, @dev={0xfe, 0x80, '\x00', 0xe}, @private0={0xfc, 0x0, '\x00', 0x1}, @local, @private2={0xfc, 0x2, '\x00', 0x1}, @empty]}}}, @rthdrdstopts={{0x30, 0x29, 0x37, {0x2b, 0x2, '\x00', [@hao={0xc9, 0x10, @private1}]}}}, @hopopts={{0x40, 0x29, 0x36, {0x84, 0x4, '\x00', [@calipso={0x7, 0x10, {0x1, 0x2, 0x5, 0x3, [0x9]}}, @pad1, @hao={0xc9, 0x10, @private0={0xfc, 0x0, '\x00', 0x1}}]}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x6}}], 0x300}}], 0x2, 0x8000)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sendfile(r0, r5, &(0x7f0000000000)=0xffffffffffffffff, 0x1)
fork()
socket$inet6(0xa, 0xa, 0x3ff)

[ 3100.677631] loop6: detected capacity change from 0 to 41948160
[ 3100.715801] loop0: detected capacity change from 0 to 135266304
[ 3100.723994] FAT-fs (loop6): Unrecognized mount option "" or missing value
[ 3100.738890] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 3100.740492] FAULT_INJECTION: forcing a failure.
[ 3100.740492] name failslab, interval 1, probability 0, space 0, times 0
[ 3100.741125] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=42562 comm=syz-executor.0
[ 3100.742789] CPU: 1 PID: 42833 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 3100.746241] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3100.747531] Call Trace:
[ 3100.747947]  dump_stack+0x107/0x167
[ 3100.748522]  should_fail.cold+0x5/0xa
[ 3100.749130]  ? anon_vma_fork+0xf1/0x640
[ 3100.749766]  should_failslab+0x5/0x20
[ 3100.750362]  kmem_cache_alloc+0x5b/0x310
[ 3100.751001]  anon_vma_fork+0xf1/0x640
[ 3100.751599]  ? __vm_enough_memory+0x184/0x360
[ 3100.752311]  copy_process+0x7218/0x7800
[ 3100.752963]  ? __cleanup_sighand+0xb0/0xb0
[ 3100.753631]  ? perf_trace_lock+0xac/0x490
[ 3100.754294]  ? perf_trace_lock+0xac/0x490
[ 3100.754952]  kernel_clone+0xe7/0x980
[ 3100.755546]  ? create_io_thread+0xf0/0xf0
[ 3100.756184]  ? lock_downgrade+0x6d0/0x6d0
[ 3100.756832]  ? find_held_lock+0x2c/0x110
[ 3100.757464]  ? ksys_write+0x12d/0x260
[ 3100.758071]  __do_sys_clone+0xc8/0x110
[ 3100.758669]  ? kernel_clone+0x980/0x980
[ 3100.759279]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3100.759999]  ? vfs_write+0x354/0xb10
[ 3100.760597]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3100.761410]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3100.762225]  do_syscall_64+0x33/0x40
[ 3100.762804]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3100.763577] RIP: 0033:0x7fd16660db19
[ 3100.764157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3100.767055] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3100.768232] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 3100.769346] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3100.770474] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 3100.771565] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3100.772655] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
[ 3100.773092] FAULT_INJECTION: forcing a failure.
[ 3100.773092] name failslab, interval 1, probability 0, space 0, times 0
[ 3100.776554] CPU: 0 PID: 42836 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 3100.778045] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3100.779813] Call Trace:
[ 3100.780384]  dump_stack+0x107/0x167
[ 3100.781165]  should_fail.cold+0x5/0xa
[ 3100.781986]  ? vm_area_dup+0x78/0x290
[ 3100.782800]  should_failslab+0x5/0x20
[ 3100.783611]  kmem_cache_alloc+0x5b/0x310
[ 3100.784472]  ? lock_downgrade+0x6d0/0x6d0
[ 3100.785361]  vm_area_dup+0x78/0x290
[ 3100.786167]  ? _cond_resched+0x10/0x30
[ 3100.786991]  ? copy_page_range+0x24e9/0x3810
[ 3100.787969]  ? vm_area_alloc+0x110/0x110
[ 3100.788840]  ? vm_iomap_memory+0x190/0x190
[ 3100.789753]  ? up_write+0x191/0x550
[ 3100.790534]  ? downgrade_write+0x3a0/0x3a0
[ 3100.791429]  ? down_write_killable+0x180/0x180
[ 3100.792396]  ? __vma_link_rb+0x540/0x700
[ 3100.793272]  copy_process+0x291b/0x7800
[ 3100.794178]  ? __cleanup_sighand+0xb0/0xb0
[ 3100.795082]  ? perf_trace_lock+0xac/0x490
[ 3100.795965]  ? perf_trace_lock+0xac/0x490
[ 3100.796864]  kernel_clone+0xe7/0x980
[ 3100.797676]  ? create_io_thread+0xf0/0xf0
[ 3100.798551]  ? lock_downgrade+0x6d0/0x6d0
[ 3100.799424]  ? find_held_lock+0x2c/0x110
[ 3100.800296]  ? ksys_write+0x12d/0x260
[ 3100.801124]  __do_sys_clone+0xc8/0x110
[ 3100.801966]  ? kernel_clone+0x980/0x980
[ 3100.802813]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3100.803795]  ? vfs_write+0x354/0xb10
[ 3100.804602]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3100.805719]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3100.806824]  do_syscall_64+0x33/0x40
[ 3100.807618]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3100.808707] RIP: 0033:0x7f81e84c4b19
[ 3100.809512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3100.813420] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3100.815050] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 3100.816568] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3100.818090] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 3100.819609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3100.821134] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
05:51:54 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 81)

[ 3100.874965] FAULT_INJECTION: forcing a failure.
[ 3100.874965] name failslab, interval 1, probability 0, space 0, times 0
[ 3100.877849] CPU: 0 PID: 42837 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 3100.879339] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3100.881107] Call Trace:
[ 3100.881678]  dump_stack+0x107/0x167
[ 3100.882459]  should_fail.cold+0x5/0xa
[ 3100.883271]  ? anon_vma_fork+0x1ff/0x640
[ 3100.884133]  should_failslab+0x5/0x20
[ 3100.884941]  kmem_cache_alloc+0x5b/0x310
[ 3100.885823]  anon_vma_fork+0x1ff/0x640
[ 3100.886658]  copy_process+0x7218/0x7800
[ 3100.887541]  ? __cleanup_sighand+0xb0/0xb0
[ 3100.888445]  ? perf_trace_lock+0xac/0x490
[ 3100.889339]  ? perf_trace_lock+0xac/0x490
[ 3100.890234]  kernel_clone+0xe7/0x980
[ 3100.891029]  ? create_io_thread+0xf0/0xf0
[ 3100.891906]  ? lock_downgrade+0x6d0/0x6d0
[ 3100.892785]  ? find_held_lock+0x2c/0x110
[ 3100.893660]  ? ksys_write+0x12d/0x260
[ 3100.894478]  __do_sys_clone+0xc8/0x110
[ 3100.895303]  ? kernel_clone+0x980/0x980
[ 3100.896146]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3100.897130]  ? vfs_write+0x354/0xb10
[ 3100.897949]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3100.899054]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3100.900144]  do_syscall_64+0x33/0x40
[ 3100.900935]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3100.902025] RIP: 0033:0x7f87f4e1cb19
[ 3100.902816] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3100.906734] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3100.908347] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 3100.909880] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3100.911399] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 3100.912916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3100.914445] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
05:51:55 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 62)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:51:55 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[]) (fail_nth: 28)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:51:55 executing program 7:
fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000001180)=0x1)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x200000c0}, 0x14050884)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000001200)=0x2, 0x4)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_io_uring_setup(0x1433, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x113}, &(0x7f00000a0000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f0000001300))
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)=""/4096, 0x1000}, {&(0x7f0000002e00)=""/4109, 0x100d}], 0x2)
syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f00000a0000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000002a40)=<r4=>0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000580)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r5, 0xfffffffffffffe14, &(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @dev}}, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f00000011c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, {0x2}}, 0xe60)
io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
r6 = syz_io_uring_setup(0x2203, &(0x7f00000002c0)={0x0, 0xfffffffe, 0x2, 0xfffffffe, 0x38c}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000000), &(0x7f0000000140))
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r6, 0xa, 0x0, r7)

[ 3101.017617] FAULT_INJECTION: forcing a failure.
[ 3101.017617] name failslab, interval 1, probability 0, space 0, times 0
[ 3101.019160] CPU: 1 PID: 42948 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 3101.020056] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3101.021106] Call Trace:
[ 3101.021448]  dump_stack+0x107/0x167
[ 3101.021924]  should_fail.cold+0x5/0xa
[ 3101.022409]  ? anon_vma_clone+0xdc/0x590
[ 3101.022931]  should_failslab+0x5/0x20
[ 3101.023423]  kmem_cache_alloc+0x5b/0x310
[ 3101.023947]  anon_vma_clone+0xdc/0x590
[ 3101.024452]  anon_vma_fork+0x82/0x640
[ 3101.024942]  ? __vm_enough_memory+0x184/0x360
[ 3101.025518]  copy_process+0x7218/0x7800
[ 3101.026048]  ? __cleanup_sighand+0xb0/0xb0
[ 3101.026600]  ? perf_trace_lock+0xac/0x490
[ 3101.027138]  ? perf_trace_lock+0xac/0x490
[ 3101.027680]  kernel_clone+0xe7/0x980
[ 3101.028157]  ? create_io_thread+0xf0/0xf0
[ 3101.028682]  ? lock_downgrade+0x6d0/0x6d0
[ 3101.029206]  ? find_held_lock+0x2c/0x110
[ 3101.029734]  ? ksys_write+0x12d/0x260
[ 3101.030228]  __do_sys_clone+0xc8/0x110
[ 3101.030726]  ? kernel_clone+0x980/0x980
[ 3101.031223]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3101.031813]  ? vfs_write+0x354/0xb10
[ 3101.032301]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3101.032973]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3101.033655]  do_syscall_64+0x33/0x40
[ 3101.034132]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3101.034785] RIP: 0033:0x7fd16660db19
[ 3101.035250] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3101.037576] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3101.038525] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 3101.039428] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3101.040316] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 3101.041212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3101.042110] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
05:51:55 executing program 0:
shmget(0x3, 0x2000, 0x8, &(0x7f0000ff9000/0x2000)=nil)
r0 = shmget$private(0x0, 0x1000, 0x1c10, &(0x7f0000ffd000/0x1000)=nil)
shmat(r0, &(0x7f0000800000/0x800000)=nil, 0xc000)
shmat(r0, &(0x7f0000f6c000/0x4000)=nil, 0x0)
r1 = shmget$private(0x0, 0x1000, 0x1c10, &(0x7f0000ffd000/0x1000)=nil)
shmat(r1, &(0x7f0000800000/0x800000)=nil, 0xc000)
shmat(r1, &(0x7f00009a9000/0xd000)=nil, 0x2000)

[ 3101.059013] FAULT_INJECTION: forcing a failure.
[ 3101.059013] name failslab, interval 1, probability 0, space 0, times 0
[ 3101.060762] CPU: 1 PID: 42980 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 3101.061636] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3101.062650] Call Trace:
[ 3101.062974]  dump_stack+0x107/0x167
[ 3101.063425]  should_fail.cold+0x5/0xa
[ 3101.063886]  ? create_object.isra.0+0x3a/0xa20
[ 3101.064441]  should_failslab+0x5/0x20
[ 3101.064903]  kmem_cache_alloc+0x5b/0x310
[ 3101.065400]  create_object.isra.0+0x3a/0xa20
[ 3101.065943]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3101.066576]  kmem_cache_alloc+0x159/0x310
[ 3101.067086]  vm_area_dup+0x78/0x290
[ 3101.067537]  ? _cond_resched+0x10/0x30
[ 3101.068015]  ? copy_page_range+0x24e9/0x3810
[ 3101.068573]  ? vm_area_alloc+0x110/0x110
[ 3101.069074]  ? vm_iomap_memory+0x190/0x190
[ 3101.069604]  ? up_write+0x191/0x550
[ 3101.070050]  ? downgrade_write+0x3a0/0x3a0
[ 3101.070563]  ? down_write_killable+0x180/0x180
[ 3101.071129]  ? __vma_link_rb+0x540/0x700
[ 3101.071629]  copy_process+0x291b/0x7800
[ 3101.072136]  ? __cleanup_sighand+0xb0/0xb0
[ 3101.072652]  ? perf_trace_lock+0xac/0x490
[ 3101.073161]  ? perf_trace_lock+0xac/0x490
[ 3101.073679]  kernel_clone+0xe7/0x980
[ 3101.074141]  ? create_io_thread+0xf0/0xf0
[ 3101.074650]  ? lock_downgrade+0x6d0/0x6d0
[ 3101.075149]  ? find_held_lock+0x2c/0x110
[ 3101.075644]  ? ksys_write+0x12d/0x260
[ 3101.076114]  __do_sys_clone+0xc8/0x110
[ 3101.076590]  ? kernel_clone+0x980/0x980
[ 3101.077071]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3101.077092]  ? vfs_write+0x354/0xb10
[ 3101.077118]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3101.078996]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3101.079014]  do_syscall_64+0x33/0x40
[ 3101.080744]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3101.082160] RIP: 0033:0x7f81e84c4b19
[ 3101.082618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3101.084848] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3101.085784] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 3101.086643] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3101.087502] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 3101.088361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3101.089222] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
05:51:55 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[])
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:51:55 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x2, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[])
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

[ 3101.186131] loop6: detected capacity change from 0 to 41948160
05:52:14 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 36)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:52:14 executing program 3:
mlockall(0x7)
mlockall(0x3)
r0 = shmget$private(0x0, 0x1000, 0x1c10, &(0x7f0000ffd000/0x1000)=nil)
shmat(r0, &(0x7f0000800000/0x800000)=nil, 0xc000)
shmat(r0, &(0x7f0000fac000/0x2000)=nil, 0x7000)

05:52:14 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 63)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:52:14 executing program 0:
mlockall(0x7)
shmat(0x0, &(0x7f0000800000/0x800000)=nil, 0xc000)
shmctl$IPC_RMID(0x0, 0x0)

05:52:14 executing program 7:
rt_sigaction(0x12, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000100))
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x4000004}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ftruncate(0xffffffffffffffff, 0x1000003)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f0000000000)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x5}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x2000000}}}, 0x108)
pselect6(0x40, &(0x7f00000013c0)={0x0, 0xfffffbfffffffeff, 0x8, 0x9d, 0x8, 0x0, 0x8, 0x8}, 0x0, &(0x7f0000001440)={0xe5, 0x80000000a, 0x0, 0x2000000000000005, 0x1, 0x401, 0x81, 0x104c0cd1}, 0x0, &(0x7f0000001500)={&(0x7f00000014c0)={[0x7]}, 0x8})
fspick(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1)
quotactl(0x0, &(0x7f0000001340)='./file0\x00', 0x0, &(0x7f0000000180)="637b5d08aede0e6ded4f1e4ea75480cf7f06d1e53798a2acdb3a4a8f435a290000c65a7edea4f0d894b6")
ioctl$RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, &(0x7f0000000200)={0x1, 0x0, {0xa, 0x19, 0x12, 0xd, 0x9, 0xb54, 0x3, 0x142, 0xffffffffffffffff}})
fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x0)
socket$inet6_icmp(0xa, 0x2, 0x3a)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f00000001c0)=0x2)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000002e00)={0x0, 0x0, &(0x7f0000002dc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="50010000100001000000000000000000ac141441000000000000000000000000fe8000000000000000000000000000aa00"/64, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="fe8800000000000000000000000000010000000032000000fc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000580002006362632861657329000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080"], 0x150}}, 0x0)
setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000008c0), 0xc)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f0000000240)=0xffffffffffffffff)
unshare(0x48020200)

05:52:14 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 82)

05:52:14 executing program 2:
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/94, 0x5e}], 0x1, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
writev(r0, &(0x7f00000002c0)=[{&(0x7f0000000080)="ee", 0x1}], 0x100000000000037f)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0xa40, 0x0)
pipe2$9p(&(0x7f0000000100)={<r2=>0xffffffffffffffff}, 0x4000)
sendfile(r2, r1, &(0x7f0000000000)=0xffbf7fffffffffff, 0x1)
fork()
socket$inet6(0xa, 0xa, 0x3ff)

05:52:14 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x3, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[])
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

[ 3120.365606] FAULT_INJECTION: forcing a failure.
[ 3120.365606] name failslab, interval 1, probability 0, space 0, times 0
[ 3120.368250] CPU: 1 PID: 43083 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 3120.369729] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3120.371494] Call Trace:
[ 3120.372059]  dump_stack+0x107/0x167
[ 3120.372841]  should_fail.cold+0x5/0xa
[ 3120.373652]  ? anon_vma_fork+0x1ff/0x640
[ 3120.374528]  should_failslab+0x5/0x20
[ 3120.375335]  kmem_cache_alloc+0x5b/0x310
[ 3120.376205]  anon_vma_fork+0x1ff/0x640
[ 3120.377040]  copy_process+0x7218/0x7800
[ 3120.377943]  ? __cleanup_sighand+0xb0/0xb0
[ 3120.378846]  ? perf_trace_lock+0xac/0x490
[ 3120.379738]  ? perf_trace_lock+0xac/0x490
[ 3120.380630]  kernel_clone+0xe7/0x980
[ 3120.381430]  ? create_io_thread+0xf0/0xf0
[ 3120.382320]  ? lock_downgrade+0x6d0/0x6d0
[ 3120.383200]  ? find_held_lock+0x2c/0x110
[ 3120.384079]  ? ksys_write+0x12d/0x260
[ 3120.384906]  __do_sys_clone+0xc8/0x110
[ 3120.385741]  ? kernel_clone+0x980/0x980
[ 3120.386594]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3120.387589]  ? vfs_write+0x354/0xb10
[ 3120.388407]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3120.389513]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3120.390630]  do_syscall_64+0x33/0x40
[ 3120.390958] FAULT_INJECTION: forcing a failure.
[ 3120.390958] name failslab, interval 1, probability 0, space 0, times 0
[ 3120.391425]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3120.391439] RIP: 0033:0x7fd16660db19
[ 3120.391461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3120.391473] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3120.401162] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 3120.402696] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3120.404225] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 3120.405760] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3120.407288] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
[ 3120.408851] CPU: 0 PID: 43085 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 3120.410272] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3120.411948] Call Trace:
[ 3120.412490]  dump_stack+0x107/0x167
[ 3120.413231]  should_fail.cold+0x5/0xa
[ 3120.414015]  ? vm_area_dup+0x78/0x290
[ 3120.414792]  should_failslab+0x5/0x20
[ 3120.415566]  kmem_cache_alloc+0x5b/0x310
[ 3120.416386]  ? lock_downgrade+0x6d0/0x6d0
[ 3120.417229]  vm_area_dup+0x78/0x290
[ 3120.417989]  ? _cond_resched+0x10/0x30
[ 3120.418774]  ? copy_page_range+0x24e9/0x3810
[ 3120.419705]  ? vm_area_alloc+0x110/0x110
[ 3120.420541]  ? vm_iomap_memory+0x190/0x190
[ 3120.421396]  ? up_write+0x191/0x550
[ 3120.422147]  ? downgrade_write+0x3a0/0x3a0
[ 3120.422997]  ? down_write_killable+0x180/0x180
[ 3120.423921]  ? __vma_link_rb+0x540/0x700
[ 3120.424751]  copy_process+0x291b/0x7800
[ 3120.425599]  ? __cleanup_sighand+0xb0/0xb0
[ 3120.426465]  ? perf_trace_lock+0xac/0x490
[ 3120.427316]  ? perf_trace_lock+0xac/0x490
[ 3120.428168]  kernel_clone+0xe7/0x980
[ 3120.428932]  ? create_io_thread+0xf0/0xf0
[ 3120.429772]  ? lock_downgrade+0x6d0/0x6d0
[ 3120.430608]  ? find_held_lock+0x2c/0x110
[ 3120.431437]  ? ksys_write+0x12d/0x260
[ 3120.432225]  __do_sys_clone+0xc8/0x110
[ 3120.433013]  ? kernel_clone+0x980/0x980
[ 3120.433830]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3120.434764]  ? vfs_write+0x354/0xb10
[ 3120.435540]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3120.436600]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3120.437642]  do_syscall_64+0x33/0x40
[ 3120.438412]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3120.439444] RIP: 0033:0x7f81e84c4b19
[ 3120.440194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3120.443916] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3120.445455] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 3120.446903] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3120.448345] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 3120.449792] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3120.451229] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
[ 3120.455813] loop6: detected capacity change from 0 to 41948160
[ 3120.475974] FAULT_INJECTION: forcing a failure.
[ 3120.475974] name failslab, interval 1, probability 0, space 0, times 0
[ 3120.478587] CPU: 1 PID: 43080 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 3120.480066] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3120.481847] Call Trace:
[ 3120.482414]  dump_stack+0x107/0x167
[ 3120.483195]  should_fail.cold+0x5/0xa
[ 3120.484005]  ? create_object.isra.0+0x3a/0xa20
[ 3120.484979]  should_failslab+0x5/0x20
[ 3120.485801]  kmem_cache_alloc+0x5b/0x310
[ 3120.486678]  create_object.isra.0+0x3a/0xa20
[ 3120.487616]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3120.488711]  kmem_cache_alloc+0x159/0x310
[ 3120.489615]  anon_vma_fork+0x1ff/0x640
[ 3120.490544]  copy_process+0x7218/0x7800
[ 3120.491607]  ? __cleanup_sighand+0xb0/0xb0
[ 3120.492665]  ? perf_trace_lock+0xac/0x490
[ 3120.493728]  ? perf_trace_lock+0xac/0x490
[ 3120.494767]  kernel_clone+0xe7/0x980
[ 3120.495724]  ? create_io_thread+0xf0/0xf0
[ 3120.496782]  ? lock_downgrade+0x6d0/0x6d0
[ 3120.497845]  ? find_held_lock+0x2c/0x110
[ 3120.498878]  ? ksys_write+0x12d/0x260
[ 3120.499877]  __do_sys_clone+0xc8/0x110
[ 3120.500851]  ? kernel_clone+0x980/0x980
[ 3120.501911]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3120.503058]  ? vfs_write+0x354/0xb10
[ 3120.504000]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3120.505364]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3120.506709]  do_syscall_64+0x33/0x40
[ 3120.507651]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3120.508951] RIP: 0033:0x7f87f4e1cb19
[ 3120.509914] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3120.513959] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3120.515619] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 3120.517206] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3120.518743] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 3120.520354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3120.521925] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
05:52:14 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 83)

05:52:14 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 37)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:52:14 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x4, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[])
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

[ 3120.778789] FAULT_INJECTION: forcing a failure.
[ 3120.778789] name failslab, interval 1, probability 0, space 0, times 0
[ 3120.781530] CPU: 1 PID: 43287 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 3120.783031] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3120.784846] Call Trace:
[ 3120.785452]  dump_stack+0x107/0x167
[ 3120.786298]  should_fail.cold+0x5/0xa
[ 3120.787165]  ? create_object.isra.0+0x3a/0xa20
[ 3120.788205]  should_failslab+0x5/0x20
[ 3120.789040]  kmem_cache_alloc+0x5b/0x310
[ 3120.789928]  create_object.isra.0+0x3a/0xa20
[ 3120.790850]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3120.791932]  kmem_cache_alloc+0x159/0x310
[ 3120.792812]  anon_vma_fork+0x1ff/0x640
[ 3120.793633]  copy_process+0x7218/0x7800
[ 3120.794527]  ? __cleanup_sighand+0xb0/0xb0
[ 3120.795421]  ? perf_trace_lock+0xac/0x490
[ 3120.796304]  ? perf_trace_lock+0xac/0x490
[ 3120.797182]  kernel_clone+0xe7/0x980
[ 3120.797994]  ? create_io_thread+0xf0/0xf0
[ 3120.798904]  ? lock_downgrade+0x6d0/0x6d0
[ 3120.799784]  ? find_held_lock+0x2c/0x110
[ 3120.800651]  ? ksys_write+0x12d/0x260
[ 3120.801464]  __do_sys_clone+0xc8/0x110
[ 3120.802289]  ? kernel_clone+0x980/0x980
[ 3120.803123]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3120.804104]  ? vfs_write+0x354/0xb10
[ 3120.804907]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3120.806011]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3120.807306]  do_syscall_64+0x33/0x40
[ 3120.808274]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3120.809579] RIP: 0033:0x7fd16660db19
[ 3120.810535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3120.815179] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3120.817047] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 3120.818801] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3120.820523] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 3120.822276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3120.824068] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
[ 3120.853339] loop6: detected capacity change from 0 to 41948160
05:52:14 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 64)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

[ 3120.870072] FAULT_INJECTION: forcing a failure.
[ 3120.870072] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3120.872732] CPU: 1 PID: 43300 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 3120.874174] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3120.875926] Call Trace:
[ 3120.876483]  dump_stack+0x107/0x167
[ 3120.877245]  should_fail.cold+0x5/0xa
[ 3120.878059]  __alloc_pages_nodemask+0x182/0x600
[ 3120.879029]  ? __lockdep_reset_lock+0x180/0x180
[ 3120.880041]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 3120.881304]  ? copy_page_range+0x28e1/0x3810
[ 3120.882230]  alloc_pages_current+0x187/0x280
[ 3120.883152]  get_zeroed_page+0x14/0xb0
[ 3120.883958]  __pud_alloc+0x33/0x270
[ 3120.884726]  copy_page_range+0x2ca1/0x3810
[ 3120.885646]  ? perf_trace_lock+0xac/0x490
[ 3120.886515]  ? lock_chain_count+0x20/0x20
[ 3120.887397]  ? lock_downgrade+0x6d0/0x6d0
[ 3120.888275]  ? up_write+0x191/0x550
[ 3120.889033]  ? vm_iomap_memory+0x190/0x190
[ 3120.889941]  ? downgrade_write+0x3a0/0x3a0
[ 3120.890843]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 3120.891977]  ? __vma_link_rb+0x540/0x700
[ 3120.892831]  copy_process+0x759b/0x7800
[ 3120.893708]  ? __cleanup_sighand+0xb0/0xb0
[ 3120.894615]  ? perf_trace_lock+0xac/0x490
[ 3120.895513]  ? perf_trace_lock+0xac/0x490
[ 3120.896379]  kernel_clone+0xe7/0x980
[ 3120.897162]  ? create_io_thread+0xf0/0xf0
[ 3120.898020]  ? lock_downgrade+0x6d0/0x6d0
[ 3120.898880]  ? find_held_lock+0x2c/0x110
[ 3120.899779]  ? ksys_write+0x12d/0x260
[ 3120.900593]  __do_sys_clone+0xc8/0x110
[ 3120.901394]  ? kernel_clone+0x980/0x980
[ 3120.902240]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3120.903205]  ? vfs_write+0x354/0xb10
[ 3120.904030]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3120.905137]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3120.906219]  do_syscall_64+0x33/0x40
[ 3120.906988]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3120.908041] RIP: 0033:0x7f87f4e1cb19
[ 3120.908850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3120.912665] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3120.914282] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 3120.915746] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3120.917200] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 3120.918652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3120.920097] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
05:52:15 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0)
r1 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
readahead(0xffffffffffffffff, 0x0, 0x6)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000200)="af", 0x1}], 0x1)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
fallocate(r2, 0x0, 0x0, 0x8000)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r4 = epoll_create(0x8)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r5, &(0x7f0000000100)={0x30000000})
signalfd4(0xffffffffffffffff, &(0x7f0000000140)={[0x3e91509e]}, 0x8, 0x800)
getpeername$packet(r2, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000009c0)=0x14)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_WDS_PEER(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x28, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="32fe80f33b27"}]}, 0x28}}, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x10001, 0xffff, 0x0, 0x7fffffff})
creat(&(0x7f0000000080)='./file1/file0\x00', 0x142)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x4000006})
openat$vcsu(0xffffffffffffff9c, &(0x7f00000001c0), 0x220000, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000040)={0x0, r1, 0x2})

05:52:15 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 38)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

[ 3121.084931] FAULT_INJECTION: forcing a failure.
[ 3121.084931] name failslab, interval 1, probability 0, space 0, times 0
[ 3121.087283] CPU: 1 PID: 43310 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 3121.088645] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3121.090226] Call Trace:
[ 3121.090732]  dump_stack+0x107/0x167
[ 3121.091425]  should_fail.cold+0x5/0xa
[ 3121.092148]  ? vm_area_dup+0x78/0x290
[ 3121.092906]  should_failslab+0x5/0x20
[ 3121.093623]  kmem_cache_alloc+0x5b/0x310
[ 3121.094405]  ? lock_downgrade+0x6d0/0x6d0
[ 3121.095196]  vm_area_dup+0x78/0x290
[ 3121.095900]  ? _cond_resched+0x10/0x30
[ 3121.096676]  ? copy_page_range+0x24e9/0x3810
[ 3121.097546]  ? vm_area_alloc+0x110/0x110
[ 3121.098336]  ? vm_iomap_memory+0x190/0x190
[ 3121.099132]  ? up_write+0x191/0x550
[ 3121.099822]  ? downgrade_write+0x3a0/0x3a0
[ 3121.100642]  ? down_write_killable+0x180/0x180
[ 3121.101525]  ? __vma_link_rb+0x540/0x700
[ 3121.102319]  copy_process+0x291b/0x7800
[ 3121.103109]  ? __cleanup_sighand+0xb0/0xb0
[ 3121.103913]  ? perf_trace_lock+0xac/0x490
[ 3121.104736]  ? perf_trace_lock+0xac/0x490
[ 3121.105541]  kernel_clone+0xe7/0x980
[ 3121.106258]  ? create_io_thread+0xf0/0xf0
[ 3121.107039]  ? lock_downgrade+0x6d0/0x6d0
[ 3121.107816]  ? find_held_lock+0x2c/0x110
[ 3121.108616]  ? ksys_write+0x12d/0x260
[ 3121.109368]  __do_sys_clone+0xc8/0x110
[ 3121.110108]  ? kernel_clone+0x980/0x980
[ 3121.110852]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3121.111714]  ? vfs_write+0x354/0xb10
[ 3121.112426]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3121.113440]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3121.114409]  do_syscall_64+0x33/0x40
[ 3121.115100]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3121.116051] RIP: 0033:0x7f81e84c4b19
[ 3121.116756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3121.120170] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3121.121609] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 3121.122937] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3121.124246] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 3121.125617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3121.126943] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
[ 3121.129839] audit: type=1400 audit(1742968335.209:67): avc:  denied  { block_suspend } for  pid=43311 comm="syz-executor.7" capability=36  scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1
[ 3121.188232] FAULT_INJECTION: forcing a failure.
[ 3121.188232] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3121.190549] CPU: 1 PID: 43315 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 3121.191769] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3121.193221] Call Trace:
[ 3121.193705]  dump_stack+0x107/0x167
[ 3121.194356]  should_fail.cold+0x5/0xa
[ 3121.195054]  __alloc_pages_nodemask+0x182/0x600
[ 3121.195875]  ? lock_acquire+0x197/0x470
[ 3121.196564]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 3121.197641]  ? lock_downgrade+0x6d0/0x6d0
[ 3121.198381]  ? do_raw_spin_lock+0x121/0x260
[ 3121.199134]  alloc_pages_current+0x187/0x280
[ 3121.199910]  __pmd_alloc+0x37/0x5e0
[ 3121.200564]  copy_page_range+0x2bd8/0x3810
[ 3121.201312]  ? perf_trace_lock+0xac/0x490
[ 3121.202057]  ? lock_chain_count+0x20/0x20
[ 3121.202815]  ? up_write+0x191/0x550
[ 3121.203458]  ? vm_iomap_memory+0x190/0x190
[ 3121.204220]  ? downgrade_write+0x3a0/0x3a0
[ 3121.204956]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 3121.205906]  ? __vma_link_rb+0x540/0x700
[ 3121.206611]  copy_process+0x759b/0x7800
[ 3121.207341]  ? __cleanup_sighand+0xb0/0xb0
[ 3121.208066]  ? perf_trace_lock+0xac/0x490
[ 3121.208783]  ? perf_trace_lock+0xac/0x490
[ 3121.209513]  kernel_clone+0xe7/0x980
[ 3121.210195]  ? create_io_thread+0xf0/0xf0
[ 3121.210918]  ? lock_downgrade+0x6d0/0x6d0
[ 3121.211634]  ? find_held_lock+0x2c/0x110
[ 3121.212340]  ? ksys_write+0x12d/0x260
[ 3121.213003]  __do_sys_clone+0xc8/0x110
[ 3121.213680]  ? kernel_clone+0x980/0x980
[ 3121.214376]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3121.215183]  ? vfs_write+0x354/0xb10
[ 3121.215851]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3121.216781]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3121.217675]  do_syscall_64+0x33/0x40
[ 3121.218349]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3121.219230] RIP: 0033:0x7f87f4e1cb19
[ 3121.219870] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3121.223055] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3121.224352] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 3121.225574] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3121.226796] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 3121.228023] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3121.229245] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
05:52:34 executing program 3:
mlockall(0x7)
mlockall(0x3)
r0 = shmget$private(0x0, 0x1000, 0x1c10, &(0x7f0000ffd000/0x1000)=nil)
shmat(r0, &(0x7f0000800000/0x800000)=nil, 0xc000)

05:52:34 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 65)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

[ 3140.367890] loop6: detected capacity change from 0 to 41948160
05:52:34 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 84)

05:52:34 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x5, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[])
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

[ 3140.411968] FAULT_INJECTION: forcing a failure.
[ 3140.411968] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3140.414747] CPU: 1 PID: 43436 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 3140.416199] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3140.417943] Call Trace:
[ 3140.418524]  dump_stack+0x107/0x167
[ 3140.419295]  should_fail.cold+0x5/0xa
[ 3140.420128]  __alloc_pages_nodemask+0x182/0x600
[ 3140.421130]  ? __lockdep_reset_lock+0x180/0x180
[ 3140.422116]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 3140.423406]  ? copy_page_range+0x28e1/0x3810
[ 3140.424339]  alloc_pages_current+0x187/0x280
[ 3140.425281]  get_zeroed_page+0x14/0xb0
[ 3140.426112]  __pud_alloc+0x33/0x270
[ 3140.426887]  copy_page_range+0x2ca1/0x3810
[ 3140.427778]  ? perf_trace_lock+0xac/0x490
[ 3140.428644]  ? lock_chain_count+0x20/0x20
[ 3140.429536]  ? lock_downgrade+0x6d0/0x6d0
[ 3140.430441]  ? up_write+0x191/0x550
[ 3140.431207]  ? vm_iomap_memory+0x190/0x190
[ 3140.432102]  ? downgrade_write+0x3a0/0x3a0
[ 3140.432992]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 3140.434149]  ? __vma_link_rb+0x540/0x700
[ 3140.435023]  copy_process+0x759b/0x7800
[ 3140.435914]  ? __cleanup_sighand+0xb0/0xb0
[ 3140.436823]  ? perf_trace_lock+0xac/0x490
[ 3140.437053] FAULT_INJECTION: forcing a failure.
[ 3140.437053] name failslab, interval 1, probability 0, space 0, times 0
[ 3140.437720]  ? perf_trace_lock+0xac/0x490
[ 3140.437753]  kernel_clone+0xe7/0x980
[ 3140.437778]  ? create_io_thread+0xf0/0xf0
[ 3140.437797]  ? lock_downgrade+0x6d0/0x6d0
[ 3140.437814]  ? find_held_lock+0x2c/0x110
[ 3140.437843]  ? ksys_write+0x12d/0x260
[ 3140.437889]  __do_sys_clone+0xc8/0x110
[ 3140.437909]  ? kernel_clone+0x980/0x980
[ 3140.437930]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3140.437949]  ? vfs_write+0x354/0xb10
[ 3140.437992]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3140.449951]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3140.451058]  do_syscall_64+0x33/0x40
[ 3140.451861]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3140.452962] RIP: 0033:0x7fd16660db19
[ 3140.453763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3140.457723] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3140.459361] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 3140.460901] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3140.462439] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 3140.463975] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3140.465511] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
[ 3140.467084] CPU: 0 PID: 43428 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 3140.468548] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3140.470295] Call Trace:
[ 3140.470864]  dump_stack+0x107/0x167
[ 3140.471634]  should_fail.cold+0x5/0xa
[ 3140.472454]  ? vm_area_dup+0x78/0x290
[ 3140.473262]  should_failslab+0x5/0x20
[ 3140.474076]  kmem_cache_alloc+0x5b/0x310
[ 3140.474932]  ? lock_downgrade+0x6d0/0x6d0
[ 3140.475801]  vm_area_dup+0x78/0x290
[ 3140.476572]  ? _cond_resched+0x10/0x30
[ 3140.477383]  ? copy_page_range+0x24e9/0x3810
[ 3140.478357]  ? vm_area_alloc+0x110/0x110
[ 3140.479214]  ? vm_iomap_memory+0x190/0x190
[ 3140.480098]  ? up_write+0x191/0x550
[ 3140.480861]  ? downgrade_write+0x3a0/0x3a0
[ 3140.481746]  ? down_write_killable+0x180/0x180
[ 3140.482720]  ? __vma_link_rb+0x540/0x700
[ 3140.483577]  copy_process+0x291b/0x7800
[ 3140.484451]  ? __cleanup_sighand+0xb0/0xb0
[ 3140.485356]  ? find_held_lock+0x2c/0x110
[ 3140.486210]  kernel_clone+0xe7/0x980
[ 3140.486990]  ? lock_downgrade+0x6d0/0x6d0
[ 3140.487854]  ? create_io_thread+0xf0/0xf0
[ 3140.488735]  ? recalibrate_cpu_khz+0x10/0x10
[ 3140.489648]  ? ktime_get+0x158/0x1f0
[ 3140.490446]  __do_sys_clone+0xc8/0x110
[ 3140.491257]  ? kernel_clone+0x980/0x980
[ 3140.492110]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3140.493203]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3140.494294]  do_syscall_64+0x33/0x40
[ 3140.495070]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3140.496133] RIP: 0033:0x7f81e84c4b19
05:52:34 executing program 0:
mlockall(0x7)
shmat(0x0, &(0x7f0000800000/0x800000)=nil, 0xc000)
shmat(0xffffffffffffffff, &(0x7f00009b7000/0x3000)=nil, 0x2000)
r0 = shmget(0x1, 0xc00000, 0x1, &(0x7f0000400000/0xc00000)=nil)
shmctl$SHM_UNLOCK(r0, 0xc)

05:52:34 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 39)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:52:34 executing program 7:
perf_event_open(&(0x7f0000001900)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_mount_image$iso9660(&(0x7f0000000040), 0x0, 0x1, 0x4, &(0x7f0000001700)=[{0x0}, {&(0x7f0000000180)}, {0x0}, {0x0}], 0x0, &(0x7f0000000180)={[], [{@mask={'mask', 0x3d, 'MAY_APPEND'}}, {@obj_type={'obj_type', 0x3d, 'iso9660\x00'}}, {@audit}, {@obj_type={'obj_type', 0x3d, '\xde\x19\xcc\xd3\xf0\x9eR;\xb0\xe3\xe4\xc3uu\xbe>(\xd9\xd1\xbb\xba\x9a\xa5h\xbf\xd9\xed0\xbd)\x1b\f\xfc;\x9f\xa7\x15\'1\x8e\x11\x014\x0fW\x9c\xeb\x17\x17\xfd(\x00\n\xcc)\xe8\x04\xc6\x11/\xb2\x95o\'\xfb\xff\xde\x8f\xf6h\xfdx\xf8\x1fm\xbe\xf6\xef\xcb\xaeL#\xaf'}}, {@smackfsdef}, {@obj_role={'obj_role', 0x3d, 'iso9660\x00'}}]})
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x200, 0x0)

05:52:34 executing program 2:
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/94, 0x5e}], 0x1, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)="ee", 0x1}], 0x100000000000037f)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000004e80)=[{{&(0x7f00000000c0), 0x6e, &(0x7f0000001580)=[{&(0x7f0000000180)=""/172, 0xac}, {&(0x7f0000000300)=""/174, 0xae}, {&(0x7f0000000240)=""/100, 0x64}, {&(0x7f0000000500)=""/4096, 0x1000}, {&(0x7f00000003c0)=""/55, 0x37}, {&(0x7f0000000400)=""/62, 0x3e}, {&(0x7f0000001500)=""/92, 0x5c}], 0x7, &(0x7f0000001600)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xc8}}, {{&(0x7f0000001700)=@abs, 0x6e, &(0x7f0000001a00)=[{&(0x7f0000001780)=""/234, 0xea}, {&(0x7f0000001880)=""/179, 0xb3}, {&(0x7f0000001940)=""/144, 0x90}, {&(0x7f0000001f00)=""/4096, 0x1000}, {&(0x7f0000001b00)=""/226, 0xe2}], 0x5, &(0x7f0000001c00)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xe0}}, {{&(0x7f0000001d00), 0x6e, &(0x7f0000000440)=[{&(0x7f0000001d80)=""/110, 0x6e}, {&(0x7f0000001e00)=""/138, 0x8a}], 0x2, &(0x7f0000002f00)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x138}}, {{&(0x7f0000003040)=@abs, 0x6e, &(0x7f0000004440)=[{&(0x7f00000030c0)=""/142, 0x8e}, {&(0x7f0000003180)=""/213, 0xd5}, {&(0x7f0000003280)=""/17, 0x11}, {&(0x7f00000032c0)=""/63, 0x3f}, {&(0x7f0000003300)=""/4096, 0x1000}, {&(0x7f0000004300)=""/239, 0xef}, {&(0x7f0000004400)=""/13, 0xd}], 0x7, &(0x7f00000044c0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, <r2=>0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xe0}}, {{&(0x7f00000045c0), 0x6e, &(0x7f0000004840)=[{&(0x7f0000004640)=""/25, 0x19}, {0xfffffffffffffffc}, {&(0x7f0000004680)=""/205, 0xcd}, {&(0x7f0000004780)=""/157, 0x9d}], 0x4}}, {{&(0x7f0000004880)=@abs, 0x6e, &(0x7f0000004cc0)=[{&(0x7f0000004900)=""/195, 0xc3}, {&(0x7f0000004a00)=""/119, 0x77}, {&(0x7f0000004a80)=""/43, 0x2b}, {&(0x7f0000004ac0)=""/107, 0x6b}, {&(0x7f0000004b40)=""/175, 0xaf}, {&(0x7f0000004c00)=""/114, 0x72}, {&(0x7f0000004c80)=""/48, 0x30}], 0x7, &(0x7f0000004d40)=[@cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x108}}], 0x6, 0x102, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f0000005000)={{0x1, 0x1, 0x18, r0, {0x40}}, './file0\x00'})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sendfile(r0, r3, &(0x7f0000000000)=0xffffffffffffffff, 0x1)
fork()
socket$inet6(0xa, 0xa, 0x3ff)

[ 3140.496911] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3140.500750] FAULT_INJECTION: forcing a failure.
[ 3140.500750] name failslab, interval 1, probability 0, space 0, times 0
[ 3140.500893] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3140.504801] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 3140.506252] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3140.507730] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 3140.509175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3140.510660] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
[ 3140.512146] CPU: 1 PID: 43438 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 3140.513650] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3140.515464] Call Trace:
[ 3140.516020]  dump_stack+0x107/0x167
[ 3140.516793]  should_fail.cold+0x5/0xa
[ 3140.517600]  ? __pmd_alloc+0x94/0x5e0
[ 3140.518419]  should_failslab+0x5/0x20
[ 3140.519222]  kmem_cache_alloc+0x5b/0x310
[ 3140.520088]  __pmd_alloc+0x94/0x5e0
[ 3140.520865]  copy_page_range+0x2bd8/0x3810
[ 3140.521764]  ? perf_trace_lock+0xac/0x490
[ 3140.522642]  ? lock_chain_count+0x20/0x20
[ 3140.523560]  ? up_write+0x191/0x550
[ 3140.524327]  ? vm_iomap_memory+0x190/0x190
[ 3140.525222]  ? downgrade_write+0x3a0/0x3a0
[ 3140.526141]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 3140.527294]  ? __vma_link_rb+0x540/0x700
[ 3140.528163]  copy_process+0x759b/0x7800
[ 3140.529047]  ? __cleanup_sighand+0xb0/0xb0
[ 3140.529949]  ? perf_trace_lock+0xac/0x490
[ 3140.530835]  ? perf_trace_lock+0xac/0x490
[ 3140.531717]  kernel_clone+0xe7/0x980
[ 3140.532508]  ? create_io_thread+0xf0/0xf0
[ 3140.533379]  ? lock_downgrade+0x6d0/0x6d0
[ 3140.534257]  ? find_held_lock+0x2c/0x110
[ 3140.535128]  ? ksys_write+0x12d/0x260
[ 3140.535946]  __do_sys_clone+0xc8/0x110
[ 3140.536767]  ? kernel_clone+0x980/0x980
[ 3140.537613]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3140.538623]  ? vfs_write+0x354/0xb10
[ 3140.539449]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3140.540552]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3140.541645]  do_syscall_64+0x33/0x40
[ 3140.542438]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3140.543523] RIP: 0033:0x7f87f4e1cb19
[ 3140.544312] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3140.548223] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3140.549842] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 3140.551357] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3140.552865] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 3140.554386] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3140.555901] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
05:52:34 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 85)

[ 3140.608083] FAULT_INJECTION: forcing a failure.
[ 3140.608083] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3140.610925] CPU: 1 PID: 43483 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 3140.612397] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3140.614161] Call Trace:
[ 3140.614726]  dump_stack+0x107/0x167
[ 3140.615504]  should_fail.cold+0x5/0xa
[ 3140.616343]  __alloc_pages_nodemask+0x182/0x600
[ 3140.617336]  ? lock_acquire+0x197/0x470
[ 3140.618188]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 3140.619466]  ? lock_downgrade+0x6d0/0x6d0
[ 3140.620403]  ? do_raw_spin_lock+0x121/0x260
[ 3140.621340]  alloc_pages_current+0x187/0x280
[ 3140.622300]  __pmd_alloc+0x37/0x5e0
[ 3140.623080]  copy_page_range+0x2bd8/0x3810
[ 3140.623969]  ? perf_trace_lock+0xac/0x490
[ 3140.624840]  ? lock_chain_count+0x20/0x20
[ 3140.625756]  ? up_write+0x191/0x550
[ 3140.626540]  ? vm_iomap_memory+0x190/0x190
[ 3140.627441]  ? downgrade_write+0x3a0/0x3a0
[ 3140.628338]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 3140.629486]  ? __vma_link_rb+0x540/0x700
[ 3140.630366]  copy_process+0x759b/0x7800
[ 3140.631247]  ? __cleanup_sighand+0xb0/0xb0
[ 3140.632137]  ? perf_trace_lock+0xac/0x490
[ 3140.633037]  ? perf_trace_lock+0xac/0x490
[ 3140.633943]  kernel_clone+0xe7/0x980
[ 3140.634735]  ? create_io_thread+0xf0/0xf0
[ 3140.635604]  ? lock_downgrade+0x6d0/0x6d0
[ 3140.636479]  ? find_held_lock+0x2c/0x110
[ 3140.637347]  ? ksys_write+0x12d/0x260
[ 3140.638184]  __do_sys_clone+0xc8/0x110
[ 3140.639015]  ? kernel_clone+0x980/0x980
[ 3140.639853]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3140.640836]  ? vfs_write+0x354/0xb10
[ 3140.641640]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3140.642760]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3140.643872]  do_syscall_64+0x33/0x40
[ 3140.644832]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3140.646150] RIP: 0033:0x7fd16660db19
[ 3140.647023] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3140.651358] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3140.653040] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 3140.654774] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3140.656489] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 3140.658175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3140.659827] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
05:52:34 executing program 7:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
recvmmsg(r1, &(0x7f0000007940)=[{{0x0, 0x200000, 0x0}}], 0x500, 0x20000022, 0x0)
ioctl$TIOCSBRK(r1, 0x5427)
ioctl$sock_inet_SIOCGIFADDR(0xffffffffffffffff, 0x8915, &(0x7f0000000080)={'wlan0\x00', {0x2, 0x0, @initdev}})
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000011200))

05:52:34 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 66)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:52:34 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x6, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[])
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:52:34 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 40)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

[ 3140.902848] FAULT_INJECTION: forcing a failure.
[ 3140.902848] name failslab, interval 1, probability 0, space 0, times 0
[ 3140.905506] CPU: 1 PID: 43643 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 3140.906988] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3140.908736] Call Trace:
[ 3140.909335]  dump_stack+0x107/0x167
[ 3140.910118]  should_fail.cold+0x5/0xa
[ 3140.910934]  ? create_object.isra.0+0x3a/0xa20
[ 3140.911909]  should_failslab+0x5/0x20
[ 3140.912714]  kmem_cache_alloc+0x5b/0x310
[ 3140.913579]  create_object.isra.0+0x3a/0xa20
[ 3140.914526]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3140.915609]  kmem_cache_alloc+0x159/0x310
[ 3140.916505]  vm_area_dup+0x78/0x290
[ 3140.917291]  ? _cond_resched+0x10/0x30
[ 3140.918135]  ? copy_page_range+0x24e9/0x3810
[ 3140.919115]  ? vm_area_alloc+0x110/0x110
[ 3140.919994]  ? vm_iomap_memory+0x190/0x190
[ 3140.920900]  ? up_write+0x191/0x550
[ 3140.921676]  ? downgrade_write+0x3a0/0x3a0
[ 3140.922601]  ? down_write_killable+0x180/0x180
[ 3140.923577]  ? __vma_link_rb+0x540/0x700
[ 3140.924453]  copy_process+0x291b/0x7800
[ 3140.925339]  ? __cleanup_sighand+0xb0/0xb0
[ 3140.926265]  ? perf_trace_lock+0xac/0x490
[ 3140.927152]  ? perf_trace_lock+0xac/0x490
[ 3140.928056]  kernel_clone+0xe7/0x980
[ 3140.928853]  ? create_io_thread+0xf0/0xf0
[ 3140.929741]  ? lock_downgrade+0x6d0/0x6d0
[ 3140.930627]  ? find_held_lock+0x2c/0x110
[ 3140.931498]  ? ksys_write+0x12d/0x260
[ 3140.932324]  __do_sys_clone+0xc8/0x110
[ 3140.933150]  ? kernel_clone+0x980/0x980
[ 3140.934010]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3140.935012]  ? vfs_write+0x354/0xb10
[ 3140.935832]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3140.936944]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3140.938056]  do_syscall_64+0x33/0x40
[ 3140.938856]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3140.939940] RIP: 0033:0x7f81e84c4b19
[ 3140.940733] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3140.944650] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3140.946283] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 3140.947795] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3140.949302] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 3140.950822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3140.952335] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
[ 3141.005621] FAULT_INJECTION: forcing a failure.
[ 3141.005621] name failslab, interval 1, probability 0, space 0, times 0
[ 3141.007230] loop6: detected capacity change from 0 to 41948160
[ 3141.008346] CPU: 1 PID: 43758 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 3141.011090] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3141.013074] Call Trace:
[ 3141.013721]  dump_stack+0x107/0x167
[ 3141.014617]  should_fail.cold+0x5/0xa
[ 3141.015537]  ? create_object.isra.0+0x3a/0xa20
[ 3141.016647]  should_failslab+0x5/0x20
[ 3141.017500]  kmem_cache_alloc+0x5b/0x310
[ 3141.018399]  create_object.isra.0+0x3a/0xa20
[ 3141.019327]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3141.020394]  kmem_cache_alloc+0x159/0x310
[ 3141.021275]  __pmd_alloc+0x94/0x5e0
[ 3141.022063]  copy_page_range+0x2bd8/0x3810
[ 3141.022964]  ? perf_trace_lock+0xac/0x490
[ 3141.023838]  ? lock_chain_count+0x20/0x20
[ 3141.024751]  ? up_write+0x191/0x550
[ 3141.025522]  ? vm_iomap_memory+0x190/0x190
[ 3141.026424]  ? downgrade_write+0x3a0/0x3a0
[ 3141.027320]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 3141.028462]  ? __vma_link_rb+0x540/0x700
[ 3141.029337]  copy_process+0x759b/0x7800
[ 3141.030216]  ? __cleanup_sighand+0xb0/0xb0
[ 3141.031117]  ? perf_trace_lock+0xac/0x490
[ 3141.032010]  ? perf_trace_lock+0xac/0x490
[ 3141.032903]  kernel_clone+0xe7/0x980
[ 3141.033690]  ? create_io_thread+0xf0/0xf0
[ 3141.034577]  ? lock_downgrade+0x6d0/0x6d0
[ 3141.035446]  ? find_held_lock+0x2c/0x110
[ 3141.036307]  ? ksys_write+0x12d/0x260
[ 3141.037130]  __do_sys_clone+0xc8/0x110
[ 3141.037960]  ? kernel_clone+0x980/0x980
[ 3141.038805]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3141.039780]  ? vfs_write+0x354/0xb10
[ 3141.040601]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3141.041704]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3141.042816]  do_syscall_64+0x33/0x40
[ 3141.043602]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3141.044680] RIP: 0033:0x7f87f4e1cb19
[ 3141.045463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3141.049353] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3141.050966] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 3141.052471] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3141.053988] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 3141.055498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3141.056999] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
05:52:52 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 86)

05:52:52 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 41)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:52:52 executing program 3:
mlockall(0x7)
mlockall(0x3)
r0 = shmget$private(0x0, 0x1000, 0x1c10, &(0x7f0000ffd000/0x1000)=nil)
shmat(r0, &(0x7f0000800000/0x800000)=nil, 0xc000)

05:52:52 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x7, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[])
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:52:52 executing program 0:
mlockall(0x7)
r0 = shmget(0x2, 0x3000, 0x200, &(0x7f0000ffa000/0x3000)=nil)
shmat(r0, &(0x7f0000800000/0x800000)=nil, 0xc000)
r1 = shmget(0x1, 0x1000, 0x2c000100, &(0x7f0000e2b000/0x1000)=nil)
shmat(r1, &(0x7f0000ffc000/0x3000)=nil, 0x0)

05:52:52 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 67)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:52:52 executing program 2:
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/94, 0x5e}], 0x1, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0), 0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)="ee", 0x1}], 0x100000000000037f)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sendfile(r0, r2, &(0x7f0000000000)=0xffffffffffffffff, 0x1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_WDS_PEER(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x28, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="32fe80f33b27"}]}, 0x28}}, 0x0)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000240), r3)
sendmsg$IPVS_CMD_GET_INFO(r3, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000280)={&(0x7f0000000500)={0x1f0, r6, 0xa01, 0x70bd2b, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DAEMON={0x38, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x39a}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @remote}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x4}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x4}, @IPVS_CMD_ATTR_SERVICE={0x6c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@dev={0xac, 0x14, 0x14, 0x2c}}, @IPVS_SVC_ATTR_SCHED_NAME={0xa, 0x6, 'lblcr\x00'}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e22}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@private0}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x3, 0x23}}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x1f}]}, @IPVS_CMD_ATTR_DAEMON={0x30, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @remote}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x9}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast1}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e21}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x3}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x8}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x4}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e24}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}, @IPVS_CMD_ATTR_SERVICE={0x48, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x67}, @IPVS_SVC_ATTR_TIMEOUT={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@multicast2}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x2e}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x4}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x80000000}, @IPVS_SVC_ATTR_PE_NAME={0x8}]}, @IPVS_CMD_ATTR_SERVICE={0x68, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x60a41e5f6ea41dac}, @IPVS_SVC_ATTR_SCHED_NAME={0x9, 0x6, 'lblc\x00'}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e24}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'dh\x00'}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x16}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x31, 0x1}}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e21}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7}]}, 0x1f0}, 0x1, 0x0, 0x0, 0x440000d0}, 0x890)
pread64(r3, &(0x7f0000000180)=""/121, 0x79, 0xffffffffffff0000)
fork()
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x80047210, &(0x7f0000000100))
socket$inet6(0xa, 0xa, 0x3ff)

05:52:52 executing program 7:
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000e40))
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105942, 0x0)
lseek(r1, 0x800, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
openat(r2, &(0x7f0000000040)='./file1\x00', 0x42000, 0x2)
inotify_init1(0x0)
sendfile(r1, r2, 0x0, 0x100000001)

[ 3158.889011] loop6: detected capacity change from 0 to 41948160
[ 3158.907722] FAULT_INJECTION: forcing a failure.
[ 3158.907722] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3158.910523] CPU: 0 PID: 43779 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 3158.912020] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3158.913824] Call Trace:
[ 3158.914407]  dump_stack+0x107/0x167
[ 3158.915212]  should_fail.cold+0x5/0xa
[ 3158.916087]  __alloc_pages_nodemask+0x182/0x600
[ 3158.917114]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 3158.918427]  ? find_held_lock+0x2c/0x110
[ 3158.919316]  ? __pmd_alloc+0x2db/0x5e0
[ 3158.920157]  ? lock_downgrade+0x6d0/0x6d0
[ 3158.921059]  ? do_raw_spin_lock+0x121/0x260
[ 3158.922056]  alloc_pages_current+0x187/0x280
[ 3158.923115]  pte_alloc_one+0x16/0x1a0
[ 3158.923942]  __pte_alloc+0x1d/0x330
[ 3158.924735]  copy_page_range+0x1b62/0x3810
[ 3158.925217] FAULT_INJECTION: forcing a failure.
[ 3158.925217] name failslab, interval 1, probability 0, space 0, times 0
[ 3158.925652]  ? perf_trace_lock+0xac/0x490
[ 3158.925673]  ? lock_chain_count+0x20/0x20
[ 3158.925738]  ? up_write+0x191/0x550
[ 3158.925759]  ? vm_iomap_memory+0x190/0x190
[ 3158.925779]  ? downgrade_write+0x3a0/0x3a0
[ 3158.925805]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 3158.925829]  ? __vma_link_rb+0x540/0x700
[ 3158.925865]  copy_process+0x759b/0x7800
[ 3158.935425]  ? __cleanup_sighand+0xb0/0xb0
[ 3158.936372]  ? perf_trace_lock+0xac/0x490
[ 3158.937315]  ? perf_trace_lock+0xac/0x490
[ 3158.938220]  kernel_clone+0xe7/0x980
[ 3158.939011]  ? create_io_thread+0xf0/0xf0
[ 3158.939891]  ? lock_downgrade+0x6d0/0x6d0
[ 3158.940814]  ? find_held_lock+0x2c/0x110
[ 3158.941727]  ? ksys_write+0x12d/0x260
[ 3158.942560]  __do_sys_clone+0xc8/0x110
[ 3158.943385]  ? kernel_clone+0x980/0x980
[ 3158.944274]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3158.945300]  ? vfs_write+0x354/0xb10
[ 3158.946116]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3158.947236]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3158.948327]  do_syscall_64+0x33/0x40
[ 3158.949118]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3158.950259] RIP: 0033:0x7f87f4e1cb19
[ 3158.951087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3158.955054] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3158.956662] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 3158.958223] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3158.959766] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 3158.961276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3158.962864] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
[ 3158.963753] CPU: 1 PID: 43783 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 3158.965211] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3158.966943] Call Trace:
[ 3158.967512]  dump_stack+0x107/0x167
[ 3158.968276]  should_fail.cold+0x5/0xa
[ 3158.968624] FAULT_INJECTION: forcing a failure.
[ 3158.968624] name failslab, interval 1, probability 0, space 0, times 0
[ 3158.969080]  ? __pmd_alloc+0x94/0x5e0
[ 3158.971191]  should_failslab+0x5/0x20
[ 3158.971987]  kmem_cache_alloc+0x5b/0x310
[ 3158.972843]  __pmd_alloc+0x94/0x5e0
[ 3158.973616]  copy_page_range+0x2bd8/0x3810
[ 3158.974519]  ? perf_trace_lock+0xac/0x490
[ 3158.975382]  ? lock_chain_count+0x20/0x20
[ 3158.976291]  ? up_write+0x191/0x550
[ 3158.977051]  ? vm_iomap_memory+0x190/0x190
[ 3158.977941]  ? downgrade_write+0x3a0/0x3a0
[ 3158.978839]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 3158.979976]  ? __vma_link_rb+0x540/0x700
[ 3158.980839]  copy_process+0x759b/0x7800
[ 3158.981710]  ? __cleanup_sighand+0xb0/0xb0
[ 3158.982603]  ? perf_trace_lock+0xac/0x490
[ 3158.983480]  ? perf_trace_lock+0xac/0x490
[ 3158.984355]  kernel_clone+0xe7/0x980
[ 3158.985138]  ? create_io_thread+0xf0/0xf0
[ 3158.986002]  ? lock_downgrade+0x6d0/0x6d0
[ 3158.986875]  ? find_held_lock+0x2c/0x110
[ 3158.987735]  ? ksys_write+0x12d/0x260
[ 3158.988546]  __do_sys_clone+0xc8/0x110
[ 3158.989359]  ? kernel_clone+0x980/0x980
[ 3158.990203]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3158.991176]  ? vfs_write+0x354/0xb10
[ 3158.991975]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3158.993073]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3158.994159]  do_syscall_64+0x33/0x40
[ 3158.994938]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3158.996011] RIP: 0033:0x7fd16660db19
[ 3158.996786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3159.000599] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3159.002192] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 3159.003709] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3159.005183] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 3159.006678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3159.008148] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
[ 3159.009647] CPU: 0 PID: 43782 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 3159.010490] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3159.011474] Call Trace:
[ 3159.011795]  dump_stack+0x107/0x167
[ 3159.012232]  should_fail.cold+0x5/0xa
[ 3159.012686]  ? vm_area_dup+0x78/0x290
[ 3159.013142]  should_failslab+0x5/0x20
[ 3159.013596]  kmem_cache_alloc+0x5b/0x310
[ 3159.014085]  ? lock_downgrade+0x6d0/0x6d0
[ 3159.014583]  vm_area_dup+0x78/0x290
[ 3159.015028]  ? _cond_resched+0x10/0x30
[ 3159.015491]  ? copy_page_range+0x24e9/0x3810
[ 3159.016040]  ? vm_area_alloc+0x110/0x110
[ 3159.016528]  ? vm_iomap_memory+0x190/0x190
[ 3159.017033]  ? up_write+0x191/0x550
[ 3159.017475]  ? downgrade_write+0x3a0/0x3a0
[ 3159.017976]  ? down_write_killable+0x180/0x180
[ 3159.018532]  ? __vma_link_rb+0x540/0x700
[ 3159.019019]  copy_process+0x291b/0x7800
[ 3159.019516]  ? __cleanup_sighand+0xb0/0xb0
[ 3159.020019]  ? perf_trace_lock+0xac/0x490
[ 3159.020518]  ? perf_trace_lock+0xac/0x490
[ 3159.021019]  kernel_clone+0xe7/0x980
[ 3159.021469]  ? create_io_thread+0xf0/0xf0
[ 3159.021963]  ? lock_downgrade+0x6d0/0x6d0
[ 3159.022460]  ? find_held_lock+0x2c/0x110
[ 3159.022947]  ? ksys_write+0x12d/0x260
[ 3159.023413]  __do_sys_clone+0xc8/0x110
[ 3159.023878]  ? kernel_clone+0x980/0x980
[ 3159.024355]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3159.024906]  ? vfs_write+0x354/0xb10
[ 3159.025362]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3159.025984]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3159.026611]  do_syscall_64+0x33/0x40
[ 3159.027056]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3159.027667] RIP: 0033:0x7f81e84c4b19
[ 3159.028107] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3159.030279] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3159.031174] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 3159.032012] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3159.032851] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 3159.033685] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3159.034530] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
05:52:53 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 87)

05:52:53 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x8, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[])
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:52:53 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 42)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

[ 3159.255799] loop6: detected capacity change from 0 to 41948160
[ 3159.347266] FAULT_INJECTION: forcing a failure.
[ 3159.347266] name failslab, interval 1, probability 0, space 0, times 0
[ 3159.349980] CPU: 1 PID: 43839 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 3159.351385] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3159.353051] Call Trace:
[ 3159.353586]  dump_stack+0x107/0x167
[ 3159.354339]  should_fail.cold+0x5/0xa
[ 3159.355105]  ? create_object.isra.0+0x3a/0xa20
[ 3159.356029]  should_failslab+0x5/0x20
[ 3159.356787]  kmem_cache_alloc+0x5b/0x310
[ 3159.357582]  create_object.isra.0+0x3a/0xa20
[ 3159.358459]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3159.359471]  kmem_cache_alloc+0x159/0x310
[ 3159.360306]  __pmd_alloc+0x94/0x5e0
[ 3159.361037]  copy_page_range+0x2bd8/0x3810
[ 3159.361880]  ? perf_trace_lock+0xac/0x490
[ 3159.362784]  ? lock_chain_count+0x20/0x20
[ 3159.363702]  ? up_write+0x191/0x550
[ 3159.364475]  ? vm_iomap_memory+0x190/0x190
[ 3159.365360]  ? downgrade_write+0x3a0/0x3a0
[ 3159.366276]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 3159.367420]  ? __vma_link_rb+0x540/0x700
[ 3159.368296]  copy_process+0x759b/0x7800
[ 3159.369179]  ? __cleanup_sighand+0xb0/0xb0
[ 3159.370056]  ? perf_trace_lock+0xac/0x490
[ 3159.370966]  ? perf_trace_lock+0xac/0x490
[ 3159.371859]  kernel_clone+0xe7/0x980
[ 3159.372646]  ? create_io_thread+0xf0/0xf0
[ 3159.373512]  ? lock_downgrade+0x6d0/0x6d0
[ 3159.374393]  ? find_held_lock+0x2c/0x110
[ 3159.375261]  ? ksys_write+0x12d/0x260
[ 3159.376088]  __do_sys_clone+0xc8/0x110
[ 3159.376899]  ? kernel_clone+0x980/0x980
[ 3159.377742]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3159.378731]  ? vfs_write+0x354/0xb10
[ 3159.379544]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3159.380656]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3159.381729]  do_syscall_64+0x33/0x40
[ 3159.382518]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3159.383580] RIP: 0033:0x7fd16660db19
[ 3159.384348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3159.388157] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3159.389738] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 3159.391228] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3159.392862] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 3159.394455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3159.396002] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
05:52:53 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 68)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

[ 3159.486702] FAULT_INJECTION: forcing a failure.
[ 3159.486702] name failslab, interval 1, probability 0, space 0, times 0
[ 3159.489134] CPU: 1 PID: 43910 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 3159.490471] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3159.492008] Call Trace:
[ 3159.492515]  dump_stack+0x107/0x167
[ 3159.493212]  should_fail.cold+0x5/0xa
[ 3159.493951]  ? ptlock_alloc+0x1d/0x70
[ 3159.494692]  should_failslab+0x5/0x20
[ 3159.495419]  kmem_cache_alloc+0x5b/0x310
[ 3159.496201]  ptlock_alloc+0x1d/0x70
[ 3159.496903]  pte_alloc_one+0x68/0x1a0
[ 3159.497629]  __pte_alloc+0x1d/0x330
[ 3159.498336]  copy_page_range+0x1b62/0x3810
[ 3159.499146]  ? perf_trace_lock+0xac/0x490
[ 3159.499935]  ? lock_chain_count+0x20/0x20
[ 3159.500766]  ? up_write+0x191/0x550
[ 3159.501460]  ? vm_iomap_memory+0x190/0x190
[ 3159.502282]  ? downgrade_write+0x3a0/0x3a0
[ 3159.502616] FAULT_INJECTION: forcing a failure.
[ 3159.502616] name failslab, interval 1, probability 0, space 0, times 0
[ 3159.503109]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 3159.505402]  ? __vma_link_rb+0x540/0x700
[ 3159.506197]  copy_process+0x759b/0x7800
[ 3159.506989]  ? __cleanup_sighand+0xb0/0xb0
[ 3159.507788]  ? perf_trace_lock+0xac/0x490
[ 3159.508583]  ? perf_trace_lock+0xac/0x490
[ 3159.509373]  kernel_clone+0xe7/0x980
[ 3159.510090]  ? create_io_thread+0xf0/0xf0
[ 3159.510875]  ? lock_downgrade+0x6d0/0x6d0
[ 3159.511657]  ? find_held_lock+0x2c/0x110
[ 3159.512435]  ? ksys_write+0x12d/0x260
[ 3159.513167]  __do_sys_clone+0xc8/0x110
[ 3159.513906]  ? kernel_clone+0x980/0x980
[ 3159.514674]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3159.515555]  ? vfs_write+0x354/0xb10
[ 3159.516277]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3159.517270]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3159.518255]  do_syscall_64+0x33/0x40
[ 3159.518960]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3159.519930] RIP: 0033:0x7f87f4e1cb19
[ 3159.520640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3159.524121] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3159.525575] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 3159.526952] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3159.528295] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 3159.529638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3159.530941] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
[ 3159.532312] CPU: 0 PID: 43912 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 3159.533217] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3159.534175] Call Trace:
[ 3159.534501]  dump_stack+0x107/0x167
[ 3159.534925]  should_fail.cold+0x5/0xa
[ 3159.535369]  ? create_object.isra.0+0x3a/0xa20
[ 3159.535898]  should_failslab+0x5/0x20
[ 3159.536339]  kmem_cache_alloc+0x5b/0x310
[ 3159.536816]  create_object.isra.0+0x3a/0xa20
[ 3159.537315]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3159.537894]  kmem_cache_alloc+0x159/0x310
[ 3159.538384]  vm_area_dup+0x78/0x290
[ 3159.538816]  ? _cond_resched+0x10/0x30
[ 3159.539266]  ? copy_page_range+0x24e9/0x3810
[ 3159.539791]  ? vm_area_alloc+0x110/0x110
[ 3159.540262]  ? vm_iomap_memory+0x190/0x190
[ 3159.540747]  ? up_write+0x191/0x550
[ 3159.541169]  ? downgrade_write+0x3a0/0x3a0
[ 3159.541650]  ? down_write_killable+0x180/0x180
[ 3159.542190]  ? __vma_link_rb+0x540/0x700
[ 3159.542655]  copy_process+0x291b/0x7800
[ 3159.543132]  ? __cleanup_sighand+0xb0/0xb0
[ 3159.543616]  ? perf_trace_lock+0xac/0x490
[ 3159.544096]  ? perf_trace_lock+0xac/0x490
[ 3159.544580]  kernel_clone+0xe7/0x980
[ 3159.545009]  ? create_io_thread+0xf0/0xf0
[ 3159.545496]  ? lock_downgrade+0x6d0/0x6d0
[ 3159.545973]  ? find_held_lock+0x2c/0x110
[ 3159.546447]  ? ksys_write+0x12d/0x260
[ 3159.546892]  __do_sys_clone+0xc8/0x110
[ 3159.547344]  ? kernel_clone+0x980/0x980
[ 3159.547804]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3159.548341]  ? vfs_write+0x354/0xb10
[ 3159.548784]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3159.549407]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3159.550010]  do_syscall_64+0x33/0x40
[ 3159.550451]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3159.551039] RIP: 0033:0x7f81e84c4b19
[ 3159.551479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3159.553575] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3159.554462] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 3159.555286] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3159.556108] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 3159.556925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3159.557733] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
05:52:53 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 88)

05:52:53 executing program 2:
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/94, 0x5e}], 0x1, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x400000000000002, 0x4}, 0x0, 0x0, 0x0, 0x2, 0x20000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000440)=[{&(0x7f0000000300)="fb076d7a97018d26dac73ae6c498c8b5343b5c73b479070d4c19a92628931868c5b054db35f306595ab8f6da6919178f46e5349ac3fe95969cd63567e08bdc46f43fe996cbd1d16d022eb8fe7a9f020c3553a993aaeedf763ab3850d81e64124366fae9bdd0793c938a31728068def4dcadaf174ec186190cbb156a019279f0ff1953273d7a8cd504e9d8422ec968b4d47262b1853345948fc4ec9b8295165", 0x9f}, {&(0x7f0000000880)="b20ef5f154f27353901941db2a17a34a8f453dc3b1fe424cdee11cae15a282bbc788a3c9d5f170a4f82d925cd298bd2055959ecad9041caebc0fa1190641d81a8db02f2c8ebae03c044cf3af354b638bcaa642678f9365b3c7f1cd610f232bd7af4ead53cda9e704d8a4155de083442b086fbf9d1d45d4ad4ed5ebb61f4c756eefd89c2888b92e4db8f6f8712bf4a49692718b78264207d6faa87c32d02fc07da6caf448a02646617088b40c31818d672ab5c3979454d1ee7b65d4e87b796b90c721eb2d1585029a789949f44d9d4cf6a6dc7337c39ee19326faff7765f5f433534a9b5e49a88e935a750c2fcac0bf7d413e00212254fd486472a561c03d5e17effedab06df0c4c2153b0cf21055e64b4a9106316947b9babeb71bdc06223fa9ceb7f0ca0c95c80289dc5a026425aa17b5e8e3af6dad01bf1957034122284d39bf83136afa89067349b7d0f13633fee6250fa14ef81e7124c33b5815e2570bac81a32824825c9d3d489d01736c7ad091de806bce3b9fccf9e241d1387d62c0e0acacd54667b5882559b0effbc729a4d04a889599a0f8d4ef49c9478692885dcaf576b04da8b87014477349f32c19103d8651b17b7cfa2f923ef675a9ac2d88fbe1c2b751be6f1c0bd43ffd9c9dafb4c7037b9bf33b619fabc1a12d615d124da0d2dbcf7a911d57d76d8f131606abda29cd164930f4e67fc3fa3a01e975bfffa8140d0fd18e2482b546df12a86df69007ab9aecb927a7a449d097224e1746c494e7289899fba2ead1e3c5450a29d1fc311ebbcf515bd7471ea2a203f91155bbdc8b8d91b0ffbc4a85e206ed8e8e694f785213b76db2f7d8cf2c720836d6a9a0b1f41a01f6406b71023d0516822c86a19af2bf67d923c5a97b1f654b1716ef359719824a40bfab43c426759da4d03a8316764a77ae4b83644534facaf63ca043328179b523548034d93b3d797dd2f513277038de40e00d6b370514d4581757f0bf8b33a57e2564ff07365353562df158906ba05fd596931c6ae0c0f51de9131ea4a0a0a423ac6aaf58a2ba12595601a9e0115d53f5bc98f45280eac2e446c72981f4c25fea573b47f04caf47326a0326295ed7a4a4266013fd1a1ac78d21d986572996c7013f2a421de3198b6fec633d6a715b5f5c38dc3611cbe23cabff1e044f7cb91919fae96aa294afd2ceb9d1d3fc1a8caeb404fc04aff78867aecbed803e762dc3245d76b9ed0b3965198bbdf5ea42fa4b6b3ef9262fba58e11da46b2f6f51e28a736febc733587968b03dc007eb80fc31b8edc06b5d1b29b7bfcd1e74429989b4723851f7aefc05ec002a3b86694223c7ad41c5a4f81494525cd4dda295cb995c619d7e4bb4d5078741d3e7e8cf40f601e01ef15ee149078cd0b8eed1053d41e7c78b1fb8761bd0bbbd468ee4682c3539441b815af822e940a4e1b3cc9e57c2aafbad2cac3bc5c9ddeffe5604b0d3a53ddce486cd85e7c258f45ff2fe08eb16286213426be83d18b7653dd6a18ad3c4890362dfd503be107be88139030f4641d5f0798fb4a3a1def94357da48d266c5ea0eff7aad65dd9598478eb979e70a2a5d3dd987b24b8e0a30d5a55cf52bd963e7ebcc02c08a842d877c5f5052dc13db94460e28ca09f4ff630beea19d4e2a2133e54ab70a6ad55b737906f89d927812ad307538464d6309b745291c96c75551f6676910212320053bc2a9caed7a83431a0819b3c8e2fe2a177fe27578945432737f2647fa6a19201e9e30087f02528a37c18b61b58457e6ac5d0b3b04474fb4ef324aef64ed70e5c6f85d8ac066e2e2598ec4505a95369b671299f5db3cd636028b091964b1509a22f446ee1590e378246240e38e04d93a1886e5b88369a94bebbff530ad4ca83236a0795b7a412a77e7366d113778bdd069d2ea2a1a156d9a3791896ee1358d64c3400a815c3c94c5af424a466afa1424c7024ab5e3d8bfaecf849dec84cc65559751ae2cb41ec2a06426150e1fa3a4109c73e09dbbc3387237cc23443995ec31ab632af3f11908443a2ecfb5599e19a82a2d4ad9f5b81f27c6b22d79e73ed5cab88333a95b0df4197554de23fe2c5d861ec7809eb53074cfae58023fe3823be048bbeb12e5ca77dea6e36aed7a52e381d15b5e38f300fe84432582f7bfd1ae0ea6797b7f7e9dd104272884429d61f35ce6f034e3f30289aa8f9b5369496e2a89f83bf03c8ba7d53397a00954cd39b8d8dcf5dc2ebe5587e55842539ec5d70c650bd174b6bdc1aa901276deaea6c91c64f07d2e5dc4a77764bb03b7c70a5a62fe754b85b6c972d71795e5be35a9a7fe6b53c1960f312fe2d1a193c918cb51bc6d1827f549bdcfeee811e3c609d4c2e51dbad4274fb687e24ca4c705eb12ddb31ff81eade4ac01050d63b15cd7e8da74e674023e72c657def25339a87d1b3633b1f0b9e6c4c1ffe37c64a039dfc5754806a05ddf28d53470db0542569ead8359e4027d17d27bc80b0915bc81cd48d8829eeb375d886010ebabc4f19a745850ae56fbd754fccb6c12acb5b85dc84422da6654cf951146d4efc86b9039a566be662f1f8fbb215e7745a4b3a94e1c4b47994108dab168d1dfd948b2bde703bee75ad7760dfe5b3011e0bea6e4a409231cbeb8c3160d78fe0c769ac35d66439c17aee35d4d08efc3a789d0f27f53115d41f6c9100f4161f3a0a8daa39ffe22e6f942216099b0ab9f14a70634e277571ca48cd5f4fde078b3671adaa7071374557df51cbd3330a291e1fec98211d93d64d0ae1df1e249c8f9199b3c9fec1f3d0d763e38267f839aaf5b1c8d359d7f13772f5bfbb43a6ec99d80aeb200028cbeac2acadf574e89944698d5d4021b5076415193f658e21ad296b33b43d53900ba6334092d01152a4ea1685425d994a6f41271f8d88346b149b4ea93d95ee23244061aed93e98779f11f3bee641d4ab338d2c34484f69f2e7051d346f4fdb5e8329e8628e1fdf4ed973348be802b1dab6155a2692b32d545f15b2f9524e429db63dad22a65313e968b16d0119dc347a004a4907394d39130fcf14d51196c46e99d8087cbee05004bcc08c8d33f7bacf3cc5c9fd21e173dc86f0126f9ff4988803c2f280a98a668b49d395df72d5186b5ba3d71e2e599ec91f4490846b9cc3ad9e497c6ce23687799123ad13131215d22c9e50be191fabc8eb4c9912cbe21feb64b65349d7422a9842b988b68bf95c70b6180924785b47f9d401b29e4799c08076254f4718c1406c6c7d39bc19ff53111e895d81a7e2f3f88f1a67f5ba75e8111c22b4623e8916a0a73499766f87998c1f7ba4e208df0c9af4f258f17f4a674e861bb2ca847020d72aa385ddc5cb07e83310a202413185a7c4ea71ef38371c69203b103f9650386d1105e6edb4adc41f12086b5387e34c750dd6005987d2dfded06c30abf93248fb28e7337f105c2ba6234e419c9d4c9b7691cace21186fd62afb1b3b676482b1598f880e2e5a0e3ed91a459eee1cdafb3e1b3aab0f8ba8bb7c952d1ec543f32a2db559bd2d93939204c37258d90de32a9d88cb3e2abd4d01f8009c3282d422bab682dc9709861a09856d2f0f109917103223792b36610c6a93c60df75ae05b9e4212e2219f2678b75456b320211626f5dcec0e16fd7608c156f1e5ed31040fdb3d9374cc20d9145de9588f18741d8230034a8f3f74a67fa06566e22852e78db7a5df6e7fb64190ff7ea29b24f22002a1de0085d74a1b195b138e665134e262943a91eb6fb43cc1718bba575aadc7dabb5d085faf1483a2d0f86f73a73482205aeb96f184e6ab6c7e135c0c9088fb53353ff0461b92befbbaaec01ba0cfbc6c8b64e9c646b623da4a8c405541de2a91d7107f4281606c9c9bf516b768353130c453ff883bb4dbc022bbc6de2458028d0639ecca2edeb458023bdccbef07c96df7d75e15586222781c3ecdca89546447ff31a6a54c370e1e921d586fbfb8aaffa26a05c958ae0b7967c6379d2c15a48f14ad86a3768d3bfa1655add3201257ada0870099113a0f9beaedf552a40650bfd8b68a3c879812e8ffb29fabc8efb6481a72bcc335cb6df2f0667d700690ae2f779bb791fcb750022165a3e1e23db3707f1e4b3a41e1397e3a79acebe80917e66b1354f9d12a3a24e29dae6eb99926ee7b628191d61e9c1d2ef0641465b0139ecb5fddeff2f42112aaf42f1ec725091c3a5fd38613d16db6d3edbf722df2014214404f6bb58eed30436ac76084d82e630ee8165630461e20bbbdfd721af0288db5d229ffe1c397bb9f0317f78a1d8a5b783f2110494f3ae00e357a2e688c4454e499a22c3660d1f8a30759f931fdd725a18eb9b4c396354ce7bc62f74ddc93963dbda4b0c8e456c6e5fce346527018deacc9f743d11a20de0ee9c7f6ac3df5823b39523ec3de771193eb7a27d578390b666b9311460da21c7e5ce1aebc6206d67a3dfbe80996d7d886b67474cae6fc3c619a8dd931232007667828c4130864b94d6b2c5237c7e9fac52c5f8a2cfc18e3140e98112aba3e981e3b1cc6d2d71b66e1b5e1c1067c9e4c8285d28c674d3ddb34aabe5da6349520815d9f4400f737aafa3ae5bac03efac8ca625410a70064a57ca62bbf2ff2405ecbfdc2121e5ca2e9b00747c57ab3e8ef292b31a4b6ad2073794cc3bed69d3005ceeb0fb8808570bf8b78854cb2f83ae58ede412afe24e8dfc9ce6fe8d25a4b2c84e35c9bd75c8fbe4620d14b252032d1420e73cb2c8f0d57ea2d45e075a4a48972bcdb079e64fd2f088994161295722309eba5b70e759bfd69994eaaa0e646835051b6038c49c0383d1d00df48542c4439d6bca1575751a9308007449615004f9ebe53908a7f6600d9e83e04666d2d465d045b58d67ab615405df43d9c4753d4e8ba7ef3907dabe1a9ae3b1fa93da33e4aade6e5a6991f25d9ae89279c747f8eb30ff5d92d057cb576ec3cbb14f646b696253f7181c467a6c93575279c09ad2532674e3c29cee6cfc8d1a00ce95a1732ec6a6c7bbb353b1e4c41992dd416d107ef8d3f9754ca3bebd3573cc6b307afdaf9ee09d6dd8991ab1f6efea92e10bf1ec34e407f1d0f66fd10192a1567bf9a8e874c53e173f5bf9ea65c7701814350ee8f3f708ecb451cb32a141d37b40d50338c8aa4552528c0755e2999dd654d758058840a1e3352ca70970bb5851b82eee99aaa4ae801636f71b6f6d1c4758da113f09cce0a7deafd8f66d530c028ecdbf63c8204a600934e02dad13c1f1e874b2c20250af786dbfcf14e928cb81c0358e7b062e2547bd989025d3cbf812d5b5a119b2c5c9357bd6f9963d59682ce644cf6352774c0b02941de4ff4c56dde44fdad3ebef95289f68db501e597acff8604725181f16b2832b20ace50e2dab727e2257e09213f52c6ac2cd43e029f9a6263539db219a6e492a5708691a4d2fb4828312889321ace05348bd60519ced818e97971176ef77f81a4e3a34bd84a07b81e567c596e623e16df7f95ee21f1c56a327a19c0d4272bebc8860ffdc2f3c4e4031f2e9c4324da95d84bfde3665cd5a033045ea9aef8331c22844f06f487ef66af63dcf74612349111b5929831f6e4a86ee3126457fa898b42e7acacc5a664cd664ea31799a31b0dc2468c7ef75ea480ba5507d5dc096d12d9668a9d4d3dae6296b93976767e9e4c01b61f5e1c07d549af83f857cda3faa956a0197b1a2c97dea3ebb488c80f40263a1bc68e092bdafb8b5ab18a07dfcd300bce03062323e4435aed3cc08591e8d4245ba909709c186a563cd354fed7d871fc85cb5d55af140", 0x1000}, {&(0x7f00000003c0)="3838b46ac61481c6cb34cc9c9320ece66680ac3df35bbfdc14b3ca5c8754e1be0bf5388c666416db55358b1a42efb0ac0d8d519a769351bb12f1c060896621207595838f157c79bdd3cb4860b74bf0d0d287320ae7c30f7aafc8c947d84bf0642af18cbf7a", 0x65}], 0x3)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)="ee", 0x1}], 0x100000000000037f)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
r3 = fsopen(&(0x7f0000000280)='omfs\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), 0xffffffffffffffff)
sendfile(0xffffffffffffffff, r2, &(0x7f0000000000)=0x4, 0x9)
fork()
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_WDS_PEER(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x28, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="32fe80f33b27"}]}, 0x28}}, 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x3000821, &(0x7f0000000680)=ANY=[@ANYRES16=r2, @ANYRESHEX=r2, @ANYRES16=r0, @ANYRESHEX=r3, @ANYBLOB=',fscache,cache=fscache,cache=none,cache=none,access=', @ANYRESDEC=0xee01, @ANYRESDEC, @ANYRESDEC=r2, @ANYBLOB=',audit,measure,mask=MAY_APPEND,\x00'])
socket$inet6(0xa, 0xa, 0x3ff)

05:52:53 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0xb, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[])
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

[ 3159.631011] FAULT_INJECTION: forcing a failure.
[ 3159.631011] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3159.632556] CPU: 0 PID: 43964 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 3159.633348] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3159.634325] Call Trace:
[ 3159.634633]  dump_stack+0x107/0x167
[ 3159.635054]  should_fail.cold+0x5/0xa
[ 3159.635496]  __alloc_pages_nodemask+0x182/0x600
[ 3159.636038]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 3159.636725]  ? find_held_lock+0x2c/0x110
[ 3159.637190]  ? __pmd_alloc+0x2db/0x5e0
[ 3159.637636]  ? lock_downgrade+0x6d0/0x6d0
[ 3159.638116]  ? do_raw_spin_lock+0x121/0x260
[ 3159.638616]  alloc_pages_current+0x187/0x280
[ 3159.639122]  pte_alloc_one+0x16/0x1a0
[ 3159.639564]  __pte_alloc+0x1d/0x330
[ 3159.639986]  copy_page_range+0x1b62/0x3810
[ 3159.640470]  ? perf_trace_lock+0xac/0x490
[ 3159.640949]  ? lock_chain_count+0x20/0x20
[ 3159.641443]  ? up_write+0x191/0x550
[ 3159.641859]  ? vm_iomap_memory+0x190/0x190
[ 3159.642350]  ? downgrade_write+0x3a0/0x3a0
[ 3159.642837]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 3159.643454]  ? __vma_link_rb+0x540/0x700
[ 3159.643926]  copy_process+0x759b/0x7800
[ 3159.644403]  ? __cleanup_sighand+0xb0/0xb0
[ 3159.644886]  ? perf_trace_lock+0xac/0x490
[ 3159.645368]  ? perf_trace_lock+0xac/0x490
[ 3159.645847]  kernel_clone+0xe7/0x980
[ 3159.646287]  ? create_io_thread+0xf0/0xf0
[ 3159.646763]  ? lock_downgrade+0x6d0/0x6d0
[ 3159.647240]  ? find_held_lock+0x2c/0x110
[ 3159.647712]  ? ksys_write+0x12d/0x260
[ 3159.648159]  __do_sys_clone+0xc8/0x110
[ 3159.648605]  ? kernel_clone+0x980/0x980
[ 3159.649071]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3159.649610]  ? vfs_write+0x354/0xb10
[ 3159.650050]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3159.650676]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3159.651268]  do_syscall_64+0x33/0x40
[ 3159.651700]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3159.652290] RIP: 0033:0x7fd16660db19
[ 3159.652723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3159.654855] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3159.655732] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 3159.656550] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3159.657368] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 3159.658201] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3159.659091] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
05:52:53 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 43)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

[ 3159.721732] loop6: detected capacity change from 0 to 41948160
05:52:53 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 89)

05:52:53 executing program 0:
setitimer(0x1, &(0x7f0000000000)={{}, {0x0, 0xea60}}, &(0x7f0000000040))
getitimer(0x0, &(0x7f0000000080))
mlockall(0x7)
shmat(0x0, &(0x7f0000800000/0x800000)=nil, 0xc000)
r0 = shmget(0x3, 0x4000, 0x2, &(0x7f0000ff9000/0x4000)=nil)
shmat(r0, &(0x7f0000fd1000/0x4000)=nil, 0x4000)

[ 3159.776713] FAULT_INJECTION: forcing a failure.
[ 3159.776713] name failslab, interval 1, probability 0, space 0, times 0
[ 3159.779591] CPU: 0 PID: 44095 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 3159.781170] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3159.783072] Call Trace:
[ 3159.783681]  dump_stack+0x107/0x167
[ 3159.784519]  should_fail.cold+0x5/0xa
[ 3159.785391]  ? __pmd_alloc+0x94/0x5e0
[ 3159.786272]  should_failslab+0x5/0x20
[ 3159.787143]  kmem_cache_alloc+0x5b/0x310
[ 3159.788079]  __pmd_alloc+0x94/0x5e0
[ 3159.788916]  copy_page_range+0x2bd8/0x3810
[ 3159.789871]  ? lock_chain_count+0x20/0x20
[ 3159.790814]  ? lock_chain_count+0x20/0x20
[ 3159.791773]  ? mark_held_locks+0x9e/0xe0
[ 3159.792703]  ? vm_iomap_memory+0x190/0x190
[ 3159.793655]  ? trace_hardirqs_on+0x5b/0x180
[ 3159.794653]  ? vm_get_page_prot+0xb0/0xb0
[ 3159.795601]  copy_process+0x759b/0x7800
[ 3159.796542]  ? __cleanup_sighand+0xb0/0xb0
[ 3159.797496]  ? perf_trace_lock+0xac/0x490
[ 3159.798463]  ? perf_trace_lock+0xac/0x490
[ 3159.799428]  kernel_clone+0xe7/0x980
[ 3159.800281]  ? create_io_thread+0xf0/0xf0
[ 3159.801216]  ? lock_downgrade+0x6d0/0x6d0
[ 3159.802162]  ? find_held_lock+0x2c/0x110
[ 3159.803087]  ? ksys_write+0x12d/0x260
[ 3159.803966]  __do_sys_clone+0xc8/0x110
[ 3159.804843]  ? kernel_clone+0x980/0x980
[ 3159.805744]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3159.806819]  ? vfs_write+0x354/0xb10
[ 3159.807685]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3159.808890]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3159.810099]  do_syscall_64+0x33/0x40
[ 3159.810959]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3159.812285] RIP: 0033:0x7fd16660db19
[ 3159.813286] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3159.818151] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3159.820145] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 3159.822047] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3159.823809] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 3159.825377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3159.826976] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
[ 3159.837270] FAULT_INJECTION: forcing a failure.
[ 3159.837270] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3159.839118] CPU: 1 PID: 44108 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 3159.840149] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3159.841363] Call Trace:
[ 3159.841754]  dump_stack+0x107/0x167
[ 3159.842308]  should_fail.cold+0x5/0xa
[ 3159.842875]  __alloc_pages_nodemask+0x182/0x600
[ 3159.843562]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 3159.844440]  ? find_held_lock+0x2c/0x110
[ 3159.845035]  ? __pmd_alloc+0x2db/0x5e0
[ 3159.845603]  ? lock_downgrade+0x6d0/0x6d0
[ 3159.846219]  ? do_raw_spin_lock+0x121/0x260
[ 3159.846855]  alloc_pages_current+0x187/0x280
[ 3159.847495]  pte_alloc_one+0x16/0x1a0
[ 3159.848050]  __pte_alloc+0x1d/0x330
[ 3159.848587]  copy_page_range+0x1b62/0x3810
[ 3159.849204]  ? perf_trace_lock+0xac/0x490
[ 3159.849808]  ? lock_chain_count+0x20/0x20
[ 3159.850451]  ? up_write+0x191/0x550
[ 3159.850983]  ? vm_iomap_memory+0x190/0x190
[ 3159.851600]  ? downgrade_write+0x3a0/0x3a0
[ 3159.852218]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 3159.853009]  ? __vma_link_rb+0x540/0x700
[ 3159.853612]  copy_process+0x759b/0x7800
[ 3159.854229]  ? __cleanup_sighand+0xb0/0xb0
[ 3159.854853]  ? perf_trace_lock+0xac/0x490
[ 3159.855465]  ? perf_trace_lock+0xac/0x490
[ 3159.856070]  kernel_clone+0xe7/0x980
[ 3159.856608]  ? create_io_thread+0xf0/0xf0
[ 3159.857207]  ? lock_downgrade+0x6d0/0x6d0
[ 3159.857803]  ? find_held_lock+0x2c/0x110
[ 3159.858403]  ? ksys_write+0x12d/0x260
[ 3159.858962]  __do_sys_clone+0xc8/0x110
[ 3159.859521]  ? kernel_clone+0x980/0x980
[ 3159.860092]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3159.860759]  ? vfs_write+0x354/0xb10
[ 3159.861312]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3159.862066]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3159.862818]  do_syscall_64+0x33/0x40
[ 3159.863353]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3159.864091] RIP: 0033:0x7f87f4e1cb19
[ 3159.864627] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3159.867280] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3159.868361] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 3159.869376] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3159.870401] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 3159.871416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3159.872431] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
05:53:13 executing program 0:
shmat(0x0, &(0x7f0000800000/0x800000)=nil, 0xc000)

05:53:13 executing program 3:
mlockall(0x7)
mlockall(0x3)
r0 = shmget$private(0x0, 0x1000, 0x1c10, &(0x7f0000ffd000/0x1000)=nil)
shmat(r0, &(0x7f0000800000/0x800000)=nil, 0xc000)

05:53:13 executing program 7:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x4010, r0, 0x0)
syz_io_uring_setup(0x21fe, &(0x7f0000000040)={0x0, 0xfe9d, 0x0, 0x2, 0x234, 0x0, r0}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000fed000/0x13000)=nil, &(0x7f00000000c0), &(0x7f0000000240)=<r4=>0x0)
r5 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000280)=@IORING_OP_SPLICE={0x1e, 0x2, 0x0, @fd_index=0xa, 0x5, {0x0, r5}, 0x8000, 0x4, 0x1, {0x0, 0x0, r0}}, 0x6)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = dup(r6)
recvmmsg(r7, &(0x7f0000007940)=[{{0x0, 0x200000, 0x0}}], 0x500, 0x20000022, 0x0)
syz_io_uring_setup(0x368c, &(0x7f0000000180)={0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, r7}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500))
pipe2(&(0x7f0000000540), 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='mounts\x00')
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

05:53:13 executing program 1:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 69)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:53:13 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 90)

05:53:13 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x18, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[])
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:53:13 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 44)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:53:13 executing program 2:
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001ec0)=[{&(0x7f0000001a80)=""/94, 0x5e}], 0x1, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)="ee", 0x1}], 0x100000000000037f)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sendfile(r0, r2, &(0x7f0000000000)=0xffffffffffffffff, 0x1)
r3 = fcntl$dupfd(r0, 0x406, r2)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), r2)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r3, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0x94, r4, 0x400, 0x70bd26, 0x25dfdbfc, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x7f}, {0x6, 0x11, 0x1}, {0x8}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x99e}, {0x6, 0x11, 0x5}, {0x8, 0x15, 0x7f}}]}, 0x94}, 0x1, 0x0, 0x0, 0x1}, 0x44850)
fork()
socket$inet6(0xa, 0xa, 0x3ff)

[ 3179.666815] loop6: detected capacity change from 0 to 41948160
[ 3179.684751] FAULT_INJECTION: forcing a failure.
[ 3179.684751] name failslab, interval 1, probability 0, space 0, times 0
[ 3179.687192] CPU: 0 PID: 44145 Comm: syz-executor.4 Not tainted 5.10.235 #1
[ 3179.688597] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3179.688707] FAULT_INJECTION: forcing a failure.
[ 3179.688707] name failslab, interval 1, probability 0, space 0, times 0
[ 3179.690250] Call Trace:
[ 3179.690277]  dump_stack+0x107/0x167
[ 3179.690316]  should_fail.cold+0x5/0xa
[ 3179.690340]  ? ptlock_alloc+0x1d/0x70
[ 3179.690364]  should_failslab+0x5/0x20
[ 3179.690383]  kmem_cache_alloc+0x5b/0x310
[ 3179.690414]  ptlock_alloc+0x1d/0x70
[ 3179.697580]  pte_alloc_one+0x68/0x1a0
[ 3179.698356]  __pte_alloc+0x1d/0x330
[ 3179.699091]  copy_page_range+0x1b62/0x3810
[ 3179.699937]  ? perf_trace_lock+0xac/0x490
[ 3179.700773]  ? lock_chain_count+0x20/0x20
[ 3179.701646]  ? up_write+0x191/0x550
[ 3179.702380]  ? vm_iomap_memory+0x190/0x190
[ 3179.703228]  ? downgrade_write+0x3a0/0x3a0
[ 3179.704079]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 3179.705160]  ? __vma_link_rb+0x540/0x700
[ 3179.705984]  copy_process+0x759b/0x7800
[ 3179.706821]  ? __cleanup_sighand+0xb0/0xb0
[ 3179.707679]  ? find_held_lock+0x2c/0x110
[ 3179.708501]  kernel_clone+0xe7/0x980
[ 3179.709241]  ? lock_downgrade+0x6d0/0x6d0
[ 3179.710063]  ? enqueue_hrtimer+0x177/0x2e0
[ 3179.710908]  ? create_io_thread+0xf0/0xf0
[ 3179.711754]  ? recalibrate_cpu_khz+0x10/0x10
[ 3179.712630]  ? ktime_get+0x158/0x1f0
[ 3179.713375]  __do_sys_clone+0xc8/0x110
[ 3179.714142]  ? kernel_clone+0x980/0x980
[ 3179.714960]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3179.716002]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3179.717036]  do_syscall_64+0x33/0x40
[ 3179.717777]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3179.718794] RIP: 0033:0x7f87f4e1cb19
[ 3179.719539] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3179.723191] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3179.724697] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 3179.726113] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3179.727530] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 3179.728935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3179.730342] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
[ 3179.731778] CPU: 1 PID: 44142 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 3179.733201] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3179.734896] Call Trace:
[ 3179.735432]  dump_stack+0x107/0x167
[ 3179.736173]  should_fail.cold+0x5/0xa
[ 3179.736946]  ? create_object.isra.0+0x3a/0xa20
[ 3179.737870]  should_failslab+0x5/0x20
[ 3179.738656]  kmem_cache_alloc+0x5b/0x310
[ 3179.739478]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 3179.740689]  create_object.isra.0+0x3a/0xa20
[ 3179.741570]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3179.742605]  kmem_cache_alloc+0x159/0x310
[ 3179.743448]  ptlock_alloc+0x1d/0x70
[ 3179.744185]  pte_alloc_one+0x68/0x1a0
[ 3179.744950]  __pte_alloc+0x1d/0x330
[ 3179.745695]  copy_page_range+0x1b62/0x3810
[ 3179.746576]  ? perf_trace_lock+0xac/0x490
[ 3179.747402]  ? lock_chain_count+0x20/0x20
[ 3179.748286]  ? up_write+0x191/0x550
[ 3179.749025]  ? vm_iomap_memory+0x190/0x190
[ 3179.749882]  ? downgrade_write+0x3a0/0x3a0
[ 3179.750742]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 3179.751831]  ? __vma_link_rb+0x540/0x700
[ 3179.752665]  copy_process+0x759b/0x7800
[ 3179.753502]  ? __cleanup_sighand+0xb0/0xb0
[ 3179.754366]  ? perf_trace_lock+0xac/0x490
[ 3179.755205]  ? perf_trace_lock+0xac/0x490
[ 3179.756053]  kernel_clone+0xe7/0x980
[ 3179.756822]  ? create_io_thread+0xf0/0xf0
[ 3179.757658]  ? lock_downgrade+0x6d0/0x6d0
[ 3179.758513]  ? find_held_lock+0x2c/0x110
[ 3179.759349]  ? ksys_write+0x12d/0x260
[ 3179.760139]  __do_sys_clone+0xc8/0x110
[ 3179.760931]  ? kernel_clone+0x980/0x980
[ 3179.761723]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3179.762665]  ? vfs_write+0x354/0xb10
[ 3179.763439]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3179.764493]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3179.765534]  do_syscall_64+0x33/0x40
[ 3179.766289]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3179.767333] RIP: 0033:0x7fd16660db19
[ 3179.768088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3179.769024] FAULT_INJECTION: forcing a failure.
[ 3179.769024] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3179.771790] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3179.771813] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 3179.771825] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3179.771836] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 3179.771847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3179.771859] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
[ 3179.783122] CPU: 0 PID: 44148 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 3179.784439] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3179.786045] Call Trace:
[ 3179.786562]  dump_stack+0x107/0x167
[ 3179.787269]  should_fail.cold+0x5/0xa
[ 3179.788003]  __alloc_pages_nodemask+0x182/0x600
[ 3179.788900]  ? lookup_memtype+0x5b/0x200
[ 3179.789677]  ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170
[ 3179.790844]  alloc_pages_current+0x187/0x280
[ 3179.791681]  pte_alloc_one+0x16/0x1a0
[ 3179.792412]  __pte_alloc+0x1d/0x330
[ 3179.793105]  copy_page_range+0x1b62/0x3810
[ 3179.793915]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3179.794915]  ? __lockdep_reset_lock+0x180/0x180
[ 3179.795838]  ? vm_iomap_memory+0x190/0x190
[ 3179.796644]  ? up_write+0x191/0x550
[ 3179.797350]  ? downgrade_write+0x3a0/0x3a0
[ 3179.798149]  ? down_write_killable+0x180/0x180
[ 3179.799024]  ? __vma_link_rb+0x540/0x700
[ 3179.799809]  copy_process+0x759b/0x7800
[ 3179.800595]  ? __cleanup_sighand+0xb0/0xb0
[ 3179.801399]  ? perf_trace_lock+0xac/0x490
[ 3179.802189]  ? perf_trace_lock+0xac/0x490
[ 3179.803005]  kernel_clone+0xe7/0x980
[ 3179.803709]  ? create_io_thread+0xf0/0xf0
[ 3179.804498]  ? lock_downgrade+0x6d0/0x6d0
[ 3179.805280]  ? find_held_lock+0x2c/0x110
[ 3179.806058]  ? ksys_write+0x12d/0x260
[ 3179.806802]  __do_sys_clone+0xc8/0x110
[ 3179.807539]  ? kernel_clone+0x980/0x980
[ 3179.808292]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3179.809169]  ? vfs_write+0x354/0xb10
[ 3179.809890]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3179.810903]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3179.811885]  do_syscall_64+0x33/0x40
[ 3179.812582]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3179.813541] RIP: 0033:0x7f81e84c4b19
[ 3179.814243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3179.817696] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3179.819172] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 3179.820505] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3179.821834] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 3179.823184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3179.824518] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
05:53:14 executing program 0:
mlockall(0x7)
r0 = shmget$private(0x0, 0x1000, 0x1c10, &(0x7f0000ffd000/0x1000)=nil)
shmat(r0, &(0x7f0000800000/0x800000)=nil, 0xc000)
shmat(r0, &(0x7f0000ffc000/0x1000)=nil, 0xc000)

05:53:14 executing program 5:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080))
syz_io_uring_submit(r3, r2, 0x0, 0x0)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r5=>0x0)
syz_io_uring_submit(r1, r5, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 91)

05:53:14 executing program 4:
r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_setup(0x3157, &(0x7f0000000140), &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r5=>0x0, <r6=>0x0})
syz_io_uring_submit(r3, r2, &(0x7f0000000280)=@IORING_OP_TIMEOUT={0xb, 0x1, 0x0, 0x0, 0x5, &(0x7f0000000240)={r5, r6+10000000}, 0x1, 0x1}, 0x453)
syz_io_uring_setup(0x6da6, &(0x7f0000000480)={0x0, 0x33d6, 0x20, 0x0, 0x86, 0x0, r0}, &(0x7f0000ff7000/0x4000)=nil, &(0x7f0000ff4000/0x2000)=nil, &(0x7f0000000400), &(0x7f0000000500)=<r7=>0x0)
syz_io_uring_submit(r1, r7, &(0x7f0000000540)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe(&(0x7f00000014c0))
syz_io_uring_setup(0x4, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
pipe2(&(0x7f00000000c0), 0x4800)
r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x11, r0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x120d, 0x40fc, 0x2, &(0x7f0000000040)={[0x40]}, 0x8)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4000, &(0x7f00000000c0), 0x0, 0x0, 0x0) (fail_nth: 45)
syz_io_uring_submit(r8, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x1e000000)

05:53:14 executing program 6:
statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x2c00, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x402}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file1\x00', 0x1c, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[])
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r0, 0x82307201, &(0x7f0000000300))
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
fsetxattr$trusted_overlay_redirect(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file1\x00', 0x711300, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0xe0)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000040)={0x7, 0x4d, 0x3}, 0x7)
perf_event_open(&(0x7f0000000240)={0x3, 0x80, 0x8, 0x9, 0x49, 0x2, 0x0, 0x800, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0x6, 0x1}, 0x1000, 0x1, 0xff, 0x3, 0x2, 0x4, 0x9700, 0x0, 0x4, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0xd)
fallocate(0xffffffffffffffff, 0x20, 0x0, 0x8000)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file1\x00'})
write$binfmt_elf64(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ce33076d780600007d9aaa4f95a484c996a94bf0a18eb7c25e1c8f82170000000000000000000000005a3eba9c015e852bf6603a3a23208194677f26046dd2dfe844d238dc3a2cc3985da01542ca7d460f000000000000d06943b6c15de43e0095d0956c2177c2321db117fbc2426adc5f3e299dba3091dabecd2d28f97c6a766f66c2f83d6ce9f4290b8130f1afc2f26f0400000000000000000000000000000000e87a4e6f2e044818df6d5f28d1630302fc0053e544276a209c328c8df880a047c11a3d793c9821fbc2c72966f74589ad0b0b55eb4c012a352c705a6ad14b0b40abf58a18afa1bbd3f2f4156fea54e837ca425ec7146a1e1b4e7bbfa8a5176bffde43290e3ab56a9bcfd1f466505e647f346dda3b145822691382cabdfe55d35036dadd1834f9becf047a268eda8452c4af1fdd3aac2000899f6bd37b2bdd9d0bd939c66ff225e38cbea2f6b78ee33546"], 0xaf2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
r3 = io_uring_setup(0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r3, 0xa, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_BOTH(0xffffffffffffffff, 0x82307201, &(0x7f0000000640)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])

05:53:14 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000000440)=[{&(0x7f0000000040)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {0x0, 0x0, 0xffffffffdffffff8}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000011600)="ed41000000080000dff46552e0f4655fe0f4655f000000000000040004", 0x1d, 0x2100}], 0x0, &(0x7f0000000140))
ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0x7ff)

[ 3180.035621] FAULT_INJECTION: forcing a failure.
[ 3180.035621] name failslab, interval 1, probability 0, space 0, times 0
[ 3180.036170] ------------[ cut here ]------------
[ 3180.038124] CPU: 1 PID: 44334 Comm: syz-executor.5 Not tainted 5.10.235 #1
[ 3180.039086] WARNING: CPU: 0 PID: 44148 at arch/x86/mm/pat/memtype.c:1019 get_pat_info+0x216/0x270
[ 3180.040334] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3180.040346] Call Trace:
[ 3180.040374]  dump_stack+0x107/0x167
[ 3180.040399]  should_fail.cold+0x5/0xa
[ 3180.041884] Modules linked in:
[ 3180.043520]  ? vm_area_dup+0x78/0x290
[ 3180.043546]  should_failslab+0x5/0x20
[ 3180.043567]  kmem_cache_alloc+0x5b/0x310
[ 3180.043592]  ? lock_downgrade+0x6d0/0x6d0
[ 3180.044063] 
[ 3180.044730]  vm_area_dup+0x78/0x290
[ 3180.044767]  ? _cond_resched+0x10/0x30
[ 3180.045464] CPU: 0 PID: 44148 Comm: syz-executor.1 Not tainted 5.10.235 #1
[ 3180.045997]  ? copy_page_range+0x24e9/0x3810
[ 3180.046058]  ? vm_area_alloc+0x110/0x110
[ 3180.046679] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3180.047388]  ? up_write+0x191/0x550
[ 3180.047410]  ? vm_iomap_memory+0x190/0x190
[ 3180.048159] RIP: 0010:get_pat_info+0x216/0x270
[ 3180.048872]  ? downgrade_write+0x3a0/0x3a0
[ 3180.048903]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 3180.049264] Code: c1 ea 03 80 3c 02 00 75 71 49 89 1e eb 8e e8 e1 88 2e 00 0f 0b e9 97 fe ff ff 41 bc ea ff ff ff e9 77 ff ff ff e8 ca 88 2e 00 <0f> 0b 41 bc ea ff ff ff e9 65 ff ff ff 4c 89 ff e8 15 8d 5a 00 e9
[ 3180.049878]  ? __vma_link_rb+0x540/0x700
[ 3180.049908]  copy_process+0x291b/0x7800
[ 3180.050601] RSP: 0018:ffff8880446df770 EFLAGS: 00010216
[ 3180.057479]  ? __cleanup_sighand+0xb0/0xb0
[ 3180.058215] 
[ 3180.059013]  ? perf_trace_lock+0xac/0x490
[ 3180.059048]  ? perf_trace_lock+0xac/0x490
[ 3180.060409] RAX: 00000000000249fa RBX: ffff8880454c7500 RCX: ffffc9000580b000
[ 3180.061111]  kernel_clone+0xe7/0x980
[ 3180.061138]  ? create_io_thread+0xf0/0xf0
[ 3180.061857] RDX: 0000000000040000 RSI: ffffffff81123696 RDI: 0000000000000007
[ 3180.062726]  ? lock_downgrade+0x6d0/0x6d0
[ 3180.062744]  ? find_held_lock+0x2c/0x110
[ 3180.062783]  ? ksys_write+0x12d/0x260
[ 3180.063501] RBP: ffff8880446df828 R08: 0000000000000000 R09: ffff8880446df6f8
[ 3180.064551]  __do_sys_clone+0xc8/0x110
[ 3180.064573]  ? kernel_clone+0x980/0x980
[ 3180.067549] R10: 0000000000000020 R11: 0000000000000001 R12: 0000000000000028
[ 3180.068341]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3180.068361]  ? vfs_write+0x354/0xb10
[ 3180.068404]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3180.069012] R13: 1ffff110088dbeee R14: 0000000000000000 R15: ffff8880454c7550
[ 3180.070063]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3180.070088]  do_syscall_64+0x33/0x40
[ 3180.070110]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3180.070127] RIP: 0033:0x7fd16660db19
[ 3180.070919] FS:  00007f81e5a3a700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[ 3180.071148] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3180.071936] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 3180.072617] RSP: 002b:00007fd163b83188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3180.072646] RAX: ffffffffffffffda RBX: 00007fd166720f60 RCX: 00007fd16660db19
[ 3180.073841] CR2: 000056300af272d8 CR3: 0000000047a78000 CR4: 0000000000350ef0
[ 3180.074496] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3180.074508] RBP: 00007fd163b831d0 R08: 0000000000000000 R09: 0000000000000000
[ 3180.074520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3180.074532] R13: 00007ffde777d1af R14: 00007fd163b83300 R15: 0000000000022000
[ 3180.102184] Call Trace:
[ 3180.102716]  ? __warn+0xe2/0x1f0
[ 3180.103335]  ? get_pat_info+0x216/0x270
[ 3180.104114]  ? report_bug+0x1c1/0x210
[ 3180.104875]  ? handle_bug+0x41/0x90
[ 3180.105512]  ? exc_invalid_op+0x14/0x50
[ 3180.106258]  ? asm_exc_invalid_op+0x12/0x20
[ 3180.107111]  ? get_pat_info+0x216/0x270
[ 3180.107895]  ? get_pat_info+0x216/0x270
[ 3180.108689]  ? pgprot_writethrough+0xc0/0xc0
[ 3180.109468]  ? memtype_seq_stop+0x20/0x20
[ 3180.110221]  untrack_pfn+0xdc/0x240
[ 3180.110902]  ? track_pfn_insert+0x150/0x150
[ 3180.111746]  ? lock_downgrade+0x6d0/0x6d0
[ 3180.112473]  ? uprobe_munmap+0x1c/0x560
[ 3180.113210]  unmap_single_vma+0x1bc/0x300
[ 3180.114016]  unmap_vmas+0x16d/0x300
[ 3180.114754]  ? zap_vma_ptes+0x100/0x100
[ 3180.115557]  exit_mmap+0x27f/0x4f0
[ 3180.116126]  ? __ia32_sys_remap_file_pages+0x150/0x150
[ 3180.117096]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 3180.118112]  mmput+0xca/0x340
[ 3180.118763]  copy_process+0x6ac9/0x7800
[ 3180.119574]  ? __cleanup_sighand+0xb0/0xb0
[ 3180.120250]  ? perf_trace_lock+0xac/0x490
[ 3180.121049]  ? perf_trace_lock+0xac/0x490
[ 3180.121850]  kernel_clone+0xe7/0x980
[ 3180.122591]  ? create_io_thread+0xf0/0xf0
[ 3180.123252]  ? lock_downgrade+0x6d0/0x6d0
[ 3180.123960]  ? find_held_lock+0x2c/0x110
[ 3180.124750]  ? ksys_write+0x12d/0x260
[ 3180.125502]  __do_sys_clone+0xc8/0x110
[ 3180.126127]  ? kernel_clone+0x980/0x980
[ 3180.126857]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3180.127681]  ? vfs_write+0x354/0xb10
[ 3180.128471]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3180.129290]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3180.130233]  do_syscall_64+0x33/0x40
[ 3180.130928]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3180.131891] RIP: 0033:0x7f81e84c4b19
[ 3180.132604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3180.135608] RSP: 002b:00007f81e5a3a188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3180.136994] RAX: ffffffffffffffda RBX: 00007f81e85d7f60 RCX: 00007f81e84c4b19
[ 3180.138184] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3180.139403] RBP: 00007f81e5a3a1d0 R08: 0000000000000000 R09: 0000000000000000
[ 3180.140631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3180.141850] R13: 00007ffee79a388f R14: 00007f81e5a3a300 R15: 0000000000022000
[ 3180.143113] irq event stamp: 4047
[ 3180.143706] hardirqs last  enabled at (4059): [<ffffffff84000d02>] asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 3180.145375] hardirqs last disabled at (4074): [<ffffffff8129a6b9>] console_unlock+0x839/0xb40
[ 3180.146875] softirqs last  enabled at (2496): [<ffffffff84001092>] asm_call_irq_on_stack+0x12/0x20
[ 3180.148381] softirqs last disabled at (2423): [<ffffffff84001092>] asm_call_irq_on_stack+0x12/0x20
[ 3180.149892] ---[ end trace 194b898bdcc808b7 ]---
[ 3180.161867] loop7: detected capacity change from 0 to 16776704
[ 3180.180501] FAULT_INJECTION: forcing a failure.
[ 3180.180501] name failslab, interval 1, probability 0, space 0, times 0
[ 3180.182459] CPU: 0 PID: 44367 Comm: syz-executor.4 Tainted: G        W         5.10.235 #1
[ 3180.183702] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3180.184943] Call Trace:
[ 3180.185344]  dump_stack+0x107/0x167
[ 3180.185898]  should_fail.cold+0x5/0xa
[ 3180.186487]  ? create_object.isra.0+0x3a/0xa20
[ 3180.187178]  should_failslab+0x5/0x20
[ 3180.187755]  kmem_cache_alloc+0x5b/0x310
[ 3180.188373]  create_object.isra.0+0x3a/0xa20
[ 3180.189033]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3180.189802]  kmem_cache_alloc+0x159/0x310
[ 3180.190441]  vm_area_dup+0x78/0x290
[ 3180.190999]  ? copy_page_range+0x1ff6/0x3810
[ 3180.191666]  ? __sanitizer_cov_trace_pc+0x3c/0x60
[ 3180.192396]  ? copy_page_range+0x24e9/0x3810
[ 3180.193091]  ? vm_area_alloc+0x110/0x110
[ 3180.193714]  ? up_write+0x191/0x550
[ 3180.194264]  ? vm_iomap_memory+0x190/0x190
[ 3180.194914]  ? downgrade_write+0x3a0/0x3a0
[ 3180.195553]  ? anon_vma_interval_tree_insert+0x277/0x450
[ 3180.196368]  ? __vma_link_rb+0x540/0x700
[ 3180.196983]  copy_process+0x291b/0x7800
[ 3180.197606]  ? __cleanup_sighand+0xb0/0xb0
[ 3180.198242]  ? perf_trace_lock+0xac/0x490
[ 3180.198882]  ? perf_trace_lock+0xac/0x490
[ 3180.199511]  kernel_clone+0xe7/0x980
[ 3180.200071]  ? create_io_thread+0xf0/0xf0
[ 3180.200693]  ? lock_downgrade+0x6d0/0x6d0
[ 3180.200918] loop6: detected capacity change from 0 to 41948160
[ 3180.201312]  ? find_held_lock+0x2c/0x110
[ 3180.201334]  ? ksys_write+0x12d/0x260
[ 3180.203749]  __do_sys_clone+0xc8/0x110
[ 3180.204335]  ? kernel_clone+0x980/0x980
[ 3180.204933]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3180.205628]  ? vfs_write+0x354/0xb10
[ 3180.206203]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3180.207020]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3180.207800]  do_syscall_64+0x33/0x40
[ 3180.208356]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3180.209122] RIP: 0033:0x7f87f4e1cb19
[ 3180.209676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3180.212432] RSP: 002b:00007f87f2392188 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 3180.213569] RAX: ffffffffffffffda RBX: 00007f87f4f2ff60 RCX: 00007f87f4e1cb19
[ 3180.214641] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000004000
[ 3180.215705] RBP: 00007f87f23921d0 R08: 0000000000000000 R09: 0000000000000000
[ 3180.216772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3180.217835] R13: 00007ffd2ec467ff R14: 00007f87f2392300 R15: 0000000000022000
[ 3180.252738] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue

VM DIAGNOSIS:
05:53:14  Registers:
info registers vcpu 0
RAX=0000000000040000 RBX=0000000000000001 RCX=ffffc9000580b000 RDX=0000000000040000
RSI=ffffffff8129ca41 RDI=0000000000000001 RBP=0000000000000200 RSP=ffff8880446df470
R8 =0000000000000000 R9 =ffffffff8686c6e7 R10=0000000000000000 R11=0000000000000001
R12=000000000000002b R13=0000000000000246 R14=ffff88804a1ccec0 R15=0000000000000000
RIP=ffffffff8129ca43 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f81e5a3a700 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 ffff888000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000056300af272d8 CR3=0000000047a78000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007f81e85ab7c000007f81e85ab7c8
XMM02=00007f81e85ab7e000007f81e85ab7c0 XMM03=00007f81e85ab7c800007f81e85ab7c0
XMM04=ffffffffffffffffffffffff00000000 XMM05=00000000000000000000000000000000
XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000
XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=000000000000006f RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff822df351 RDI=ffffffff879f3180 RBP=ffffffff879f3140 RSP=ffff888049e77280
R8 =0000000000000001 R9 =0000000000000003 R10=0000000000000000 R11=0000000000000001
R12=000000000000006f R13=000000000000006f R14=ffffffff879f3140 R15=dffffc0000000000
RIP=ffffffff822df3a8 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007fd163b83700 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f4fafffb7e0 CR3=00000000487b0000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00007f81e85ab7c000007f81e85ab7c8
XMM02=00007f81e85ab7e000007f81e85ab7c0 XMM03=00007f81e85ab7c800007f81e85ab7c0
XMM04=ffffffffffffffffffffffff00000000 XMM05=00000000000000000000000000000000
XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000
XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000