9f06541a2c3792960a351bea46de33b5b161a4db2574343e7fd506245d014ec14a36448b822a3f1d069556d88cef79d27f95a44e206b3303dbb5730777adda1f8560ba41314d0950cbc92006dbabbf2af1f25c697fc5d14ba9b77fa9c974b2c6007e758eef12f9009441fe9d45b622c2a91db58c5c774dfbb772cb423cfea0015214c66103d8842fe5a368d8d98d4475b788692e4679374b717ce683128f81af027e9e3049b6ceedcc326a1c88ecfa0ea4c62e29f54832b411136d92f6c4150f59a5f3ca9727dcb922dde0ee122fa58c149a06ee98e9226ca1e1f77cb3180ed8a311800172d14787c81f97e4e622cd94ab88397783b13859d447da4d3bfcf2ab4263ca4b8102e3075fddf6c19fc3c56471344a5c1ea226e1e3cee87d3aa2bf9c01015d8c7c723f4b7cd4b7aa9e7cd39885575f92c36bdf16b47022b462234367d00b3432a7b1c6b454efcd4879f64c860c1152958a05ba10f60e62f22ba0c3fd99768a3648170413925a2f547ac8deecaaa5943ae83eb5beef05ca750d683e4d9422d78da34c51c06402bcf3e3482f7b638ea2d81701b2c4ecf6d2b6e6b0d137e497a789f4004ffb1288c4250e38641bc5af91f8a5232b0b04a786d1073c4943bd97239f51c8caa967e16c37e5dfb2aee186e5ccad09ebe34c026a3bb78038d0e26cd09692e8a9755403e6268f3f0cc71c796abb7a48d4d83dcc8f355093e1b462e72ee8bac3543adf73c630b8def9a13999205ded8b9b13608f7ccc083c686ef373e87d504e5249b59f941ff2b784d7cfd811dceb58dbddfabbe0124eef0b7bd8973668b6e97b7ac907b25c480e8c4f42916c64a7b71f6c3a31d27ce75f33eb8c502b8edd1cabb44611f8a9c05f66855f4e41bfaa7c5573f8a87e7c55c98a2922ff312655275bbc5445de4764873aade34860f7e8d6503d85d71a24a1cd57a4dc2dcfe42510628e8e1d0dae6295ebc32a40f1175fc55bf9b292229d99c10e749a3b3e811b9e23cf4d0334dc9739fef261731370169fc4722c2333a92685d104c3a7f7f9a53129d196a4eb43c90bf5f0695b9b270fca342ae24a9708b610ee0f35baa9a4724936911aa7d908125a92968a91011420fd77655e3d06bcf4ddee43573d53c775ca34bde1517d9efbbdb87cf8fa52715682bb043bbd0c5728018027f95fd984be22d0a3fd92a0c6350c83a6f4021eba29ff434fc2a344ee494ab9ceb30cecfd779abe6f3a21036240acc3b51fc6ac4a3103fe8f833e8f335c8ffb6786bcdabe21e9c7d258a0530cf939521f708291f482344e002c76fa307ab7ef1ab9177b18a9af9aa51d432f941aee4353c63ec359f9df21589cf11f295f26837549a477393e53d8ee43d1e6ad5678bda91a3e7626bfc15d12c517784244c587931538f0c6cc78502884d92716e155f1448376801efb67f606d8696bc1f4aa43ea8800e58f375fc546a3a66f95311a3ca3bed7a34ec79d443b489188e0346b9e503dae3052ecfba6df56ca74fc9ca78ccfda4cfa00c161ad70c05b9d251f348eaae9d990f56a00081f0821d39b8634d8aca1541b53dd830b1e607cc7f16a26c0e69e12fac98d7e3a12b388d40dcd32fbf367d35ada7902ae2efeb6fd0b9ea91bb728f8440c98834db41f175e81ead167cb4fa899b6170dc7b28e38c2a1fbf4a52aa6b6fb48ddfdaf0707dec3424ef70731bc158c22cfc91bc4e6efc006f35ed9dfa3f1bd90669593776a959aef88b5bbe2c39b5421b583d7d196c25e4c66e091e0a84b54db4e0b8da158936eecd97f636aeb8620e99d1ca5d60f9efdc8e438fadd62535aa52f6de68423d617ce67d06d7e2b89283544835977d8d643f9664f9ec6eefd68ceecfb6c913e8d7e102a335dffc3512e46e2a17dc3028a63ab727dbc5077d236af41eb433425ab9f56311524f7f674f090bf9e2aea599f3a99bc64441e574b089dad142415b64974ea4bfccd5b779f371bc6f4e3885fca45d8ebab865320bb9ad094adc09f706c45e8b9571614b18b79aa9f438789612b7e76937b09511b293d47d8f7a1b5552f0f07be7faba93cc5711538114d61ba5ccd0c9cf8c5ba4ea912f3bd8e2845f5ea5200b3b703e9a6503bee94651516b5f9c8e76f742d429f9e49861b7d563071e9cf4785c8f002733a4fe70f9c1baa2852d3d994b89a1c8256aeda9937b1b3192f2318b7279cc10c25ad448450b6737532ff66f4fb55b712a2c256992d71ad59cf739a6223f8a8f5552418903a0e21a8b6cfb2d5a1c67328c417eabf42c9f29c39a154f173b24fd707f1320747f21bad917d93f084ffbcf8dbf427f074d4de90b9347ba3e917f2f60a99d02af15f6cb74f39b945ea5cfaf9a7f214076dd44a52c4b6d270787b60902acc5c42322e80eb0d91651d4801ffee4270d3aa97628fbb44c6f4ab6c17aab5267d1adad41612322d20692e8f6639bc279efe93623400ea8e6a8a4f88ec2d8da9738c065bad26fcf2e5f0a9df6e3ce1ea5cd471e229343e048bb3c8d73f6ceb29446083d33fe479348bcb4c2af3a6c97e831de4aea32388eb9512d09bfa56321e896e93a50ca8a2e9361667810740b2c9c613ea17d821191012782ca0de194276c487da70ff086fb80bea8af41490f44a2072241ddb66b517939932491ca1f959adb4f75518c98189f2859dfc51149321bd209ffdcc15e1b55fd5646df32b46111148ab59fcbda4d4b2aabb32bff6f05ec976cb87828dea255f53ec93da104c17fee4b58520e6c4b67039403cc8f342c6ca1e478576542c8a63d27a423ff864eee33071d581bc2ee5de7368ef7a7ef5cdb42a2efef9dc5ba7076c65ebdaedd8e33355f386fa93db30575625c5ec1ce9287a1839c6fb2d8342ebaf57cfe42fc86b84fc17f97b8a6fac8b1f2ec2285a8618712d5825988503783c4a3ae7d4206c3a83cb3f22105d8045f8221ba65648ff550236eccbfb0282f4e9f9cd6b7aad90feb85a88ff2e8e2ad20781fc49e37da79c0ceff530a170f23eff81a37b0687cb3431300e4fc803b988e13851cc659f08a83446ecb91831f8b4a2b9bd2abd5d4a3076317156713158e12c54d0ca1515ce0867ba762cf7467d187f24dea3eba55c147769a0d9b93b44b9e82505b31702e46402be278f77cd10661b61bd027c900b33f8d156399113e59a1e64577a0f38c46906e3b556a412755361825c70e260798f9def1b7e5ba11b95604d56b2e6c495cb074ac3d7c14d688202d7cea1267c37b584cc5a6847d63b14a7f8f759bfd262494f3f838a8926cf2691367b467ced70f3334c016e37cab233e16ac9a11180480b29273d73330aebead047bb07d3d3e272d1189299e2e7f578e593c93ba85c87edc32a3ca2336c92a685c0593ba6dea6fbfc80c335151ab58dfa4bbc9721c0065e4215dea16350ef4eabc1d45c12a7bd8206d7fbf951bb1b3edb0a3ab46b60170054505949778a517b694905bed3678c8280422b752566fe8902fa28e344dfff7c96ab778c306e42e8531a6e1265106c82190a034059095712fba95e0e270fc1b85498df225f82c9457f82d24a954549e5b1b23da20448e7380e1cb51c67e2bf42f65976ae0c45d66af95ce120d332ec84bfcccff4be8603d8cb53049794794301c3cc41c0bc7460aef7224b274224b14579b1050546b81c9d9a0a15f5b562ab352d524afb3a9371b9905756948eea738b512cae28070e3b3341060d9714bd0c6c8b1adf8dc7762ad1284d53bd6b60c81cd9eb13b82c93091dc5b49281862cf7281954b65bca2892f1c8352390b79e0a8a198137ff0ef3a6e770b7682a9511fcbfc8f393e6fbe4a00528a875b551fc5ecf6add5f87d7926c58fd5592f92c8af399728572ccf62795fe0aa6753f7b000420bc94eb4f8fe9e73410b4e6d3b17db8a0d905c32b7241bdf9cca8d40b6b614047f9d5ef5063b863f59a404cf750535db19027df34f8816"}) close(r1) [ 717.824283] ? sock_write_iter+0x3d0/0x3d0 syz_io_uring_submit(r2, r9, &(0x7f0000000240)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x4, 0x3, &(0x7f00000002c0)="5e2d471c8e2d78e9277be2e6a26f063a7304f4eab40d2f4a4fc0aadfb1a4dd9a7d2e689a53ea34bc64f0c9521c8e6f8cae5860b671cfa8df1179b338bfd6e167bf241575c1ed620223ddedf3e8303a3ab945074cdbd47d7046acdee4ae9cf1759a770e8f49357642508065b771e89a62738cdde190faf77333eddf4ea0df92330bf24659459bbf29a0ef76c080f8d01ba53ae9bedb07f9d02a180d7075b21e12c32bdc9d98171eca3b24ff20ec79c29a3ba0f55755f01b755a5daa4f45228e1009183038ceba1cff04ccb0ce9368e1438dcd90334770e0df8e78928f01d0de458663dbe526ece472343bbcb4dabf06f928521eff84ba5835646639df285abe3980a73435687c624a9374750ba30699e0f44803f31200bab6f08edcff3be21982e5d684ce502c01d83c9557a28fdb83de014ac6c0a29b6cb9b1eed9a116a4e7059667b747052c2162384c219c46293ae9e20cfa6cf3cc0e01873b84eca80799bc86ac19e38b28f323de1348ee150402d7b9db92325ed1b2568dbbe6bd63e1272751b0db4c1f3020ba08601955ba260fc29ac01ebc3587f291f523ce762a00952bec06ab336f7d241ec4c15a77efa95242e469dcb0822998ddca0d8ef63b3ee620c7fd6dafc42f31f5d0f0d6ab262c681e23e04d3ada1af38cb6430f62dbb9409d2a5281e63961cf1dc272c462fd544ad7408d0b2a156ca111f5104d69ba3e3c04997002ce07eee8b5bd9b03d6f533604000fb007aa95e99cd54a7c5e00d893c1c054c4ad8a36fa01f294ee77b8542d70d32bebbdf0e3ac4ff2c954e7ed9e355e8fee6d3bf7d86ad4716ccb9b303f71c6b201180858474f691f9de594b0c49d698172929899a6bb6367c6921265cae410dc07b97cef1ba7343e388f2f993f39f7f062275e51d938e1746560e034cd36ed580b1674c1bc8103234bb99d82c9c8ecfe7af36dfa9978a166ee316b7a6643a4f71f3528608ecee6bcba3a60913e11fedbaf3f825e5f96be85d30c4ffdfd6a15aada4dffeaabba365e3b03f778ab95f7310693993d69943937b2c038f5aacd5e6d714115ded3231f935cfe339151c670e031c2aa4413436dd35f4313ae27cd978a48ec857bf2264431267ea48f8834369593133cf34c65d9e9905755849efcdc9e9967f9248834e2e98bcdde84c63885e700da3e1cbf2acf83ae94a283ee0dc7e3a1de6577ad6bc12ae50abe20ec2309c135447e801e7bf8a066eeafd52a62acae11a1d3b895421a6c559685d09753127e34549e7fbf292afd83b2a82d417d1a1cacde31881894c400520f824a733d8043d38f86d783d2b487e5557df01668570dbe11b29abb7991151f2cfbfbe4020c0fb8bd7deaffb10cc7e1391bb0d16b9d9c84c2557f7984ff9a344ed27e106fef20a88f1fe2fca76abc6fc06f99e9a7bfa342e256f1ac92b39b649a22d8fefd8c2ed824780da1251f6bb8f46d2e3685e4c77dfccadcdd91100eac3eb6d78c99da176123e8c87f0173533e913117561a16649a66c0eea285214e2a96751128a8df71c6b7cb9f318a111a15c1edb3d963bc8eb7c37b84d6d04a109885305677ae476ee3cebed46638b79adb126a0156e03309813cef0469bb51331cb4ff8868fc22f162bf2c0aa29744bf4acd5ed9fe18263e59e245822bff2bf4527ba03652affd0889e8d609e2fd1620cbfd4fc1bc39ff816bdbd7de16ece2427d8a16428d8ff9d9a056bb69462ee157a73192b6d004de13c9259c998223ef454710d25afac95c0fb3e3242ea86af9650b24739fa4fdc7ea472d40dc73ffcaa665fd533952d6a63a96a0ece07a4df991dcd004992ca3f49b540094f6dc87d1c9961995ab40356193f7005b2a639c16f30aec2ca431a244b455510e8472a56fbe572619ecad5d4b1d0833942a82ebbce40e538c1fde870640b2dc96aeb2512d7e0849534f7a4a43ee5152179ed844a39963ac2358241f28905b793ab0faaa69de198fa1f2459d85c62cce203b6a4394f18a62498e85459acc596be3b44f9570c07d1942151273ff3718980f04aceb82da88f50f8e442a939ed6ef607365b417fb3b8a2e2be4c5fb24d5ea5be64a1f8d59211d5f40a52a2e0b7b840f40ab608b36fe3d123a19e273026857a54bc2bd1172f7ef3e23c814e608ddf57b4cc36c6b5b648d6ee6dd35419b69cdf4d4af2887b00be3ed69a1a9d4645c593b986a0b5318ced8cbf89b38a3ad48d1eb84a7e95fb302b1ca6716ddc1e6565c7fc4af63265b31ed6a4d0410d2fd437543fb3bed61df7ec6bff3946cf09e0f5f3540bd3677217e312c8b1d6aa5de753aea47c3d1ccd672757799c56f11c1db1c3ee53fe8534fc81a73bff1fe2699c43431a9c27dfd987f5a97080c5bf2203cedacd2b09b81bf880f73722754c7517424fb154e60af96926add1b88cf02a6fa941ce5d4e70c1b5fb95b773c9b89775d95b3c6ac2d4ef31da59b851c17df8c51c4eec5919b42aa0e1095c83cc82b90caa79ea1e7f01fc5f44d1700523020dcf4add9c14aeeb173eea82590d3b51d6fe1b3ff5e49e99d2758b44f2b20ccc6ad7741ac1bc1916af54a22267ae99b8384bb07b271c75b630a4a619fabfd794c7cd2e56b7da8972e96c3e50cc53072dd85d98a8b282fa8c8217fb58d1f3acc0b1a1a8441b7fb0693c7ccd1f012ca3a97973eec4faf8eb6d853f182ca592f01f609df1a21b6cfa5ab52e00820b7cf26f318c23646928146eb5e2bf4ceb55236b28beac2c8b45f223c54ce893744655778fa63d1183fbe7d7f9013041f51f93d958a2e0ad3bd766bdea7dff5aa4765ccad54091222f53a78807fc773117f86652be4e09856be71060b6872cf97d11291edfc4a81f05909368cdd0c47af1b0dc784750cae5bde3768c09cef465229844177396503b286bcddb94a68ee2679bb6743f44f4227650251d4c8b176d033e11be1ac87c327e62b5eea9c029962cb9517a6ff08ba586dd2428251476caba98e608bb4c478312e2aca1a26860208c4da167bbb7b44c75e848b043cbeeeac5a447c6774e80f68e0e072c69fbbba3ba1ccae9ef3e07a84a9bae1cfa72ccd7b6581d2bf4eebba9ed9902f58ae14ba7f3785911d596541faf5f5b7a22d4b9631d2d63523f5f12ece0491b0f1bb2b8e7ccba155f588599911c57625aeedc14f8f2cbcaf1c1ab50852978f3342412d478f7fb6779e887037f752ed8dc8588a4b23137dacfee0292232193c7eae7ab319c7a42d04c22ad9f754b0e49af614ec8fb9d66fd52908a9f7c39a3ed6ff5307bc51dae896f871cd81f9877dc8f90903b465530544eea19a0318d3925154f26e4cfbec5bb0a843617698c9817df8e8bc9861af93c0b86196975c305df21886ae5e7cfde9bf4d80629e497c1cdc3e08ceab92dc89f7865d6f7aa3013811b25ce10e09cd271b29deb6842b2a724b6800b1d225253d403349fb92fc4bf51dfc1a08bc6968eede4f823447384770ceb62c93118fafaa6326f6d3f06a2a9ecde921d2c8a57c9ed14f4e8a32e6b90b2588ce8d2b9146f648ed34649948908c4e89a0708b98ae3eb2b8eb24e6cf224d2a9632494e0f5e96b99060beb6da88a9c8ebf45d58f0855a2038d9b2e1d6913b68d37cf3fa5e2d0ba60f25fbe227133e542b0918fbd1b304055f47137db53a060d8edf48a203c7a785fb0183f077240ffe38b08c2533fbb82129df39e0c199e99dc9d7b2061e1e8e49ace2d561df92001e5af5305bb37f671835b50ff27593991e9ef7ccf077f14f50e8a2841524f659c626a6f6f5254e43cdfbc5af96efb5631cea63c3c141eae918b7b1a1de7a46896ce76aaa14adca4cd43f3bf44400ce9e877f3376b465f7d96a83040a657553018ae53c2e9be659c6161ea24bab4efeb5a2fa98008f22f9f90646374de323c72bc1c53478b8cd5df5953cddaef942f3825be5a66dfbf12a70edf194a5c3c06f4195d8aaecb87594ffb402f5a2a9bcc0305bf6278a9f2bc6ba8e1629f870f678423d140f0b70b60f83012e68bf0db79d48dd41ec58a8288e521020045f6615347d485eac26d821ca4f360e6b397b5354b1c856b2fbaf38a1a8a71142f17bf9fe0898088ce189ba4b23406486ea3a12b43cf6233774fa3213448020efbcc38cb47a987196b42edb509847c2b6248d9c92bf42df2a6b5c482a93227f85d8c86a7216b80f58b0cfbd9d9b816c29283aa80bb4725594030bc4318b0535d5d350745ec0a71e1d81f3a24fa716eae5a253e1823f4f93a3e7c17860514c738e1ceeac770077ffeba60a4c4a0512d4fccb691da60283d27716adedfaae28df28709b4548117e75fe62c754dff8c07025ebde0b312df7c26bbc6c68200816aae6f61cd45b9e197dd8f0200bca9809cc905cef39f19ddb0b912a9cc7bc48703592f207ae43ebc27dc277e15657411b0b44fb2e88526f037aa7ea2626c873df96bd2203f3fd2d9dbca41bfc3492c1d180c434c80d3566ec04fc774fa6c5f122665079114d5118580f4c2356ad462893d7345d620d92c1f967ba48c7f682e6834946b6aba19c90f8035b4f9f58004bbcf1a9769a52540fe08fc16edede3be74874318b07dca82a1f7785ffc67b2b59c0ba45d858f41d7d5faedb1e09e4f1908fc97f0ac74a3b5855e68a991d1fcc3e4d1223150ca41f93fadbc3ace7e52562ccc486db45bf9702f9fe8c9bc4683adeed64d37c7169d3cf90b1fcb2c8bf3e4a7bc47a9b51311ccc0333f107a2c63e4616b8e682350b89fe98b17e581319f4c0ee411a8380a665c3631f7459f7fabd41854de48c450b209fd178dbbe790bd73532afb118bb8dc9f847ae67506fcb267c76d54966ded4344913b5373337b2ef10e7fb89452b305f727aeb006d3d5f39c71f9b255e30be862e6a3457e45be50f6648a8369a72a67adb10958e926a8235c8f4fe82c20a006354e7bb0efa7830f0b76d0fe31560886aec086d714b1919f18c4bcf5e7badcc09ae5d46fc8021e9cfbb7aa06719650d6eb5eee66309f96a8d495345fdfc976a098e278041e6e137a2eeadc2eaeb7f7ecad7a3439c835a7580b6cee5fcb183417419588e01985005f33014b34833e0d03a7addae43e065085655356176ce7ce3705c5fb72bb28003177ac9a4d5d53ebc1bf1ee745788946d2f17a5eb0c83a126b8f9a5ea262247f298e610adbe7fc18d1caf05dfdba31348f497a5688b9f23ecabc1baa36ad3c89fc33d275dcb564b3a724dc6eca5674ef25af8ed7858687f2cde2a7e1c15ad24e997a9fcb28d3cfc749a58ac3cbc493aa3261a619d936512c5058e55b88fb4b92306055fb21096c6073df1118bc6fb3f1b02d2382134bb22a5ff56f104e4c0f1df1b23f2ac486fc8fed451ada97a433d68025392af0dc916f7df682da93f3af07c4100829a0ca9ae33faf18172cfe13ee1836fd05749753dd38eab6764b26b61965cc92b0070f49e2b7b8380ee7dc8138b5fb3ea5a8b91280e4d9a19b8cc4dd556a8e61ea47c4e18a84bd642da5038d24c41648cecb9d2794e5006dda2113f7dc9cfebec2cb642433839a2e82275ea8a72c1764af42a3fe9955cad50f282a4524193706c2003ecc030b8bef5bbbb0d99f6d5e9f60de00051c5290aff4534c87133c34949f80be90ed4f04139f2660da7e23b2cf7d13ed2382d047bc177eb254501d868ca22a64ee2ecbd5d2cbd18ff7fefaf7cdaa928ff7afa5041b648cefebe2e2beaddb1666ffb72186a32017212103ba63abf17fa791e4f1d4e96058dc6283cce5afbd949706f91c2e00dbc3b99bd363535ff156c06aa1198d2ac807d48223f98e06fc36", 0x6, 0x0, 0x1, {0x3}}, 0x9) sendfile(r1, r0, 0x0, 0x100000001) ioctl$FAT_IOCTL_GET_ATTRIBUTES(0xffffffffffffffff, 0x80047210, &(0x7f0000000040)) 13:22:58 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(0xffffffffffffffff, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r2 = dup(r0) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r2, 0x8936, &(0x7f0000000080)={@local, 0x78, r4}) ioctl$sock_inet6_SIOCDIFADDR(r2, 0x8916, &(0x7f0000000000)={@remote, 0x0, r4}) setsockopt$bt_hci_HCI_DATA_DIR(r2, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r5, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, 0xffffffffffffffff, 0xd2415000) [ 717.825359] ? do_recvmmsg+0x6d0/0x6d0 [ 717.826462] ? lock_downgrade+0x6d0/0x6d0 [ 717.827555] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 717.828910] ___sys_sendmsg+0xf3/0x170 [ 717.829904] ? sendmsg_copy_msghdr+0x160/0x160 [ 717.831077] ? __fget_files+0x2cf/0x520 [ 717.831951] ? lock_downgrade+0x6d0/0x6d0 [ 717.833010] ? find_held_lock+0x2c/0x110 [ 717.833887] ? __fget_files+0x2f8/0x520 [ 717.834909] ? __fget_light+0xea/0x290 [ 717.835750] __sys_sendmsg+0xe5/0x1b0 [ 717.836595] ? __sys_sendmsg_sock+0x40/0x40 [ 717.837519] ? rcu_read_lock_any_held+0x75/0xa0 [ 717.838536] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 717.839644] ? syscall_enter_from_user_mode+0x1d/0x50 [ 717.840736] ? trace_hardirqs_on+0x5b/0x180 [ 717.841655] do_syscall_64+0x33/0x40 [ 717.842443] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 717.843518] RIP: 0033:0x7f38b854eb19 [ 717.844323] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 717.848195] RSP: 002b:00007f38b5ac4188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 717.849795] RAX: ffffffffffffffda RBX: 00007f38b8661f60 RCX: 00007f38b854eb19 [ 717.851289] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 717.852807] RBP: 00007f38b5ac41d0 R08: 0000000000000000 R09: 0000000000000000 [ 717.854310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 717.855803] R13: 00007ffc45a7da1f R14: 00007f38b5ac4300 R15: 0000000000022000 [ 717.871259] FAULT_INJECTION: forcing a failure. [ 717.871259] name failslab, interval 1, probability 0, space 0, times 0 [ 717.873673] CPU: 1 PID: 6713 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 717.875106] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 717.876857] Call Trace: [ 717.877431] dump_stack+0x107/0x167 [ 717.878214] should_fail.cold+0x5/0xa [ 717.879026] ? io_uring_setup+0x258/0x2980 [ 717.879938] should_failslab+0x5/0x20 [ 717.880750] kmem_cache_alloc_trace+0x55/0x320 [ 717.881727] io_uring_setup+0x258/0x2980 [ 717.882597] ? __mutex_unlock_slowpath+0xe1/0x600 [ 717.883622] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 717.884712] ? wait_for_completion_io+0x270/0x270 [ 717.885764] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 717.886875] ? syscall_enter_from_user_mode+0x1d/0x50 [ 717.887998] do_syscall_64+0x33/0x40 [ 717.888788] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 717.889875] RIP: 0033:0x7f943fb71b19 [ 717.890668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 717.894557] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 717.896187] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 717.897701] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 717.899204] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 717.900735] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 717.902255] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:22:59 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x8) [ 717.926891] FAULT_INJECTION: forcing a failure. [ 717.926891] name failslab, interval 1, probability 0, space 0, times 0 [ 717.929149] CPU: 0 PID: 6702 Comm: syz-executor.7 Not tainted 5.10.245 #1 [ 717.930421] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 717.931978] Call Trace: [ 717.932474] dump_stack+0x107/0x167 [ 717.933169] should_fail.cold+0x5/0xa [ 717.933871] ? create_object.isra.0+0x3a/0xa30 [ 717.934713] should_failslab+0x5/0x20 [ 717.935417] kmem_cache_alloc+0x5b/0x310 [ 717.936188] create_object.isra.0+0x3a/0xa30 [ 717.937004] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 717.937951] kmem_cache_alloc+0x159/0x310 [ 717.938720] vm_area_dup+0x78/0x290 [ 717.939401] ? mark_lock+0xf5/0x2df0 [ 717.940106] ? mark_lock+0xf5/0x2df0 [ 717.940802] ? lock_acquire+0x197/0x470 [ 717.941547] ? lock_chain_count+0x20/0x20 [ 717.942323] ? avc_has_perm_noaudit+0x1c9/0x3e0 [ 717.943188] ? lock_downgrade+0x6d0/0x6d0 [ 717.943978] ? lock_chain_count+0x20/0x20 [ 717.944752] ? vm_area_alloc+0x110/0x110 [ 717.945511] ? __lock_acquire+0x1657/0x5b00 [ 717.946331] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 717.947299] ? vmacache_find+0x55/0x2a0 [ 717.948061] __split_vma+0xa8/0x4e0 [ 717.948745] __do_munmap+0xfae/0x1260 [ 717.949460] ? arch_get_unmapped_area+0x450/0x450 [ 717.950357] ? lock_release+0x680/0x680 [ 717.951091] mmap_region+0x7cc/0x1500 [ 717.951804] do_mmap+0x868/0x1370 [ 717.952462] vm_mmap_pgoff+0x198/0x1f0 [ 717.953182] ? randomize_page+0xb0/0xb0 [ 717.953924] ksys_mmap_pgoff+0x41c/0x560 [ 717.954672] ? find_mergeable_anon_vma+0x250/0x250 [ 717.955575] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 717.956544] ? syscall_enter_from_user_mode+0x1d/0x50 [ 717.957494] do_syscall_64+0x33/0x40 [ 717.958178] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 717.959115] RIP: 0033:0x7feb1e919b19 [ 717.959789] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 717.963199] RSP: 002b:00007feb1be8f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 717.964603] RAX: ffffffffffffffda RBX: 00007feb1ea2cf60 RCX: 00007feb1e919b19 [ 717.965920] RDX: 000000000100000e RSI: 0000000000004000 RDI: 0000000020ffc000 [ 717.967223] RBP: 00007feb1be8f1d0 R08: 0000000000000004 R09: 0000000000000000 [ 717.968543] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001 [ 717.969851] R13: 00007ffdbd24bedf R14: 00007feb1be8f300 R15: 0000000000022000 13:22:59 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x24, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x24}}, 0x0) 13:22:59 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x10) [ 718.004405] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. 13:22:59 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1d5401, 0x10) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x86000) sendfile(r1, r0, 0x0, 0x100000001) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000080)={0x0, r2}) setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4) 13:22:59 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) (fail_nth: 8) 13:22:59 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x60) 13:22:59 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 19) [ 718.159069] FAULT_INJECTION: forcing a failure. [ 718.159069] name failslab, interval 1, probability 0, space 0, times 0 [ 718.161112] CPU: 0 PID: 6730 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 718.162270] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 718.163713] Call Trace: [ 718.164162] dump_stack+0x107/0x167 [ 718.164765] should_fail.cold+0x5/0xa [ 718.165386] ? __delayacct_tsk_init+0x1b/0x80 [ 718.166121] should_failslab+0x5/0x20 [ 718.166525] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 718.166737] kmem_cache_alloc+0x5b/0x310 [ 718.166758] __delayacct_tsk_init+0x1b/0x80 [ 718.169673] copy_process+0x3399/0x78b0 [ 718.170338] ? stack_trace_save+0x8c/0xc0 [ 718.171031] ? lock_acquire+0x197/0x470 [ 718.171249] FAULT_INJECTION: forcing a failure. [ 718.171249] name failslab, interval 1, probability 0, space 0, times 0 [ 718.171694] ? io_sq_thread_park+0x79/0xd0 [ 718.171722] ? __cleanup_sighand+0xb0/0xb0 [ 718.175404] ? kernel_text_address+0xf2/0x120 [ 718.176148] ? find_held_lock+0x2c/0x110 [ 718.176807] ? io_uring_setup+0x1c23/0x2980 [ 718.177533] ? lock_downgrade+0x6d0/0x6d0 [ 718.178211] ? io_uring_cancel_generic+0x2b0/0x2b0 [ 718.179024] create_io_thread+0xb6/0xf0 [ 718.179684] ? pidfd_prepare+0x80/0x80 [ 718.180343] ? io_uring_cancel_generic+0x2b0/0x2b0 [ 718.181153] io_uring_setup+0x1d79/0x2980 [ 718.181838] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 718.182655] ? wait_for_completion_io+0x270/0x270 [ 718.183465] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 718.184326] ? syscall_enter_from_user_mode+0x1d/0x50 [ 718.185169] do_syscall_64+0x33/0x40 [ 718.185784] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 718.186628] RIP: 0033:0x7f55e908fb19 [ 718.187221] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 718.190213] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 718.191458] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 718.192616] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 718.193784] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 718.194932] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 718.196096] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:22:59 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 3) [ 718.197272] CPU: 1 PID: 6731 Comm: syz-executor.2 Not tainted 5.10.245 #1 [ 718.199195] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 718.201325] Call Trace: [ 718.202009] dump_stack+0x107/0x167 [ 718.202945] should_fail.cold+0x5/0xa [ 718.203955] ? __alloc_skb+0x6d/0x5b0 [ 718.204944] should_failslab+0x5/0x20 [ 718.205927] kmem_cache_alloc_node+0x55/0x330 [ 718.207087] ? mark_lock+0xf5/0x2df0 [ 718.208077] __alloc_skb+0x6d/0x5b0 [ 718.209003] inet_rtm_getroute+0x904/0x2330 [ 718.210137] ? ipv4_sk_update_pmtu+0xd10/0xd10 [ 718.211124] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 718.212511] ? __lock_acquire+0xbb1/0x5b00 [ 718.213426] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 718.214741] ? mark_lock+0xf5/0x2df0 [ 718.215612] ? ipv4_sk_update_pmtu+0xd10/0xd10 [ 718.216756] rtnetlink_rcv_msg+0x87f/0xbb0 [ 718.217648] ? rtnl_fdb_dump+0xa30/0xa30 [ 718.218673] ? lock_acquire+0x197/0x470 [ 718.219578] ? netlink_deliver_tap+0xf4/0xcc0 [ 718.220695] netlink_rcv_skb+0x14b/0x430 [ 718.221735] ? rtnl_fdb_dump+0xa30/0xa30 [ 718.222768] ? netlink_ack+0xab0/0xab0 [ 718.223753] ? netlink_deliver_tap+0x1ae/0xcc0 [ 718.224715] ? netlink_deliver_tap+0x1c4/0xcc0 [ 718.225669] ? is_vmalloc_addr+0x7b/0xb0 [ 718.226517] netlink_unicast+0x6ce/0xa00 [ 718.227369] ? netlink_attachskb+0xab0/0xab0 [ 718.228321] netlink_sendmsg+0x90f/0xe00 [ 718.229147] ? netlink_unicast+0xa00/0xa00 [ 718.230014] ? netlink_unicast+0xa00/0xa00 [ 718.230868] __sock_sendmsg+0x154/0x190 [ 718.231690] ____sys_sendmsg+0x70d/0x870 [ 718.232526] ? sock_write_iter+0x3d0/0x3d0 [ 718.233383] ? do_recvmmsg+0x6d0/0x6d0 [ 718.233604] FAULT_INJECTION: forcing a failure. [ 718.233604] name failslab, interval 1, probability 0, space 0, times 0 [ 718.234171] ? lock_downgrade+0x6d0/0x6d0 [ 718.234193] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 718.234219] ___sys_sendmsg+0xf3/0x170 [ 718.238543] ? sendmsg_copy_msghdr+0x160/0x160 [ 718.239469] ? __fget_files+0x2cf/0x520 [ 718.240289] ? lock_downgrade+0x6d0/0x6d0 [ 718.241131] ? find_held_lock+0x2c/0x110 [ 718.241964] ? __fget_files+0x2f8/0x520 [ 718.242802] ? __fget_light+0xea/0x290 [ 718.243595] __sys_sendmsg+0xe5/0x1b0 [ 718.244383] ? __sys_sendmsg_sock+0x40/0x40 [ 718.245247] ? rcu_read_lock_any_held+0x75/0xa0 [ 718.246196] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 718.247247] ? syscall_enter_from_user_mode+0x1d/0x50 [ 718.248298] ? trace_hardirqs_on+0x5b/0x180 [ 718.249167] do_syscall_64+0x33/0x40 [ 718.249914] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 718.250957] RIP: 0033:0x7f38b854eb19 [ 718.251727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 718.255439] RSP: 002b:00007f38b5ac4188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 718.256986] RAX: ffffffffffffffda RBX: 00007f38b8661f60 RCX: 00007f38b854eb19 [ 718.258423] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 718.259857] RBP: 00007f38b5ac41d0 R08: 0000000000000000 R09: 0000000000000000 [ 718.261316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 718.262755] R13: 00007ffc45a7da1f R14: 00007f38b5ac4300 R15: 0000000000022000 [ 718.264227] CPU: 0 PID: 6735 Comm: syz-executor.7 Not tainted 5.10.245 #1 [ 718.265240] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 718.266469] Call Trace: [ 718.266862] dump_stack+0x107/0x167 [ 718.267404] should_fail.cold+0x5/0xa [ 718.268003] ? vm_area_alloc+0x1c/0x110 [ 718.268584] should_failslab+0x5/0x20 [ 718.269141] kmem_cache_alloc+0x5b/0x310 [ 718.269743] vm_area_alloc+0x1c/0x110 [ 718.270297] mmap_region+0x982/0x1500 [ 718.270865] do_mmap+0x868/0x1370 [ 718.271378] vm_mmap_pgoff+0x198/0x1f0 [ 718.271964] ? randomize_page+0xb0/0xb0 [ 718.272562] ksys_mmap_pgoff+0x41c/0x560 [ 718.273162] ? find_mergeable_anon_vma+0x250/0x250 [ 718.274027] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 718.274794] ? syscall_enter_from_user_mode+0x1d/0x50 [ 718.275548] do_syscall_64+0x33/0x40 [ 718.276104] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 718.276852] RIP: 0033:0x7feb1e919b19 [ 718.277391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 718.280079] RSP: 002b:00007feb1be8f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 718.281184] RAX: ffffffffffffffda RBX: 00007feb1ea2cf60 RCX: 00007feb1e919b19 [ 718.282224] RDX: 000000000100000e RSI: 0000000000004000 RDI: 0000000020ffc000 [ 718.283262] RBP: 00007feb1be8f1d0 R08: 0000000000000004 R09: 0000000000000000 [ 718.284299] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001 [ 718.285333] R13: 00007ffdbd24bedf R14: 00007feb1be8f300 R15: 0000000000022000 13:22:59 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) (fail_nth: 3) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:22:59 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000080)={0x0, r0}) r1 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r2, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r3 = fcntl$dupfd(r2, 0x406, r1) ioctl$FS_IOC_FIEMAP(r3, 0xc020660b, &(0x7f00000002c0)=ANY=[@ANYBLOB="1f0000000000000002000008000000005500000025000000040000000000000000000000000000008f0d00000000000005000000000000000000000000000000000000000000000086020000000000000000000000000000b30c0000000000000800000000000000060020000000000000000000000000000000000000000000040000000000000000000000000000000100000000000000ff07000000000000ff0900000000000000000000000000000000000000000000020800000000000000000000000005000000000000002b4f000000000000050000000000000000000000000000000000000000000000012800"/256]) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f00000008c0)="b057603a83716950525e4ee8d3098c2535870d1e860882", 0x17}, {&(0x7f0000000900)="68030d5a5ef2f17a027dae2cacdcfea38b232b69ae0839c57e9f060102d06dcb1ba7a62c72c2f5af7fc5459f7b5d87fb295b7eb9a1544a5b34bffa68360455ba04a9cbf624cb4ade5ad38f35b2de2715922add8d871adbf6c240964ce134fa88f7ff85a2bd1f8d1ad10cebfad8fda83114f97ce918bcda714dae044762dd3387275ecc51143fe381245291a8aafa368ae28b40ed55396d2d695380786e4448f3bf679838d3d7", 0xa6}, {&(0x7f00000009c0)="331c5f752ae7b5be202e48a2b7b02b567147a301f8a234c03a873b3645043d948531ed973ca72b6208e7faded607368195df92d073ff82be33132b7653b639dc1f43c47fbbb380a8265b8eb1c96a98f6b6d9e74038003532435db4c47bff11dfa139cf72844feb03fef944fa11079266155d54e56e12ce1069b1a600e7818c1528c0e55f205d9a8cbdd78ed339df97c3ea4b3b8beb373a2523651012f374a9a9a339ab92f6bf5a1cc830063daa2c8f17ea1ec2e8b592830d9038e17db4f3b0bfc8374dcb733a00c13ba5d4aacef34f081909ff8679856eb747", 0xd9}, {&(0x7f0000000ac0)="ca14a15c885108a3b279fcb62b978e7a57f8d3130d32300c60c9546f468626ffb0b4ffcd094ee34c9c5fef9af55c071e45e8ba88a09d455deab14bd2555c63b7a6178a262f5b39cd2412ab615b5c32ec5516a411", 0x54}], 0x4, &(0x7f0000000b80)=[@hopopts={{0x28, 0x29, 0x36, {0x3b, 0x1, '\x00', [@jumbo={0xc2, 0x4, 0xffffffac}, @jumbo={0xc2, 0x4, 0x400}]}}}, @rthdrdstopts={{0xc8, 0x29, 0x37, {0x32, 0x15, '\x00', [@hao={0xc9, 0x10, @remote}, @jumbo={0xc2, 0x4, 0x7f}, @ra={0x5, 0x2, 0x5}, @ra={0x5, 0x2, 0x1f}, @generic={0x7, 0x8d, "b2827b64b14a0d6296110deef864721db351ab59cd37587b115ca8615cdc52b18ffbcfd6de29d35d0f4c6720fad4a584913fd2475bb58bdd498522f92df135477b81c82facbb4b0a9c275e2a238ff82f242f0cc517cb9ee7581ea639fae6eab7797250c6c93a1e383f55a7676718979f7d72154db9855d0d74aec9360055679f26496156f0870df96d7da68122"}]}}}, @hoplimit={{0x14, 0x29, 0x34, 0xdf}}, @hopopts_2292={{0x50, 0x29, 0x36, {0x87, 0x6, '\x00', [@calipso={0x7, 0x30, {0x2, 0xa, 0x3, 0x2, [0x7ff, 0x5, 0x2, 0x8, 0x1]}}]}}}], 0x158}, 0x4001) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r3, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1, {0x1ff}}, './file0\x00'}) connect(0xffffffffffffffff, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2f, &(0x7f0000000880)=0xfffffff8, 0x4) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0) ioctl$FITRIM(r1, 0xc0185879, &(0x7f0000000840)={0x8, 0x81, 0x2}) close_range(r0, 0xffffffffffffffff, 0x2) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r5, 0xffffffffffffffff, 0x0, 0x100000001) readv(r4, &(0x7f0000000780)=[{&(0x7f0000000f00)=""/233, 0xe9}, {&(0x7f0000000140)=""/221, 0xdd}, {&(0x7f0000000dc0)=""/125, 0x7d}, {&(0x7f0000000240)=""/28, 0x1c}, {&(0x7f0000000340)=""/218, 0xda}, {&(0x7f0000000440)=""/216, 0xd8}, {&(0x7f00000006c0)=""/82, 0x52}, {&(0x7f00000005c0)=""/130, 0x82}, {&(0x7f0000000680)=""/22, 0x16}, {&(0x7f0000000e40)=""/154, 0x9a}], 0xa) [ 718.294144] FAULT_INJECTION: forcing a failure. [ 718.294144] name failslab, interval 1, probability 0, space 0, times 0 [ 718.295851] CPU: 0 PID: 6739 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 718.296830] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 718.298023] Call Trace: [ 718.298401] dump_stack+0x107/0x167 [ 718.298927] should_fail.cold+0x5/0xa [ 718.299479] ? create_object.isra.0+0x3a/0xa30 [ 718.300138] should_failslab+0x5/0x20 [ 718.300681] kmem_cache_alloc+0x5b/0x310 [ 718.301281] create_object.isra.0+0x3a/0xa30 [ 718.301917] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 718.302644] kmem_cache_alloc_trace+0x151/0x320 [ 718.303318] io_uring_setup+0x258/0x2980 [ 718.303916] ? __mutex_unlock_slowpath+0xe1/0x600 [ 718.304614] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 718.305343] ? wait_for_completion_io+0x270/0x270 [ 718.306062] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 718.306811] ? syscall_enter_from_user_mode+0x1d/0x50 [ 718.307552] do_syscall_64+0x33/0x40 [ 718.308110] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 718.308833] RIP: 0033:0x7f943fb71b19 [ 718.309361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 718.311992] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 718.313081] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 718.314092] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 718.315112] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 718.316137] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 718.317163] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:22:59 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x300) 13:22:59 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) (fail_nth: 1) [ 718.328820] FAULT_INJECTION: forcing a failure. [ 718.328820] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 718.331369] CPU: 1 PID: 6742 Comm: syz-executor.6 Not tainted 5.10.245 #1 [ 718.332818] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 718.334514] Call Trace: [ 718.335060] dump_stack+0x107/0x167 [ 718.335839] should_fail.cold+0x5/0xa [ 718.336641] _copy_from_user+0x2e/0x1b0 [ 718.337482] __copy_msghdr_from_user+0x91/0x4b0 [ 718.338460] ? __ia32_sys_shutdown+0x80/0x80 [ 718.339369] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 718.340453] ? __lock_acquire+0x1657/0x5b00 [ 718.341364] ? __lock_acquire+0xbb1/0x5b00 [ 718.342235] sendmsg_copy_msghdr+0xa1/0x160 [ 718.343134] ? do_recvmmsg+0x6d0/0x6d0 [ 718.343973] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 718.345044] ? lock_downgrade+0x6d0/0x6d0 [ 718.345931] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 718.347007] ___sys_sendmsg+0xc6/0x170 [ 718.347853] ? sendmsg_copy_msghdr+0x160/0x160 [ 718.348799] ? __fget_files+0x2cf/0x520 [ 718.349647] ? lock_downgrade+0x6d0/0x6d0 [ 718.350509] ? find_held_lock+0x2c/0x110 [ 718.351378] ? __fget_files+0x2f8/0x520 [ 718.352216] ? __fget_light+0xea/0x290 [ 718.353011] __sys_sendmsg+0xe5/0x1b0 [ 718.353792] ? __sys_sendmsg_sock+0x40/0x40 [ 718.354683] ? rcu_read_lock_any_held+0x75/0xa0 [ 718.355625] ? fput_many+0x2f/0x1a0 [ 718.356377] ? ksys_write+0x1a9/0x260 [ 718.357158] ? __ia32_sys_read+0xb0/0xb0 [ 718.357989] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 718.359075] ? syscall_enter_from_user_mode+0x1d/0x50 [ 718.360167] ? trace_hardirqs_on+0x5b/0x180 [ 718.361045] do_syscall_64+0x33/0x40 [ 718.361826] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 718.362872] RIP: 0033:0x7f536cf98b19 [ 718.363628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 718.367390] RSP: 002b:00007f536a50e188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 718.368989] RAX: ffffffffffffffda RBX: 00007f536d0abf60 RCX: 00007f536cf98b19 [ 718.370501] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 718.372016] RBP: 00007f536a50e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 718.373527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 718.375032] R13: 00007ffca9282e9f R14: 00007f536a50e300 R15: 0000000000022000 13:22:59 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 4) 13:22:59 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x40400, 0x0) r2 = syz_open_dev$rtc(&(0x7f00000000c0), 0x0, 0x81000) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) r4 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r7 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r7, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) syz_io_uring_submit(0x0, r6, &(0x7f0000001880)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x1, 0x0, 0x3b, 0x3, &(0x7f00000017c0)="884718bf6bff23f1dae92247791d98c7f96b6e14b17d0153740d2277d9ca7074173800741e7dbfdbfce94ea92c609623e828aa42576f47a3f6044980c8c295c9e582e4243bf5dfd6b23a6a14ca3826e7f5010a52ad18f7fd6a2187d28266a2003cad547f366fc5bcb30a52a0bd5cbc3f4b1c918155ebea7d23261975621757081eb22857bb6de1085df584e8e183a17f2d27da5bc3452d2188c27152c673fdb50276fd996e72a5ef5bab4e6b06f519fed6c97b35024a27bd4c7c33e873958b", 0x54, 0x0, 0x1}, 0x10000) openat(0xffffffffffffff9c, &(0x7f0000001680)='./file0\x00', 0x400542, 0x6) connect(r7, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) fcntl$dupfd(r7, 0x406, r4) syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x2, 0x0, @fd_index=0x1, 0x0, 0x0}, 0x0) r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r4, 0x0) syz_io_uring_submit(r8, r6, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) syz_io_uring_submit(0x0, r6, &(0x7f00000014c0)=@IORING_OP_WRITEV={0x2, 0x3, 0x0, @fd=r2, 0x6ea, &(0x7f0000001600)=[{&(0x7f00000016c0)="aeab9e0f1c88f6ab2e9ced8c127bc87fadf16c34585b2201fe1f409bf59f26ae2daa949599a4d79b978bdb0e85576e1da1ffc18b446a1afc39b1b6698758dfface6b438f9a10ab295a7cd3cb137ff53b517637415d6089447095479ad22f461249db49cfed9a02837ecc548945d787606687554d3cc5642c9aa1b782ecb72e51c2358a663f77b020a35247e69294f542e819fb68d4d07420efc873d20cf862933f343374ee8a3319708ffd6166a1bc27c86aa3e9482ad32a16742610c6dfb6a064ca10853fdb86dac270a9dd533c45a2fb", 0xd1}, {&(0x7f0000000200)="abd7c2ca305fbf9f75e1139b79d28242ed01d4174f8d6f9f834fd247f878cfdcbb155ded5f2581dcac79d18d6107b2764a9d575eec49d0a31c7212b7ec610f4a7beb97287646eb5f54a3c6f69c06436f2e202d50a5", 0x55}, {&(0x7f00000002c0)="9b349cd37f1eb7d4bfd44c0b81d6ad038d1ebbe13b55516ce512a172784b0d5ecae33431ac5d671266793a7f866ac83aec0e549bbfe2b60988b9151522b91a6993ff207b5ac55d11ff99564d8e1af3b2b36867808f8bb6621254900313f3bf5ebce69e19083ca7da2c09b1cf59e2a8ee4efaac8ce1658c11b68d55d12e63763d080d4dca32657e94cadf114012dd0da3e3885d17edfebc4a8c8b0fe15e8cd0a45d99edf87a0b4150e8950b9e20e7c799feea566b4f5bd0d6c9464e05d04c2404efb456332d9038bb6d63c0eb17fbc779cc30c04417ceb2c77fd9cb08bf01a5da6c4d2de79f193e4019d8c268182fa8b0e1a0283f0cb86c49c7e832459c4366700f387681eeb7c5e90b784ba814e27c38caf7d8fefd4a65c081111dd3c00fcfc7f876f5f65a8e8937f8d1af4cca751c9d1a57b5653a97ca822601d71f0564223cfd9bb9f2abdc6aadb4b75502a13534e3e940f18db0b2208012fdb996e984ba1a0a228608805016facc2d50cab4c95c47b69be16c844bcb41ebd7320c4b2caebb6e4436fe0319a6ea713fd2c66675fe486c4f2097a67b356b2fcd628f0c6767527b6be9c39e424bf90ff1b8aa83160ebc5c8cebb02d057181c799b6aff167ce592df32c3e854bc3a4a73d673ecd441e31fd5247966860042645a07d307b155d2d1a895889afbab8fbf15204e27de5116bb923ed92b2b09f7e1b9fb385d8c20dfbec264323551c0d172189b363a45be3db5223d3ef5371f9b2ebdf8f9b35838200879c3ed076cd2721d5defe7df841ec7b41ca0457fd0d05d4d44f2f9c969b19380f2c0ea2c64ae1456ebd294e66f0c376e0c49256f9ee4b99cde207fb57e75fd018861470ac6787df545e093b6d97874839c603c15dd1bdfb0c6da0c816c227272bebcd8ec9ec5e32ba2556b87714679bc9c2dff6e1b9222fa38754f57f81de91488dca7a5c038d3405851bf0aa00191bbbe2ec784f54a45e4da0f4cb9d4374caa3faa5f3ecd4e09e8a79680f9199561c54da7f0ea3125c7a32fd0f95a24381273f4b1c7afce6f5cf0557e1900e88b940b678a046886b0444870034626f4d8a6f05a71b689df3008713273ed36ca05b0be64292937e26f2d75d6f8e84afc960d38fa95701808b2c6716abcba796fdfd4f3148e1569f2994a6fba1e7bd7e9e1c58c86fb2a3703b4d1ead97b848cb3e4bfad9376c1b5a3293a82ea003c592cc61d3af5645800dbed85711198a1cded41f29c7f08412ba122808f17232c94a3c5e80bf2ebc5e50e709b5cdbcba6b3e325f427ee0500825936f843392455c1c9a50653683b58ad24b66d6e7f98af62ab364c8d23a1b7a2d7c839f32be1c0475651a233e42eb6cc8654f708c9e6ba894fa8a2b6685662a3eb816cb76bd85b33c4054c4608ad982274afcceb905c3760aa08cee7660e2c2f63151249d67e7edf776db34ac9f3c3f88d36514353fabb7797d0ae6fbf058486d0f75c721c9d62f3b3bf989ff128018de42cb9a15c5ad5bc8cefb5d25d73fbf6285b1720794dc47bcf42a17d889d29011572585f9ff8464a29009d67cb601645310ba69bd601c900ad93a37211d5ac137684ab432e103a82175a7b4f7834699f10771c436a1b5c0a060d4a7c606c0fadfe234fde7f0f02b0b36b8a04bc385ba6c55bbdd05fd585106586b6e6f8d82175206d9dd415de1ab4de0113029c8d9ae791ee434b9eff4e2dd8a847c4ee6aac8e2b45cd8fe3bf98a9bfdad54e94204483e85615cde2c67816abc21b516341330179debd1f1cc75fdc7a4db1e864080ba3c497aa0560efb42f8e931d57c41da3ec6836557aab85891ee1191971798178b932d32b2b52a0b48faed48ade0a0e3441d4ead00408ad968c891584e647f21242a3abcfd98255a509f4af53ba842513ba55755b7c9e925ebcf7634e19079cf5afc169cac862e62f3b22cff0e7e971e9f585398cd90fb34893066e5207ab3b0d9e72a40a824c066b2728148365e4e84c6241e6e887002494cbe9daf05f0a75c602473892f9ecead6fc9288f800ffd67f6f5b9746974bd462490515244a6dba9dd4ae5af077e44227377afb4c0866e49e76d5275f64d440bd2b6fdb44b6dd2f865da0abd4d4b310544c6fa7e6d82a5a05530473b2f189997a5b4caffa096673c39c486211e6336299297180911a13cca5305a320619ae00526f65cb1040f97bc08ba4a239715c6bccef70934cfd90205e0f0e29ebe5120d3a0428519af3246cb22fd331923bdc63e16a81d56b8d93d02486e270976035b9c64f02b386c9b8b05486df77bf21fb0d61c61abaae180ccb8582e612bd2ec31e6db71bc13fafed6e08cafcd1bb997672b6fc52af0e432fbcb8e1bb3c5556dd11c2e816ddf6e0d9e0de64cd690761c4d490640e9b4888fc2376eb849f9822f233350ffd3fe0c371161ba06b02331c9914e51feca897461019ce046959ae1e981ec44e81e64ab43cd073befdf16ac970304ab328aa57b512dcdd8470e08a43d3b5d117b7f9ac931085f0cabec25402c71ea9dfe1f396e2e197e8e409d63637c45e27673a84833da7bea4371ead7d9518ec3e3b07ad9ffebba5f9ebd172322d30e5158cba45d1e12de4a4466523e7ceab8a23e5c643a2fe34676e2bfe8050bf033c305ba833bddf959f73e92e9c85f85fe9e944d2201b5ae76c9cbccd24e25aa7842c52df342c17998574b866014e0fcf77ae1c9b969f39be21bfeda5dce5c4370d0f3011d795463541ff6c9d8b05d7bc822bb7877a988b05fd9b23ea18d595f4138197c75ca44015f1c338454f67fb19216e57dffe27ca356b0b90e9f7db42dfe1b7fb7e3ea032711da840b863dbea24f345ec53155c2f9c8942c595e6786aee14fc348e2909522ae8ef24cd13ea772ebab27390b00aac798ff55c61f559afe72967aee5163df49d7f6c974efa4e1a89fb85a252769cfa224625895e7e1251d5d6179e065c646d2e4203aa97a656e53d95318534912e0c4b2337a8ca1815715825e56085b05d0971f7f3a68e10769421ac65b1ec495dd19c3adfde1b34b62408a2495f0ff26104d6a7f8415ef6a63ec674639ce62c31cc37f79472e241f6501d097bd66e3699c3a66041831f4818b228287781158d65291669c8e1ed24eb4b8172d12e7b1e34413b5a746aab994ac0a365e9ac526564b11b9b84a95af27e2b1976e87a190f9e05284e260872a58141b586ee0a9a7c71dfef3a0f637d0dcab90be7eb5cca59f626006afe003e9d484d4f8e78facfd6a1f575a1c463c45536dcaa63caafa371737bb28530606e9511f2b4cc3944478c5c5e0e6b83d5e0ed18d6395e3a17989d2ad9ca95f5237ac9379282209940485e11774a0bc6848b21ea3aab0eace97ee1343e824bfde66b1e2aec8001f5c7541ca33ea16adbfd8cc4484ae2490390466f7705904071ee8b98d9cf1036dd50fcaff12cbad093c9b38113e723dc011de2c80d5fa0ec3df9a6da10a1da30ef421a1134ce2b149c401370071bfe68842fc4d35cfac89a42f77e631d3b357ab7a35e86791bbdd807319f8de3f244cfc8c8d07e8d0e368053eaba99024da2b7937410a8495c36d82bdbd55869c85ec4c6ffd22fc2b711eea69cee82d5773b279f62c762d4fc13ab9ed82904234c60c12630476426b7f748ea19b32c505ffe08bbaa9dcb4ba8d6be262a5839d7e1d47cb7b772f7becd7bb6ac3c39bcc73dd97f4a9d2ce4ccb7631d6b8b09f32425a77e55176941b04c6029308398659918e55d723d99798dadce87a86febc4be0215e7a0eadd921130be0df22af7caded23667eb6606d369994bc5c9c05c9deabf9527c4e3bd611d2f6ebe7b3b701a76517c555145af00c44882d8950811bc4b78c7bf916502772aa6b62ecb1a509a0428c8542a607922b4f92598686e2c248715ed7ec9c7a5cf9b4fc3a619663845ccba66b86cbee5124ac4f5cb03462cb0e91f472e8df1baaa7bffbc886b4b23ee1a91e0d645dc8d3758e910eac083b1c9de66ea0c560a810ba4104698163a6163d4d6b25a7d78a5ac1532537bf2350c215769c6d682c4ba3bd063f70cc698cfe98b9d78b2775233f4d7ae077b1a293a0475d315b4dc14e7230acd12512d9a18523063a4107924fe0b4735ee248cf4d8df42337cb00d25bf0ce53032fee80704fdb772de5f2bf86729e02f9c31e3d30800a11820607f740321bd243f30e9448994206ce02e681d41cee8572b2543065d6a451150293ec026d34f468470cf00163c98cb7acd76f581a5a5cc01921c47dea8d4e661cbf460cfe02845399776f3f6f5f3a74ccadfb66796ec4610577fdcf75c2cf08677c64f76f261ebb133c4aa104d52b3402660a812ef68a70458c88ebb2b0a08fa64f61aafea22117363d24ee6cf0503d1a1bfa490fa2761e85dd9b5c8556629a67b135df722aa5bc2b756bcde0e6efa216a5a937cf388174c12e89bf129b1da523fb2498206bbe98cae17f8bc1f8ba0fab527a377cc2f2e78b13946ae4b9e9134ca40b08924c33e7ed83e4011392f304c385aaae0fab5cbfe59293030ecdf9bff8606aee025f76bd6486e2d9fdf3e7a976b0dac58dfe91041aacbe337bdb9c7eb4545d15ef20b48806bb8db7be6733a7ed256c849a4810dde2ce0aad4d43ebeb31ba8548792e663d9f3cd1412bd7b0b4e5d320b442989740b0367d381d1b598cf11ae9d2774b64af49b82ffe76dada945e7bd75503b4ae4c4463bd6666bb62a72e19b731f3d862ec5cf632918bf43c26d14c56f3d54d357a9ebc20e737de4e2829b6955742c39eb1801c401fb851fdcd2032a086031f7a016c60d836db72db618bf5c053df8e3449fb76e0c7a0bcb92a0a80c3f80daefdcd45d31c9c28a7665bd40cfa8af2bec75c68eeb9aba731250fbb242e66cae6716ba711d4a6168a2f616cf0d04e6c16eacc8b4f1f929bc7a585e66e84a93b7c40ee6f071a82205a2543f638ff4cf639d0b616f34d43568216de8546a43dca627f97d1d5091aabe29ffea8bf815d52ee4b40cb623e5988c570d0def041f7e77c27295bdc6c514b3c5ab7bbdc1453cf15dc8b4f447f167b24e95c7372ee06c0fdbe1703791d05a3c8efdc284a7d458af81df65835652030f3720e7e9d72d18c4f987c0e21741d1fd95b59e6185955f65aa1cff20dfb904772521ad6251d0fc50625a4297eebb5e28759644a842a10ac21da8e3eb601dc0c07a7ddc89676ee4a69ff79d683619378414b607a6b2bc29b2ec6330a6ac2898d79e48177cf55092d68dd4c39034b3f010acb8dc0f003a1916fa29de012deb58d062d45061628a087ed8aacfa140e322db96dc8800b06a414fa150bcfef92db7adb6ad195716f7c0ee9215bc9aa5e32fd40966283904f3789fe4a6d1ab5d61cad9fe66284536e9008afad30d35f664c278284693148df43565d398cb03db66a4533e5d06796a2a1516019f6370d77fbf218a29db1d188de277485c4d29130dc6dd670dc0295ce188d9bd5ffc463e2b3641bdea3c903e5ecfff38c38b8df629ff4cf8e402c06cc9cee8d9b5206704619aba0fe4335bff7955a29b66e5c587d628fbd1cb7e021da2dc45b6e1ff1fb1c67986eaed5f77fc86ac7ac555c700815ed88b4671dadd05f0110d1a965f02b51fa67dba10d370d2697cdcc1a5d6879230391fed8ecc0617706c00b710efdb949b9276867b83bc769072fbc368522dbdcafeee7e478494404145312c75bdeec8bbb82e1373edd90fc613ad5458a4a83560664224f5187b1f6191dfb69f17eef5beda6dc01535354a1daa6f27b3880f2f10214cc076bd7b5f21bc0964b", 0x1000}, {&(0x7f00000012c0)="c0d6c46b77dc0866e299db21172fea8551ce7d08f627e3550e5240a60b5699dbacdcbe0dd4199c84f22106d8dba06202bc6b78d5ebbd940afbcd68271ce8152530aedc4e874a1d41599bb2cb19ea968587c13d95fd72b624c5b7921940bae77a5d202b7f9a45025e676425e151c754571c4c5b0a7d2d73695155b96029647de42534c7e30d4e350726555bb1a09b73ecbb986cbaf67832551ceb9ef37043db542f068bea632270ea7124289a99afc5ff9656c1ce46304fb2b6b3702e360d09846e54f039475fe474069f42", 0xcb}, {&(0x7f00000013c0)="c5a07518356662ae0e329a29ca17227f8d95c3571030b010428a538889bf984a045ca4e8f3d32108697bf528c8319e764d8e241ebc81958876de5a0715d5a11b9826a63bb12e3c0c4d78e2f083fc7ce0da48b74e0e136b79b7328c98518b14260b70f7597ca570596c0a14fbd1b409af00c94ee4edfd3f1c05744d522aa1b3cd25cb8f76e2c21feee0c0e2abfbcbc250f80e8079d9df32ae443e02ed2b17dd134b1856caf69c5c9cdad176f4fffbe1152a370a806739ae4630595550484698e143e0841a0455243a5401a314e3f604a60cb9", 0xfffffffffffffea0}, {&(0x7f0000000100)="6bfd2c3729ea93155461cc9b59b7bec3a8a243434b17357f96b98babe2672ec46fa43daf171c7d60c68aa6151ec071f6095857f53043761670ec", 0x3a}, {&(0x7f0000001500)="179addf4d6749abb35ca67f5e4758bf8b1995456e81c7071b9901394face96034e16cc515b8c5ccfd38224e4ffb7c1512a3d1205a1fadecd7af2ad19dd31800723e2291ce96d199c4ad91dc6c986c764314e1c715e64f22bae4caa94ba7d9215675e9e357df9c3ad0de5bbed4ded89a1f1cb62b1f56816d2f78f0de9764a4798e6a253e15a9f2855c25abdcc12fbacd649dcfe81cf07160452914394366e77eef7f515d8cbb5f821cdf37dcddb9c4417e7a2835553f643502c26be78652eae06748f61698b9f417bae9d56dffce19b2c937b43fc36deb450fde07c90560e4947f979e23d5deda5a1aaaf3d16d15d0ee2c72fc238419c17a7006cd5dd89", 0xfd}], 0x7, 0x7, 0x0, {0x0, r3}}, 0x768b00) fcntl$getownex(r1, 0x10, &(0x7f0000000080)) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r9, r0, 0x0, 0x100000001) [ 718.440997] FAULT_INJECTION: forcing a failure. [ 718.440997] name failslab, interval 1, probability 0, space 0, times 0 [ 718.442521] CPU: 0 PID: 6751 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 718.443420] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 718.444527] Call Trace: [ 718.444876] dump_stack+0x107/0x167 [ 718.445354] should_fail.cold+0x5/0xa [ 718.445864] ? io_uring_setup+0x33c/0x2980 [ 718.446418] should_failslab+0x5/0x20 [ 718.446932] __kmalloc+0x72/0x390 [ 718.447387] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 718.448068] io_uring_setup+0x33c/0x2980 [ 718.448601] ? __mutex_unlock_slowpath+0xe1/0x600 [ 718.449240] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 718.449898] ? wait_for_completion_io+0x270/0x270 [ 718.450545] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 718.451229] ? syscall_enter_from_user_mode+0x1d/0x50 [ 718.451917] do_syscall_64+0x33/0x40 [ 718.452407] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 718.453070] RIP: 0033:0x7f943fb71b19 [ 718.453549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 718.455980] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 718.456970] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 718.457898] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 718.458820] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 718.459739] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 718.460674] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:22:59 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x500) [ 731.435494] FAULT_INJECTION: forcing a failure. [ 731.435494] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 731.438002] CPU: 1 PID: 6765 Comm: syz-executor.6 Not tainted 5.10.245 #1 [ 731.439476] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 731.441230] Call Trace: [ 731.441809] dump_stack+0x107/0x167 [ 731.442595] should_fail.cold+0x5/0xa [ 731.443420] _copy_from_user+0x2e/0x1b0 [ 731.444286] iovec_from_user+0x141/0x400 [ 731.445163] __import_iovec+0x67/0x590 [ 731.445998] ? __ia32_sys_shutdown+0x80/0x80 [ 731.446942] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 731.448084] import_iovec+0x83/0xb0 [ 731.448873] sendmsg_copy_msghdr+0x131/0x160 [ 731.449816] ? do_recvmmsg+0x6d0/0x6d0 [ 731.450654] ? lock_downgrade+0x6d0/0x6d0 [ 731.451544] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 731.452687] ___sys_sendmsg+0xc6/0x170 [ 731.453523] ? sendmsg_copy_msghdr+0x160/0x160 [ 731.454508] ? __fget_files+0x2cf/0x520 [ 731.455356] ? lock_downgrade+0x6d0/0x6d0 [ 731.456253] ? find_held_lock+0x2c/0x110 [ 731.456893] FAULT_INJECTION: forcing a failure. [ 731.456893] name failslab, interval 1, probability 0, space 0, times 0 [ 731.457127] ? __fget_files+0x2f8/0x520 [ 731.460342] ? __fget_light+0xea/0x290 [ 731.461180] __sys_sendmsg+0xe5/0x1b0 [ 731.461994] ? __sys_sendmsg_sock+0x40/0x40 [ 731.462913] ? rcu_read_lock_any_held+0x75/0xa0 [ 731.463912] ? fput_many+0x2f/0x1a0 [ 731.464689] ? ksys_write+0x1a9/0x260 [ 731.465505] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 731.466626] ? syscall_enter_from_user_mode+0x1d/0x50 [ 731.467727] ? trace_hardirqs_on+0x5b/0x180 [ 731.468661] do_syscall_64+0x33/0x40 [ 731.469457] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 731.470553] RIP: 0033:0x7f536cf98b19 [ 731.471349] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 731.475313] RSP: 002b:00007f536a50e188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 731.476957] RAX: ffffffffffffffda RBX: 00007f536d0abf60 RCX: 00007f536cf98b19 [ 731.478486] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 731.480029] RBP: 00007f536a50e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 731.481558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 731.483086] R13: 00007ffca9282e9f R14: 00007f536a50e300 R15: 0000000000022000 [ 731.484653] CPU: 0 PID: 6770 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 731.486132] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 731.487939] Call Trace: [ 731.488512] dump_stack+0x107/0x167 [ 731.489311] should_fail.cold+0x5/0xa [ 731.490127] ? create_object.isra.0+0x3a/0xa30 [ 731.491119] should_failslab+0x5/0x20 [ 731.491954] kmem_cache_alloc+0x5b/0x310 13:23:12 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) (fail_nth: 9) 13:23:12 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x600) 13:23:12 executing program 3: ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000140)=ANY=[@ANYBLOB="010000220100000018000000397d9fc5a242010000bc905f3170bb2a1491538a62770fb768c6618e2c93dee68f3b35db5899536a9b12a1eec7378123f7413dc1ef5fc8fa5aef0322d1debbbef9ebbf2e29b17567620afbea7153eb22cb52df1a132f8d7388e4bbd734ca1599f5be4629e6d7dc62c5201b0e7096178db5daa367dceb31b7d752a78aa008abad9f80c6b14a7cbd809d62f4f112fb7614b6", @ANYRES32=0xffffffffffffffff, @ANYBLOB="3f000000030000002e2f66696c653000"]) ioctl$TIOCGISO7816(r0, 0x80285442, &(0x7f0000000080)) r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x22e002, 0x1d9) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r2, r1, 0x0, 0x100000001) lchown(&(0x7f0000000040)='./file0\x00', 0x0, 0xee01) r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TIOCGICOUNT(r3, 0x545d, 0x0) r4 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r5, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r5, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r6 = fcntl$dupfd(r5, 0x406, r4) ioctl$FS_IOC_FIEMAP(r6, 0xc020660b, &(0x7f00000002c0)={0x1f, 0x2, 0x1, 0x25, 0x4, [{0x0, 0xd8f, 0x5, '\x00', 0x86}, {0xcb3, 0x8, 0x6, '\x00', 0x4}, {0x0, 0x7ff, 0x9ff, '\x00', 0x802}, {0x5, 0x4f2b, 0x5, '\x00', 0x2801}]}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r4, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r6, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r4, {0x1ff}}, './file0\x00'}) ioctl$TIOCMIWAIT(r6, 0x545c, 0x0) 13:23:12 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 20) 13:23:12 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) (fail_nth: 2) 13:23:12 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 5) 13:23:12 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) (fail_nth: 4) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:23:12 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(0xffffffffffffffff, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r0 = socket$inet6_udplite(0xa, 0x2, 0x88) r1 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r2 = dup(r0) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r2, 0x8936, &(0x7f0000000080)={@local, 0x78, r4}) ioctl$sock_inet6_SIOCDIFADDR(r2, 0x8916, &(0x7f0000000000)={@remote, 0x0, r4}) setsockopt$bt_hci_HCI_DATA_DIR(r2, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r5, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, 0xffffffffffffffff, 0xd2415000) [ 731.492851] create_object.isra.0+0x3a/0xa30 [ 731.492866] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 731.492887] __kmalloc+0x16e/0x390 [ 731.492911] io_uring_setup+0x33c/0x2980 [ 731.492929] ? __mutex_unlock_slowpath+0xe1/0x600 [ 731.492950] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 731.492964] ? wait_for_completion_io+0x270/0x270 [ 731.493002] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 731.493020] ? syscall_enter_from_user_mode+0x1d/0x50 [ 731.493040] do_syscall_64+0x33/0x40 [ 731.493058] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 731.493068] RIP: 0033:0x7f943fb71b19 [ 731.493083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 13:23:12 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x700) 13:23:12 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) (fail_nth: 10) 13:23:12 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 21) [ 731.493093] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 731.493110] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 731.493120] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d 13:23:12 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) (fail_nth: 5) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) [ 731.493130] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 731.493139] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 731.493149] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 731.497493] FAULT_INJECTION: forcing a failure. [ 731.497493] name failslab, interval 1, probability 0, space 0, times 0 13:23:12 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) (fail_nth: 3) [ 731.497510] CPU: 1 PID: 6775 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 731.497518] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 731.497523] Call Trace: [ 731.497548] dump_stack+0x107/0x167 [ 731.497568] should_fail.cold+0x5/0xa [ 731.497586] ? create_object.isra.0+0x3a/0xa30 [ 731.497602] should_failslab+0x5/0x20 [ 731.497618] kmem_cache_alloc+0x5b/0x310 [ 731.497640] create_object.isra.0+0x3a/0xa30 [ 731.497655] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 13:23:12 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x4000) [ 731.497677] kmem_cache_alloc+0x159/0x310 [ 731.497700] __delayacct_tsk_init+0x1b/0x80 [ 731.497718] copy_process+0x3399/0x78b0 [ 731.497742] ? stack_trace_save+0x8c/0xc0 [ 731.497764] ? lock_acquire+0x197/0x470 [ 731.497779] ? io_sq_thread_park+0x79/0xd0 [ 731.497805] ? __cleanup_sighand+0xb0/0xb0 [ 731.497822] ? kernel_text_address+0xf2/0x120 [ 731.497844] ? find_held_lock+0x2c/0x110 [ 731.497866] ? io_uring_setup+0x1c23/0x2980 [ 731.497883] ? lock_downgrade+0x6d0/0x6d0 [ 731.497904] ? io_uring_cancel_generic+0x2b0/0x2b0 [ 731.497921] create_io_thread+0xb6/0xf0 [ 731.497937] ? pidfd_prepare+0x80/0x80 [ 731.497960] ? io_uring_cancel_generic+0x2b0/0x2b0 [ 731.497992] io_uring_setup+0x1d79/0x2980 [ 731.498017] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 731.498030] ? wait_for_completion_io+0x270/0x270 [ 731.498067] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 731.498085] ? syscall_enter_from_user_mode+0x1d/0x50 [ 731.498105] do_syscall_64+0x33/0x40 [ 731.498122] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 731.498133] RIP: 0033:0x7f55e908fb19 [ 731.498150] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 731.498159] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 731.498178] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 731.498188] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 731.498198] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 731.498208] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 731.498218] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 731.501955] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 731.501982] FAULT_INJECTION: forcing a failure. [ 731.501982] name failslab, interval 1, probability 0, space 0, times 0 [ 731.501998] CPU: 1 PID: 6773 Comm: syz-executor.2 Not tainted 5.10.245 #1 [ 731.502006] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 731.502011] Call Trace: [ 731.502029] dump_stack+0x107/0x167 [ 731.502049] should_fail.cold+0x5/0xa [ 731.502067] ? create_object.isra.0+0x3a/0xa30 [ 731.502082] should_failslab+0x5/0x20 [ 731.502099] kmem_cache_alloc+0x5b/0x310 [ 731.502122] create_object.isra.0+0x3a/0xa30 [ 731.502137] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 731.502161] kmem_cache_alloc_node+0x169/0x330 [ 731.502176] ? mark_lock+0xf5/0x2df0 [ 731.502199] __alloc_skb+0x6d/0x5b0 [ 731.502223] inet_rtm_getroute+0x904/0x2330 [ 731.502254] ? ipv4_sk_update_pmtu+0xd10/0xd10 [ 731.502271] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 731.502294] ? __lock_acquire+0xbb1/0x5b00 [ 731.502336] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 731.502353] ? mark_lock+0xf5/0x2df0 [ 731.502408] ? ipv4_sk_update_pmtu+0xd10/0xd10 [ 731.502427] rtnetlink_rcv_msg+0x87f/0xbb0 [ 731.502447] ? rtnl_fdb_dump+0xa30/0xa30 [ 731.502471] ? lock_acquire+0x197/0x470 [ 731.502489] ? netlink_deliver_tap+0xf4/0xcc0 [ 731.502513] netlink_rcv_skb+0x14b/0x430 [ 731.502531] ? rtnl_fdb_dump+0xa30/0xa30 [ 731.502549] ? netlink_ack+0xab0/0xab0 [ 731.502564] ? netlink_deliver_tap+0x1ae/0xcc0 [ 731.502587] ? netlink_deliver_tap+0x1c4/0xcc0 [ 731.502605] ? is_vmalloc_addr+0x7b/0xb0 [ 731.502627] netlink_unicast+0x6ce/0xa00 [ 731.502650] ? netlink_attachskb+0xab0/0xab0 [ 731.502678] netlink_sendmsg+0x90f/0xe00 [ 731.502702] ? netlink_unicast+0xa00/0xa00 [ 731.502729] ? netlink_unicast+0xa00/0xa00 [ 731.502747] __sock_sendmsg+0x154/0x190 [ 731.502766] ____sys_sendmsg+0x70d/0x870 [ 731.502787] ? sock_write_iter+0x3d0/0x3d0 [ 731.502803] ? do_recvmmsg+0x6d0/0x6d0 [ 731.502825] ? lock_downgrade+0x6d0/0x6d0 [ 731.502846] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 731.502870] ___sys_sendmsg+0xf3/0x170 [ 731.502892] ? sendmsg_copy_msghdr+0x160/0x160 [ 731.502913] ? __fget_files+0x2cf/0x520 [ 731.502931] ? lock_downgrade+0x6d0/0x6d0 [ 731.502949] ? find_held_lock+0x2c/0x110 [ 731.502976] ? __fget_files+0x2f8/0x520 [ 731.503001] ? __fget_light+0xea/0x290 [ 731.503027] __sys_sendmsg+0xe5/0x1b0 [ 731.503046] ? __sys_sendmsg_sock+0x40/0x40 [ 731.503063] ? rcu_read_lock_any_held+0x75/0xa0 [ 731.503096] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 731.503114] ? syscall_enter_from_user_mode+0x1d/0x50 [ 731.503129] ? trace_hardirqs_on+0x5b/0x180 [ 731.503148] do_syscall_64+0x33/0x40 [ 731.503166] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 731.503177] RIP: 0033:0x7f38b854eb19 [ 731.503193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 731.503203] RSP: 002b:00007f38b5ac4188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 731.503221] RAX: ffffffffffffffda RBX: 00007f38b8661f60 RCX: 00007f38b854eb19 [ 731.503231] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 731.503241] RBP: 00007f38b5ac41d0 R08: 0000000000000000 R09: 0000000000000000 [ 731.503250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 731.503260] R13: 00007ffc45a7da1f R14: 00007f38b5ac4300 R15: 0000000000022000 [ 731.557815] FAULT_INJECTION: forcing a failure. [ 731.557815] name failslab, interval 1, probability 0, space 0, times 0 [ 731.557836] CPU: 0 PID: 6764 Comm: syz-executor.7 Not tainted 5.10.245 #1 [ 731.557845] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 731.557851] Call Trace: [ 731.557881] dump_stack+0x107/0x167 [ 731.557902] should_fail.cold+0x5/0xa [ 731.557923] ? create_object.isra.0+0x3a/0xa30 [ 731.557939] should_failslab+0x5/0x20 [ 731.557957] kmem_cache_alloc+0x5b/0x310 [ 731.557981] create_object.isra.0+0x3a/0xa30 [ 731.557996] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 731.558020] kmem_cache_alloc+0x159/0x310 [ 731.558045] vm_area_alloc+0x1c/0x110 [ 731.558061] mmap_region+0x982/0x1500 [ 731.558093] do_mmap+0x868/0x1370 [ 731.558119] vm_mmap_pgoff+0x198/0x1f0 [ 731.558142] ? randomize_page+0xb0/0xb0 [ 731.558173] ksys_mmap_pgoff+0x41c/0x560 [ 731.558193] ? find_mergeable_anon_vma+0x250/0x250 [ 731.558217] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 731.558237] ? syscall_enter_from_user_mode+0x1d/0x50 [ 731.558258] do_syscall_64+0x33/0x40 [ 731.558277] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 731.558289] RIP: 0033:0x7feb1e919b19 [ 731.558306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 731.558316] RSP: 002b:00007feb1be8f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 731.558335] RAX: ffffffffffffffda RBX: 00007feb1ea2cf60 RCX: 00007feb1e919b19 [ 731.558345] RDX: 000000000100000e RSI: 0000000000004000 RDI: 0000000020ffc000 [ 731.558355] RBP: 00007feb1be8f1d0 R08: 0000000000000004 R09: 0000000000000000 [ 731.558365] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001 [ 731.558375] R13: 00007ffdbd24bedf R14: 00007feb1be8f300 R15: 0000000000022000 [ 731.650513] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 731.650555] FAULT_INJECTION: forcing a failure. [ 731.650555] name failslab, interval 1, probability 0, space 0, times 0 [ 731.650572] CPU: 1 PID: 6786 Comm: syz-executor.2 Not tainted 5.10.245 #1 [ 731.650581] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 731.650587] Call Trace: [ 731.650619] dump_stack+0x107/0x167 [ 731.650639] should_fail.cold+0x5/0xa [ 731.650661] should_failslab+0x5/0x20 [ 731.650680] __kmalloc_node_track_caller+0x74/0x3b0 [ 731.650698] ? inet_rtm_getroute+0x904/0x2330 [ 731.650715] ? mark_lock+0xf5/0x2df0 [ 731.650739] __alloc_skb+0xb1/0x5b0 [ 731.650762] inet_rtm_getroute+0x904/0x2330 [ 731.650792] ? ipv4_sk_update_pmtu+0xd10/0xd10 [ 731.650811] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 731.650834] ? __lock_acquire+0xbb1/0x5b00 [ 731.650868] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 731.650885] ? mark_lock+0xf5/0x2df0 [ 731.650944] ? ipv4_sk_update_pmtu+0xd10/0xd10 [ 731.650963] rtnetlink_rcv_msg+0x87f/0xbb0 [ 731.650983] ? rtnl_fdb_dump+0xa30/0xa30 [ 731.651007] ? lock_acquire+0x197/0x470 [ 731.651024] ? netlink_deliver_tap+0xf4/0xcc0 [ 731.651047] netlink_rcv_skb+0x14b/0x430 [ 731.651065] ? rtnl_fdb_dump+0xa30/0xa30 [ 731.651084] ? netlink_ack+0xab0/0xab0 [ 731.651099] ? netlink_deliver_tap+0x1ae/0xcc0 [ 731.651122] ? netlink_deliver_tap+0x1c4/0xcc0 [ 731.651139] ? is_vmalloc_addr+0x7b/0xb0 [ 731.651162] netlink_unicast+0x6ce/0xa00 [ 731.651184] ? netlink_attachskb+0xab0/0xab0 [ 731.651212] netlink_sendmsg+0x90f/0xe00 [ 731.651235] ? netlink_unicast+0xa00/0xa00 [ 731.651263] ? netlink_unicast+0xa00/0xa00 [ 731.651282] __sock_sendmsg+0x154/0x190 [ 731.651301] ____sys_sendmsg+0x70d/0x870 [ 731.651322] ? sock_write_iter+0x3d0/0x3d0 [ 731.651338] ? do_recvmmsg+0x6d0/0x6d0 [ 731.651360] ? lock_downgrade+0x6d0/0x6d0 [ 731.651382] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 731.651406] ___sys_sendmsg+0xf3/0x170 [ 731.651427] ? sendmsg_copy_msghdr+0x160/0x160 [ 731.651449] ? __fget_files+0x2cf/0x520 [ 731.651467] ? lock_downgrade+0x6d0/0x6d0 [ 731.651486] ? find_held_lock+0x2c/0x110 [ 731.651513] ? __fget_files+0x2f8/0x520 [ 731.651538] ? __fget_light+0xea/0x290 [ 731.651564] __sys_sendmsg+0xe5/0x1b0 [ 731.651583] ? __sys_sendmsg_sock+0x40/0x40 [ 731.651600] ? rcu_read_lock_any_held+0x75/0xa0 [ 731.651634] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 731.651653] ? syscall_enter_from_user_mode+0x1d/0x50 [ 731.651668] ? trace_hardirqs_on+0x5b/0x180 [ 731.651688] do_syscall_64+0x33/0x40 [ 731.651706] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 731.651718] RIP: 0033:0x7f38b854eb19 [ 731.651734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 731.651744] RSP: 002b:00007f38b5ac4188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 731.651763] RAX: ffffffffffffffda RBX: 00007f38b8661f60 RCX: 00007f38b854eb19 [ 731.651773] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 731.651783] RBP: 00007f38b5ac41d0 R08: 0000000000000000 R09: 0000000000000000 [ 731.651793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 731.651803] R13: 00007ffc45a7da1f R14: 00007f38b5ac4300 R15: 0000000000022000 [ 731.654098] FAULT_INJECTION: forcing a failure. [ 731.654098] name failslab, interval 1, probability 0, space 0, times 0 [ 731.654140] CPU: 1 PID: 6787 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 731.654149] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 731.654154] Call Trace: [ 731.654172] dump_stack+0x107/0x167 [ 731.654191] should_fail.cold+0x5/0xa [ 731.654211] ? alloc_pid+0xd7/0xd30 [ 731.654226] should_failslab+0x5/0x20 [ 731.654243] kmem_cache_alloc+0x5b/0x310 [ 731.654265] alloc_pid+0xd7/0xd30 [ 731.654286] ? copy_namespaces+0x1ca/0x4f0 [ 731.654307] copy_process+0x3b8b/0x78b0 [ 731.654332] ? stack_trace_save+0x8c/0xc0 [ 731.654368] ? __cleanup_sighand+0xb0/0xb0 [ 731.654384] ? kernel_text_address+0xf2/0x120 [ 731.654406] ? find_held_lock+0x2c/0x110 [ 731.654431] ? io_uring_setup+0x1c23/0x2980 [ 731.654448] ? lock_downgrade+0x6d0/0x6d0 [ 731.654469] ? io_uring_cancel_generic+0x2b0/0x2b0 [ 731.654487] create_io_thread+0xb6/0xf0 [ 731.654503] ? pidfd_prepare+0x80/0x80 [ 731.654526] ? io_uring_cancel_generic+0x2b0/0x2b0 [ 731.654558] io_uring_setup+0x1d79/0x2980 [ 731.654583] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 731.654598] ? wait_for_completion_io+0x270/0x270 [ 731.654635] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 731.654653] ? syscall_enter_from_user_mode+0x1d/0x50 [ 731.654673] do_syscall_64+0x33/0x40 [ 731.654691] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 731.654702] RIP: 0033:0x7f55e908fb19 [ 731.654718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 731.654727] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 731.654746] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 731.654756] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 731.654766] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 731.654776] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 731.654786] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 731.711416] FAULT_INJECTION: forcing a failure. [ 731.711416] name failslab, interval 1, probability 0, space 0, times 0 [ 731.711436] CPU: 0 PID: 6790 Comm: syz-executor.7 Not tainted 5.10.245 #1 [ 731.711445] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 731.711451] Call Trace: [ 731.711474] dump_stack+0x107/0x167 [ 731.711495] should_fail.cold+0x5/0xa [ 731.711515] ? perf_event_mmap+0x51a/0xd90 [ 731.711532] should_failslab+0x5/0x20 [ 731.711550] kmem_cache_alloc_trace+0x55/0x320 [ 731.711574] perf_event_mmap+0x51a/0xd90 [ 731.711598] ? perf_event_namespaces+0x50/0x50 [ 731.711630] ? vma_link+0x619/0x820 [ 731.711654] mmap_region+0x3a6/0x1500 [ 731.711685] do_mmap+0x868/0x1370 [ 731.711712] vm_mmap_pgoff+0x198/0x1f0 [ 731.711735] ? randomize_page+0xb0/0xb0 [ 731.711766] ksys_mmap_pgoff+0x41c/0x560 [ 731.711786] ? find_mergeable_anon_vma+0x250/0x250 [ 731.711810] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 731.711844] ? syscall_enter_from_user_mode+0x1d/0x50 [ 731.711865] do_syscall_64+0x33/0x40 [ 731.711890] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 731.711902] RIP: 0033:0x7feb1e919b19 [ 731.711923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 731.711933] RSP: 002b:00007feb1be8f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 731.711952] RAX: ffffffffffffffda RBX: 00007feb1ea2cf60 RCX: 00007feb1e919b19 [ 731.711963] RDX: 000000000100000e RSI: 0000000000004000 RDI: 0000000020ffc000 [ 731.711980] RBP: 00007feb1be8f1d0 R08: 0000000000000004 R09: 0000000000000000 [ 731.809953] FAULT_INJECTION: forcing a failure. [ 731.809953] name failslab, interval 1, probability 0, space 0, times 0 [ 731.810994] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001 [ 731.811005] R13: 00007ffdbd24bedf R14: 00007feb1be8f300 R15: 0000000000022000 [ 732.004717] CPU: 1 PID: 6794 Comm: syz-executor.6 Not tainted 5.10.245 #1 [ 732.004727] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 732.004732] Call Trace: [ 732.004759] dump_stack+0x107/0x167 [ 732.004779] should_fail.cold+0x5/0xa [ 732.004800] ? __alloc_skb+0x6d/0x5b0 [ 732.004818] should_failslab+0x5/0x20 [ 732.004837] kmem_cache_alloc_node+0x55/0x330 [ 732.004860] __alloc_skb+0x6d/0x5b0 [ 732.004890] netlink_sendmsg+0x998/0xe00 [ 732.004915] ? netlink_unicast+0xa00/0xa00 [ 732.004942] ? netlink_unicast+0xa00/0xa00 [ 732.004961] __sock_sendmsg+0x154/0x190 [ 732.004981] ____sys_sendmsg+0x70d/0x870 [ 732.005002] ? sock_write_iter+0x3d0/0x3d0 [ 732.005019] ? do_recvmmsg+0x6d0/0x6d0 [ 732.005043] ? lock_downgrade+0x6d0/0x6d0 [ 732.005064] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 732.005088] ___sys_sendmsg+0xf3/0x170 [ 732.005110] ? sendmsg_copy_msghdr+0x160/0x160 [ 732.005132] ? __fget_files+0x2cf/0x520 [ 732.005150] ? lock_downgrade+0x6d0/0x6d0 [ 732.005168] ? find_held_lock+0x2c/0x110 [ 732.005196] ? __fget_files+0x2f8/0x520 [ 732.005221] ? __fget_light+0xea/0x290 [ 732.005247] __sys_sendmsg+0xe5/0x1b0 [ 732.005266] ? __sys_sendmsg_sock+0x40/0x40 [ 732.005284] ? rcu_read_lock_any_held+0x75/0xa0 [ 732.005318] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 732.005337] ? syscall_enter_from_user_mode+0x1d/0x50 [ 732.005352] ? trace_hardirqs_on+0x5b/0x180 [ 732.005372] do_syscall_64+0x33/0x40 [ 732.005390] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 732.005402] RIP: 0033:0x7f536cf98b19 [ 732.005419] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 732.005429] RSP: 002b:00007f536a50e188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 732.005449] RAX: ffffffffffffffda RBX: 00007f536d0abf60 RCX: 00007f536cf98b19 [ 732.005459] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 732.005469] RBP: 00007f536a50e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 732.005479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 732.005489] R13: 00007ffca9282e9f R14: 00007f536a50e300 R15: 0000000000022000 13:23:27 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) (fail_nth: 4) 13:23:27 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f0000000080)={0x2, 0x80, 0x3, 0x40, 0x2f, 0x20, 0x0, 0x80000001, 0x44c, 0x8, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x2, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x40, 0x1, @perf_bp={&(0x7f0000000040), 0x4}, 0x0, 0x4, 0x0, 0x1, 0x3, 0x2, 0x639a, 0x0, 0x8, 0x0, 0x6}, 0xffffffffffffffff, 0x0, r0, 0x1) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r2, r0, 0x0, 0x100000001) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2000000, 0x40110, r0, 0x10000000) syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x3) r4 = gettid() process_vm_readv(r4, &(0x7f0000001a40), 0x0, 0x0, 0x0, 0x0) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r5, 0xc028660f, &(0x7f0000000080)={0x0, r5}) perf_event_open(&(0x7f0000001540)={0x2, 0x80, 0x4, 0x7f, 0x5, 0x94, 0x0, 0x3, 0x10400, 0x8, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x8, 0x0, @perf_bp={&(0x7f0000001500)}, 0x415d5, 0x1000, 0x7, 0x4, 0x28, 0x4, 0x1ff, 0x0, 0x55d0, 0x0, 0x4}, r4, 0xf, r5, 0xb) writev(r1, &(0x7f0000001480)=[{&(0x7f00000002c0)="338fc9a4a2a893c81240dae9c8573bb388d5fa903af4c63a26e6d1ecc35f2c42f90874e437e08b8093599ba46817ddcddc0e52729df4ef126cd83e976f7da819af108f0664d9c0f329f64fb6d241bdba9888ee1de03476915149aa43aff252c82db5adb8b36114ac280d6f7b08fa0a5ed763589e54aa1bd7f097e4dc990eb36de8065df57150f3a26be3344e9cf5c9a6c5d16b38213053c5ac822f77519624b92c5d2ecc84d90ca7bc50aac5381fe48e1b7a8a0a6913b693af9dacf4a65143ea6065b7f49e90b8be3ddd0ecd9ac7e761a5b331314183584c0f7d64e420d11489e4008ff9866998ada04023e587bacf50436ec66e1d4674d2961f1933c3d0243acd47e8fb2b86622cf0bd5ede5d22ada88ae9d0583481e4e6c8c0ebd34e4ed4291a9cd347adb369cba31cd6c406712b605dc6b3df94d672212c7a09be145c9111919cdc83a91aa40b009adbdd7c8fe822fb4379666f271da441cc1392ffbd870150c281adf29c74151cede320958714fd54fc2fb9af70274539cb1fadea3c7393fbc95a25751e751ff7b88eba1755db1c831716e7318919895cd1b71d1fc61760bba73dc7f5b864d34f75d5606a879a0fecc5d1b647a37deb2d7a7a697443cbf5afbfd912cee4fb9e534bfe34f588f4a999d95f41d51027ec7f48625dad6bc0f6d45f3dcbd1ee5c2005939e8a1823821678466774a39efce8c5fa1b9628fa15653a6b9191a2cdcc5f7c381b77bdd5c80a1f12e9f4dad7d6c5b8e6824eae6e7c4691e6fe619c7e3621dd66173479ae6b8e6dd179fb936ece88f592e87e59e75e37982be12f439dd80b0b501231957502ecac3e178d88d5f521c7665219ff47501cb2c4e81b0f03f030e51bb6dbea3b700fd64b52bca2b8d79bfbeed9a780c1ca0e06c9e067993af0ba9fd46f87c4c8094fa24e3bf81a6430e1f83650fe38c06e8a2d131e7ac1f17d4280ac888a5edd81b0e9aac41dfb6b4ab51df9b98553bd4fc8c4997e85185b4fa5f89cf583647ea2a258085e2ebce9bbec3537279843a8f6dcb0f6cfd191c9b392cfb397fe53761185c840975ffb25b308a3350aef213ddcae74a612eb4eaf45b83970bf53b50c8931e0c476fba559617bfc282dc2c800c02970d6068885929513a2c7b31d1596d022fac3183fe5f4ca469e424b38068d38508ffccbff642b1c6fc818776f382837a2a55e9aff75b76f6f2a2484d601baafd03394394314eb01e6df2544af3cadefda05821c1d9cf3e9b8f0d0ef0429be648bacaa92006f0b837ab7d2b2e018ab2127d4b9a8753e0b5c1d35a99384e356d99aec7fd2e512be6f307bd314cd8d20e26acea6798da2de96be0f933f8847e5ded1726b58b6ba708166a301194e0c68bba4c4f4522df53fa18870174ae0bfd7129d6cb32dd34c3109b3a5c4f23fed1ec47af3c7de005aaa520f6487d0b7c56bd7cd2c05088c1760f8027e78967576bb4cc874465d598fcb9a7233b3d93396810139f1b9d644e0a0f8b4c7fb5d224bbcaa5903cf17dc99ac7e155c04256188d68ca581378ee92e4115d0d93ccc645b89a4b096f6716e9d6113e169e3af9f6a4e8d720d37f03ccc4117eca8459c41accac4cee31d89131beab0bacc6174f31eb9f481c004e3b99bd314c71f080568b3954cd25d25a5256e3e94790ca0510cc777e2b952b6e8eb121716676d48da29f9e64285d8040d5aba08e03796ceed1314dd3d942eb6c18890920e7cdac56e29c3b7f5b51dc527fa6f920b7d557da8990fd777c16da55ceb68e6fa405de09f0ea8c827b4eca8ab48377c1302e9f5c22bff5ca9f28e11419ff2d8edd3bbed112f94461bc177f12203f8611516fb37fde933c6831162f2cb76b4de71930f29373db139245a414fe8932e9c8c2eecef93a1cb42995b50d2a0a8a54c3f4ec8f40378d79a5b55e619968a0ee14ab905e42ceda137371857a8e2c01ee2194c52283665abf37f6d36843295962ebd1315d60865426df335a5eaa60fa6b1fe52827f7e8a89efdbee44d844c9ad661ab2096b410bf5ebe5dbce28240a508aad5c9284108a34ff198818ecb55da38286408cf11fdce3a9b7761a12472145bceebf5dda7d2ac104b742174bd45e7b7a4aff4cc9ca98e72843a15fafc59706f30cc34f075dc04530ff4c7a151b9af7c40330eaf064836582631433be8ebe06a7ad8ed5fdc2504ce2c67798079fe37d8897fd66fb76581572188e2ccfa8dd747ac8b91715850a52ee6a4806b420c0b55566e1aa5909f715c3d6900d6f2234c4384f31f2df2e81c090bc8c222ed2fb52f85ba4d598abc9e4af67885aeea6aeea07e4c8329b5aa3a9ee00ab5eb402718bb9554d002c5ccde6ad2c70270cc812368ee2840f73f95321edc6f604bcc63fbb25c65b57a7e0076016945d26d3c1720ac336f4efd6d09c959a9c7cd24096c26b646c164041237ad8c27127bf0829829fba6f2e862833cca6a8779a94a426630cf677ba21d1cd9ce4b5857847fb046f328f416a0852317d2e34faa0c704d434d59a6c1964a013253728ea510263012eb10e2c7178c5195e6aa7083c18401948c6e7df445cc311d62e8977f52e5a9030768c0571c2d4243a100a27355354ca176f7ff71d36bfaf94e2caafd8ee62a088a6b096c3c24a68b2c03c78c339b9b75ab1d73a3927b50a2ede69824a9e64cdc4d440cb1791e6c83f0fff70de7a7df19f10ff1ddfff2f858d6a2dff629e292ab64ffd4c6576386a0e060b086ebf0f9ff7aec2bcce73a314c495ba4816c9a5656c8bfb738e505a20b8a1bc6b7a76bc5dd054547c3bd91bc472d4ccb2f424b400b5a585b1bf3f77a6cf6e582fa8abf29ebfb05cce84058f8d75399add1d843ab3cd140b48f93a9f5c578bc0a3ca518bc4b2d64c424bd6495e2769130fc9c8eb0f25be83f7fe9d742a482451b0033eb8c1a4b1384fb86298a1fd07211d224f60625e05b5a73c1fdaedd3dae6cc8e4102b80baac18b513b8d6d0c6354ac86e419ebd00b7c4346259480f4c5e1162aee09fc984daae080b426cdcd342350ab81c777be015e660f37e9065611a5e11b523e484b4d6b3d3112083fddb2288d9dae225a6619d9b934f5843ad77cd5760517beeae00cb6def7be802f7fd2dd9b15dee244642ffef4afada225d45552476b459ba1b865e79f4827fb2404680845c5681c6b47d7381caed633bf6e60d47810a826268c6efad3b2eb9b458d7d9bc957b47405d44e93e1ddf7fee2af62ff91e2da4b7a6ff2da679fa11ba6bc6d201dca9d13fece760c413121a6e5f3c1068fe20a5fae7b892b993740c1ee030a96796f0c683b605e2067d5e1956448a57fbbb2c775c36f547d70c90eed77d288605e13894672eb9beb2b93a46d0b9b405ef4738bb94dc16a7796a7e739b9b81cb033198def37aea6791b5946ce8538753c6069ec9a103ea6e1a2c3d349c034df899a1075e26ebed752dd0006374250e8da5ee1f1783acae610f6eff4a4191ca12cad6468b8479191a37aa0412732efbb4aa0d5cf953cf53c69371b65b8d1033dd79de6d0126075f830ff312fef3b3304d8e7bf435abb7b47f5181cde5bc1299b6037173ad3dd7689ba6049ea55a94c9885098866546cb4970b6254810bc2776aaa165a873fb7066a6568b7fac2d34878d89a9386fae35222f3481a4de618b9bf74fab4970b1453003bead9aee6905d5c3a3e2462aa28ebbd2da56c646f0b9de3829c40ed7a43d77a9d77aa696a4403922c2bb09f4df94838de3702dc029575ae5028bd5f9bdf0c446276331c1281de09cdb372d14e94e9e6f5327ef1e7cb8c59935fafca4ff915f34e1ec19dc11c9a1aab17dc122eee188062a4188d7343a5a4946142fadd49454629571c847499defdb8579b6e6550953b72232ec70ff566130cf6229c47543e53a2796f056b0ee2a81ff3ef24185eade0366211396eccee5c917596e19dc0d55500290da019333efe11664fd624b4ea2d68b11fc919d47b29349be86aaab89bb28cbb0ff7a6e017cab2165bf629f81ced0aad90b31ec73b50bd9e03b0f242bb8b3fa21f4e0c54788e3884a3dbbd97834ed3edd574f3740df82591f399677f767f9f0a9c6a471f6d9d7465768b67e935b1e13d18c50f27b123aff6c9c39d1c6f55790f58a8c2f5577b3e32321d0d166838de99b6f50a168c74823dbfda0caff3094dcb14145530700c154526258dbe4e9363172dae1593a4fb79bfa12285198a04abf64886990e84049908ecfc489eb4bddcd13f553d2cb68e31d1e48ba613f60f57cb6afc4c476aa37376e3bdac85fa1ff6664cb8c5a0ee6b432f69d292d73500bd3669497cbfb5c8ba73660e1c68a6e64bf01eb2ba35d56aab76ce071db6468da709f246fb0990c6ca096a7da7a0f505eaa720c8c8a91eef6798e66e579ef14dec3bdc7fef52cb14387de15d6c6e89b0a35b807b1035efd8c54fbf76b834213dae1dd72b1e3f0c9302adf748051b1682e1f38ca82cbf8a18b4cfecb6436d549a1a9938db9958a08abe437dc4a6f03f629e945d3ec07cb5cb75f3ca3d326117a422b7489d866872c6b3a79f6a02f86d20aeb930841ff313f3a85532a0686538eb0a0e8098f31825d0272a5eef1cce52683baed34b1b0ebdd42c576887db54e3163310ed51d71b358342a3a2331f8ff9ec42d5bc51c7d9a0fd03234032b6c279483eb8040ed460bb9a831f4297c0ab5798a5d6c4dc8c22644929fd6d435862afd03d6774924c99338ec247e43358b3f2b8b0d6d0013b621c9dbdeda5b1d2e5f4987e59ad8bd6aa523de356bcffcc057f27b0fe754b4cddaf5d8ace5f7f1e41c38adab0fc99ae4f33013e1425e32ba36189efcde7f1ff9a69412eea18a201a1cea23df1eb328844893c2e10c616ae5f5b5e48aa4c57a2d5a85e28c1f46f06627b7e04bde36992390aed5018ce87d5b5afea91f82b3c1194609757a74107e979770c2b4b2377a38d9088581fe1998a9e171a2923d490bfa43bd5c6f0edfc0c8b24cb7894569640728afc075e74759e448cc1b0ea06f8686390b8c0017dafe3139846b756ea128238e5b5432949cdf00455dd606b6719a1795c34592542c7b14bb0038fed5d5deb1126fd5216fab5e20c208ca17dbdb1be0228645fa7d28a464fc249831ad21d49a6058f13a0aa5236cd05eafecb12722cc516956c4c284fd702053d5d1947f20a01a569d0f1dd7be7c4270e7af863b7cf84badf770d1c439a71300992e114e2fa9060344a9868c042f6a6b84a5eb9b3dca634f0d5157e1db49fad479a242a3baa6eeae1db091e60dd90121eda8538f39f8212d03d0f8f87bcf6f35e0869234a7c1e2762454fef4722fffb5900b7f350362da5455845d62407de3832b361fe6de8602efa1843b594ec4beec25fd6d31712f63effefd19ca7d7b5e8af78f8878c60da2a4360606b7fa850334700e7da0a05962b8e0b76cab13329f05febe0035a31c74a835fb8155e9603b4ecb16238786ca9e55254ba9ed50ac522549d8ecf94cdf4866a0702dbf219403b041f406c9af6e9a409b353d26014b01643a302d9e7d3e75f9ab5aee4e9fb2f9aaa1421f6d4146e4bcf673e3535de96946576ef8aaf5003127c265c4074f68c2ae1df63e34f45162d1d22f0493aa5368e2412f7e9905e2fe4184792154b2234c75d461070761859cc74af3b893ca2a01aeccfd71fe742d38351e463f3bb2a1e7fe22bef5b23e4e65f554c5ef1f0e8f0a2384aebea7c95bf6ad4551e5b8583623d80dcffb9a14391be57bb0db3bcf667caf27f433f66501de48e18be59715c87a07aa7a4349920c07181eaa167", 0x1000}, {&(0x7f0000000140)="5d5f92235e7e97961e83aeec1055504a431a83bf70c3ff6d9c11744cb421eaba", 0x20}, {&(0x7f0000000180)="08f879ebf6a5edb1c9303c1a9686d23ea38737f85dad476c85b2be06b287f25b0952efd3dc9fe732fc21c3656a8d76ae0a1b7a602f1cb9bff7769634ab322998717fe2e53b6c9ee661f31741fe2236e233a049b178677223f9e687c3b9d5adfcb2802cf64ba640becc428007aa218cf0246a165575c451646fe1ec4e28712477", 0x80}, {&(0x7f0000000200)="78bec39c658cb67001c9af94e5328eee6cfcb2fb5e00a68d2d5a2712c33fd256b3451baaedb51e34e68ea9ed96049ec723cab03fead43b102530aad7a5063b63102d729a60d96d904c0986a578b836dee863ed219ea84616674fe5a8e4cbeeb1b74723b6d0dae88a54f4795d17867495ab3cdb76c88410173388", 0x7a}, {&(0x7f00000012c0)="812d58232e67b5542ae0a16cd87c2f02541f0b6f2af595bf4d7007f10345ffcbc52fe71122a10da7d8055a0f3af987da35135785fe6aaa5dfdae54ec56c97956b2654d41abb27b72d5560c9ae897e48cd1eaeb8bcb8ec1588437fddd6352bfc4b2c86d3e38e36f74feecffc7ffbdf5ed694d77169a545993902d57", 0x7b}, {&(0x7f0000001340)="c58fc90c3dfdb50f79004859dc1be9d285466d6217e9c48e2bdb9ac19507962f26836fe2def27f78d9579f759c19573b0775a78f176ce0633d9a37efc36b75b3bbe48094fdf607e2f7d1ff1f5e44ec8ef0e7157d54bddca221d5e9160f3166f6557c979f79b16cb4d18491637034e63110973fefd397169c7014c2cad17bf72dc34801020a5416113094240a9479700959f7352371e9e28522c208e6d70937cbfc7242ba702853b80e5318bfcd8e927eeda4005e4fa783a48bae0f2dfd7a6c998bab38b3aaeda48218976d52fe9f30704d39c67565bbdebc27c727f641c6691518ed854ad5e131b8408b89c151", 0xed}, {&(0x7f0000001440)="90634ce9c1cbeb7f4ff427bcf2b24ef118fe40582053b6828655b45492c1bf939ccfab446d6c196fcf7176de8d884e136bf7c5504752", 0x36}], 0x7) open_tree(r0, &(0x7f00000015c0)='./file1\x00', 0x80) [ 746.807388] FAULT_INJECTION: forcing a failure. [ 746.807388] name failslab, interval 1, probability 0, space 0, times 0 [ 746.810004] CPU: 1 PID: 6816 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 746.811547] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 746.813419] Call Trace: [ 746.814018] dump_stack+0x107/0x167 [ 746.814841] should_fail.cold+0x5/0xa [ 746.815704] ? create_object.isra.0+0x3a/0xa30 [ 746.816738] should_failslab+0x5/0x20 [ 746.817595] kmem_cache_alloc+0x5b/0x310 [ 746.818508] create_object.isra.0+0x3a/0xa30 [ 746.819501] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 746.820654] kmem_cache_alloc+0x159/0x310 [ 746.821593] alloc_pid+0xd7/0xd30 [ 746.822379] ? copy_namespaces+0x1ca/0x4f0 [ 746.822723] FAULT_INJECTION: forcing a failure. [ 746.822723] name failslab, interval 1, probability 0, space 0, times 0 [ 746.823322] copy_process+0x3b8b/0x78b0 [ 746.823360] ? stack_trace_save+0x8c/0xc0 [ 746.827523] ? __cleanup_sighand+0xb0/0xb0 [ 746.828479] ? kernel_text_address+0xf2/0x120 [ 746.829489] ? find_held_lock+0x2c/0x110 [ 746.830403] ? io_uring_setup+0x1c23/0x2980 [ 746.831368] ? lock_downgrade+0x6d0/0x6d0 [ 746.832310] ? io_uring_cancel_generic+0x2b0/0x2b0 [ 746.833409] create_io_thread+0xb6/0xf0 [ 746.834306] ? pidfd_prepare+0x80/0x80 [ 746.835183] ? io_uring_cancel_generic+0x2b0/0x2b0 [ 746.836309] io_uring_setup+0x1d79/0x2980 [ 746.837246] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 746.838380] ? wait_for_completion_io+0x270/0x270 [ 746.839487] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 746.840679] ? syscall_enter_from_user_mode+0x1d/0x50 [ 746.841839] do_syscall_64+0x33/0x40 [ 746.842676] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 746.843822] RIP: 0033:0x7f55e908fb19 [ 746.844668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 746.848800] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 746.850502] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 746.852108] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 746.853703] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 746.855301] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 746.856904] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 746.858537] CPU: 0 PID: 6817 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 746.860010] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 746.861785] Call Trace: [ 746.862356] dump_stack+0x107/0x167 [ 746.862449] FAULT_INJECTION: forcing a failure. [ 746.862449] name failslab, interval 1, probability 0, space 0, times 0 [ 746.863132] should_fail.cold+0x5/0xa [ 746.863155] ? io_uring_setup+0x40b/0x2980 [ 746.863174] should_failslab+0x5/0x20 [ 746.863202] kmem_cache_alloc_trace+0x55/0x320 [ 746.869049] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 746.870124] io_uring_setup+0x40b/0x2980 [ 746.870986] ? __mutex_unlock_slowpath+0xe1/0x600 [ 746.872022] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 746.873084] ? wait_for_completion_io+0x270/0x270 [ 746.874124] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 746.875234] ? syscall_enter_from_user_mode+0x1d/0x50 [ 746.876333] do_syscall_64+0x33/0x40 [ 746.877122] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 746.878201] RIP: 0033:0x7f943fb71b19 [ 746.878983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 746.882877] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 746.884487] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 746.885993] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 746.887497] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 746.889012] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 746.890505] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 746.892052] CPU: 1 PID: 6804 Comm: syz-executor.6 Not tainted 5.10.245 #1 [ 746.893605] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 746.894656] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 746.895460] Call Trace: [ 746.895492] dump_stack+0x107/0x167 [ 746.895521] should_fail.cold+0x5/0xa [ 746.899290] ? create_object.isra.0+0x3a/0xa30 [ 746.900329] should_failslab+0x5/0x20 [ 746.901186] kmem_cache_alloc+0x5b/0x310 [ 746.901688] FAULT_INJECTION: forcing a failure. [ 746.901688] name failslab, interval 1, probability 0, space 0, times 0 [ 746.902100] create_object.isra.0+0x3a/0xa30 [ 746.902118] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 746.902146] kmem_cache_alloc_node+0x169/0x330 [ 746.907543] __alloc_skb+0x6d/0x5b0 [ 746.908372] netlink_sendmsg+0x998/0xe00 [ 746.909287] ? netlink_unicast+0xa00/0xa00 [ 746.910244] ? netlink_unicast+0xa00/0xa00 [ 746.911190] __sock_sendmsg+0x154/0x190 [ 746.912088] ____sys_sendmsg+0x70d/0x870 [ 746.912997] ? sock_write_iter+0x3d0/0x3d0 [ 746.913938] ? do_recvmmsg+0x6d0/0x6d0 [ 746.914811] ? lock_downgrade+0x6d0/0x6d0 [ 746.915738] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 746.916922] ___sys_sendmsg+0xf3/0x170 [ 746.917793] ? sendmsg_copy_msghdr+0x160/0x160 [ 746.918819] ? __fget_files+0x2cf/0x520 [ 746.919704] ? lock_downgrade+0x6d0/0x6d0 [ 746.920640] ? find_held_lock+0x2c/0x110 [ 746.921559] ? __fget_files+0x2f8/0x520 [ 746.922452] ? __fget_light+0xea/0x290 [ 746.923329] __sys_sendmsg+0xe5/0x1b0 [ 746.924195] ? __sys_sendmsg_sock+0x40/0x40 [ 746.925154] ? rcu_read_lock_any_held+0x75/0xa0 [ 746.926208] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 746.927377] ? syscall_enter_from_user_mode+0x1d/0x50 [ 746.928533] ? trace_hardirqs_on+0x5b/0x180 [ 746.929497] do_syscall_64+0x33/0x40 [ 746.930330] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 746.931472] RIP: 0033:0x7f536cf98b19 [ 746.932311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 746.936419] RSP: 002b:00007f536a50e188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 746.938125] RAX: ffffffffffffffda RBX: 00007f536d0abf60 RCX: 00007f536cf98b19 [ 746.939717] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 746.941333] RBP: 00007f536a50e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 746.942927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 746.944533] R13: 00007ffca9282e9f R14: 00007f536a50e300 R15: 0000000000022000 [ 746.946159] CPU: 0 PID: 6819 Comm: syz-executor.2 Not tainted 5.10.245 #1 [ 746.947653] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 746.949411] Call Trace: [ 746.949978] dump_stack+0x107/0x167 [ 746.950743] should_fail.cold+0x5/0xa [ 746.951550] ? create_object.isra.0+0x3a/0xa30 [ 746.952517] should_failslab+0x5/0x20 [ 746.953329] kmem_cache_alloc+0x5b/0x310 [ 746.954192] create_object.isra.0+0x3a/0xa30 [ 746.955116] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 746.956209] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 746.957277] ? inet_rtm_getroute+0x904/0x2330 [ 746.958217] ? mark_lock+0xf5/0x2df0 [ 746.959011] __alloc_skb+0xb1/0x5b0 [ 746.959786] inet_rtm_getroute+0x904/0x2330 [ 746.960716] ? ipv4_sk_update_pmtu+0xd10/0xd10 [ 746.961683] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 746.962817] ? __lock_acquire+0xbb1/0x5b00 [ 746.963727] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 746.964841] ? mark_lock+0xf5/0x2df0 [ 746.965661] ? ipv4_sk_update_pmtu+0xd10/0xd10 [ 746.966624] rtnetlink_rcv_msg+0x87f/0xbb0 [ 746.967514] ? rtnl_fdb_dump+0xa30/0xa30 [ 746.968389] ? lock_acquire+0x197/0x470 [ 746.969222] ? netlink_deliver_tap+0xf4/0xcc0 [ 746.970174] netlink_rcv_skb+0x14b/0x430 [ 746.971028] ? rtnl_fdb_dump+0xa30/0xa30 [ 746.971892] ? netlink_ack+0xab0/0xab0 [ 746.972707] ? netlink_deliver_tap+0x1ae/0xcc0 [ 746.973676] ? netlink_deliver_tap+0x1c4/0xcc0 [ 746.974635] ? is_vmalloc_addr+0x7b/0xb0 [ 746.975502] netlink_unicast+0x6ce/0xa00 [ 746.976369] ? netlink_attachskb+0xab0/0xab0 [ 746.977302] netlink_sendmsg+0x90f/0xe00 [ 746.978162] ? netlink_unicast+0xa00/0xa00 [ 746.979066] ? netlink_unicast+0xa00/0xa00 [ 746.979970] __sock_sendmsg+0x154/0x190 [ 746.980818] ____sys_sendmsg+0x70d/0x870 [ 746.981676] ? sock_write_iter+0x3d0/0x3d0 [ 746.982567] ? do_recvmmsg+0x6d0/0x6d0 [ 746.983393] ? lock_downgrade+0x6d0/0x6d0 [ 746.984287] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 746.985394] ___sys_sendmsg+0xf3/0x170 [ 746.986222] ? sendmsg_copy_msghdr+0x160/0x160 [ 746.987194] ? __fget_files+0x2cf/0x520 [ 746.987568] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 746.988049] ? lock_downgrade+0x6d0/0x6d0 [ 746.988069] ? find_held_lock+0x2c/0x110 [ 746.988098] ? __fget_files+0x2f8/0x520 [ 746.992435] ? __fget_light+0xea/0x290 [ 746.993292] __sys_sendmsg+0xe5/0x1b0 [ 746.994125] ? __sys_sendmsg_sock+0x40/0x40 [ 746.995066] ? rcu_read_lock_any_held+0x75/0xa0 [ 746.996107] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 746.997250] ? syscall_enter_from_user_mode+0x1d/0x50 [ 746.998367] ? trace_hardirqs_on+0x5b/0x180 [ 746.999307] do_syscall_64+0x33/0x40 [ 747.000130] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 747.001239] RIP: 0033:0x7f38b854eb19 [ 747.002049] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 747.006063] RSP: 002b:00007f38b5ac4188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 747.007714] RAX: ffffffffffffffda RBX: 00007f38b8661f60 RCX: 00007f38b854eb19 [ 747.009272] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 747.010818] RBP: 00007f38b5ac41d0 R08: 0000000000000000 R09: 0000000000000000 [ 747.012381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 747.013933] R13: 00007ffc45a7da1f R14: 00007f38b5ac4300 R15: 0000000000022000 13:23:27 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 6) 13:23:27 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x6000) 13:23:27 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) (fail_nth: 11) 13:23:27 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 22) 13:23:27 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) (fail_nth: 6) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:23:27 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) [ 747.024809] FAULT_INJECTION: forcing a failure. [ 747.024809] name failslab, interval 1, probability 0, space 0, times 0 [ 747.027422] CPU: 1 PID: 6811 Comm: syz-executor.7 Not tainted 5.10.245 #1 [ 747.029011] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 747.030925] Call Trace: [ 747.031537] dump_stack+0x107/0x167 [ 747.032387] should_fail.cold+0x5/0xa [ 747.033267] ? create_object.isra.0+0x3a/0xa30 [ 747.034317] should_failslab+0x5/0x20 [ 747.035192] kmem_cache_alloc+0x5b/0x310 [ 747.036140] create_object.isra.0+0x3a/0xa30 [ 747.037149] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 13:23:28 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 23) 13:23:28 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x10004) [ 747.038324] kmem_cache_alloc_trace+0x151/0x320 [ 747.039545] perf_event_mmap+0x51a/0xd90 [ 747.040493] ? perf_event_namespaces+0x50/0x50 [ 747.041556] ? vma_link+0x619/0x820 [ 747.042399] mmap_region+0x3a6/0x1500 [ 747.043290] do_mmap+0x868/0x1370 [ 747.044104] vm_mmap_pgoff+0x198/0x1f0 [ 747.045004] ? randomize_page+0xb0/0xb0 [ 747.045931] ksys_mmap_pgoff+0x41c/0x560 [ 747.046865] ? find_mergeable_anon_vma+0x250/0x250 [ 747.048011] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 747.049219] ? syscall_enter_from_user_mode+0x1d/0x50 [ 747.050410] do_syscall_64+0x33/0x40 [ 747.051268] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 747.052456] RIP: 0033:0x7feb1e919b19 [ 747.053312] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 747.057553] RSP: 002b:00007feb1be8f188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 747.059320] RAX: ffffffffffffffda RBX: 00007feb1ea2cf60 RCX: 00007feb1e919b19 [ 747.060972] RDX: 000000000100000e RSI: 0000000000004000 RDI: 0000000020ffc000 [ 747.062613] RBP: 00007feb1be8f1d0 R08: 0000000000000004 R09: 0000000000000000 [ 747.064262] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001 [ 747.065902] R13: 00007ffdbd24bedf R14: 00007feb1be8f300 R15: 0000000000022000 [ 747.088241] FAULT_INJECTION: forcing a failure. [ 747.088241] name failslab, interval 1, probability 0, space 0, times 0 [ 747.090705] CPU: 0 PID: 6822 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 747.092207] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 747.094004] Call Trace: [ 747.094581] dump_stack+0x107/0x167 [ 747.095379] should_fail.cold+0x5/0xa [ 747.096219] ? io_uring_alloc_task_context+0x99/0x6a0 [ 747.097341] should_failslab+0x5/0x20 [ 747.098175] kmem_cache_alloc_trace+0x55/0x320 [ 747.099177] io_uring_alloc_task_context+0x99/0x6a0 [ 747.100267] ? io_import_iovec+0x1120/0x1120 [ 747.101243] io_uring_setup+0x1dd1/0x2980 [ 747.102151] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 747.103257] ? wait_for_completion_io+0x270/0x270 [ 747.104343] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 747.105489] ? syscall_enter_from_user_mode+0x1d/0x50 [ 747.106623] do_syscall_64+0x33/0x40 [ 747.107437] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 747.108567] RIP: 0033:0x7f55e908fb19 [ 747.109376] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 747.113416] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 747.115081] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 747.116653] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 747.118212] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 747.119768] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 747.121338] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 747.168857] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 747.173961] FAULT_INJECTION: forcing a failure. [ 747.173961] name failslab, interval 1, probability 0, space 0, times 0 [ 747.176494] CPU: 1 PID: 6827 Comm: syz-executor.2 Not tainted 5.10.245 #1 [ 747.178037] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 747.179920] Call Trace: [ 747.180527] dump_stack+0x107/0x167 [ 747.181345] should_fail.cold+0x5/0xa [ 747.182204] ? create_object.isra.0+0x3a/0xa30 [ 747.183230] should_failslab+0x5/0x20 [ 747.184096] kmem_cache_alloc+0x5b/0x310 [ 747.185027] create_object.isra.0+0x3a/0xa30 [ 747.186014] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 747.187157] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 747.188302] ? inet_rtm_getroute+0x904/0x2330 [ 747.189302] ? mark_lock+0xf5/0x2df0 [ 747.190149] __alloc_skb+0xb1/0x5b0 [ 747.190971] inet_rtm_getroute+0x904/0x2330 [ 747.191963] ? ipv4_sk_update_pmtu+0xd10/0xd10 [ 747.192991] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 747.194185] ? __lock_acquire+0xbb1/0x5b00 [ 747.195148] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 747.196327] ? mark_lock+0xf5/0x2df0 [ 747.197201] ? ipv4_sk_update_pmtu+0xd10/0xd10 [ 747.198225] rtnetlink_rcv_msg+0x87f/0xbb0 [ 747.198260] FAULT_INJECTION: forcing a failure. [ 747.198260] name failslab, interval 1, probability 0, space 0, times 0 [ 747.199174] ? rtnl_fdb_dump+0xa30/0xa30 [ 747.199202] ? lock_acquire+0x197/0x470 [ 747.199229] ? netlink_deliver_tap+0xf4/0xcc0 [ 747.204358] netlink_rcv_skb+0x14b/0x430 [ 747.205268] ? rtnl_fdb_dump+0xa30/0xa30 [ 747.206175] ? netlink_ack+0xab0/0xab0 [ 747.207048] ? netlink_deliver_tap+0x1ae/0xcc0 [ 747.208082] ? netlink_deliver_tap+0x1c4/0xcc0 [ 747.209103] ? is_vmalloc_addr+0x7b/0xb0 [ 747.210021] netlink_unicast+0x6ce/0xa00 [ 747.210939] ? netlink_attachskb+0xab0/0xab0 [ 747.211944] netlink_sendmsg+0x90f/0xe00 [ 747.212859] ? netlink_unicast+0xa00/0xa00 [ 747.213816] ? netlink_unicast+0xa00/0xa00 [ 747.214763] __sock_sendmsg+0x154/0x190 [ 747.215655] ____sys_sendmsg+0x70d/0x870 [ 747.216574] ? sock_write_iter+0x3d0/0x3d0 [ 747.217517] ? do_recvmmsg+0x6d0/0x6d0 [ 747.218392] ? lock_downgrade+0x6d0/0x6d0 [ 747.219320] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 747.220503] ___sys_sendmsg+0xf3/0x170 [ 747.221383] ? sendmsg_copy_msghdr+0x160/0x160 [ 747.222403] ? __fget_files+0x2cf/0x520 [ 747.223292] ? lock_downgrade+0x6d0/0x6d0 [ 747.224226] ? find_held_lock+0x2c/0x110 [ 747.225143] ? __fget_files+0x2f8/0x520 [ 747.226037] ? __fget_light+0xea/0x290 [ 747.226913] __sys_sendmsg+0xe5/0x1b0 [ 747.227761] ? __sys_sendmsg_sock+0x40/0x40 [ 747.228730] ? rcu_read_lock_any_held+0x75/0xa0 [ 747.229785] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 747.230956] ? syscall_enter_from_user_mode+0x1d/0x50 [ 747.232110] ? trace_hardirqs_on+0x5b/0x180 [ 747.233074] do_syscall_64+0x33/0x40 [ 747.233907] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 747.235050] RIP: 0033:0x7f38b854eb19 [ 747.235888] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 747.240001] RSP: 002b:00007f38b5ac4188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 747.241697] RAX: ffffffffffffffda RBX: 00007f38b8661f60 RCX: 00007f38b854eb19 [ 747.243287] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 747.244891] RBP: 00007f38b5ac41d0 R08: 0000000000000000 R09: 0000000000000000 [ 747.246478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 747.248075] R13: 00007ffc45a7da1f R14: 00007f38b5ac4300 R15: 0000000000022000 [ 747.249698] CPU: 0 PID: 6832 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 747.251434] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 747.253533] Call Trace: [ 747.254200] dump_stack+0x107/0x167 [ 747.254783] FAULT_INJECTION: forcing a failure. [ 747.254783] name failslab, interval 1, probability 0, space 0, times 0 [ 747.255112] should_fail.cold+0x5/0xa [ 747.255145] ? create_object.isra.0+0x3a/0xa30 [ 747.259664] should_failslab+0x5/0x20 [ 747.260627] kmem_cache_alloc+0x5b/0x310 [ 747.261650] create_object.isra.0+0x3a/0xa30 [ 747.262750] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 747.264031] kmem_cache_alloc_trace+0x151/0x320 [ 747.265255] io_uring_setup+0x40b/0x2980 [ 747.266290] ? __mutex_unlock_slowpath+0xe1/0x600 [ 747.267504] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 747.268787] ? wait_for_completion_io+0x270/0x270 [ 747.270020] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 747.271333] ? syscall_enter_from_user_mode+0x1d/0x50 [ 747.272647] do_syscall_64+0x33/0x40 [ 747.273579] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 747.274866] RIP: 0033:0x7f943fb71b19 [ 747.275799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 747.280428] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 747.282335] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 747.284134] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 747.285921] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 747.287706] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 747.289486] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 747.291293] CPU: 1 PID: 6834 Comm: syz-executor.6 Not tainted 5.10.245 #1 [ 747.292896] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 747.294759] Call Trace: [ 747.295362] dump_stack+0x107/0x167 [ 747.296194] should_fail.cold+0x5/0xa [ 747.297053] should_failslab+0x5/0x20 [ 747.297907] __kmalloc_node_track_caller+0x74/0x3b0 [ 747.299025] ? netlink_sendmsg+0x998/0xe00 [ 747.299994] __alloc_skb+0xb1/0x5b0 [ 747.300813] netlink_sendmsg+0x998/0xe00 [ 747.301736] ? netlink_unicast+0xa00/0xa00 [ 747.302698] ? netlink_unicast+0xa00/0xa00 [ 747.303652] __sock_sendmsg+0x154/0x190 [ 747.304561] ____sys_sendmsg+0x70d/0x870 [ 747.305475] ? sock_write_iter+0x3d0/0x3d0 [ 747.306427] ? do_recvmmsg+0x6d0/0x6d0 [ 747.307306] ? lock_downgrade+0x6d0/0x6d0 [ 747.308246] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 747.309429] ___sys_sendmsg+0xf3/0x170 [ 747.310309] ? sendmsg_copy_msghdr+0x160/0x160 [ 747.311339] ? __fget_files+0x2cf/0x520 [ 747.312239] ? lock_downgrade+0x6d0/0x6d0 [ 747.313169] ? find_held_lock+0x2c/0x110 [ 747.314088] ? __fget_files+0x2f8/0x520 [ 747.314992] ? __fget_light+0xea/0x290 [ 747.315879] __sys_sendmsg+0xe5/0x1b0 [ 747.316742] ? __sys_sendmsg_sock+0x40/0x40 [ 747.317708] ? rcu_read_lock_any_held+0x75/0xa0 [ 747.318774] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 747.319958] ? syscall_enter_from_user_mode+0x1d/0x50 [ 747.321111] ? trace_hardirqs_on+0x5b/0x180 [ 747.322088] do_syscall_64+0x33/0x40 [ 747.322941] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 747.324104] RIP: 0033:0x7f536cf98b19 [ 747.324942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 747.329106] RSP: 002b:00007f536a50e188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 747.330805] RAX: ffffffffffffffda RBX: 00007f536d0abf60 RCX: 00007f536cf98b19 [ 747.332407] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 747.334004] RBP: 00007f536a50e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 747.335599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 747.337199] R13: 00007ffca9282e9f R14: 00007f536a50e300 R15: 0000000000022000 13:23:28 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) (fail_nth: 12) 13:23:28 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) (fail_nth: 5) 13:23:28 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 7) 13:23:28 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) r1 = getpgid(0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000080)={0x0, r2}) openat(r0, &(0x7f00000000c0)='./file1\x00', 0x800, 0x181) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0xb, 0x9, 0x7f, 0x6, 0x0, 0xfffffffffffffffa, 0x20000, 0xe, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0xfffffff9, 0x0, @perf_config_ext={0x4, 0x400}, 0x11802, 0x10001, 0x7f, 0x2, 0x10000, 0x0, 0x7ff, 0x0, 0x6, 0x0, 0x1000}, r1, 0x2, r2, 0x8) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r3, r0, 0x0, 0x100000001) 13:23:28 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x400000) 13:23:28 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r1, r0, 0x0, 0x100000001) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) write$P9_RREADDIR(r2, &(0x7f0000000080)={0x61, 0x29, 0x1, {0x40, [{{0x1, 0x4, 0x3}, 0x9, 0x73}, {{0x40, 0x1, 0x1}, 0x9, 0x9, 0x7, './file0'}, {{0x40, 0x4, 0x6}, 0x4, 0x4, 0x7, './file0'}]}}, 0x61) 13:23:28 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) (fail_nth: 7) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:23:28 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x600000) 13:23:28 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 24) [ 747.490504] FAULT_INJECTION: forcing a failure. [ 747.490504] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 747.490680] FAULT_INJECTION: forcing a failure. [ 747.490680] name failslab, interval 1, probability 0, space 0, times 0 [ 747.493429] CPU: 0 PID: 6844 Comm: syz-executor.7 Not tainted 5.10.245 #1 [ 747.497531] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 747.499509] Call Trace: [ 747.500148] dump_stack+0x107/0x167 [ 747.501016] should_fail.cold+0x5/0xa [ 747.501928] _copy_to_user+0x2e/0x180 [ 747.502840] simple_read_from_buffer+0xcc/0x160 [ 747.503963] proc_fail_nth_read+0x198/0x230 [ 747.504998] ? proc_sessionid_read+0x230/0x230 [ 747.506086] ? security_file_permission+0xb1/0xe0 [ 747.507234] ? proc_sessionid_read+0x230/0x230 [ 747.508318] vfs_read+0x228/0x620 [ 747.509155] ksys_read+0x12d/0x260 [ 747.509988] ? vfs_write+0xb10/0xb10 [ 747.510864] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 747.512110] ? syscall_enter_from_user_mode+0x1d/0x50 [ 747.513314] do_syscall_64+0x33/0x40 [ 747.514187] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 747.515381] RIP: 0033:0x7feb1e8cc69c [ 747.516261] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 747.520552] RSP: 002b:00007feb1be8f170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 747.522333] RAX: ffffffffffffffda RBX: 0000000020ffc000 RCX: 00007feb1e8cc69c [ 747.523999] RDX: 000000000000000f RSI: 00007feb1be8f1e0 RDI: 0000000000000005 [ 747.525676] RBP: 00007feb1be8f1d0 R08: 0000000000000000 R09: 0000000000000000 [ 747.527335] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000001 [ 747.528996] R13: 00007ffdbd24bedf R14: 00007feb1be8f300 R15: 0000000000022000 [ 747.530668] CPU: 1 PID: 6847 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 747.532176] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 747.533975] Call Trace: [ 747.534549] dump_stack+0x107/0x167 [ 747.535346] should_fail.cold+0x5/0xa [ 747.536190] ? create_object.isra.0+0x3a/0xa30 [ 747.537181] should_failslab+0x5/0x20 [ 747.538008] kmem_cache_alloc+0x5b/0x310 [ 747.538901] create_object.isra.0+0x3a/0xa30 [ 747.539801] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 747.540920] kmem_cache_alloc+0x159/0x310 [ 747.541830] radix_tree_node_alloc.constprop.0+0x1e3/0x300 [ 747.543053] idr_get_free+0x4b5/0x8f0 [ 747.543911] idr_alloc_u32+0x170/0x2d0 [ 747.544766] ? __fprop_inc_percpu_max+0x130/0x130 [ 747.545825] ? lock_acquire+0x197/0x470 [ 747.546691] ? alloc_pid+0x491/0xd30 [ 747.547514] idr_alloc_cyclic+0x102/0x230 [ 747.548426] ? idr_alloc+0x130/0x130 [ 747.549242] ? rwlock_bug.part.0+0x90/0x90 [ 747.550180] alloc_pid+0x4fb/0xd30 [ 747.550962] ? copy_namespaces+0x1ca/0x4f0 [ 747.551900] copy_process+0x3b8b/0x78b0 [ 747.552787] ? stack_trace_save+0x8c/0xc0 [ 747.553724] ? __cleanup_sighand+0xb0/0xb0 [ 747.554656] ? kernel_text_address+0xf2/0x120 [ 747.555650] ? find_held_lock+0x2c/0x110 [ 747.556513] ? io_uring_setup+0x1c23/0x2980 [ 747.557437] ? lock_downgrade+0x6d0/0x6d0 [ 747.558353] ? io_uring_cancel_generic+0x2b0/0x2b0 [ 747.559398] create_io_thread+0xb6/0xf0 [ 747.560246] ? pidfd_prepare+0x80/0x80 [ 747.561104] ? io_uring_cancel_generic+0x2b0/0x2b0 [ 747.562108] io_uring_setup+0x1d79/0x2980 [ 747.562969] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 747.563992] ? wait_for_completion_io+0x270/0x270 [ 747.564989] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 747.566043] ? syscall_enter_from_user_mode+0x1d/0x50 [ 747.567092] do_syscall_64+0x33/0x40 [ 747.567850] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 747.568890] RIP: 0033:0x7f55e908fb19 [ 747.569640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 747.573364] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 747.574900] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 747.576352] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 747.577776] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 747.579207] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 747.580640] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:23:28 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0xc02, 0x0) ioctl$BTRFS_IOC_ADD_DEV(r1, 0x5000940a, &(0x7f00000002c0)={{r0}, "f31be6c673831f437734ccb5936b420dc09ef1d4cdaf7ecce0f28b023e6fcdfd587fe2f255b0c56a9ae07e9a03741dea5b6ab7b50b7bb67c833ec2c56f2280ffadbb01c8d79c849b61028a799926424d9e1c820f61a5484cf0fd31c42351d31efd45eacb8abea8945ffcd1a85b3c2e7f198a7ec81702a7b9b5803346d7a64170ca3ce23b98d6f42ed75b6e511401b81b1729ece7fc74c1cfa059a43bd3f2c9151866e6c058ed04bce38ed7d9daafa6bd280ceaf202b95ea10c2a54a0cb773d98b6026a00e26267d8ad48ba9a75587b43f9ffe4c6b63b61ddddde02083e3a7aaed1ce1ec155033c13e049eaa35a594e64401ae281d781cb5492c78c283eac8ce08e3999393255beb6434228e14c4914cab8929338bb190f414c2990617d4858adbdf01cf45087630aaee2b5cfb5304a03d60369d6619198339a5d70f42956075918815718773357d74c5839c156af108e683b00966e6c778e4bdf60eaaa223771f66d6d717d0208d627e2d875c6a9d71ebdf9032c0079893eabb9281fc3028e0c46cf5c177f1fa833b458e5088659c91c354369b7df67b5137c6911cbd32cfa8e7a6d9ef6a13f7ad0bae20ff164c301575981334fadfd655f4195805d0ec5af7daab6adc0a080ed6bda8e3a9718452dabdf36678a9704b345504d2d5199b1dfed3387eaaa8fc08ffe2b0e3f8ef2a5b9981b629bb34958e45c995784c601de175f8854e59c787d516bed098cf053b5f75001c166ea12c42c6f6a5b6e6cbdbc885133c9e9fb88dcba461e6f015076eed6b1064aec25f1dd0701f249b26a81b093fbc0186873dc9453d508ab23fdbad25d2cf0fadd14bbf7d11cf85c8c5c03a0f603aa4f01731a8eafeec21794f456ec30f810e8423b20fccfe9c9b2e417e594a62f9d9feb58ddc5e4241f29542b94e0ede976fd846892359b2c72771e552b075976d7370c41546402161606e2aaf2167a99abfd7c009ce98b6bceeca7324238e2ff9d434dbd0d5691c55c133edb993d44c908297ec4c3473aa2ec0ed4123e59b5f8e7c272ff618c338ba0bf9e425252ccf7161f6fe61f50902f57cf491280bbbbd1fe0123f3a14d14c8eb70305e75a89c406b7246e756d71f5d9542aa5768914eae536bc1484c799cd9b825f5e3c5380081501890a037e9ba98252177408bf19da780250c41282df0e74adcec0cc3cf15d416a39940f4a7e9e59c94d362aa47b3eb6689340f697aae145f213dd8a5176baf963e88bc8d29d0fc175378123cae9aede92cdd92c284067dcc7e829a472f987c3307764cea76f97e818f1d7d829b3a056bcd16fc9ce90ce784ab3874043b96c2b1d8cd7baecbf24df577f08ccd2a887106186ffa02a5c0b34da7616edb1a56a0f8a0704d3697943d7e853201dd27498a986540fde36c7beffbd2165b6b0775eb3c5179516716a0aff4b28a726f4de14764b516112699214a1266c1aed6821314533150d1f006ad565d6bce3f23252546f61833e7674343f9ebd0dac39d953c2de5baf6594c00beec26e6768f94a52533093bc32061c6e8e6a765b06ae6448ab80a1bd855990d8a8a3fcfa2eeeadb2f9e28fb4012be4512d6ee28852717a198b5adcc7447d395ea1870cd8dfa952e699f797f3910994870ef6b19a3ef001260a138d551ce70ca85f8c67ee9034bda2a59949b7a52e13d4b012aa58cd850dfc82b0048e1d2f46d06054410083b15fb3f4111b24ce70a5eb9b5658a6b4679fd23985948548ff6d18e896632be4703824af43fe3f94d121bbbb366d2b1c6e2ca10c0881dcdd2327e98ed6619274263c57d4d224992cdb56a2cb6b6d75c7d88eae68c44e1b5b2fbb204f036ba9904e6b981b058a0ef5e2782cb0a699b47677d68ee2d6f74dcf72ea2e63008bfe2181c528e24f057ba57e57f8b5fabc429c8e2619c3c527922e270f1f63fb6f1773025a11688ba2d0e79a2aed575fa702e1896861b9a116fe296e9dda2a8199980edb86550eb206e15c0c16f6ea23d66b1533395b0bab70a2071fa54e09610e3592ee19ebae1c644177afb60b2d0d5b38aadd360ae41fc2edc6efaca22e796fd07361f03ca2fb534574b4da282652681e9ad5380abd57f996fd911da5ad108de9ca8f513eb0cc437db1614fc4f5a08e8cc05769bff7dfbb62fe3c30b993d42845033621dd07b8d9f1a6abb3f661d999f8e2c7ef9872e26efc54199a7b8222da7642aa8105beda5b4dbb757bc6552979828751e3d597a50c8ed26f5bcbf4a8f9c9d248fc7f38792af71c063aa91e1021f1b4e20923dcb766aa8226e852f801136369815c3a801f1688a487b923c09a677a04eb339b669ba0afeff7f500432e1c9b0523ebbcd11b245564ad92dd78d78f45c1d83f59335a517c861c0805c9588b4f645f958c8b9f57a2a8137e23a87fbc04d40736b56c4fc9e99b18785eaf1a078a1758802fed73c3c409ab30da111101b251ed8b7b877fc297b2be137bbf233b47c7edcbc1f2455b8aa082181cac5eaabcd9dbb56b523e116064be199f516d8f2eb17e0a1f59319760911210f0dc3e2cf5ca0122b48d0c46f720fd7c245aa2da1dba327bd3a98e072d7cf9f525c1dad98eedd27cba9b536f943d289e646cb8456df2cf76832995d4a160041b06f261d406280efa0877ca56082a43ffc98f8fb29617e139de0601508375e8c9b3be6576eb4bf83fc4fede2a61b85fb808273c33f7b860835e90e09aa6926824b5a6ece28312dba2ce93d868f3c84ecc05edf4d5b0d7970111a838c606fade14cdf0859b27dd8a696951b32175c9b732d22f07973f173e189f410f20b183c5f5cfbe561ce9137fba49c0f461fd22a7755b5bbab9108de8428a2d9e611ea3c9b50daf958e408af148c76d72f7529a45d0218dba944daaf3b75377b68f99001ac936acbc9639fbe788fe2f1c2f5e403db44f6a3c1e9067ca3dd5bfe041bbabfb259286c2c174f2f23d393b932504ce8aaf92365fc4940e4f112d76ded110f57ced9404eb3515b56c8f6e52e4f8d2eda0bdbedb2aa6d73c59dbf1c151bbfca3ee3a61931978955df789acc0650da49d10645bd698dbc985ccfdee9f4a1be5e724161d31a0becb49ac461af3ad6f7d05ee24295ea0a6c4dc0f5aeb37bedf74f9f2f7da260fe69aa2d0baedd90ed3582dd3311ccf13e904a939b4f978684bd60d82daf37c86819c2a5ac97f2ae1bf10a978d648fdcae1120cff3c9b64f559c69ac584ee32eaf07ae8cd4185d48f0ae73abbcf7e563ae4e2a0108dd456c5159f76187988a139cf7844d1a9239341a01aa188797840b446bd828c077661e2e028f97117c5606bee708df335c55572780469cf76e4c5b20a8962beb43f8e872dd586e6a74be0e11cae7fb3ba636b984f35df0f1c4ef19409f693cf7bd8affa4589e4fe9199fd081060d86f1e68fe0848ecfa200295147d2732c7d9db233ac7827aae92363626a017c99c02779941fede590e858882d5770eb19ac02f6fa0c84ecf7120f5268b22b6dec3c617c2a58dc6f9b8f9bc7759d8a5fe8bdcbeb0ef29925930f786ff72460f34fcd8fea3c7a2d9f425c58b022fb08e4a0cadb96a6fc5884178ce3e8d25e05e03fdbfbdc063cdf9121566cb62d308abd801f9eee9ceaa9605c55f79cff3f152b26d0979df97884aef46a8fa98903868d6a66d70ea22b3f323e0a75837ce6d9d5a3d4cd5d87ac3d012c06edc7370197c7c58d07d6363b6912bde2ecd167a4402957aab7621b275e9c82b670824f6852eb79227172229eb215f50a845c8fb97de05de1cbdaae4cf4885b7994dfbc61ba8882b1634ce494fb3f4e81fc29957d5e22a25051306c66fdc51055e247c85fb442608bd3ffe68131fd3d5fc199d6e1a9cc41e1a3e825499ab3c603edfd04121f9f338afc7d924618a7ae7f35b5f80d27e03f605897f15ecde3f79a5436d885e0f84f1fac78dfdd398b1284bd2bca2de8bd7e642b8ad17cf329e3facf78d2ddcb52a03589af58f3342f3150d40e162c9934eb8ccd7b7f8a1f2c3d9067c48e3ecf5fbec21f2f237d35e5862219c671f11c493317fec9bdbe1c49cacb6e05602bf8faa5969d83addc48a7ad8455d0f6e708465399a5651f27eaddbd79d9d13515f36a2b5f88fdcf6c8055fd094efb95eb5fd73994b4aaa73da05d2d7da10867d32455081e5831f9dd4f84206df6eae67b48c367b60eb8a40c1542db45ef4884b625f44d8e944919de4356337ac9a155d9299b3e9b3209b86b748fee2e24b0b317801208399e2de7c9a13803b01c8dcd86192d2524708c5d16d4e74aaea986fccb81545edc138b446a8677cc1afdb7a1da017ab877984198cdc3c9736a0dea833b190169815b26975669eb3bf34c372bfd4ab78f01b2b4073563d0becc174aaca18c81f2b677dc6e18afb33bb6ff5ee8ee311f2d4dac5ca9501d7841dfd23bc179d5bd130eada4c6154334d6adb34164650b38d6a172a4c08c6d69fd1a3b830080a48966f287414fc8874633b516d9104a411a3ac3fd8175531b74c08cb2d8fe1c79c93e10a357d6e66fde67a2001dee41a9c729d57bdfdd37de7c8b0d342eeb7e430d506f8d44f40d1ed225c81757edc5df7d9f04f1af70777bc50ca4fc1909a8c5a2beaf0e55a86b806a99728bb36930f8def4d3144d7adc51fdb29790d8ee880f9cdf887155205956236946d83e035aed24a5af0d7ff2412f96ccae62c516561c62058b767fc2c9ca00293504e3cb2d075be20c6a806f310930ee29f0504a4b9c7d418c7e44fa20dc1150f3811057d481cbe24b4e693a3bfba74d90ecd8e3c8e7813fdac68c3ae2dc2ffdfe0b9d69a93654213e997e21ba3e272ea626861f2fb7ac6d6050cb98f5bc9ebad12851af9ab59015336d06cc6ff5c5d79a79a417e0aaffdc5af220feab38a197da5323c91b65ade13cda6016f3303aaad5a86049e73c4e5dc75929bb26de8b01e0dd2a15f4c597a7f6d4ac6cdeebdc4cfe9a4c6de12f0bdd2702c01cf0cd78ce5b9f92056880fe37735ab69248c8ade73a7bf3878e8600fc4d040d2ac960716aa9817654364b7652ed411562359c3269588f5df4294f3bb339f8265e35976311964fb79f3ff15bfe38952fea3758b92e4de5b8fb4c401095803a524a116a0ce00bb6bed76478c2a2b218dc5bcf0827c0f9797ddcd928dfa8f5d792d3c1b2c8c14a478eb2e542a0f8d81b5e59fdac509a0ae98ed883aaa0d57d6430d48ba67a1a7add518369e647ae1f145800fbc67a6bd21cd5f23b1ca8468d10db1f7b22307bd6f861934900d84d89b69c711b2379806915159d9fd879bb8fe1a176592707e75e170cc6551f13efd06b1ab52990dca53c63deaaba7d2b892f382475f3251e9162d7ab97aefb6acedaa8771437658d0580339eaf7f32be0fdaca309c02272f50e7586a343155afd6782de2440845eb7f9fd76df597449be5e03235238008c1fa81af7d22d4a6ee40a5e9699dd9fba3070db0595f64e2b00a0d8d3d9a6ba1f12cba014fe8f32a34e3a9cdb42e9c0f1da370e4a546e600574a13073935b1f2716e98377dd8cafdcd8fb574c9d303577f7723105ee4cf47482c6f58de2824fdd5859eeeb4bce0de8cac3ffed462debb94a30acb289d20e728d32d630e78dd0c166eede374a97407fef394f64a161b236fc068afdc297acb3fb21315f07e4d4b20788b077fbfd3f3fab7550d025bb58056ad0ee5363b7e018c73409c031071c74aaece8d1378604a935ff73604936ab8fcb80a07ef8b41add8c5c0fba7224cd9fc6758a4fdb9152d14fae93be024cd3cd205f848a15171"}) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r2, r0, 0x0, 0x100000001) r3 = syz_io_uring_setup(0x132, &(0x7f0000000180)={0x0, 0xf830}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r4, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r5 = fcntl$dupfd(r4, 0x406, r3) ioctl$FS_IOC_FIEMAP(r5, 0xc020660b, &(0x7f00000002c0)={0x1f, 0x2, 0x1, 0x25, 0x4, [{0x0, 0xd8f, 0x5, '\x00', 0x86}, {0xcb3, 0x8, 0x6, '\x00', 0x4}, {0x0, 0x7ff, 0x9ff, '\x00', 0x802}, {0x5, 0x4f2b, 0x5, '\x00', 0x2801}]}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r3, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r5, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r3, {0x1ff}}, './file0\x00'}) ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000080)=0x80000000) 13:23:28 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x800000) 13:23:28 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x82181, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r1, r0, 0x0, 0x100000001) 13:23:28 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x80ffff) 13:23:40 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x1000000) 13:23:40 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:23:40 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) r2 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r3, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r3, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r4 = fcntl$dupfd(r3, 0x406, r2) ioctl$FS_IOC_FIEMAP(r4, 0xc020660b, &(0x7f00000002c0)={0x1f, 0x2, 0x1, 0x25, 0x4, [{0x0, 0xd8f, 0x5, '\x00', 0x86}, {0xcb3, 0x8, 0x6, '\x00', 0x4}, {0x0, 0x7ff, 0x9ff, '\x00', 0x802}, {0x5, 0x4f2b, 0x5, '\x00', 0x2801}]}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r4, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r2, {0x1ff}}, './file0\x00'}) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r5, 0xc028660f, &(0x7f0000000080)={0x0, r5}) ioctl$LOOP_CHANGE_FD(r4, 0x4c06, r5) sendfile(r1, r0, 0x0, 0x100000001) [ 759.692399] FAULT_INJECTION: forcing a failure. [ 759.692399] name failslab, interval 1, probability 0, space 0, times 0 [ 759.695402] CPU: 1 PID: 6878 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 759.697304] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 759.699575] Call Trace: [ 759.699829] FAULT_INJECTION: forcing a failure. [ 759.699829] name failslab, interval 1, probability 0, space 0, times 0 [ 759.700308] dump_stack+0x107/0x167 [ 759.700335] should_fail.cold+0x5/0xa [ 759.704091] ? create_object.isra.0+0x3a/0xa30 [ 759.705345] should_failslab+0x5/0x20 [ 759.706389] kmem_cache_alloc+0x5b/0x310 [ 759.707504] create_object.isra.0+0x3a/0xa30 [ 759.708729] kmemleak_alloc_percpu+0xa0/0x100 [ 759.709980] pcpu_alloc+0x4e2/0x1240 [ 759.711015] __percpu_counter_init+0x10d/0x2d0 [ 759.712305] io_uring_alloc_task_context+0xcc/0x6a0 [ 759.713679] ? io_import_iovec+0x1120/0x1120 [ 759.714914] io_uring_setup+0x1dd1/0x2980 [ 759.716073] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 759.717484] ? wait_for_completion_io+0x270/0x270 [ 759.718835] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 759.720327] ? syscall_enter_from_user_mode+0x1d/0x50 [ 759.721566] do_syscall_64+0x33/0x40 [ 759.722424] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 759.723602] RIP: 0033:0x7f55e908fb19 [ 759.724450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 759.728598] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 759.730379] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 759.732036] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 759.733667] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 759.735270] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 759.736922] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 759.738582] CPU: 0 PID: 6884 Comm: syz-executor.6 Not tainted 5.10.245 #1 [ 759.739688] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 759.740969] Call Trace: [ 759.741395] dump_stack+0x107/0x167 [ 759.741970] should_fail.cold+0x5/0xa [ 759.742552] ? create_object.isra.0+0x3a/0xa30 [ 759.743272] should_failslab+0x5/0x20 [ 759.743860] kmem_cache_alloc+0x5b/0x310 [ 759.744478] create_object.isra.0+0x3a/0xa30 [ 759.745152] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 759.745932] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 759.746722] ? netlink_sendmsg+0x998/0xe00 [ 759.747367] __alloc_skb+0xb1/0x5b0 [ 759.747940] netlink_sendmsg+0x998/0xe00 [ 759.748575] ? netlink_unicast+0xa00/0xa00 [ 759.749223] ? netlink_unicast+0xa00/0xa00 [ 759.749888] __sock_sendmsg+0x154/0x190 [ 759.750483] ____sys_sendmsg+0x70d/0x870 [ 759.751113] ? sock_write_iter+0x3d0/0x3d0 [ 759.751758] ? do_recvmmsg+0x6d0/0x6d0 [ 759.752372] ? lock_downgrade+0x6d0/0x6d0 [ 759.753006] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 759.753820] ___sys_sendmsg+0xf3/0x170 [ 759.754406] ? sendmsg_copy_msghdr+0x160/0x160 [ 759.755110] ? __fget_files+0x2cf/0x520 [ 759.755713] ? lock_downgrade+0x6d0/0x6d0 [ 759.756339] ? find_held_lock+0x2c/0x110 [ 759.756947] ? __fget_files+0x2f8/0x520 [ 759.757554] ? __fget_light+0xea/0x290 [ 759.758149] __sys_sendmsg+0xe5/0x1b0 [ 759.758725] ? __sys_sendmsg_sock+0x40/0x40 [ 759.759394] ? rcu_read_lock_any_held+0x75/0xa0 [ 759.760107] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 759.760913] ? syscall_enter_from_user_mode+0x1d/0x50 [ 759.761705] ? trace_hardirqs_on+0x5b/0x180 [ 759.762366] do_syscall_64+0x33/0x40 [ 759.762938] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 759.763719] RIP: 0033:0x7f536cf98b19 [ 759.764301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 759.767093] RSP: 002b:00007f536a50e188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 759.768237] RAX: ffffffffffffffda RBX: 00007f536d0abf60 RCX: 00007f536cf98b19 [ 759.769307] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 759.770389] RBP: 00007f536a50e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 759.771477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 759.772578] R13: 00007ffca9282e9f R14: 00007f536a50e300 R15: 0000000000022000 [ 759.774140] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 759.780038] netlink: 'syz-executor.2': attribute type 16 has an invalid length. 13:23:40 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 8) 13:23:40 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) (fail_nth: 6) 13:23:40 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) (fail_nth: 13) 13:23:40 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:23:40 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 25) [ 759.796013] FAULT_INJECTION: forcing a failure. [ 759.796013] name failslab, interval 1, probability 0, space 0, times 0 [ 759.798773] CPU: 1 PID: 6887 Comm: syz-executor.2 Not tainted 5.10.245 #1 [ 759.800397] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 759.802351] Call Trace: [ 759.802980] dump_stack+0x107/0x167 [ 759.803867] should_fail.cold+0x5/0xa [ 759.804782] ? create_object.isra.0+0x3a/0xa30 [ 759.805869] should_failslab+0x5/0x20 [ 759.806763] kmem_cache_alloc+0x5b/0x310 [ 759.807367] FAULT_INJECTION: forcing a failure. [ 759.807367] name failslab, interval 1, probability 0, space 0, times 0 [ 759.807736] ? lock_release+0x680/0x680 [ 759.810345] create_object.isra.0+0x3a/0xa30 [ 759.811383] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 759.812587] kmem_cache_alloc+0x159/0x310 [ 759.813542] dst_alloc+0x9e/0x5d0 [ 759.814370] rt_dst_alloc+0x73/0x440 [ 759.815264] ip_route_output_key_hash_rcu+0x98d/0x24a0 [ 759.816499] inet_rtm_getroute+0x10da/0x2330 [ 759.817553] ? ipv4_sk_update_pmtu+0xd10/0xd10 [ 759.818617] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 759.819891] ? __lock_acquire+0xbb1/0x5b00 [ 759.820890] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 759.822140] ? mark_lock+0xf5/0x2df0 [ 759.823055] ? ipv4_sk_update_pmtu+0xd10/0xd10 [ 759.824173] rtnetlink_rcv_msg+0x87f/0xbb0 [ 759.825156] ? rtnl_fdb_dump+0xa30/0xa30 [ 759.826120] ? lock_acquire+0x197/0x470 [ 759.827064] ? netlink_deliver_tap+0xf4/0xcc0 [ 759.828123] netlink_rcv_skb+0x14b/0x430 [ 759.829080] ? rtnl_fdb_dump+0xa30/0xa30 [ 759.830017] ? netlink_ack+0xab0/0xab0 [ 759.830917] ? netlink_deliver_tap+0x1ae/0xcc0 [ 759.832003] ? netlink_deliver_tap+0x1c4/0xcc0 [ 759.833083] ? is_vmalloc_addr+0x7b/0xb0 [ 759.834031] netlink_unicast+0x6ce/0xa00 [ 759.834989] ? netlink_attachskb+0xab0/0xab0 [ 759.836033] netlink_sendmsg+0x90f/0xe00 [ 759.837006] ? netlink_unicast+0xa00/0xa00 [ 759.838011] ? netlink_unicast+0xa00/0xa00 [ 759.839017] __sock_sendmsg+0x154/0x190 [ 759.839957] ____sys_sendmsg+0x70d/0x870 [ 759.840926] ? sock_write_iter+0x3d0/0x3d0 [ 759.841933] ? do_recvmmsg+0x6d0/0x6d0 [ 759.842867] ? lock_downgrade+0x6d0/0x6d0 [ 759.843856] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 759.845109] ___sys_sendmsg+0xf3/0x170 [ 759.846028] ? sendmsg_copy_msghdr+0x160/0x160 [ 759.847106] ? __fget_files+0x2cf/0x520 [ 759.848053] ? lock_downgrade+0x6d0/0x6d0 [ 759.849034] ? find_held_lock+0x2c/0x110 [ 759.849987] ? __fget_files+0x2f8/0x520 [ 759.850920] ? __fget_light+0xea/0x290 [ 759.851850] __sys_sendmsg+0xe5/0x1b0 [ 759.852781] ? __sys_sendmsg_sock+0x40/0x40 [ 759.853809] ? rcu_read_lock_any_held+0x75/0xa0 [ 759.854914] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 759.856159] ? syscall_enter_from_user_mode+0x1d/0x50 [ 759.857377] ? trace_hardirqs_on+0x5b/0x180 [ 759.858385] do_syscall_64+0x33/0x40 [ 759.859256] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 759.860484] RIP: 0033:0x7f38b854eb19 [ 759.861375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 759.865671] RSP: 002b:00007f38b5ac4188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 759.867443] RAX: ffffffffffffffda RBX: 00007f38b8661f60 RCX: 00007f38b854eb19 [ 759.869129] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 759.870823] RBP: 00007f38b5ac41d0 R08: 0000000000000000 R09: 0000000000000000 [ 759.872528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 759.874210] R13: 00007ffc45a7da1f R14: 00007f38b5ac4300 R15: 0000000000022000 [ 759.875924] CPU: 0 PID: 6889 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 759.876950] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 759.878177] Call Trace: [ 759.878581] dump_stack+0x107/0x167 [ 759.879112] should_fail.cold+0x5/0xa [ 759.879667] ? create_object.isra.0+0x3a/0xa30 [ 759.880337] should_failslab+0x5/0x20 [ 759.880891] kmem_cache_alloc+0x5b/0x310 [ 759.881512] create_object.isra.0+0x3a/0xa30 [ 759.882179] kmemleak_alloc_percpu+0xa0/0x100 [ 759.882848] pcpu_alloc+0x4e2/0x1240 [ 759.883434] ? io_tctx_exit_cb+0xf0/0xf0 [ 759.884049] percpu_ref_init+0x31/0x3d0 [ 759.884636] io_uring_setup+0x47a/0x2980 [ 759.885236] ? __mutex_unlock_slowpath+0xe1/0x600 [ 759.885944] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 759.886685] ? wait_for_completion_io+0x270/0x270 [ 759.887432] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 759.888214] ? syscall_enter_from_user_mode+0x1d/0x50 [ 759.888997] do_syscall_64+0x33/0x40 [ 759.889549] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 759.890333] RIP: 0033:0x7f943fb71b19 [ 759.890872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 759.893553] RSP: 002b:00007f943d0c6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 759.894663] RAX: ffffffffffffffda RBX: 00007f943fc85020 RCX: 00007f943fb71b19 [ 759.895702] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 759.896768] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 759.897800] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 759.898829] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:23:55 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 9) 13:23:55 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x2000000) 13:23:55 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) (fail_nth: 14) 13:23:55 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) (fail_nth: 7) 13:23:55 executing program 3: read(0xffffffffffffffff, &(0x7f00000002c0)=""/4096, 0x1000) r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r0, 0x0, 0x81) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r1, r0, 0x0, 0x100000001) [ 774.085763] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 774.113372] FAULT_INJECTION: forcing a failure. [ 774.113372] name failslab, interval 1, probability 0, space 0, times 0 [ 774.115817] CPU: 1 PID: 6901 Comm: syz-executor.2 Not tainted 5.10.245 #1 [ 774.117237] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 774.118926] Call Trace: [ 774.119470] dump_stack+0x107/0x167 [ 774.120245] should_fail.cold+0x5/0xa [ 774.121025] ? __alloc_skb+0x6d/0x5b0 [ 774.121802] should_failslab+0x5/0x20 [ 774.122586] kmem_cache_alloc_node+0x55/0x330 [ 774.123506] __alloc_skb+0x6d/0x5b0 [ 774.124270] netlink_ack+0x1ed/0xab0 [ 774.125049] ? netlink_sendmsg+0xe00/0xe00 [ 774.125913] ? lock_acquire+0x197/0x470 [ 774.126722] ? netlink_deliver_tap+0xf4/0xcc0 [ 774.127649] netlink_rcv_skb+0x348/0x430 [ 774.128491] ? rtnl_fdb_dump+0xa30/0xa30 [ 774.129327] ? netlink_ack+0xab0/0xab0 [ 774.130129] ? netlink_deliver_tap+0x1ae/0xcc0 13:23:55 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 26) 13:23:55 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:23:55 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0xb00, 0x100000e, 0x13, r0, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) [ 774.131073] ? netlink_deliver_tap+0x1c4/0xcc0 [ 774.132266] ? is_vmalloc_addr+0x7b/0xb0 [ 774.132685] FAULT_INJECTION: forcing a failure. [ 774.132685] name failslab, interval 1, probability 0, space 0, times 0 [ 774.133104] netlink_unicast+0x6ce/0xa00 [ 774.133133] ? netlink_attachskb+0xab0/0xab0 [ 774.137198] netlink_sendmsg+0x90f/0xe00 [ 774.138032] ? netlink_unicast+0xa00/0xa00 [ 774.138913] ? netlink_unicast+0xa00/0xa00 [ 774.139775] __sock_sendmsg+0x154/0x190 [ 774.140598] ____sys_sendmsg+0x70d/0x870 [ 774.141432] ? sock_write_iter+0x3d0/0x3d0 [ 774.142296] ? do_recvmmsg+0x6d0/0x6d0 [ 774.143093] ? lock_downgrade+0x6d0/0x6d0 [ 774.143953] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 774.145029] ___sys_sendmsg+0xf3/0x170 [ 774.145823] ? sendmsg_copy_msghdr+0x160/0x160 [ 774.146754] ? __fget_files+0x2cf/0x520 [ 774.147567] ? lock_downgrade+0x6d0/0x6d0 [ 774.148421] ? find_held_lock+0x2c/0x110 [ 774.149262] ? __fget_files+0x2f8/0x520 [ 774.150084] ? __fget_light+0xea/0x290 [ 774.150884] __sys_sendmsg+0xe5/0x1b0 [ 774.151664] ? __sys_sendmsg_sock+0x40/0x40 [ 774.152584] ? rcu_read_lock_any_held+0x75/0xa0 [ 774.153544] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 774.154608] ? syscall_enter_from_user_mode+0x1d/0x50 [ 774.155650] ? trace_hardirqs_on+0x5b/0x180 [ 774.156548] do_syscall_64+0x33/0x40 [ 774.157311] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 774.158351] RIP: 0033:0x7f38b854eb19 [ 774.159117] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 774.162878] RSP: 002b:00007f38b5ac4188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 774.164442] RAX: ffffffffffffffda RBX: 00007f38b8661f60 RCX: 00007f38b854eb19 [ 774.165905] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 774.167357] RBP: 00007f38b5ac41d0 R08: 0000000000000000 R09: 0000000000000000 [ 774.168821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 774.170290] R13: 00007ffc45a7da1f R14: 00007f38b5ac4300 R15: 0000000000022000 [ 774.171773] CPU: 0 PID: 6906 Comm: syz-executor.6 Not tainted 5.10.245 #1 [ 774.173256] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 774.175021] Call Trace: [ 774.175586] dump_stack+0x107/0x167 [ 774.176375] should_fail.cold+0x5/0xa [ 774.177186] ? create_object.isra.0+0x3a/0xa30 [ 774.178153] should_failslab+0x5/0x20 [ 774.178967] kmem_cache_alloc+0x5b/0x310 [ 774.179837] create_object.isra.0+0x3a/0xa30 [ 774.180782] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 774.181859] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 774.182946] ? netlink_sendmsg+0x998/0xe00 [ 774.183863] __alloc_skb+0xb1/0x5b0 [ 774.184639] netlink_sendmsg+0x998/0xe00 [ 774.185507] ? netlink_unicast+0xa00/0xa00 [ 774.186413] ? netlink_unicast+0xa00/0xa00 [ 774.187314] __sock_sendmsg+0x154/0x190 [ 774.188164] ____sys_sendmsg+0x70d/0x870 [ 774.189030] ? sock_write_iter+0x3d0/0x3d0 [ 774.189925] ? do_recvmmsg+0x6d0/0x6d0 [ 774.190759] ? lock_downgrade+0x6d0/0x6d0 [ 774.191640] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 774.192768] ___sys_sendmsg+0xf3/0x170 [ 774.193595] ? sendmsg_copy_msghdr+0x160/0x160 [ 774.194567] ? __fget_files+0x2cf/0x520 [ 774.195409] ? lock_downgrade+0x6d0/0x6d0 [ 774.196300] ? find_held_lock+0x2c/0x110 [ 774.197168] ? __fget_files+0x2f8/0x520 [ 774.198026] ? __fget_light+0xea/0x290 [ 774.198858] __sys_sendmsg+0xe5/0x1b0 [ 774.199667] ? __sys_sendmsg_sock+0x40/0x40 [ 774.200595] ? rcu_read_lock_any_held+0x75/0xa0 [ 774.201599] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 774.202714] ? syscall_enter_from_user_mode+0x1d/0x50 [ 774.203802] ? trace_hardirqs_on+0x5b/0x180 [ 774.204724] do_syscall_64+0x33/0x40 [ 774.205506] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 774.206565] RIP: 0033:0x7f536cf98b19 [ 774.207346] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 774.211198] RSP: 002b:00007f536a50e188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 774.212790] RAX: ffffffffffffffda RBX: 00007f536d0abf60 RCX: 00007f536cf98b19 [ 774.214289] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 774.215781] RBP: 00007f536a50e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 774.217270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 774.218782] R13: 00007ffca9282e9f R14: 00007f536a50e300 R15: 0000000000022000 [ 774.220944] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 774.224673] FAULT_INJECTION: forcing a failure. [ 774.224673] name failslab, interval 1, probability 0, space 0, times 0 [ 774.227399] CPU: 1 PID: 6908 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 774.228991] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 774.230853] Call Trace: [ 774.231447] dump_stack+0x107/0x167 [ 774.232297] should_fail.cold+0x5/0xa [ 774.233166] ? create_object.isra.0+0x3a/0xa30 [ 774.234197] should_failslab+0x5/0x20 [ 774.235050] kmem_cache_alloc+0x5b/0x310 [ 774.236008] create_object.isra.0+0x3a/0xa30 [ 774.237008] kmemleak_alloc_percpu+0xa0/0x100 [ 774.238060] pcpu_alloc+0x4e2/0x1240 [ 774.238939] __percpu_counter_init+0x10d/0x2d0 [ 774.240007] io_uring_alloc_task_context+0xcc/0x6a0 [ 774.241156] ? io_import_iovec+0x1120/0x1120 [ 774.242193] io_uring_setup+0x1dd1/0x2980 [ 774.243148] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 774.244314] ? wait_for_completion_io+0x270/0x270 [ 774.245450] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 774.246659] ? syscall_enter_from_user_mode+0x1d/0x50 [ 774.247834] do_syscall_64+0x33/0x40 [ 774.248715] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 774.249887] RIP: 0033:0x7f55e908fb19 [ 774.250741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 774.254972] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 774.256715] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 774.258380] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 774.259977] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 774.261599] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 774.263199] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:23:55 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x3000000) [ 774.285809] FAULT_INJECTION: forcing a failure. [ 774.285809] name failslab, interval 1, probability 0, space 0, times 0 [ 774.288230] CPU: 0 PID: 6916 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 774.289673] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 774.291428] Call Trace: [ 774.292009] dump_stack+0x107/0x167 [ 774.292785] should_fail.cold+0x5/0xa [ 774.293595] ? create_object.isra.0+0x3a/0xa30 [ 774.294559] should_failslab+0x5/0x20 [ 774.295370] kmem_cache_alloc+0x5b/0x310 [ 774.296243] create_object.isra.0+0x3a/0xa30 [ 774.297179] kmemleak_alloc_percpu+0xa0/0x100 [ 774.298132] pcpu_alloc+0x4e2/0x1240 [ 774.298930] ? io_tctx_exit_cb+0xf0/0xf0 [ 774.299794] percpu_ref_init+0x31/0x3d0 [ 774.300651] io_uring_setup+0x47a/0x2980 [ 774.301513] ? __mutex_unlock_slowpath+0xe1/0x600 [ 774.302537] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 774.303609] ? wait_for_completion_io+0x270/0x270 [ 774.304659] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 774.305772] ? syscall_enter_from_user_mode+0x1d/0x50 [ 774.306864] do_syscall_64+0x33/0x40 [ 774.307648] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 774.308733] RIP: 0033:0x7f943fb71b19 [ 774.309505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 774.313292] RSP: 002b:00007f943d0c6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 774.314878] RAX: ffffffffffffffda RBX: 00007f943fc85020 RCX: 00007f943fb71b19 [ 774.316392] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 774.317899] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 774.319398] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 774.320913] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 789.429372] FAULT_INJECTION: forcing a failure. [ 789.429372] name failslab, interval 1, probability 0, space 0, times 0 [ 789.432151] CPU: 1 PID: 6930 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 789.433591] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 789.435346] Call Trace: [ 789.435912] dump_stack+0x107/0x167 [ 789.436678] should_fail.cold+0x5/0xa [ 789.437485] ? io_uring_alloc_task_context+0x4a3/0x6a0 [ 789.438590] should_failslab+0x5/0x20 [ 789.439401] kmem_cache_alloc_trace+0x55/0x320 [ 789.440385] io_uring_alloc_task_context+0x4a3/0x6a0 [ 789.441453] ? io_import_iovec+0x1120/0x1120 [ 789.442395] io_uring_setup+0x1dd1/0x2980 [ 789.443281] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 789.444355] ? wait_for_completion_io+0x270/0x270 [ 789.445409] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 789.446520] ? syscall_enter_from_user_mode+0x1d/0x50 [ 789.447614] do_syscall_64+0x33/0x40 [ 789.448407] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 789.449487] RIP: 0033:0x7f55e908fb19 [ 789.450268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 13:24:10 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) (fail_nth: 15) 13:24:10 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x4000000) 13:24:10 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:24:10 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 10) 13:24:10 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) (fail_nth: 8) 13:24:10 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 27) 13:24:10 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4002, 0x100000e, 0x13, r0, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:24:10 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) r1 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r4, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) fcntl$dupfd(r4, 0x406, r1) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x2, 0x0, @fd_index=0x1, 0x0, 0x0}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) syz_io_uring_submit(r5, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r3, &(0x7f0000000040)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x2, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x1, {0x2, r6}}, 0x4) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r7, r0, 0x0, 0x100000001) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x3000000, 0x10, r0, 0x8000000) [ 789.454515] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 789.456126] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 789.457634] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 789.459151] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 789.460670] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 789.462172] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 789.472185] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 789.492079] FAULT_INJECTION: forcing a failure. [ 789.492079] name failslab, interval 1, probability 0, space 0, times 0 [ 789.494548] CPU: 1 PID: 6933 Comm: syz-executor.6 Not tainted 5.10.245 #1 [ 789.496005] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 789.497745] Call Trace: [ 789.498308] dump_stack+0x107/0x167 [ 789.499071] should_fail.cold+0x5/0xa [ 789.499360] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 789.499878] ? __alloc_skb+0x6d/0x5b0 [ 789.499895] should_failslab+0x5/0x20 [ 789.499912] kmem_cache_alloc_node+0x55/0x330 [ 789.499928] ? mark_lock+0xf5/0x2df0 [ 789.499950] __alloc_skb+0x6d/0x5b0 [ 789.499977] inet_rtm_getroute+0x904/0x2330 [ 789.506763] ? ipv4_sk_update_pmtu+0xd10/0xd10 [ 789.507725] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 789.508858] ? __lock_acquire+0xbb1/0x5b00 [ 789.509762] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 789.510148] FAULT_INJECTION: forcing a failure. [ 789.510148] name failslab, interval 1, probability 0, space 0, times 0 [ 789.510856] ? mark_lock+0xf5/0x2df0 [ 789.510921] ? ipv4_sk_update_pmtu+0xd10/0xd10 [ 789.515429] rtnetlink_rcv_msg+0x87f/0xbb0 [ 789.516326] ? rtnl_fdb_dump+0xa30/0xa30 [ 789.517188] ? lock_acquire+0x197/0x470 [ 789.518020] ? netlink_deliver_tap+0xf4/0xcc0 [ 789.518961] netlink_rcv_skb+0x14b/0x430 [ 789.519811] ? rtnl_fdb_dump+0xa30/0xa30 [ 789.520675] ? netlink_ack+0xab0/0xab0 [ 789.521488] ? netlink_deliver_tap+0x1ae/0xcc0 [ 789.522450] ? netlink_deliver_tap+0x1c4/0xcc0 [ 789.523411] ? is_vmalloc_addr+0x7b/0xb0 [ 789.524278] netlink_unicast+0x6ce/0xa00 [ 789.525134] ? netlink_attachskb+0xab0/0xab0 [ 789.526042] netlink_sendmsg+0x90f/0xe00 [ 789.526900] ? netlink_unicast+0xa00/0xa00 [ 789.527781] ? netlink_unicast+0xa00/0xa00 [ 789.528675] __sock_sendmsg+0x154/0x190 [ 789.529495] ____sys_sendmsg+0x70d/0x870 [ 789.530350] ? sock_write_iter+0x3d0/0x3d0 [ 789.531226] ? do_recvmmsg+0x6d0/0x6d0 [ 789.532050] ? lock_downgrade+0x6d0/0x6d0 [ 789.532893] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 789.533997] ___sys_sendmsg+0xf3/0x170 [ 789.534820] ? sendmsg_copy_msghdr+0x160/0x160 [ 789.535777] ? __fget_files+0x2cf/0x520 [ 789.536620] ? lock_downgrade+0x6d0/0x6d0 [ 789.537487] ? find_held_lock+0x2c/0x110 [ 789.538350] ? __fget_files+0x2f8/0x520 [ 789.539188] ? __fget_light+0xea/0x290 [ 789.540020] __sys_sendmsg+0xe5/0x1b0 [ 789.540820] ? __sys_sendmsg_sock+0x40/0x40 [ 789.541722] ? rcu_read_lock_any_held+0x75/0xa0 [ 789.542719] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 789.543814] ? syscall_enter_from_user_mode+0x1d/0x50 [ 789.544901] ? trace_hardirqs_on+0x5b/0x180 [ 789.545802] do_syscall_64+0x33/0x40 [ 789.546584] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 789.547654] RIP: 0033:0x7f536cf98b19 [ 789.548439] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 789.552297] RSP: 002b:00007f536a50e188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 789.553954] RAX: ffffffffffffffda RBX: 00007f536d0abf60 RCX: 00007f536cf98b19 [ 789.555461] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 789.556964] RBP: 00007f536a50e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 789.558459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 789.559956] R13: 00007ffca9282e9f R14: 00007f536a50e300 R15: 0000000000022000 [ 789.561488] CPU: 0 PID: 6942 Comm: syz-executor.2 Not tainted 5.10.245 #1 [ 789.562953] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 789.564728] Call Trace: [ 789.565291] dump_stack+0x107/0x167 [ 789.566059] should_fail.cold+0x5/0xa [ 789.566866] ? create_object.isra.0+0x3a/0xa30 [ 789.567842] should_failslab+0x5/0x20 [ 789.568659] kmem_cache_alloc+0x5b/0x310 [ 789.569520] create_object.isra.0+0x3a/0xa30 [ 789.570453] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 789.571541] kmem_cache_alloc_node+0x169/0x330 [ 789.572525] __alloc_skb+0x6d/0x5b0 [ 789.573302] netlink_ack+0x1ed/0xab0 [ 789.574102] ? netlink_sendmsg+0xe00/0xe00 [ 789.575009] ? lock_acquire+0x197/0x470 [ 789.575866] ? netlink_deliver_tap+0xf4/0xcc0 [ 789.576817] netlink_rcv_skb+0x348/0x430 [ 789.577683] ? rtnl_fdb_dump+0xa30/0xa30 [ 789.578548] ? netlink_ack+0xab0/0xab0 [ 789.579367] ? netlink_deliver_tap+0x1ae/0xcc0 [ 789.580349] ? netlink_deliver_tap+0x1c4/0xcc0 [ 789.581306] ? is_vmalloc_addr+0x7b/0xb0 [ 789.582172] netlink_unicast+0x6ce/0xa00 [ 789.583032] ? netlink_attachskb+0xab0/0xab0 [ 789.583983] netlink_sendmsg+0x90f/0xe00 [ 789.584850] ? netlink_unicast+0xa00/0xa00 [ 789.585750] ? netlink_unicast+0xa00/0xa00 [ 789.586635] __sock_sendmsg+0x154/0x190 [ 789.587468] ____sys_sendmsg+0x70d/0x870 [ 789.588325] ? sock_write_iter+0x3d0/0x3d0 [ 789.589207] ? do_recvmmsg+0x6d0/0x6d0 [ 789.590023] ? lock_downgrade+0x6d0/0x6d0 [ 789.590899] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 789.592006] ___sys_sendmsg+0xf3/0x170 [ 789.592826] ? sendmsg_copy_msghdr+0x160/0x160 [ 789.593783] ? __fget_files+0x2cf/0x520 [ 789.594618] ? lock_downgrade+0x6d0/0x6d0 [ 789.595483] ? find_held_lock+0x2c/0x110 [ 789.596353] ? __fget_files+0x2f8/0x520 [ 789.597192] ? __fget_light+0xea/0x290 [ 789.598012] __sys_sendmsg+0xe5/0x1b0 [ 789.598808] ? __sys_sendmsg_sock+0x40/0x40 [ 789.599715] ? rcu_read_lock_any_held+0x75/0xa0 [ 789.600707] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 789.601801] ? syscall_enter_from_user_mode+0x1d/0x50 [ 789.602875] ? trace_hardirqs_on+0x5b/0x180 [ 789.603776] do_syscall_64+0x33/0x40 [ 789.604567] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 789.605643] RIP: 0033:0x7f38b854eb19 [ 789.606426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 789.610321] RSP: 002b:00007f38b5ac4188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 789.611949] RAX: ffffffffffffffda RBX: 00007f38b8661f60 RCX: 00007f38b854eb19 [ 789.613450] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 789.614956] RBP: 00007f38b5ac41d0 R08: 0000000000000000 R09: 0000000000000000 [ 789.616465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 789.617975] R13: 00007ffc45a7da1f R14: 00007f38b5ac4300 R15: 0000000000022000 13:24:10 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x4000100) [ 789.658552] FAULT_INJECTION: forcing a failure. [ 789.658552] name failslab, interval 1, probability 0, space 0, times 0 [ 789.662398] CPU: 1 PID: 6939 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 789.663796] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 789.665507] Call Trace: [ 789.666083] dump_stack+0x107/0x167 [ 789.666830] should_fail.cold+0x5/0xa [ 789.667604] ? percpu_ref_init+0xd8/0x3d0 [ 789.668451] should_failslab+0x5/0x20 [ 789.669228] kmem_cache_alloc_trace+0x55/0x320 [ 789.670161] ? io_tctx_exit_cb+0xf0/0xf0 [ 789.670999] percpu_ref_init+0xd8/0x3d0 [ 789.671819] io_uring_setup+0x47a/0x2980 [ 789.672690] ? __mutex_unlock_slowpath+0xe1/0x600 [ 789.673673] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 789.674757] ? wait_for_completion_io+0x270/0x270 [ 789.675768] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 789.676839] ? syscall_enter_from_user_mode+0x1d/0x50 [ 789.677901] do_syscall_64+0x33/0x40 [ 789.678659] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 789.679697] RIP: 0033:0x7f943fb71b19 [ 789.680463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 789.684217] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 789.685773] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 789.687226] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 789.688680] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 789.690122] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 789.691568] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:24:10 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) r1 = pidfd_getfd(r0, r0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r1) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r2, r0, 0x0, 0x100000001) 13:24:10 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 28) [ 789.786625] FAULT_INJECTION: forcing a failure. [ 789.786625] name failslab, interval 1, probability 0, space 0, times 0 [ 789.789085] CPU: 1 PID: 6957 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 789.790532] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 789.792297] Call Trace: [ 789.792857] dump_stack+0x107/0x167 [ 789.793634] should_fail.cold+0x5/0xa [ 789.794454] ? create_object.isra.0+0x3a/0xa30 [ 789.795419] should_failslab+0x5/0x20 [ 789.796238] kmem_cache_alloc+0x5b/0x310 [ 789.797124] create_object.isra.0+0x3a/0xa30 [ 789.798077] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 789.799159] kmem_cache_alloc_trace+0x151/0x320 [ 789.800156] io_uring_alloc_task_context+0x4a3/0x6a0 [ 789.801224] ? io_import_iovec+0x1120/0x1120 [ 789.802142] io_uring_setup+0x1dd1/0x2980 [ 789.803024] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 789.804060] ? wait_for_completion_io+0x270/0x270 [ 789.805099] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 789.806167] ? syscall_enter_from_user_mode+0x1d/0x50 [ 789.807263] do_syscall_64+0x33/0x40 [ 789.808043] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 789.809124] RIP: 0033:0x7f55e908fb19 [ 789.809886] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 789.813651] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 789.815207] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 13:24:10 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) (fail_nth: 9) [ 789.816684] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 789.818351] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 789.819879] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 789.821394] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:24:10 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x5000000) 13:24:10 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4003, 0x100000e, 0x13, r0, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) [ 789.869332] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:24:10 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x40280, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x510000, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_fscache}, {@cache_mmap}, {@version_L}, {@version_u}, {@version_u}, {@msize={'msize', 0x3d, 0x401}}], [{@euid_eq}, {@appraise_type}, {@smackfsfloor}, {@euid_lt={'euid<', 0xffffffffffffffff}}, {@obj_role={'obj_role', 0x3d, '#^,#('}}, {@subj_role={'subj_role', 0x3d, '[!\''}}, {@pcr={'pcr', 0x3d, 0x3}}]}}) sendfile(r2, r0, 0x0, 0x100000001) 13:24:10 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 11) [ 789.884012] FAULT_INJECTION: forcing a failure. [ 789.884012] name failslab, interval 1, probability 0, space 0, times 0 [ 789.886459] CPU: 1 PID: 6962 Comm: syz-executor.6 Not tainted 5.10.245 #1 [ 789.887938] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 789.889691] Call Trace: [ 789.890252] dump_stack+0x107/0x167 [ 789.891028] should_fail.cold+0x5/0xa [ 789.891840] ? create_object.isra.0+0x3a/0xa30 [ 789.892805] should_failslab+0x5/0x20 [ 789.893609] kmem_cache_alloc+0x5b/0x310 [ 789.894469] create_object.isra.0+0x3a/0xa30 [ 789.895384] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 789.896450] kmem_cache_alloc_node+0x169/0x330 [ 789.897405] ? mark_lock+0xf5/0x2df0 [ 789.898181] __alloc_skb+0x6d/0x5b0 [ 789.898964] inet_rtm_getroute+0x904/0x2330 [ 789.899883] ? ipv4_sk_update_pmtu+0xd10/0xd10 [ 789.900829] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 789.901941] ? __lock_acquire+0xbb1/0x5b00 [ 789.902837] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 789.903928] ? mark_lock+0xf5/0x2df0 [ 789.904739] ? ipv4_sk_update_pmtu+0xd10/0xd10 [ 789.905683] rtnetlink_rcv_msg+0x87f/0xbb0 [ 789.906567] ? rtnl_fdb_dump+0xa30/0xa30 [ 789.907416] ? lock_acquire+0x197/0x470 [ 789.908246] ? netlink_deliver_tap+0xf4/0xcc0 [ 789.909181] netlink_rcv_skb+0x14b/0x430 [ 789.910021] ? rtnl_fdb_dump+0xa30/0xa30 [ 789.910863] ? netlink_ack+0xab0/0xab0 [ 789.911663] ? netlink_deliver_tap+0x1ae/0xcc0 [ 789.912631] ? netlink_deliver_tap+0x1c4/0xcc0 [ 789.913578] ? is_vmalloc_addr+0x7b/0xb0 [ 789.914429] netlink_unicast+0x6ce/0xa00 [ 789.915272] ? netlink_attachskb+0xab0/0xab0 [ 789.916197] netlink_sendmsg+0x90f/0xe00 [ 789.917050] ? netlink_unicast+0xa00/0xa00 [ 789.917941] ? netlink_unicast+0xa00/0xa00 [ 789.918833] __sock_sendmsg+0x154/0x190 [ 789.919654] ____sys_sendmsg+0x70d/0x870 [ 789.920505] ? sock_write_iter+0x3d0/0x3d0 [ 789.921375] ? do_recvmmsg+0x6d0/0x6d0 [ 789.922179] ? lock_downgrade+0x6d0/0x6d0 [ 789.923031] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 789.924121] ___sys_sendmsg+0xf3/0x170 [ 789.924930] ? sendmsg_copy_msghdr+0x160/0x160 [ 789.925874] ? __fget_files+0x2cf/0x520 [ 789.926685] ? lock_downgrade+0x6d0/0x6d0 [ 789.927544] ? find_held_lock+0x2c/0x110 [ 789.928395] ? __fget_files+0x2f8/0x520 [ 789.929214] ? __fget_light+0xea/0x290 [ 789.930025] __sys_sendmsg+0xe5/0x1b0 [ 789.930805] ? __sys_sendmsg_sock+0x40/0x40 [ 789.931686] ? rcu_read_lock_any_held+0x75/0xa0 [ 789.932667] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 789.933741] ? syscall_enter_from_user_mode+0x1d/0x50 [ 789.934796] ? trace_hardirqs_on+0x5b/0x180 [ 789.935687] do_syscall_64+0x33/0x40 [ 789.936467] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 789.937526] RIP: 0033:0x7f536cf98b19 [ 789.938293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 789.942082] RSP: 002b:00007f536a50e188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 789.943640] RAX: ffffffffffffffda RBX: 00007f536d0abf60 RCX: 00007f536cf98b19 [ 789.945122] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 789.946582] RBP: 00007f536a50e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 789.948064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 789.949532] R13: 00007ffca9282e9f R14: 00007f536a50e300 R15: 0000000000022000 [ 789.992027] FAULT_INJECTION: forcing a failure. [ 789.992027] name failslab, interval 1, probability 0, space 0, times 0 [ 789.994392] CPU: 1 PID: 6971 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 789.995768] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 789.997495] Call Trace: [ 789.998032] dump_stack+0x107/0x167 [ 789.998772] should_fail.cold+0x5/0xa [ 789.999545] ? create_object.isra.0+0x3a/0xa30 [ 790.000477] should_failslab+0x5/0x20 [ 790.001253] kmem_cache_alloc+0x5b/0x310 [ 790.002078] create_object.isra.0+0x3a/0xa30 [ 790.002961] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 790.004007] kmem_cache_alloc_trace+0x151/0x320 [ 790.004952] ? io_tctx_exit_cb+0xf0/0xf0 [ 790.005775] percpu_ref_init+0xd8/0x3d0 [ 790.006585] io_uring_setup+0x47a/0x2980 [ 790.007404] ? __mutex_unlock_slowpath+0xe1/0x600 [ 790.008382] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 790.009402] ? wait_for_completion_io+0x270/0x270 [ 790.010395] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 790.011439] ? syscall_enter_from_user_mode+0x1d/0x50 [ 790.012481] do_syscall_64+0x33/0x40 [ 790.013224] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 790.014251] RIP: 0033:0x7f943fb71b19 [ 790.014990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 790.018665] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 790.020194] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 790.021617] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 790.023043] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 790.024467] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 790.025883] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:24:11 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) (fail_nth: 16) 13:24:11 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x6000000) [ 790.109782] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 790.117793] FAULT_INJECTION: forcing a failure. [ 790.117793] name failslab, interval 1, probability 0, space 0, times 0 [ 790.120061] CPU: 1 PID: 6976 Comm: syz-executor.2 Not tainted 5.10.245 #1 [ 790.121359] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 790.122948] Call Trace: [ 790.123457] dump_stack+0x107/0x167 [ 790.124164] should_fail.cold+0x5/0xa [ 790.124889] ? __alloc_skb+0x6d/0x5b0 [ 790.125618] should_failslab+0x5/0x20 [ 790.126344] kmem_cache_alloc_node+0x55/0x330 [ 790.127205] __alloc_skb+0x6d/0x5b0 [ 790.127909] netlink_ack+0x1ed/0xab0 [ 790.128623] ? netlink_sendmsg+0xe00/0xe00 [ 790.129421] ? lock_acquire+0x197/0x470 [ 790.130173] ? netlink_deliver_tap+0xf4/0xcc0 [ 790.131027] netlink_rcv_skb+0x348/0x430 [ 790.131806] ? rtnl_fdb_dump+0xa30/0xa30 [ 790.132585] ? netlink_ack+0xab0/0xab0 [ 790.133320] ? netlink_deliver_tap+0x1ae/0xcc0 [ 790.134198] ? netlink_deliver_tap+0x1c4/0xcc0 [ 790.135062] ? is_vmalloc_addr+0x7b/0xb0 [ 790.135830] netlink_unicast+0x6ce/0xa00 [ 790.136611] ? netlink_attachskb+0xab0/0xab0 [ 790.137455] netlink_sendmsg+0x90f/0xe00 [ 790.138236] ? netlink_unicast+0xa00/0xa00 [ 790.139047] ? netlink_unicast+0xa00/0xa00 [ 790.139854] __sock_sendmsg+0x154/0x190 [ 790.140615] ____sys_sendmsg+0x70d/0x870 [ 790.141380] ? sock_write_iter+0x3d0/0x3d0 [ 790.142156] ? do_recvmmsg+0x6d0/0x6d0 [ 790.142888] ? lock_downgrade+0x6d0/0x6d0 [ 790.143669] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 790.144683] ___sys_sendmsg+0xf3/0x170 [ 790.145419] ? sendmsg_copy_msghdr+0x160/0x160 [ 790.146280] ? __fget_files+0x2cf/0x520 [ 790.147030] ? lock_downgrade+0x6d0/0x6d0 [ 790.147804] ? find_held_lock+0x2c/0x110 [ 790.148589] ? __fget_files+0x2f8/0x520 [ 790.149342] ? __fget_light+0xea/0x290 [ 790.150080] __sys_sendmsg+0xe5/0x1b0 [ 790.150801] ? __sys_sendmsg_sock+0x40/0x40 [ 790.151625] ? rcu_read_lock_any_held+0x75/0xa0 [ 790.152522] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 790.153508] ? syscall_enter_from_user_mode+0x1d/0x50 [ 790.154482] ? trace_hardirqs_on+0x5b/0x180 [ 790.155297] do_syscall_64+0x33/0x40 [ 790.156008] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 790.156964] RIP: 0033:0x7f38b854eb19 [ 790.157662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 790.161107] RSP: 002b:00007f38b5ac4188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 790.162540] RAX: ffffffffffffffda RBX: 00007f38b8661f60 RCX: 00007f38b854eb19 [ 790.163878] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 790.165196] RBP: 00007f38b5ac41d0 R08: 0000000000000000 R09: 0000000000000000 [ 790.166525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 790.167843] R13: 00007ffc45a7da1f R14: 00007f38b5ac4300 R15: 0000000000022000 13:24:26 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 12) 13:24:26 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x7000000) 13:24:26 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) (fail_nth: 17) 13:24:26 executing program 3: ioctl$F2FS_IOC_GARBAGE_COLLECT(0xffffffffffffffff, 0x4004f506, &(0x7f0000000040)=0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) r1 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r2, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) fcntl$dupfd(r2, 0x406, r1) dup2(r2, r0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) sendfile(r3, r0, 0x0, 0x100000001) r4 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r5, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r5, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r6 = fcntl$dupfd(r5, 0x406, r4) ioctl$FS_IOC_FIEMAP(r6, 0xc020660b, &(0x7f00000002c0)={0x1f, 0x2, 0x1, 0x25, 0x4, [{0x0, 0xd8f, 0x5, '\x00', 0x86}, {0xcb3, 0x8, 0x6, '\x00', 0x4}, {0x0, 0x7ff, 0x9ff, '\x00', 0x802}, {0x5, 0x4f2b, 0x5, '\x00', 0x2801}]}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r4, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r6, 0xc018937d, &(0x7f0000000100)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r4, @ANYBLOB="ff010000000000002e2f66696c32a031cc988d705f8e9b5d34db92653000"]) sendfile(0xffffffffffffffff, r6, &(0x7f0000000080)=0x1, 0x800) 13:24:26 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4004, 0x100000e, 0x13, r0, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) [ 804.924602] FAULT_INJECTION: forcing a failure. [ 804.924602] name failslab, interval 1, probability 0, space 0, times 0 [ 804.926019] CPU: 1 PID: 6988 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 804.926849] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 804.927864] Call Trace: [ 804.928204] dump_stack+0x107/0x167 [ 804.928647] should_fail.cold+0x5/0xa [ 804.929111] ? io_wq_create+0xeb/0xc00 [ 804.929583] should_failslab+0x5/0x20 [ 804.930044] __kmalloc+0x72/0x390 [ 804.930467] io_wq_create+0xeb/0xc00 [ 804.930931] io_uring_alloc_task_context+0x1f1/0x6a0 [ 804.931547] ? io_import_iovec+0x1120/0x1120 [ 804.932096] ? io_apoll_task_func+0x2d0/0x2d0 [ 804.932639] ? __io_req_find_next+0x300/0x300 [ 804.933193] io_uring_setup+0x1dd1/0x2980 [ 804.933700] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 804.934323] ? wait_for_completion_io+0x270/0x270 [ 804.934925] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 804.935628] ? syscall_enter_from_user_mode+0x1d/0x50 [ 804.936284] do_syscall_64+0x33/0x40 [ 804.936739] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 804.937362] RIP: 0033:0x7f55e908fb19 [ 804.937822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 804.940074] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 804.941006] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 804.941870] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 804.942738] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 804.943602] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 804.944487] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 804.949058] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 804.955330] FAULT_INJECTION: forcing a failure. [ 804.955330] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 804.955417] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 804.956811] CPU: 1 PID: 6997 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 804.956818] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 804.956821] Call Trace: [ 804.956832] dump_stack+0x107/0x167 [ 804.956844] should_fail.cold+0x5/0xa [ 804.956856] __alloc_pages_nodemask+0x182/0x600 [ 804.956873] ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310 [ 804.956893] ? cap_capable+0x1cd/0x230 [ 804.962494] FAULT_INJECTION: forcing a failure. [ 804.962494] name failslab, interval 1, probability 0, space 0, times 0 [ 804.962743] alloc_pages_current+0x187/0x280 [ 804.965420] __get_free_pages+0xc/0xa0 [ 804.965885] io_uring_setup+0xe27/0x2980 [ 804.966376] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 804.966985] ? wait_for_completion_io+0x270/0x270 [ 804.967577] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 804.968217] ? syscall_enter_from_user_mode+0x1d/0x50 [ 804.968835] do_syscall_64+0x33/0x40 [ 804.969283] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 804.969906] RIP: 0033:0x7f943fb71b19 [ 804.970352] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 804.972563] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 804.973476] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 804.974333] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 804.975184] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 804.976047] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 804.976900] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 804.977777] CPU: 0 PID: 6995 Comm: syz-executor.6 Not tainted 5.10.245 #1 [ 804.979242] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 13:24:26 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) (fail_nth: 10) 13:24:26 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 29) 13:24:26 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) [ 804.981030] Call Trace: [ 804.981756] dump_stack+0x107/0x167 [ 804.982539] should_fail.cold+0x5/0xa [ 804.983356] should_failslab+0x5/0x20 [ 804.984172] __kmalloc_node_track_caller+0x74/0x3b0 [ 804.985222] ? inet_rtm_getroute+0x904/0x2330 [ 804.986167] ? mark_lock+0xf5/0x2df0 [ 804.986958] __alloc_skb+0xb1/0x5b0 [ 804.987729] inet_rtm_getroute+0x904/0x2330 [ 804.988663] ? ipv4_sk_update_pmtu+0xd10/0xd10 [ 804.989627] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 804.990753] ? __lock_acquire+0xbb1/0x5b00 [ 804.991660] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 804.992770] ? mark_lock+0xf5/0x2df0 [ 804.993597] ? ipv4_sk_update_pmtu+0xd10/0xd10 [ 804.994558] rtnetlink_rcv_msg+0x87f/0xbb0 [ 804.995449] ? rtnl_fdb_dump+0xa30/0xa30 [ 804.996349] ? lock_acquire+0x197/0x470 [ 804.997188] ? netlink_deliver_tap+0xf4/0xcc0 [ 804.998140] netlink_rcv_skb+0x14b/0x430 [ 804.999001] ? rtnl_fdb_dump+0xa30/0xa30 [ 804.999862] ? netlink_ack+0xab0/0xab0 [ 805.000689] ? netlink_deliver_tap+0x1ae/0xcc0 [ 805.001664] ? netlink_deliver_tap+0x1c4/0xcc0 [ 805.002628] ? is_vmalloc_addr+0x7b/0xb0 [ 805.003494] netlink_unicast+0x6ce/0xa00 [ 805.004369] ? netlink_attachskb+0xab0/0xab0 [ 805.005308] netlink_sendmsg+0x90f/0xe00 [ 805.006171] ? netlink_unicast+0xa00/0xa00 [ 805.007073] ? netlink_unicast+0xa00/0xa00 [ 805.007976] __sock_sendmsg+0x154/0x190 [ 805.008818] ____sys_sendmsg+0x70d/0x870 [ 805.009683] ? sock_write_iter+0x3d0/0x3d0 [ 805.010576] ? do_recvmmsg+0x6d0/0x6d0 [ 805.011403] ? lock_downgrade+0x6d0/0x6d0 [ 805.012291] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 805.013405] ___sys_sendmsg+0xf3/0x170 [ 805.014234] ? sendmsg_copy_msghdr+0x160/0x160 [ 805.015206] ? __fget_files+0x2cf/0x520 [ 805.016054] ? lock_downgrade+0x6d0/0x6d0 [ 805.016928] ? find_held_lock+0x2c/0x110 [ 805.017797] ? __fget_files+0x2f8/0x520 [ 805.018639] ? __fget_light+0xea/0x290 [ 805.019464] __sys_sendmsg+0xe5/0x1b0 [ 805.020283] ? __sys_sendmsg_sock+0x40/0x40 [ 805.021189] ? rcu_read_lock_any_held+0x75/0xa0 [ 805.022183] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 805.023292] ? syscall_enter_from_user_mode+0x1d/0x50 [ 805.024384] ? trace_hardirqs_on+0x5b/0x180 [ 805.025293] do_syscall_64+0x33/0x40 [ 805.026080] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 805.027161] RIP: 0033:0x7f536cf98b19 [ 805.027953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 805.031830] RSP: 002b:00007f536a50e188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 805.033452] RAX: ffffffffffffffda RBX: 00007f536d0abf60 RCX: 00007f536cf98b19 [ 805.034955] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 805.036471] RBP: 00007f536a50e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 805.037969] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 805.039471] R13: 00007ffca9282e9f R14: 00007f536a50e300 R15: 0000000000022000 13:24:26 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 13) [ 805.057032] FAULT_INJECTION: forcing a failure. [ 805.057032] name failslab, interval 1, probability 0, space 0, times 0 [ 805.058410] CPU: 1 PID: 6998 Comm: syz-executor.2 Not tainted 5.10.245 #1 [ 805.059201] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 805.060169] Call Trace: [ 805.060478] dump_stack+0x107/0x167 [ 805.060901] should_fail.cold+0x5/0xa [ 805.061344] ? create_object.isra.0+0x3a/0xa30 [ 805.061869] should_failslab+0x5/0x20 [ 805.062314] kmem_cache_alloc+0x5b/0x310 [ 805.062786] create_object.isra.0+0x3a/0xa30 [ 805.063292] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 805.063885] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 805.064472] ? netlink_ack+0x1ed/0xab0 [ 805.064926] __alloc_skb+0xb1/0x5b0 [ 805.065348] netlink_ack+0x1ed/0xab0 [ 805.065778] ? netlink_sendmsg+0xe00/0xe00 [ 805.066273] ? lock_acquire+0x197/0x470 [ 805.066732] ? netlink_deliver_tap+0xf4/0xcc0 [ 805.067250] netlink_rcv_skb+0x348/0x430 [ 805.067720] ? rtnl_fdb_dump+0xa30/0xa30 [ 805.068203] ? netlink_ack+0xab0/0xab0 [ 805.068650] ? netlink_deliver_tap+0x1ae/0xcc0 [ 805.069179] ? netlink_deliver_tap+0x1c4/0xcc0 [ 805.069704] ? is_vmalloc_addr+0x7b/0xb0 [ 805.070174] netlink_unicast+0x6ce/0xa00 [ 805.070645] ? netlink_attachskb+0xab0/0xab0 [ 805.071154] netlink_sendmsg+0x90f/0xe00 [ 805.071626] ? netlink_unicast+0xa00/0xa00 [ 805.072132] ? netlink_unicast+0xa00/0xa00 [ 805.072621] __sock_sendmsg+0x154/0x190 [ 805.073082] ____sys_sendmsg+0x70d/0x870 [ 805.073551] ? sock_write_iter+0x3d0/0x3d0 [ 805.074037] ? do_recvmmsg+0x6d0/0x6d0 [ 805.074482] ? lock_downgrade+0x6d0/0x6d0 [ 805.074957] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 805.075560] ___sys_sendmsg+0xf3/0x170 [ 805.076016] ? sendmsg_copy_msghdr+0x160/0x160 [ 805.076544] ? __fget_files+0x2cf/0x520 [ 805.077009] ? lock_downgrade+0x6d0/0x6d0 [ 805.077496] ? find_held_lock+0x2c/0x110 [ 805.077986] ? __fget_files+0x2f8/0x520 [ 805.078463] ? __fget_light+0xea/0x290 [ 805.078926] __sys_sendmsg+0xe5/0x1b0 [ 805.079371] ? __sys_sendmsg_sock+0x40/0x40 [ 805.079865] ? rcu_read_lock_any_held+0x75/0xa0 [ 805.080413] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 805.081015] ? syscall_enter_from_user_mode+0x1d/0x50 [ 805.081615] ? trace_hardirqs_on+0x5b/0x180 [ 805.082109] do_syscall_64+0x33/0x40 [ 805.082533] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 805.083121] RIP: 0033:0x7f38b854eb19 [ 805.083547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 805.085663] RSP: 002b:00007f38b5ac4188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 805.086537] RAX: ffffffffffffffda RBX: 00007f38b8661f60 RCX: 00007f38b854eb19 [ 805.087359] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 805.088190] RBP: 00007f38b5ac41d0 R08: 0000000000000000 R09: 0000000000000000 [ 805.089014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 805.089834] R13: 00007ffc45a7da1f R14: 00007f38b5ac4300 R15: 0000000000022000 [ 805.100590] FAULT_INJECTION: forcing a failure. [ 805.100590] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 805.103168] CPU: 0 PID: 7004 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 805.104620] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 13:24:26 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x8000000) [ 805.106371] Call Trace: [ 805.107078] dump_stack+0x107/0x167 [ 805.107867] should_fail.cold+0x5/0xa [ 805.108704] __alloc_pages_nodemask+0x182/0x600 [ 805.109710] ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310 [ 805.111011] ? cap_capable+0x1cd/0x230 [ 805.111847] alloc_pages_current+0x187/0x280 [ 805.112790] __get_free_pages+0xc/0xa0 [ 805.113618] io_uring_setup+0xf9a/0x2980 [ 805.114508] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 805.115593] ? wait_for_completion_io+0x270/0x270 [ 805.116664] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 805.117780] ? syscall_enter_from_user_mode+0x1d/0x50 [ 805.118881] do_syscall_64+0x33/0x40 [ 805.119667] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 805.120772] RIP: 0033:0x7f943fb71b19 [ 805.121571] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 805.125494] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 805.127112] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 805.128629] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 805.130146] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 805.131656] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 805.133182] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:24:26 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4005, 0x100000e, 0x13, r0, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:24:26 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x10000000) 13:24:26 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) r2 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r3, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r3, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r4 = fcntl$dupfd(r3, 0x406, r2) ioctl$FS_IOC_FIEMAP(r4, 0xc020660b, &(0x7f00000002c0)={0x1f, 0x2, 0x1, 0x25, 0x4, [{0x0, 0xd8f, 0x5, '\x00', 0x86}, {0xcb3, 0x8, 0x6, '\x00', 0x4}, {0x0, 0x7ff, 0x9ff, '\x00', 0x802}, {0x5, 0x4f2b, 0x5, '\x00', 0x2801}]}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r4, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r2, {0x1ff}}, './file0\x00'}) fchmodat(r4, &(0x7f0000000040)='./file0\x00', 0x22) sendfile(r1, r0, 0x0, 0x100000001) 13:24:26 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 30) 13:24:26 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x40000000) 13:24:26 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) (fail_nth: 18) [ 805.229705] FAULT_INJECTION: forcing a failure. [ 805.229705] name failslab, interval 1, probability 0, space 0, times 0 [ 805.231063] CPU: 1 PID: 7018 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 805.231840] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 805.232798] Call Trace: [ 805.233105] dump_stack+0x107/0x167 [ 805.233519] should_fail.cold+0x5/0xa [ 805.233951] ? create_object.isra.0+0x3a/0xa30 [ 805.234471] should_failslab+0x5/0x20 [ 805.234904] kmem_cache_alloc+0x5b/0x310 [ 805.235383] create_object.isra.0+0x3a/0xa30 [ 805.235908] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 805.236493] __kmalloc+0x16e/0x390 [ 805.236902] io_wq_create+0xeb/0xc00 [ 805.237331] io_uring_alloc_task_context+0x1f1/0x6a0 [ 805.237904] ? io_import_iovec+0x1120/0x1120 [ 805.238402] ? io_apoll_task_func+0x2d0/0x2d0 [ 805.238910] ? __io_req_find_next+0x300/0x300 [ 805.239424] io_uring_setup+0x1dd1/0x2980 [ 805.239905] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 805.240485] ? wait_for_completion_io+0x270/0x270 [ 805.241049] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 805.241647] ? syscall_enter_from_user_mode+0x1d/0x50 [ 805.242246] do_syscall_64+0x33/0x40 [ 805.242687] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 805.243274] RIP: 0033:0x7f55e908fb19 [ 805.243702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 805.245803] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 805.246679] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 805.247493] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 805.248310] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 805.249118] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 805.249930] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 805.277455] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 805.282461] FAULT_INJECTION: forcing a failure. [ 805.282461] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 805.283838] CPU: 1 PID: 7024 Comm: syz-executor.2 Not tainted 5.10.245 #1 [ 805.284660] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 805.285626] Call Trace: [ 805.285941] dump_stack+0x107/0x167 [ 805.286366] should_fail.cold+0x5/0xa [ 805.286821] _copy_to_user+0x2e/0x180 [ 805.287274] simple_read_from_buffer+0xcc/0x160 [ 805.287826] proc_fail_nth_read+0x198/0x230 [ 805.288354] ? proc_sessionid_read+0x230/0x230 [ 805.288895] ? security_file_permission+0xb1/0xe0 [ 805.289465] ? proc_sessionid_read+0x230/0x230 [ 805.290010] vfs_read+0x228/0x620 [ 805.290418] ksys_read+0x12d/0x260 [ 805.290837] ? vfs_write+0xb10/0xb10 [ 805.291275] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 805.291903] ? syscall_enter_from_user_mode+0x1d/0x50 [ 805.292497] do_syscall_64+0x33/0x40 [ 805.292921] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 805.293505] RIP: 0033:0x7f38b850169c [ 805.293938] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 805.296049] RSP: 002b:00007f38b5ac4170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 805.296915] RAX: ffffffffffffffda RBX: 000000000000002c RCX: 00007f38b850169c [ 805.297722] RDX: 000000000000000f RSI: 00007f38b5ac41e0 RDI: 0000000000000004 [ 805.298534] RBP: 00007f38b5ac41d0 R08: 0000000000000000 R09: 0000000000000000 [ 805.299343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 805.300162] R13: 00007ffc45a7da1f R14: 00007f38b5ac4300 R15: 0000000000022000 13:24:26 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4006, 0x100000e, 0x13, r0, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:24:26 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 14) 13:24:26 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x4b480fff) [ 805.365781] FAULT_INJECTION: forcing a failure. [ 805.365781] name failslab, interval 1, probability 0, space 0, times 0 [ 805.367148] CPU: 1 PID: 7032 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 805.367938] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 805.368881] Call Trace: [ 805.369187] dump_stack+0x107/0x167 [ 805.369601] should_fail.cold+0x5/0xa [ 805.370042] ? io_uring_setup+0x17ed/0x2980 [ 805.370531] should_failslab+0x5/0x20 [ 805.370963] kmem_cache_alloc_trace+0x55/0x320 [ 805.371481] ? alloc_pages_current+0x18f/0x280 [ 805.372020] io_uring_setup+0x17ed/0x2980 [ 805.372505] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 805.373083] ? wait_for_completion_io+0x270/0x270 [ 805.373651] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 805.374248] ? syscall_enter_from_user_mode+0x1d/0x50 [ 805.374845] do_syscall_64+0x33/0x40 [ 805.375273] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 805.375863] RIP: 0033:0x7f943fb71b19 [ 805.376301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 805.378415] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 805.379286] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 805.380119] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 805.380924] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 805.381734] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 805.382544] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:24:39 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 31) [ 818.556720] FAULT_INJECTION: forcing a failure. [ 818.556720] name failslab, interval 1, probability 0, space 0, times 0 [ 818.558363] CPU: 0 PID: 7047 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 818.559329] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 818.560512] Call Trace: [ 818.560893] dump_stack+0x107/0x167 [ 818.561413] should_fail.cold+0x5/0xa [ 818.561956] ? io_wq_create+0x6ef/0xc00 [ 818.562524] should_failslab+0x5/0x20 [ 818.563065] kmem_cache_alloc_node_trace+0x59/0x340 [ 818.563778] io_wq_create+0x6ef/0xc00 [ 818.564329] io_uring_alloc_task_context+0x1f1/0x6a0 [ 818.565047] ? io_import_iovec+0x1120/0x1120 [ 818.565666] ? io_apoll_task_func+0x2d0/0x2d0 [ 818.566298] ? __io_req_find_next+0x300/0x300 [ 818.566939] io_uring_setup+0x1dd1/0x2980 [ 818.567541] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 818.568311] ? wait_for_completion_io+0x270/0x270 [ 818.569011] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 818.569760] ? syscall_enter_from_user_mode+0x1d/0x50 [ 818.570412] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 818.570501] do_syscall_64+0x33/0x40 [ 818.572587] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 818.573313] RIP: 0033:0x7f55e908fb19 [ 818.573841] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 818.576467] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 818.577566] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 818.578571] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 818.579582] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 818.580599] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 818.581611] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:24:39 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4007, 0x100000e, 0x13, r0, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:24:39 executing program 5: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:24:39 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 15) 13:24:39 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x4b483fff) 13:24:39 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:24:39 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) (fail_nth: 11) 13:24:39 executing program 3: r0 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r2, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r3 = fcntl$dupfd(r2, 0x406, r0) ioctl$FS_IOC_FIEMAP(r3, 0xc020660b, &(0x7f0000000440)=ANY=[@ANYBLOB="1f0000000000000002000000000000000100000025000000040000000000000000000000000000008f0d00000000000005000000000000000000000000000000000000000000000086000000000000000000b30c000000000000000000000000000006000000000000000000000000000000000004000000000000000000000000000000000000000025b400ff07000000000000ff09000000000000000000000000000000000000000000004aeb000000000000000000000000000005000000000000002b4f0000000000000500000000000000000000000000000000000000000000000128000000000000000000000000000000000000000018076f82b69104f06956c5c3a351d0ad72410b05bab77d77b730ab08091d5a47b2b73ba5d883e3ef73eb0d1fad07f2526ae562"]) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2000001, 0x30, r3, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, 0x0) syz_io_uring_submit(r5, 0x0, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) r6 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) syz_io_uring_submit(r5, 0x0, &(0x7f00000000c0)=@IORING_OP_OPENAT={0x12, 0x1, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x402, 0x23456, {0x0, r7}}, 0x80000000) syz_io_uring_submit(r4, r1, &(0x7f00000000c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x1}, 0x1, {0x0, r7}}, 0x2) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r3, 0xc018937d, &(0x7f00000003c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff010000000000002e2f66696c6530009b19047123a9c54a57825b14f015eb71a4aab942809139b6571173773de8de2307f65c75d27c54a03586bbbed076406311f33375883d1c0a0b67257c5367"]) openat(r3, &(0x7f0000000040)='./file0\x00', 0x101000, 0xe1) r8 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r9, r8, 0x0, 0x100000001) [ 818.586137] FAULT_INJECTION: forcing a failure. [ 818.586137] name failslab, interval 1, probability 0, space 0, times 0 [ 818.587756] CPU: 0 PID: 7053 Comm: syz-executor.6 Not tainted 5.10.245 #1 [ 818.588744] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 818.589950] Call Trace: [ 818.590333] dump_stack+0x107/0x167 [ 818.590849] should_fail.cold+0x5/0xa [ 818.591402] ? create_object.isra.0+0x3a/0xa30 [ 818.592059] should_failslab+0x5/0x20 [ 818.592605] kmem_cache_alloc+0x5b/0x310 [ 818.593191] create_object.isra.0+0x3a/0xa30 [ 818.593826] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 818.594545] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 818.595240] ? inet_rtm_getroute+0x904/0x2330 [ 818.595886] __alloc_skb+0xb1/0x5b0 [ 818.596431] inet_rtm_getroute+0x904/0x2330 [ 818.597064] ? ipv4_sk_update_pmtu+0xd10/0xd10 [ 818.597710] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 818.598457] ? __lock_acquire+0xbb1/0x5b00 [ 818.599072] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 818.599798] ? mark_lock+0xf5/0x2df0 [ 818.600363] ? ipv4_sk_update_pmtu+0xd10/0xd10 [ 818.601021] rtnetlink_rcv_msg+0x87f/0xbb0 [ 818.601602] ? rtnl_fdb_dump+0xa30/0xa30 [ 818.602198] ? lock_acquire+0x197/0x470 [ 818.602747] ? netlink_deliver_tap+0xf4/0xcc0 [ 818.603402] netlink_rcv_skb+0x14b/0x430 [ 818.603998] ? rtnl_fdb_dump+0xa30/0xa30 [ 818.604583] ? netlink_ack+0xab0/0xab0 [ 818.605121] ? netlink_deliver_tap+0x1ae/0xcc0 [ 818.605777] ? netlink_deliver_tap+0x1c4/0xcc0 [ 818.606449] ? is_vmalloc_addr+0x7b/0xb0 [ 818.607011] netlink_unicast+0x6ce/0xa00 [ 818.607597] ? netlink_attachskb+0xab0/0xab0 [ 818.608225] netlink_sendmsg+0x90f/0xe00 [ 818.608788] ? netlink_unicast+0xa00/0xa00 [ 818.609391] ? netlink_unicast+0xa00/0xa00 [ 818.609973] __sock_sendmsg+0x154/0x190 [ 818.610521] ____sys_sendmsg+0x70d/0x870 [ 818.611081] ? sock_write_iter+0x3d0/0x3d0 [ 818.611659] ? do_recvmmsg+0x6d0/0x6d0 13:24:39 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x4b503fff) [ 818.612207] ? lock_downgrade+0x6d0/0x6d0 [ 818.612933] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 818.613655] ___sys_sendmsg+0xf3/0x170 [ 818.614197] ? sendmsg_copy_msghdr+0x160/0x160 [ 818.614827] ? __fget_files+0x2cf/0x520 [ 818.615372] ? lock_downgrade+0x6d0/0x6d0 [ 818.615948] ? find_held_lock+0x2c/0x110 [ 818.616515] ? __fget_files+0x2f8/0x520 [ 818.617065] ? __fget_light+0xea/0x290 [ 818.617603] __sys_sendmsg+0xe5/0x1b0 [ 818.618125] ? __sys_sendmsg_sock+0x40/0x40 [ 818.618717] ? rcu_read_lock_any_held+0x75/0xa0 [ 818.619402] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 818.620125] ? syscall_enter_from_user_mode+0x1d/0x50 [ 818.620825] ? trace_hardirqs_on+0x5b/0x180 [ 818.621442] do_syscall_64+0x33/0x40 [ 818.621961] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 818.622660] RIP: 0033:0x7f536cf98b19 [ 818.623167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 818.625679] RSP: 002b:00007f536a50e188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 818.626728] RAX: ffffffffffffffda RBX: 00007f536d0abf60 RCX: 00007f536cf98b19 [ 818.627705] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 818.628685] RBP: 00007f536a50e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 818.629661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 818.630635] R13: 00007ffca9282e9f R14: 00007f536a50e300 R15: 0000000000022000 [ 818.633620] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 818.651139] FAULT_INJECTION: forcing a failure. [ 818.651139] name failslab, interval 1, probability 0, space 0, times 0 [ 818.653649] CPU: 1 PID: 7041 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 818.655092] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 818.656845] Call Trace: [ 818.657405] dump_stack+0x107/0x167 [ 818.658177] should_fail.cold+0x5/0xa [ 818.658988] ? create_object.isra.0+0x3a/0xa30 [ 818.659956] should_failslab+0x5/0x20 [ 818.660753] kmem_cache_alloc+0x5b/0x310 [ 818.661611] create_object.isra.0+0x3a/0xa30 [ 818.662537] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 818.663609] kmem_cache_alloc_trace+0x151/0x320 [ 818.664589] ? alloc_pages_current+0x18f/0x280 [ 818.665554] io_uring_setup+0x17ed/0x2980 [ 818.666430] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 818.667493] ? wait_for_completion_io+0x270/0x270 [ 818.668538] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 818.669601] ? syscall_enter_from_user_mode+0x1d/0x50 [ 818.670684] do_syscall_64+0x33/0x40 [ 818.671448] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 818.672535] RIP: 0033:0x7f943fb71b19 [ 818.673290] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 818.677161] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 818.678762] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 818.680267] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 818.681762] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 818.683256] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 818.684759] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:24:39 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:24:39 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 32) 13:24:39 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) (fail_nth: 12) 13:24:39 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 16) 13:24:39 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x80000, 0x100000e, 0x13, r0, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) [ 818.785870] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 818.792580] FAULT_INJECTION: forcing a failure. [ 818.792580] name failslab, interval 1, probability 0, space 0, times 0 [ 818.794128] CPU: 0 PID: 7068 Comm: syz-executor.6 Not tainted 5.10.245 #1 [ 818.795048] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 818.796223] Call Trace: [ 818.796588] dump_stack+0x107/0x167 [ 818.797086] should_fail.cold+0x5/0xa [ 818.797273] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 818.797601] ? dst_alloc+0x9e/0x5d0 [ 818.797615] should_failslab+0x5/0x20 [ 818.797638] kmem_cache_alloc+0x5b/0x310 [ 818.800713] dst_alloc+0x9e/0x5d0 [ 818.801186] rt_dst_alloc+0x73/0x440 [ 818.801713] ip_route_output_key_hash_rcu+0x98d/0x24a0 [ 818.802428] inet_rtm_getroute+0x10da/0x2330 [ 818.803055] ? ipv4_sk_update_pmtu+0xd10/0xd10 [ 818.803679] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 818.804451] ? __lock_acquire+0xbb1/0x5b00 [ 818.805054] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 818.805790] ? mark_lock+0xf5/0x2df0 [ 818.806345] ? ipv4_sk_update_pmtu+0xd10/0xd10 [ 818.806986] rtnetlink_rcv_msg+0x87f/0xbb0 [ 818.807583] ? rtnl_fdb_dump+0xa30/0xa30 [ 818.808165] ? lock_acquire+0x197/0x470 [ 818.808721] ? netlink_deliver_tap+0xf4/0xcc0 [ 818.809354] netlink_rcv_skb+0x14b/0x430 [ 818.809903] ? rtnl_fdb_dump+0xa30/0xa30 [ 818.810482] ? netlink_ack+0xab0/0xab0 [ 818.811030] ? netlink_deliver_tap+0x1ae/0xcc0 [ 818.811671] ? netlink_deliver_tap+0x1c4/0xcc0 [ 818.812330] ? is_vmalloc_addr+0x7b/0xb0 [ 818.812906] netlink_unicast+0x6ce/0xa00 [ 818.813480] ? netlink_attachskb+0xab0/0xab0 [ 818.814104] netlink_sendmsg+0x90f/0xe00 [ 818.814680] ? netlink_unicast+0xa00/0xa00 [ 818.814699] FAULT_INJECTION: forcing a failure. [ 818.814699] name failslab, interval 1, probability 0, space 0, times 0 [ 818.816846] ? netlink_unicast+0xa00/0xa00 [ 818.817456] __sock_sendmsg+0x154/0x190 [ 818.818017] ____sys_sendmsg+0x70d/0x870 [ 818.818588] ? sock_write_iter+0x3d0/0x3d0 [ 818.819178] ? do_recvmmsg+0x6d0/0x6d0 [ 818.819726] ? lock_downgrade+0x6d0/0x6d0 [ 818.820293] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 818.821050] ___sys_sendmsg+0xf3/0x170 [ 818.821578] ? sendmsg_copy_msghdr+0x160/0x160 [ 818.822233] ? __fget_files+0x2cf/0x520 [ 818.822770] ? lock_downgrade+0x6d0/0x6d0 [ 818.823362] ? find_held_lock+0x2c/0x110 [ 818.823942] ? __fget_files+0x2f8/0x520 [ 818.824503] ? __fget_light+0xea/0x290 [ 818.825056] __sys_sendmsg+0xe5/0x1b0 [ 818.825590] ? __sys_sendmsg_sock+0x40/0x40 [ 818.826192] ? rcu_read_lock_any_held+0x75/0xa0 [ 818.826852] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 818.827589] ? syscall_enter_from_user_mode+0x1d/0x50 [ 818.828291] ? trace_hardirqs_on+0x5b/0x180 [ 818.828902] do_syscall_64+0x33/0x40 [ 818.829409] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 818.830128] RIP: 0033:0x7f536cf98b19 [ 818.830645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 818.833224] RSP: 002b:00007f536a50e188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 818.834291] RAX: ffffffffffffffda RBX: 00007f536d0abf60 RCX: 00007f536cf98b19 [ 818.835280] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 818.836278] RBP: 00007f536a50e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 818.837280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 818.838282] R13: 00007ffca9282e9f R14: 00007f536a50e300 R15: 0000000000022000 [ 818.839314] CPU: 1 PID: 7073 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 818.840761] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 818.842443] Call Trace: [ 818.842985] dump_stack+0x107/0x167 [ 818.843724] should_fail.cold+0x5/0xa [ 818.844517] ? create_object.isra.0+0x3a/0xa30 [ 818.845459] should_failslab+0x5/0x20 [ 818.846247] kmem_cache_alloc+0x5b/0x310 [ 818.846742] FAULT_INJECTION: forcing a failure. [ 818.846742] name failslab, interval 1, probability 0, space 0, times 0 [ 818.847066] ? io_wq_create+0x114/0xc00 [ 818.847090] create_object.isra.0+0x3a/0xa30 [ 818.850328] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 818.851358] kmem_cache_alloc_node_trace+0x16d/0x340 [ 818.852400] io_wq_create+0x6ef/0xc00 [ 818.853174] io_uring_alloc_task_context+0x1f1/0x6a0 [ 818.854200] ? io_import_iovec+0x1120/0x1120 [ 818.855084] ? io_apoll_task_func+0x2d0/0x2d0 [ 818.856008] ? __io_req_find_next+0x300/0x300 [ 818.856923] io_uring_setup+0x1dd1/0x2980 [ 818.857771] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 818.858802] ? wait_for_completion_io+0x270/0x270 [ 818.859800] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 818.860869] ? syscall_enter_from_user_mode+0x1d/0x50 [ 818.861911] do_syscall_64+0x33/0x40 [ 818.862662] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 818.863696] RIP: 0033:0x7f55e908fb19 [ 818.864458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 818.868177] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 818.869714] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 818.871151] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 818.872607] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 818.874052] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 818.875503] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 818.876980] CPU: 0 PID: 7069 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 818.877926] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 818.879073] Call Trace: [ 818.879445] dump_stack+0x107/0x167 [ 818.879966] should_fail.cold+0x5/0xa [ 818.880504] ? copy_process+0x3305/0x78b0 [ 818.881084] should_failslab+0x5/0x20 13:24:39 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xff0f484b) [ 818.881609] kmem_cache_alloc_node+0x55/0x330 [ 818.882408] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 818.883144] copy_process+0x3305/0x78b0 [ 818.883720] ? stack_trace_save+0x8c/0xc0 [ 818.884305] ? lock_acquire+0x197/0x470 [ 818.884851] ? io_sq_thread_park+0x79/0xd0 [ 818.885443] ? lock_release+0x680/0x680 [ 818.885995] ? __cleanup_sighand+0xb0/0xb0 [ 818.886579] ? kernel_text_address+0xf2/0x120 [ 818.887197] ? find_held_lock+0x2c/0x110 [ 818.887758] ? io_uring_setup+0x1c23/0x2980 [ 818.888368] ? lock_downgrade+0x6d0/0x6d0 [ 818.888919] ? io_uring_cancel_generic+0x2b0/0x2b0 [ 818.889595] create_io_thread+0xb6/0xf0 [ 818.890140] ? pidfd_prepare+0x80/0x80 [ 818.890676] ? io_uring_cancel_generic+0x2b0/0x2b0 [ 818.891369] io_uring_setup+0x1d79/0x2980 [ 818.891950] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 818.892643] ? wait_for_completion_io+0x270/0x270 [ 818.893294] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 818.894013] ? syscall_enter_from_user_mode+0x1d/0x50 [ 818.894729] do_syscall_64+0x33/0x40 [ 818.895241] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 818.895948] RIP: 0033:0x7f943fb71b19 [ 818.896462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 818.899020] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 818.900092] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 818.901070] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 818.902054] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 818.903027] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 818.904014] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:24:40 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r1, r0, 0x0, 0x100000001) r2 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r5, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r5, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) fcntl$dupfd(r5, 0x406, r2) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x2, 0x0, @fd_index=0x1, 0x0, 0x0}, 0x0) r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) syz_io_uring_submit(r6, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) syz_io_uring_submit(r6, 0x0, &(0x7f00000000c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x2, 0x0, 0x0, 0x0, &(0x7f0000000080)={r7, r8+60000000}, 0x1, 0x0, 0x1}, 0x7c5) 13:24:40 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x2, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:24:40 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xff3f484b) [ 819.000359] netlink: 'syz-executor.2': attribute type 16 has an invalid length. 13:24:40 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x7fffdf003000, 0x100000e, 0x13, r0, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:24:40 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:24:40 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 17) 13:24:40 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x3, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:24:40 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xff3f504b) 13:24:40 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) (fail_nth: 13) 13:24:40 executing program 3: r0 = dup(0xffffffffffffffff) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000080)={0x0, r1}) ioctl$TIOCGRS485(r1, 0x542e, &(0x7f0000000240)) r2 = syz_io_uring_setup(0x54e6, &(0x7f0000000180)={0x0, 0x4, 0x0, 0x0, 0x19}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000100)) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r3, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r3, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r4 = fcntl$dupfd(r3, 0x406, r2) ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f0000000540)=ANY=[@ANYBLOB="1f0000000000000002000000000000000100000025000000040000000000000000000000000000008f0d000000000000050000000000000000000df840d655172bc991037a89d800000000000000000000000000000000000000b30c0000000000000800000000000000060000000000000000000000000000000000000000000000040000000000000000000000000000000000000000010000ff07000000000000ff09000000000000000000000087e9000000000000000000000002080000000000000000000000000005000000000000002b4f000000000000050000000000000000000000000000000000000000000000012800"/269]) readv(r3, &(0x7f00000000c0)=[{&(0x7f0000000440)=""/194, 0xc2}], 0x1) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r4, 0xc018937d, &(0x7f00000003c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r2, @ANYBLOB="ff010000000000002e2f66696c658d35ac56d5225acc391d89d6f68dd126d21209c264557f2a13d1cca0db17103d26dba54baec5dd00c5fd4bf63a14607a84c6f210b8005589a9ef26b09f15cd49a92a2d4eb7b81b1d"]) r5 = fork() perf_event_open(&(0x7f00000002c0)={0x4, 0x80, 0x6, 0x1f, 0x9, 0x81, 0x0, 0x20, 0x2000, 0x4, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x3, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x2, @perf_config_ext={0x7f, 0xffffffffffffffc1}, 0x0, 0x3, 0xbad, 0x7, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7}, r5, 0xc, r4, 0x1) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r0, 0xc018937d, &(0x7f0000000040)={{0x1, 0x1, 0x18, r4, {0x3}}, './file0\x00'}) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) dup2(r6, r7) sendfile(r8, r6, 0x0, 0x100000001) [ 819.104527] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 819.142996] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 819.155535] FAULT_INJECTION: forcing a failure. [ 819.155535] name failslab, interval 1, probability 0, space 0, times 0 [ 819.158011] CPU: 1 PID: 7100 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 819.159416] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 819.161166] Call Trace: [ 819.161721] dump_stack+0x107/0x167 [ 819.162484] should_fail.cold+0x5/0xa [ 819.163281] ? create_object.isra.0+0x3a/0xa30 [ 819.164247] should_failslab+0x5/0x20 [ 819.165047] kmem_cache_alloc+0x5b/0x310 [ 819.165901] create_object.isra.0+0x3a/0xa30 [ 819.166814] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 819.167888] kmem_cache_alloc_node+0x169/0x330 [ 819.168854] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 819.169952] copy_process+0x3305/0x78b0 [ 819.170788] ? stack_trace_save+0x8c/0xc0 [ 819.171656] ? lock_acquire+0x197/0x470 [ 819.172490] ? io_sq_thread_park+0x79/0xd0 [ 819.173379] ? lock_release+0x680/0x680 [ 819.174227] ? __cleanup_sighand+0xb0/0xb0 [ 819.175105] ? kernel_text_address+0xf2/0x120 [ 819.176058] ? find_held_lock+0x2c/0x110 [ 819.176912] ? io_uring_setup+0x1c23/0x2980 [ 819.177810] ? lock_downgrade+0x6d0/0x6d0 [ 819.178677] ? io_uring_cancel_generic+0x2b0/0x2b0 [ 819.179697] create_io_thread+0xb6/0xf0 [ 819.180545] ? pidfd_prepare+0x80/0x80 [ 819.181353] ? io_uring_cancel_generic+0x2b0/0x2b0 [ 819.182388] io_uring_setup+0x1d79/0x2980 [ 819.183267] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 819.184341] ? wait_for_completion_io+0x270/0x270 [ 819.185373] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 819.186472] ? syscall_enter_from_user_mode+0x1d/0x50 [ 819.187564] do_syscall_64+0x33/0x40 [ 819.188349] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 819.189429] RIP: 0033:0x7f943fb71b19 [ 819.190212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 819.194073] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 819.195390] FAULT_INJECTION: forcing a failure. [ 819.195390] name failslab, interval 1, probability 0, space 0, times 0 [ 819.195661] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 819.195678] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 819.200013] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 819.201526] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 819.203030] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 819.204564] CPU: 0 PID: 7098 Comm: syz-executor.6 Not tainted 5.10.245 #1 [ 819.205421] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 819.206456] Call Trace: [ 819.206789] dump_stack+0x107/0x167 [ 819.207258] should_fail.cold+0x5/0xa [ 819.207728] ? create_object.isra.0+0x3a/0xa30 [ 819.208309] should_failslab+0x5/0x20 [ 819.208778] kmem_cache_alloc+0x5b/0x310 [ 819.209286] ? lock_release+0x680/0x680 [ 819.209795] create_object.isra.0+0x3a/0xa30 [ 819.210350] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 819.210978] kmem_cache_alloc+0x159/0x310 [ 819.211491] dst_alloc+0x9e/0x5d0 [ 819.211918] rt_dst_alloc+0x73/0x440 [ 819.212385] ip_route_output_key_hash_rcu+0x98d/0x24a0 [ 819.213024] inet_rtm_getroute+0x10da/0x2330 [ 819.213565] ? ipv4_sk_update_pmtu+0xd10/0xd10 [ 819.214119] ? entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 819.214757] ? __lock_acquire+0xbb1/0x5b00 [ 819.215293] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 819.215939] ? mark_lock+0xf5/0x2df0 [ 819.216419] ? ipv4_sk_update_pmtu+0xd10/0xd10 [ 819.216984] rtnetlink_rcv_msg+0x87f/0xbb0 [ 819.217505] ? rtnl_fdb_dump+0xa30/0xa30 [ 819.218008] ? lock_acquire+0x197/0x470 [ 819.218492] ? netlink_deliver_tap+0xf4/0xcc0 [ 819.219045] netlink_rcv_skb+0x14b/0x430 [ 819.219541] ? rtnl_fdb_dump+0xa30/0xa30 [ 819.220041] ? netlink_ack+0xab0/0xab0 [ 819.220522] ? netlink_deliver_tap+0x1ae/0xcc0 [ 819.221089] ? netlink_deliver_tap+0x1c4/0xcc0 [ 819.221638] ? is_vmalloc_addr+0x7b/0xb0 [ 819.222142] netlink_unicast+0x6ce/0xa00 [ 819.222644] ? netlink_attachskb+0xab0/0xab0 [ 819.223186] netlink_sendmsg+0x90f/0xe00 [ 819.223693] ? netlink_unicast+0xa00/0xa00 [ 819.224227] ? netlink_unicast+0xa00/0xa00 [ 819.224745] __sock_sendmsg+0x154/0x190 [ 819.225232] ____sys_sendmsg+0x70d/0x870 [ 819.225731] ? sock_write_iter+0x3d0/0x3d0 [ 819.226245] ? do_recvmmsg+0x6d0/0x6d0 [ 819.226721] ? lock_downgrade+0x6d0/0x6d0 [ 819.227227] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 819.227862] ___sys_sendmsg+0xf3/0x170 [ 819.228348] ? sendmsg_copy_msghdr+0x160/0x160 [ 819.228902] ? __fget_files+0x2cf/0x520 [ 819.229388] ? lock_downgrade+0x6d0/0x6d0 [ 819.229892] ? find_held_lock+0x2c/0x110 [ 819.230386] ? __fget_files+0x2f8/0x520 [ 819.230869] ? __fget_light+0xea/0x290 [ 819.231342] __sys_sendmsg+0xe5/0x1b0 [ 819.231800] ? __sys_sendmsg_sock+0x40/0x40 [ 819.232325] ? rcu_read_lock_any_held+0x75/0xa0 [ 819.232893] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 819.233521] ? syscall_enter_from_user_mode+0x1d/0x50 [ 819.234142] ? trace_hardirqs_on+0x5b/0x180 [ 819.234663] do_syscall_64+0x33/0x40 [ 819.235119] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 819.235738] RIP: 0033:0x7f536cf98b19 [ 819.236198] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 819.238411] RSP: 002b:00007f536a50e188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 819.239336] RAX: ffffffffffffffda RBX: 00007f536d0abf60 RCX: 00007f536cf98b19 [ 819.240206] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 819.241071] RBP: 00007f536a50e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 819.241939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 819.242796] R13: 00007ffca9282e9f R14: 00007f536a50e300 R15: 0000000000022000 [ 833.191812] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 833.197031] FAULT_INJECTION: forcing a failure. [ 833.197031] name failslab, interval 1, probability 0, space 0, times 0 [ 833.197879] FAULT_INJECTION: forcing a failure. [ 833.197879] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 833.198311] CPU: 0 PID: 7124 Comm: syz-executor.6 Not tainted 5.10.245 #1 [ 833.202061] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 833.202956] Call Trace: [ 833.203263] dump_stack+0x107/0x167 [ 833.203678] should_fail.cold+0x5/0xa [ 833.204110] ? __alloc_skb+0x6d/0x5b0 [ 833.204542] should_failslab+0x5/0x20 [ 833.204977] kmem_cache_alloc_node+0x55/0x330 [ 833.205468] __alloc_skb+0x6d/0x5b0 [ 833.205887] netlink_ack+0x1ed/0xab0 [ 833.206311] ? netlink_sendmsg+0xe00/0xe00 [ 833.206772] ? lock_acquire+0x197/0x470 [ 833.207224] ? netlink_deliver_tap+0xf4/0xcc0 [ 833.207720] netlink_rcv_skb+0x348/0x430 [ 833.208190] ? rtnl_fdb_dump+0xa30/0xa30 [ 833.208652] ? netlink_ack+0xab0/0xab0 [ 833.209071] ? netlink_deliver_tap+0x1ae/0xcc0 [ 833.209594] ? netlink_deliver_tap+0x1c4/0xcc0 [ 833.210119] ? is_vmalloc_addr+0x7b/0xb0 [ 833.210562] netlink_unicast+0x6ce/0xa00 [ 833.211024] ? netlink_attachskb+0xab0/0xab0 [ 833.211526] netlink_sendmsg+0x90f/0xe00 [ 833.211995] ? netlink_unicast+0xa00/0xa00 [ 833.212464] ? netlink_unicast+0xa00/0xa00 [ 833.212947] __sock_sendmsg+0x154/0x190 [ 833.213380] ____sys_sendmsg+0x70d/0x870 [ 833.213843] ? sock_write_iter+0x3d0/0x3d0 [ 833.214304] ? do_recvmmsg+0x6d0/0x6d0 [ 833.214749] ? lock_downgrade+0x6d0/0x6d0 [ 833.215200] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 833.215799] ___sys_sendmsg+0xf3/0x170 [ 833.216231] ? sendmsg_copy_msghdr+0x160/0x160 [ 833.216724] ? __fget_files+0x2cf/0x520 [ 833.217174] ? lock_downgrade+0x6d0/0x6d0 [ 833.217645] ? find_held_lock+0x2c/0x110 [ 833.218110] ? __fget_files+0x2f8/0x520 [ 833.218568] ? __fget_light+0xea/0x290 [ 833.219014] __sys_sendmsg+0xe5/0x1b0 [ 833.219446] ? __sys_sendmsg_sock+0x40/0x40 [ 833.219912] ? rcu_read_lock_any_held+0x75/0xa0 [ 833.220455] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 833.221052] ? syscall_enter_from_user_mode+0x1d/0x50 [ 833.221636] ? trace_hardirqs_on+0x5b/0x180 [ 833.222125] do_syscall_64+0x33/0x40 [ 833.222530] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 833.223116] RIP: 0033:0x7f536cf98b19 [ 833.223521] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 833.225618] RSP: 002b:00007f536a50e188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 833.226439] RAX: ffffffffffffffda RBX: 00007f536d0abf60 RCX: 00007f536cf98b19 [ 833.227248] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 833.228059] RBP: 00007f536a50e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 833.228866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 833.229673] R13: 00007ffca9282e9f R14: 00007f536a50e300 R15: 0000000000022000 [ 833.230514] CPU: 1 PID: 7127 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 833.232098] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 833.233975] Call Trace: [ 833.234579] dump_stack+0x107/0x167 [ 833.235409] should_fail.cold+0x5/0xa [ 833.236283] __alloc_pages_nodemask+0x182/0x600 [ 833.237334] ? lock_downgrade+0x6d0/0x6d0 [ 833.238271] ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310 [ 833.239635] ? memcg_slab_post_alloc_hook+0x17a/0x430 [ 833.240818] ? kmem_cache_alloc_node+0x2bc/0x330 [ 833.241885] copy_process+0x62b/0x78b0 [ 833.242797] ? stack_trace_save+0x8c/0xc0 [ 833.243732] ? lock_acquire+0x197/0x470 [ 833.244690] ? io_sq_thread_park+0x79/0xd0 [ 833.245712] ? lock_release+0x680/0x680 [ 833.246628] ? __cleanup_sighand+0xb0/0xb0 [ 833.247650] ? kernel_text_address+0xf2/0x120 [ 833.248684] ? find_held_lock+0x2c/0x110 [ 833.249623] ? io_uring_setup+0x1c23/0x2980 [ 833.250661] ? lock_downgrade+0x6d0/0x6d0 [ 833.251632] ? io_uring_cancel_generic+0x2b0/0x2b0 [ 833.252806] create_io_thread+0xb6/0xf0 [ 833.253758] ? pidfd_prepare+0x80/0x80 [ 833.254680] ? io_uring_cancel_generic+0x2b0/0x2b0 [ 833.255878] io_uring_setup+0x1d79/0x2980 [ 833.256874] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 833.258071] ? wait_for_completion_io+0x270/0x270 [ 833.259207] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 833.260477] ? syscall_enter_from_user_mode+0x1d/0x50 [ 833.261723] do_syscall_64+0x33/0x40 [ 833.262607] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 833.263769] RIP: 0033:0x7f943fb71b19 [ 833.264613] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 833.268715] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 833.270425] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 833.272043] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 833.273646] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 833.275249] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 833.276864] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 833.282365] FAULT_INJECTION: forcing a failure. [ 833.282365] name failslab, interval 1, probability 0, space 0, times 0 [ 833.286515] CPU: 1 PID: 7129 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 833.287842] loop3: detected capacity change from 0 to 80896 [ 833.288143] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 833.288150] Call Trace: [ 833.288176] dump_stack+0x107/0x167 [ 833.292264] should_fail.cold+0x5/0xa [ 833.293171] ? io_rsrc_node_switch_start.part.0+0x43/0x250 [ 833.294486] should_failslab+0x5/0x20 [ 833.295398] kmem_cache_alloc_trace+0x55/0x320 [ 833.296508] io_rsrc_node_switch_start.part.0+0x43/0x250 [ 833.297792] io_uring_setup+0x14f6/0x2980 [ 833.298777] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 833.299907] ? wait_for_completion_io+0x270/0x270 [ 833.301012] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 833.302189] ? syscall_enter_from_user_mode+0x1d/0x50 [ 833.303353] do_syscall_64+0x33/0x40 [ 833.304204] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 833.305357] RIP: 0033:0x7f55e908fb19 [ 833.306193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 833.310263] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 833.311939] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 833.313495] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 833.315047] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 833.316629] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 833.318180] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:24:54 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 33) 13:24:54 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x4, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:24:54 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x7ffffffff000, 0x100000e, 0x13, r0, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:24:54 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:24:54 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xffff8000) 13:24:54 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 18) 13:24:54 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) r2 = openat$cgroup_pressure(r0, &(0x7f0000000040)='io.pressure\x00', 0x2, 0x0) r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) sendfile(r2, r3, 0x0, 0x800) write(r1, &(0x7f00000002c0)="bfb95bd43caf1ce5b7fed390c01457f0efc96de5b7b4b818efeb68f7b0d95a8c6d5059e28fb9f0b6a692f72a683684100a8bf6764d351f77681642bcca59ed051ab9cfcc91c0f6833cf7f21ffa5a96ab1e1d0077045b64d7edcb41d7897988485780f59935021ee97dcfea01f76b7800c55894e2c222765fc9d64bcbbf4c7cd1b5571a51915711cae3370dd46de6777e25eea2022e6af924e4caee1be0a3460d1b30315a2872c01f212552f34175628412166c2705f3e057dc150c8cb3a45710f436d2029eaa84d1b9bcbe3087f57c1522f19dcd2be0d8351bb0a67925a78636e4b681dbe03218fb2d69d3830e3f44fe10717d9f86c79acda071921f3e4100f5eee00cf634e35af4f26588824886d9ed281d582ea4ada09dd48873f786ed5509ec971b42aeadd2745ed417cc1e233e6fc2e221286300638c30570b8e37164711dd6cc07152eca4e2de202290e73e5edd857b5dbbd1ad6fef6d82fed5219cd68a5ae8edcec352dccefe0194095c4a94468390ccd048fc9f08a21aaf2267e716ec8a9b380d26f13eff0d3d7ff5f30030456ba7c1f724fcb7c89ff99eb737098ab479e4e794d6b2d08cc170b747ecbf577c05fa63b1577068a58beeb9103c2ffbde620d7c43fc21b993a42eb4879bff4d741d4c8752be5162f24d8baf1ccfc6e0a8f4d5c432b20cd9e3de14b090c7885d4a0d4547c1b9473a8bdc568191c58a5f47d107f51561560832689d96932aa47ddaef32e839fcfcf60296b96c9660170fcfe313f8e4ddb5666f89ef09304dd2baf0543de96324e4eb113eec82d432143eb887fcf5ee2f7aec7dc6ae37d929339066dd0b7b5e21b8757e42e2b2320dc27b1d96e150996aed9326ee4012bfea798cc554c7cea4827c6bccba67f845e3b6d70197dc735b8938b3469b9a451858ecf72077811286434569a7164ffa494fe0054afe3b7453b71b80f3c091199812ceb5a8d27a5bebef3a8abe58034840c07408affcfa9498b37559e67475f0b07cb530c037f7ef3f657381826af0f974d417d003cc379d19aacf1c462a5a601d024645069797d8f39dab31beaecd3091340e95787a3ea0703379665cb02f49c306280e725d3d2ffb0942ade54774294a3782b47111c23487e481ceb0be55e9f48bdd2c32c081e124c5b5eb822030692ed7d3099fa6d619c9953ce0197b116f911377134f2a049b7bb5ca488dee59cd761a29287f47ea02af417cad67e3cb64fab9e6afa33aef10f4460a8a67ae613898ac3f82795d6f0a7c5254f1c9a0d133176821269ae4b805d75cedc4e39da6287c2ea0fdd48d37f26472e82847c738e0e288adbd8ac65cf64501270aed76be673a35e9590f91c0481f3ecc0989c0ed0ca58b54ba8b40c9cbdd95537efc012498589892a1ba5c70041630a4738ec0e9e5ed74045d3caa8e2fc2166198bc40c81298278dfbbeeb7f2caea56d38f22f65141c518c8b9b73ddf0f8e09c1ef24a6a4086f302067080da802c1dc2d65213fcfcc54985f7d2be9815f2d947741b3c6e71b9ba6c86210784b393309e98c996d1c131b6351d17e5ee97d211d0c8bc6ffca3351b73bfe457201afdd1befcb02a85ecf81a970418b12f24ffac387e43205061c511c9b593b733d3edaaad7a1457b791866b6730d6b746d22e613e662fb623a6662ca6daad96d9a63551496a8b91d58052b0bf07dbe00995141de7666b2a796beda403ca546c16f56133944ef92e887d51b4c2aeadd75f64ca9ca998c3f0b832ef5b62555167b325541548991996463cf04590b3183b6ff6475b994c89deba3334cd794f5c781fe2e7dd9655584e59612467dc35ce39476a1ce9302c90f577a6d490593b88960875a36e3a8293673b1bbc3b23c23e686f19e6a09e4540420d70d0dc1a88c30a5cb2bfc1f58e9f769d8c74ff00721db9df78503e615d4697c662f63f4cad9756855eca4c772c78ecb9c0a95d29e51c22861b23407fa4442554cf237acf0915dae5b708807ae83d980a44eda23efb7515985799a2952f9a45c0e669597407d6acd010686b4157e14125b5b9dd3ff604b232555cff99d658e45f4b9a7cd83e4ec5e2b8d690ca4f49368e7424d354a705437c0b3c6cbdfcfd5a66212a91363b0b1de1dcb71f8e73399524cf9b1182fc390a6d8a8141da2b37c0bfc36b914365404f2ed4692f84e113c1be9cbbe28b0415b86f65e30ee884cb16b594960dc1ecc78e8167a9e8f2baec7e021d31294be47c5161e50bf7ec3684b7ff93b34edcdd1fae6c854a8b132d052a28fae4d539573352391ec92059b2cf678836b301fbbf5d9de58e1ebe77548dacabe2b382cbe82175467d3e676a6977e22c40b4ab649a65f7a2b339e617d1b741211919a871a1c7aeefd89050f59625ab09c3ff59295f03fac92c88373b5fc66c06f19c9e778becc444a3213833fec7dee55bd02d9d234d24cc30271bfc4901ded157653280f0f07eeae2640f0f0e6f9a985485ed88e85e391769b5e9e6d254b5eced8c92c10df252f00f3df586be295d3b8afc42ec309313b1a3dccaac66bd0c4011732b981e4549e542f15195ef0b8d2cac41beade0702caed198785ce1b25494074859bc6ec326f34c035381b6aaa5b0f279947e9d4c3076b6fb539005cccaf3f0d84301f5198fa5b4e1e3d79c0cc05e5dc85e2596d0523420fb6076b20028c9ad9e8f37c9f8a40702774eeb084a055380730cbe537e2aebe9eb78eafed1b2fde87bd76ea203d5108953d72b5814c5b2f2f5343135ac2361ae9a86de940cc3377dc3ffcb4618e3721a6aea9582f68dcefd31e94c0fe272230fef9964abea819f8eb8fa13ba45d440ef71a7bf416f55adf5d1353c96cbd635f263dff74ca67ade85f7c3e8fefdf790b00c4b198117149b5546019998bac362587a7f4d68ff4f12f5683b38f0e2c6690ea375a0054b1c57db8d4c6ae6e42802bcd3bca0df269a01507f9565b223ec37ea3d5675593c1975be987f94c88ca403aa6b91c6ba4bcf754b03fb90b8a7b9bbf8f8d57fc7c58c8e5f811ca9424447630ee466c5eb5dcb5d1a3f54623b4e40b8182fe4e442c8b5bd60bb5f7bfe587a0bb1ea6a08d8864d2284a9bff03ba4df0ff6e0d8af6eb5d146b13758b58e50705b5a14660531833cc097c82f8b6487e5422acff438adfc95f9ea7fbebf29e4fe7191d9e23e222fa170827ffcd16d8428f062765a03dc8e17c2533a1c9579b1e88879d588787782906ec79e43d60444baaec54258761df8b03ddede2023ecf8c72318e848aadfed1e0637f4be8d865dfe668491ae7d1547e4aae223055e8615aef690299fbea1e31c73bd0e0e3d5a64ce0a67cbe2ca1079beef873e077dc4eb3b56edd32429c90e280602505a8c861a7cb4409ff14ff0178759718def2b23cc595d97c2a43c3dd3069d028a1a3bee8c2a8a54607a56d0798a779ed9ec34d267fc1151918bc596965cbd06b977ce3e254bc60f046b20b37d363f9b18285c3c6b1b960b4a71dd7b39a9c21ff5384dce1df6243d3eeb0311f1e19a89f5edc65cb7bc063e8a46a638d6c542977ab688b7ceeb00e9e0c5ea89278222e48e3e4f4f986f11dcdb6058d58e8c003d2ba9bf984ec272db5101e08d3d358364fbcf788327a669484b21ed83e02f2d01deaa673bcf6be18e037dcaa06dbc1c372140cd6ff8800d561ef6596897e67363dd36bfa45b569e6737e9e12df7911145f24aa4083099c16d47c32e718a5843e64b27057bbc7ceb6238eda641dea97e4c04eaf246497dd52fbfec5a4f3f297cc2acc6e00dea3567000c63a987592be22b4ef4001f178ee65d11015a7c6b7adbf6343f9f58bf9ee74fa706e502af0c1b55854d405ae328f532a0cb266c82f3824396a9e104f626138ee0c938a308c708443b9e7b9216800409a303d760dd4ffcdadd5729149c6fd435226f886eee9326fef6f5b5e131d99dea53e99d70d64907cca37f79f42fa766f2b48acf0ea7d43e3796e1381008aa1d8742573263c9fecc4c94873300686ad0393c83ceea18da1aacc09dd44b3940fdbb7042a0f942dd3f9b33f2ae5297e8e283b121d2e87f593aae7f72af718de3d074f0b06064be6658af88c94ee9c3de5f04c6bde12621c83722066e13fe42df95d3abe2cd9460e4e1720b91704f44b00267dd3d02a134ea0ca0c70b4cf5bce0c690a0cb058da3cde9f0398c4e65ee21f6b23fdc11d43a5a0219feb2048b93168cba73d1d0f42ab50e6cb012d45ad798689524f0bb3df3dc651032c2cdad5e54bdd6331c060caaa5ca925e768d07bca0d56583fad450eb54edd5c6122a9011aec066c0e8051ecbab9adf76c534da2cf8e8a156749c1ba616e520f500bce40fc6b2b064920608b869f33370e4af56062de85b73456924456487c13a5ae3eabc6fa85b7fe2bca4af5b7294634854a237392add805acbc77c65c1ceda834246c1a9c5bde409f760757f9765583f0afe3300bf2275d13d9e9942ca547f004c768f2d26aa25b340c1564fc915cd6daae26a246d985175833a507c1b02b2d80069d05207205d37a59987a84de9d687b0a84c5a48fd7a82f9fc1eb512dc3ade957effb08f3d756e4d9c2c7d404e41042ec0087f79c4a81912ae9da8021256a3581ed8adc728827e3ffa67709e11d613d0b7e3c554ca39dda460388cd118865f96a496a3fde766dd7640cbc64a2215666bea2ff8fd686da6eab52ae7011f2db61f1802222a896c7de11f0e29597cc9d605b20b2354937a9c360ed0c0ae2fd2eb76c5d70b368b5f4aa64673413e6518636f805a91a4cbca0751ab38d65a698a182a867bd4247ec61dcaa2118331654d537772ee289c7947b3189e35b3b72d46914f13a850870279a834079c658e5fdcb201b5e06066632ef39d599c71fc8ab2a1b8e42367e0dedbf16fc61890184ff5612a9851b2d5b8422f2025f2c256cd5b85f93e8b1ccf38aedbe6b86277649aa689c7585d5eb456fa57956e6464a046bd5403719f9d5324a775ad73937f1a0ea4c6f39dcfda14a465841f73e57311661d23098c98a956f5953f6a472d217c0ba5d5c484c68c563dc377b1b09acde049d419f2fe00bbb371393d9a156a3953b1310211f7b06bb74e7927bad5fb73398c3e97846307c8f988b080a9e0b49a530ca55ff33366ad70ba86339a929a6117057843f4812e1af765b3d0261c57d2b5d02ebff2567f64757bf2623971b8f6a426650a388738a1d8000c4ebbd00829e72711f6e7554090abfa47e2cc7a6b2327c9bac09dbd2489bbe545eb984db50e065fd30743ef1e4d456038a7b9ec2bda5ef2d337a7ec421770bac2399095a48927af0c66842c3e4b3e4509eb7980fa2dcbe39bf20057858409d9093b18ecbd2e796db467376d950d36a49a2baffeefaf82cde6a52fc3efd6fa71dc0b1da61c325ce7eececb55e7e0a7d0778e3c88fc40feb7ea3a54c33555caccac1014de2edb1c214d02d9fa7e79805b8b4cec38bd6d4ca9558a21e9a478943accb92222469985109f0e4f68285b93336554e1e16c85b3da6b3c038ad76494d698fc736558e5832c6ce32d237a2c83650b9e85500359f2e3864dd8f579a9eee2f8d482489b12726efd6abc43aa8d35529d425c8c91b658b91388bcbf60771c0a44ee2840bcaa893f2c2940f74fc85486ec9697d1230f779077fd8ebfc342cb0b7e0349cb6f5c3fac464ba99614de91b86ddad7c6495cb66e405b792c7cc54db7ed3ef315e5898da8969da8e1b7ece738cca795b45db9b92c0e6c4c5ad576eb119609f1c88e08fe772e113e8176c58e3da0fc30106872ffb76de70d5771", 0x1000) r4 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r5, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r5, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r6 = fcntl$dupfd(r5, 0x406, r4) ioctl$FS_IOC_FIEMAP(r6, 0xc020660b, &(0x7f00000002c0)={0x1f, 0x2, 0x1, 0x25, 0x4, [{0x0, 0xd8f, 0x5, '\x00', 0x86}, {0xcb3, 0x8, 0x6, '\x00', 0x4}, {0x0, 0x7ff, 0x9ff, '\x00', 0x802}, {0x5, 0x4f2b, 0x5, '\x00', 0x2801}]}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r4, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r6, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r4, {0x1ff}}, './file0\x00'}) sendfile(r6, r2, 0x0, 0x6) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f00000000c0)={0x0}, &(0x7f0000000100)=0xc) r8 = syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x9, 0x5, &(0x7f0000001580)=[{&(0x7f00000001c0), 0x0, 0x841}, {&(0x7f00000012c0)="54fccaf636ecfbbc39a9acd57f566f3ae00efa26fe4d58fa29a6e22d25b616dfcba51c90e7db6ba90c28d2cdcf98f13145885b63c90e964ad9c871a8d7f745a11ef12ab04f336a4617e519e65b3bfb7470c8494ad7c32c7928316f5ffce7a8bf2958f5134bc07713d87d467ac6de24533a524ee05bcbee0e53bba3fe38b1c2feaf7a24693b6dbbe5b3e58702dc37cf22845313c30273dc215947049f0b4555e2627d71e204879c49b9c3d0a01c193df0c4c750d177aadbf33adf45fbddcf35596b31940d9c05dd79fc854fc0f03ba5003ec7a616d62de70db518658b19", 0xdd, 0x7}, {&(0x7f00000013c0)="1b9373d01ea0db0f6e0c8d33d64b88f453e0b3f010ed1c9c9ff8b0ae5695995d3760ebb4b20062ab7255bb695ca572fb880c868bde46c79de9cbf91f3603501e043f1a233fa03d24363eed43a181a658bf248327e4e269808bd81fbfa77ddbdc9b793dd1f03b5f12b4efbd04cb18f70643986d5c85065718e4df03b4c3397ff8a370122e1ba3c47353f20789b877c0573b26a9c76e55d866d3268684dd645cddbecd29c6", 0xa4, 0xd36}, {&(0x7f0000000200)="9c513e2b85fdcaf1a5dcecd2566ef9ff8ec8ec920ab5e0888222319ecc56892b1c2326de30c14ad5a880e441b5d29cfd6e2b352ff272b0a1d26e5caa86487421c4840dac1a11fb7d94c2836eaa1240baa709cc13c430f84d6987732b82b7ecd409c59f909c361d9d11853a18a24c2c950e442b6c", 0x74, 0x9ee0}, {&(0x7f0000001480)="abbc9c799ddacd4df41dbb1986b3e50849d0c0f3643ed68b41ae5fbc7adce98620658459c80b74971bb47d47f6430ba731df3b484b1ae3102e26f7881f5890a0b4bf1f2562316a84c5af343436cc1200950e2df33e55a70631dcd76e5419e4c3bd607d45fb6a3bd5fdd1ea2a6ad1d32fd508a732a7cfb5f04022a7ffc458cb0d38c826ec5517028f815c42a1c4c3d1a99325eb84a9729de2e3d80118e746c736424a658b190c33e750e87e09d95df6ae7f3e68e39ef1093f91506e5f0995f025eaddcaf7243d452e549f0b201ea935c3998bfff2c8", 0xd5, 0x401}], 0x2980808, &(0x7f0000001600)={[{@utf8no}, {@uni_xlate}, {@fat=@dmask={'dmask', 0x3d, 0xfffffffffffffffd}}, {@shortname_lower}, {@shortname_lower}, {@utf8no}, {@shortname_win95}], [{@smackfsdef={'smackfsdef', 0x3d, '-\\^\x17'}}, {@fsuuid={'fsuuid', 0x3d, {[0x32, 0x37, 0x34, 0x38, 0x63, 0x30, 0x39, 0x33], 0x2d, [0x53, 0x62, 0x65, 0x32], 0x2d, [0x33, 0x32, 0x39, 0x37], 0x2d, [0x39, 0x66, 0x37, 0x35], 0x2d, [0x65, 0x30, 0x34, 0x34, 0x37, 0x34, 0x39, 0x61]}}}, {@euid_gt={'euid>', 0xffffffffffffffff}}, {@smackfsroot={'smackfsroot', 0x3d, 'io.pressure\x00'}}, {@fscontext={'fscontext', 0x3d, 'system_u'}}, {@fowner_lt={'fowner<', 0xee01}}]}) sendmsg$nl_generic(r0, &(0x7f0000001ac0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000001a80)={&(0x7f0000001b00)=ANY=[@ANYBLOB="040300001d0000022cbd7000fedbdf252000000008003f00", @ANYRES32=r7, @ANYBLOB="4e49ac0e33392f58465ee22ddf2d9ebda2a6b3f08a570b24e59745896131f86809b3a97dbbd49eb10581cdc30ca415e6d347221026e4c3fe1907bb236cd031a23ede80c3a1d4b0018320ab6f12462e085612b3eea4d9df530d2439bebe6eb77502c11483a4b67fd3e137eddf9d0629abdfef3184c86528b1b9bd28bf959abab95e390c524768335acc6a73d12d2465f54ac264198c33525c6aa71ad623b850f51ca2edfbd2afd6fe8099e77f50763192d59990220c1ef1134ba2affc234124de411c00628008000300793ff0658f71476f3b47c53a8d887bda66afab0c3620226ee8e05cf80bc25649504ffb0237be45b6ff7c6e170125ea6b79dc999bb98cb57cd5b9619f5d8be3bf0097e4f7731cb675ea5bd5aa2d14509075c842924367e1f8b0c5b90d50ab0b4c", @ANYRES32=r1, @ANYBLOB="08002d00ac1414aa0500240000000000ab01608005006d0000000000608929098fde715dd70160af0681e901f66bc5212cd5ef1741e53ebf54e9f51f9fd77a3ab4288f96d9bf2f3b1d91928701a7c99fb144d9a925001ce4b044259c95ab39a7db63b74897bd66f32860cdb6121bb692f0ff10143482800e73c27d6f6d407cdf63b53c9648eb985022e81130da330384c3fb7509c24c7f70a92ba995bff9bec3bb36195a3af49189c1111fad73265527021b6579e199411d596d135e2a9fed2b4df7dc14006500fc02000000000000000000000000000008001200", @ANYRES32=r8, @ANYBLOB="28000e0095e58e725582c89c9721ea4df999fe1f2cd3d712aa5feaca2b78c55cbf9c606b424fc08a08002400", @ANYRES32, @ANYBLOB="04002d0099f9fe332c8d3319eec605bb681354e75e387da1d0c7ac54b82cbab20b6a41587841f332501f81794d6511b503b7c627f8653b2c2056af6575519f57ea21cc470b7985955ca35be3d68b945ade64d888a18aa83dd5a872883385fc785056769c2e8c407e52fa714e99362dc8d4b7c5918f69fe6c2255a434107613e699dfe3bf5149cdd8ae25b408073ac6d094abceee23c846fe71ca24f8ce8da7da990d298008007f00ac1e0101004356a080bff7e8edb09bab1da8b4f2ae2479cf55dca0e4f0a581a6cf4b6e739d15a83f979d78538917f7cd7859a88449bb45668f7929f8718fce174eb8657cdd863db77c11cd2b0544708f424ca0c0f327a764b6abb918a769ef26be19e000"], 0x304}, 0x1, 0x0, 0x0, 0x40}, 0x40000) 13:24:54 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) (fail_nth: 14) 13:24:54 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0x13, r0, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:24:54 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) (fail_nth: 15) 13:24:54 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x800000000) [ 833.355746] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 833.360148] FAULT_INJECTION: forcing a failure. [ 833.360148] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 833.361525] CPU: 0 PID: 7143 Comm: syz-executor.6 Not tainted 5.10.245 #1 [ 833.362306] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 833.363256] Call Trace: [ 833.363564] dump_stack+0x107/0x167 [ 833.363987] should_fail.cold+0x5/0xa [ 833.364425] __alloc_pages_nodemask+0x182/0x600 [ 833.364959] ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310 [ 833.365649] ? kmem_cache_alloc_node+0x313/0x330 [ 833.366189] alloc_pages_current+0x187/0x280 [ 833.366689] allocate_slab+0x26f/0x380 [ 833.367136] ___slab_alloc+0x470/0x700 [ 833.367582] ? __alloc_skb+0x6d/0x5b0 [ 833.368026] ? __alloc_skb+0x6d/0x5b0 [ 833.368462] ? kmem_cache_alloc_node+0x313/0x330 [ 833.368978] kmem_cache_alloc_node+0x313/0x330 [ 833.369499] __alloc_skb+0x6d/0x5b0 [ 833.369915] netlink_ack+0x1ed/0xab0 [ 833.370341] ? netlink_sendmsg+0xe00/0xe00 [ 833.370838] ? lock_acquire+0x197/0x470 [ 833.371290] ? netlink_deliver_tap+0xf4/0xcc0 [ 833.371814] netlink_rcv_skb+0x348/0x430 [ 833.372285] ? rtnl_fdb_dump+0xa30/0xa30 [ 833.372726] ? netlink_ack+0xab0/0xab0 [ 833.373168] ? netlink_deliver_tap+0x1ae/0xcc0 [ 833.373668] ? netlink_deliver_tap+0x1c4/0xcc0 [ 833.374193] ? is_vmalloc_addr+0x7b/0xb0 [ 833.374637] netlink_unicast+0x6ce/0xa00 [ 833.375103] ? netlink_attachskb+0xab0/0xab0 [ 833.375606] netlink_sendmsg+0x90f/0xe00 [ 833.376075] ? netlink_unicast+0xa00/0xa00 [ 833.376568] ? netlink_unicast+0xa00/0xa00 [ 833.377050] __sock_sendmsg+0x154/0x190 [ 833.377501] ____sys_sendmsg+0x70d/0x870 [ 833.377964] ? sock_write_iter+0x3d0/0x3d0 [ 833.378446] ? do_recvmmsg+0x6d0/0x6d0 [ 833.378887] ? lock_downgrade+0x6d0/0x6d0 [ 833.379359] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 833.379961] ___sys_sendmsg+0xf3/0x170 [ 833.380407] ? sendmsg_copy_msghdr+0x160/0x160 [ 833.380929] ? __fget_files+0x2cf/0x520 [ 833.381382] ? lock_downgrade+0x6d0/0x6d0 [ 833.381866] ? find_held_lock+0x2c/0x110 [ 833.382335] ? __fget_files+0x2f8/0x520 [ 833.382792] ? __fget_light+0xea/0x290 [ 833.383238] __sys_sendmsg+0xe5/0x1b0 [ 833.383669] ? __sys_sendmsg_sock+0x40/0x40 [ 833.384176] ? rcu_read_lock_any_held+0x75/0xa0 [ 833.384689] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 833.385292] ? syscall_enter_from_user_mode+0x1d/0x50 [ 833.385876] ? trace_hardirqs_on+0x5b/0x180 [ 833.386343] do_syscall_64+0x33/0x40 [ 833.386769] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 833.387352] RIP: 0033:0x7f536cf98b19 [ 833.387757] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 833.389846] RSP: 002b:00007f536a50e188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 833.390711] RAX: ffffffffffffffda RBX: 00007f536d0abf60 RCX: 00007f536cf98b19 [ 833.391517] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 833.392333] RBP: 00007f536a50e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 833.393145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 833.393953] R13: 00007ffca9282e9f R14: 00007f536a50e300 R15: 0000000000022000 [ 833.400634] loop3: detected capacity change from 0 to 80896 13:25:07 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x5, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:25:07 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) (fail_nth: 16) 13:25:07 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 19) 13:25:07 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 34) [ 846.700788] netlink: 'syz-executor.2': attribute type 16 has an invalid length. 13:25:07 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x1000000000) 13:25:07 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x2) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:25:07 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) creat(&(0x7f0000000040)='./file0\x00', 0x100) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, &(0x7f0000000100)={{0x1, 0x1, 0x18, r0, {0x4}}, './file0\x00'}) openat(r1, &(0x7f0000000140)='./file0\x00', 0x79b8fa4e97b4cdb2, 0x6) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000000c0)={0x7, &(0x7f0000000080)=[{0x9, 0x7, 0x7f, 0x7ff}, {0xfffb, 0x3, 0x15, 0x3}, {0xfc0, 0x52, 0xaa, 0x5457}, {0x3, 0x7, 0xcb, 0x5}, {0x0, 0x7f, 0x4, 0x7}, {0x9, 0x40, 0x1, 0x5}, {0x6, 0x81, 0xfd, 0x3ff}]}, 0x10) r3 = openat2(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x1, 0x10, 0x18}, 0x18) sendmsg$NL80211_CMD_NEW_STATION(r3, &(0x7f00000003c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)={0xd0, 0x0, 0x1, 0x70bd27, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x6, 0x26}}}}, [@NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0x6b, 0xbe, "f56d9fc7cf5dd2e8a42974b3e3efcccc11793a013d44fe7696a4d144b5f7ad0788915b076b6b68accd26500da7c200f86c9ae72dfb6c3cf1f40b5c677367e08719dfb477287b002163cd3a50463aed4136e54a6915eb2c4b62341ce9c2546f4c38a7028a9124ea"}, @NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0x3}, @NL80211_ATTR_VLAN_ID={0x6, 0x11a, 0x3}, @NL80211_ATTR_STA_TX_POWER={0x6, 0x114, 0xfffb}, @NL80211_ATTR_STA_SUPPORTED_CHANNELS={0x6, 0xbd, [0x8]}, @NL80211_ATTR_STA_VLAN={0x8}, @NL80211_ATTR_STA_WME={0x1c, 0x81, [@NL80211_STA_WME_UAPSD_QUEUES={0x5, 0x1, 0x4}, @NL80211_STA_WME_UAPSD_QUEUES={0x5, 0x1, 0x81}, @NL80211_STA_WME_MAX_SP={0x5, 0x2, 0x7}]}]}, 0xd0}, 0x1, 0x0, 0x0, 0x8080}, 0x20000000) sendfile(r2, r0, 0x0, 0x100000001) 13:25:07 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) [ 846.713405] FAULT_INJECTION: forcing a failure. [ 846.713405] name failslab, interval 1, probability 0, space 0, times 0 [ 846.716299] CPU: 0 PID: 7157 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 846.718052] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 846.720177] Call Trace: [ 846.720863] dump_stack+0x107/0x167 [ 846.721800] should_fail.cold+0x5/0xa [ 846.722782] ? create_object.isra.0+0x3a/0xa30 [ 846.723972] should_failslab+0x5/0x20 [ 846.724949] kmem_cache_alloc+0x5b/0x310 [ 846.725991] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 846.727294] ? trace_hardirqs_on+0x5b/0x180 [ 846.728409] create_object.isra.0+0x3a/0xa30 [ 846.729528] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 846.730832] kmem_cache_alloc_trace+0x151/0x320 [ 846.732086] io_rsrc_node_switch_start.part.0+0x43/0x250 [ 846.733439] io_uring_setup+0x14f6/0x2980 [ 846.734509] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 846.735794] ? wait_for_completion_io+0x270/0x270 [ 846.737063] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 846.738405] ? syscall_enter_from_user_mode+0x1d/0x50 [ 846.739726] do_syscall_64+0x33/0x40 [ 846.740698] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 846.742003] RIP: 0033:0x7f55e908fb19 [ 846.742947] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 846.746122] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 846.747670] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 846.747695] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 846.747713] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 846.748878] FAULT_INJECTION: forcing a failure. [ 846.748878] name failslab, interval 1, probability 0, space 0, times 0 [ 846.750630] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 846.750643] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 846.750662] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 846.761450] CPU: 1 PID: 7166 Comm: syz-executor.6 Not tainted 5.10.245 #1 [ 846.762299] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 846.763278] Call Trace: [ 846.763609] dump_stack+0x107/0x167 [ 846.764065] should_fail.cold+0x5/0xa [ 846.764537] should_failslab+0x5/0x20 [ 846.765004] __kmalloc_node_track_caller+0x74/0x3b0 [ 846.765618] ? netlink_ack+0x1ed/0xab0 [ 846.766099] __alloc_skb+0xb1/0x5b0 [ 846.766547] netlink_ack+0x1ed/0xab0 [ 846.767018] ? netlink_sendmsg+0xe00/0xe00 [ 846.767544] ? lock_acquire+0x197/0x470 [ 846.768024] ? netlink_deliver_tap+0xf4/0xcc0 [ 846.768582] netlink_rcv_skb+0x348/0x430 [ 846.769081] ? rtnl_fdb_dump+0xa30/0xa30 [ 846.769560] ? netlink_ack+0xab0/0xab0 [ 846.770035] ? netlink_deliver_tap+0x1ae/0xcc0 [ 846.770595] ? netlink_deliver_tap+0x1c4/0xcc0 [ 846.771164] ? is_vmalloc_addr+0x7b/0xb0 [ 846.771661] netlink_unicast+0x6ce/0xa00 [ 846.772179] ? netlink_attachskb+0xab0/0xab0 [ 846.772723] netlink_sendmsg+0x90f/0xe00 [ 846.773222] ? netlink_unicast+0xa00/0xa00 [ 846.773744] ? netlink_unicast+0xa00/0xa00 [ 846.774265] __sock_sendmsg+0x154/0x190 [ 846.774762] ____sys_sendmsg+0x70d/0x870 [ 846.775268] ? sock_write_iter+0x3d0/0x3d0 [ 846.775787] ? do_recvmmsg+0x6d0/0x6d0 [ 846.776269] ? lock_downgrade+0x6d0/0x6d0 [ 846.776774] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 846.777415] ___sys_sendmsg+0xf3/0x170 [ 846.777892] ? sendmsg_copy_msghdr+0x160/0x160 [ 846.778453] ? __fget_files+0x2cf/0x520 [ 846.778939] ? lock_downgrade+0x6d0/0x6d0 [ 846.779430] ? find_held_lock+0x2c/0x110 [ 846.779931] ? __fget_files+0x2f8/0x520 [ 846.780410] ? __fget_light+0xea/0x290 [ 846.780888] __sys_sendmsg+0xe5/0x1b0 [ 846.781352] ? __sys_sendmsg_sock+0x40/0x40 [ 846.781858] ? rcu_read_lock_any_held+0x75/0xa0 [ 846.782441] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 846.783089] ? syscall_enter_from_user_mode+0x1d/0x50 [ 846.783710] ? trace_hardirqs_on+0x5b/0x180 [ 846.784224] do_syscall_64+0x33/0x40 [ 846.784677] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 846.785296] RIP: 0033:0x7f536cf98b19 [ 846.785734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 846.787984] RSP: 002b:00007f536a50e188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 846.788905] RAX: ffffffffffffffda RBX: 00007f536d0abf60 RCX: 00007f536cf98b19 [ 846.789736] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 846.790599] RBP: 00007f536a50e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 846.791461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 846.792330] R13: 00007ffca9282e9f R14: 00007f536a50e300 R15: 0000000000022000 [ 846.855820] FAULT_INJECTION: forcing a failure. [ 846.855820] name failslab, interval 1, probability 0, space 0, times 0 [ 846.857225] CPU: 1 PID: 7172 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 846.858040] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 846.858979] Call Trace: [ 846.859290] dump_stack+0x107/0x167 [ 846.859699] should_fail.cold+0x5/0xa [ 846.860141] ? __delayacct_tsk_init+0x1b/0x80 [ 846.860644] should_failslab+0x5/0x20 [ 846.861072] kmem_cache_alloc+0x5b/0x310 [ 846.861531] __delayacct_tsk_init+0x1b/0x80 [ 846.862015] copy_process+0x3399/0x78b0 [ 846.862493] ? stack_trace_save+0x8c/0xc0 [ 846.862990] ? lock_acquire+0x197/0x470 [ 846.863458] ? io_sq_thread_park+0x79/0xd0 [ 846.863973] ? __cleanup_sighand+0xb0/0xb0 [ 846.864474] ? kernel_text_address+0xf2/0x120 [ 846.865007] ? find_held_lock+0x2c/0x110 [ 846.865488] ? io_uring_setup+0x1c23/0x2980 [ 846.865997] ? lock_downgrade+0x6d0/0x6d0 [ 846.866471] ? io_uring_cancel_generic+0x2b0/0x2b0 [ 846.867049] create_io_thread+0xb6/0xf0 [ 846.867498] ? pidfd_prepare+0x80/0x80 [ 846.867976] ? io_uring_cancel_generic+0x2b0/0x2b0 [ 846.868564] io_uring_setup+0x1d79/0x2980 [ 846.869058] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 846.869654] ? wait_for_completion_io+0x270/0x270 [ 846.870240] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 846.870855] ? syscall_enter_from_user_mode+0x1d/0x50 [ 846.871459] do_syscall_64+0x33/0x40 [ 846.871895] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 846.872504] RIP: 0033:0x7f943fb71b19 [ 846.872926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 846.875081] RSP: 002b:00007f943d0c6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 846.875985] RAX: ffffffffffffffda RBX: 00007f943fc85020 RCX: 00007f943fb71b19 [ 846.876816] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 846.877651] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 846.878490] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 846.879326] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:25:19 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) [ 858.741116] FAULT_INJECTION: forcing a failure. [ 858.741116] name failslab, interval 1, probability 0, space 0, times 0 [ 858.742899] CPU: 0 PID: 7183 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 858.743950] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 858.745178] Call Trace: [ 858.745588] dump_stack+0x107/0x167 [ 858.746145] should_fail.cold+0x5/0xa [ 858.746731] ? create_object.isra.0+0x3a/0xa30 [ 858.747428] should_failslab+0x5/0x20 [ 858.748017] kmem_cache_alloc+0x5b/0x310 [ 858.748641] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 858.749413] ? trace_hardirqs_on+0x5b/0x180 [ 858.750074] create_object.isra.0+0x3a/0xa30 [ 858.750741] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 858.751518] kmem_cache_alloc_trace+0x151/0x320 [ 858.752242] io_rsrc_node_switch_start.part.0+0x43/0x250 [ 858.753067] io_uring_setup+0x14f6/0x2980 [ 858.753703] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 858.754473] ? wait_for_completion_io+0x270/0x270 [ 858.755225] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 858.756032] ? syscall_enter_from_user_mode+0x1d/0x50 [ 858.756829] do_syscall_64+0x33/0x40 [ 858.757396] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 858.758178] RIP: 0033:0x7f55e908fb19 [ 858.758746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 858.761587] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 858.762750] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 858.763839] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 858.765119] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 858.766429] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 13:25:19 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x560000, 0x0) r1 = syz_open_dev$vcsn(&(0x7f0000000040), 0x7, 0x200000) openat(r1, &(0x7f0000000080)='./file0\x00', 0x80000, 0x10) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r2, r0, 0x0, 0x100000001) 13:25:19 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 20) 13:25:19 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x6, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:25:19 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x10000000000) 13:25:19 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) (fail_nth: 17) 13:25:19 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x3) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:25:19 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 35) [ 858.767533] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 858.780782] perf: interrupt took too long (5323 > 5241), lowering kernel.perf_event_max_sample_rate to 37000 [ 858.782320] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 858.783874] perf: interrupt took too long (5323 > 5241), lowering kernel.perf_event_max_sample_rate to 37000 [ 858.786244] FAULT_INJECTION: forcing a failure. [ 858.786244] name failslab, interval 1, probability 0, space 0, times 0 [ 858.787661] perf: interrupt took too long (6766 > 6653), lowering kernel.perf_event_max_sample_rate to 29000 [ 858.788577] CPU: 0 PID: 7196 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 858.791986] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 858.793262] Call Trace: [ 858.793671] dump_stack+0x107/0x167 [ 858.794232] should_fail.cold+0x5/0xa [ 858.794816] ? create_object.isra.0+0x3a/0xa30 [ 858.795519] should_failslab+0x5/0x20 [ 858.796109] kmem_cache_alloc+0x5b/0x310 [ 858.796733] create_object.isra.0+0x3a/0xa30 [ 858.797405] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 858.798194] kmem_cache_alloc+0x159/0x310 [ 858.798836] __delayacct_tsk_init+0x1b/0x80 [ 858.799496] copy_process+0x3399/0x78b0 [ 858.800129] ? stack_trace_save+0x8c/0xc0 [ 858.800776] ? lock_acquire+0x197/0x470 [ 858.801384] ? io_sq_thread_park+0x79/0xd0 [ 858.802042] ? __cleanup_sighand+0xb0/0xb0 [ 858.802687] ? kernel_text_address+0xf2/0x120 [ 858.803375] ? find_held_lock+0x2c/0x110 [ 858.804026] ? io_uring_setup+0x1c23/0x2980 [ 858.804685] ? lock_downgrade+0x6d0/0x6d0 [ 858.805322] ? io_uring_cancel_generic+0x2b0/0x2b0 [ 858.806071] create_io_thread+0xb6/0xf0 [ 858.806679] ? pidfd_prepare+0x80/0x80 [ 858.807280] ? io_uring_cancel_generic+0x2b0/0x2b0 [ 858.808047] io_uring_setup+0x1d79/0x2980 [ 858.808681] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 858.809455] ? wait_for_completion_io+0x270/0x270 [ 858.810200] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 858.810993] ? syscall_enter_from_user_mode+0x1d/0x50 [ 858.811779] do_syscall_64+0x33/0x40 [ 858.812350] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 858.813128] RIP: 0033:0x7f943fb71b19 [ 858.813689] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 858.816495] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 858.817658] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 858.818699] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 858.819782] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 858.820871] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 858.821953] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 858.825269] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 858.827696] FAULT_INJECTION: forcing a failure. [ 858.827696] name failslab, interval 1, probability 0, space 0, times 0 [ 858.829484] CPU: 0 PID: 7195 Comm: syz-executor.6 Not tainted 5.10.245 #1 [ 858.830533] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 858.831792] Call Trace: [ 858.832198] dump_stack+0x107/0x167 [ 858.832752] should_fail.cold+0x5/0xa [ 858.833329] should_failslab+0x5/0x20 [ 858.833908] __kmalloc_node_track_caller+0x74/0x3b0 [ 858.834663] ? netlink_ack+0x1ed/0xab0 [ 858.835258] __alloc_skb+0xb1/0x5b0 [ 858.835813] netlink_ack+0x1ed/0xab0 [ 858.836392] ? netlink_sendmsg+0xe00/0xe00 [ 858.837034] ? lock_acquire+0x197/0x470 [ 858.837638] ? netlink_deliver_tap+0xf4/0xcc0 [ 858.838323] netlink_rcv_skb+0x348/0x430 [ 858.838939] ? rtnl_fdb_dump+0xa30/0xa30 [ 858.839557] ? netlink_ack+0xab0/0xab0 [ 858.840154] ? netlink_deliver_tap+0x1ae/0xcc0 [ 858.840850] ? netlink_deliver_tap+0x1c4/0xcc0 [ 858.841542] ? is_vmalloc_addr+0x7b/0xb0 [ 858.842161] netlink_unicast+0x6ce/0xa00 [ 858.842780] ? netlink_attachskb+0xab0/0xab0 [ 858.843456] netlink_sendmsg+0x90f/0xe00 [ 858.844085] ? netlink_unicast+0xa00/0xa00 [ 858.844739] ? netlink_unicast+0xa00/0xa00 [ 858.845383] __sock_sendmsg+0x154/0x190 [ 858.845987] ____sys_sendmsg+0x70d/0x870 [ 858.846607] ? sock_write_iter+0x3d0/0x3d0 [ 858.847247] ? do_recvmmsg+0x6d0/0x6d0 [ 858.847842] ? lock_downgrade+0x6d0/0x6d0 [ 858.848460] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 858.849248] ___sys_sendmsg+0xf3/0x170 [ 858.849817] ? sendmsg_copy_msghdr+0x160/0x160 [ 858.850486] ? __fget_files+0x2cf/0x520 13:25:19 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) r1 = openat$sr(0xffffffffffffff9c, &(0x7f0000001840), 0x10000, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) r3 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r4, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r5 = fcntl$dupfd(r4, 0x406, r3) ioctl$FS_IOC_FIEMAP(r5, 0xc020660b, &(0x7f00000002c0)={0x1f, 0x2, 0x1, 0x25, 0x4, [{0x0, 0xd8f, 0x5, '\x00', 0x86}, {0xcb3, 0x8, 0x6, '\x00', 0x4}, {0x0, 0x7ff, 0x9ff, '\x00', 0x802}, {0x5, 0x4f2b, 0x5, '\x00', 0x2801}]}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r3, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r5, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r3, {0x1ff}}, './file0\x00'}) io_uring_enter(r3, 0x58ab, 0x0, 0x0, 0x0, 0x0) mount$9p_fd(0x0, &(0x7f00000018c0)='./file0\x00', &(0x7f0000001900), 0x4020c0, &(0x7f0000001940)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@mmap}, {@nodevmap}, {@access_any}, {@version_L}, {@access_user}, {@debug={'debug', 0x3d, 0xfff}}, {@version_9p2000}, {@cache_loose}], [{@permit_directio}]}}) write$P9_RWALK(r2, &(0x7f0000001880)={0x23, 0x6f, 0x2, {0x2, [{0x80, 0x7, 0x5}, {0x20, 0x0, 0x4}]}}, 0x23) sendfile(r2, r0, 0x0, 0x100000001) r6 = syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x6, 0x1, &(0x7f0000000180)=[{&(0x7f00000000c0)="48cccf6f86c379953bf93c8d2eb8751efb2e0e8a0ac9a3e1298393a0f68d7ce4d5449cfbe98a825ff250187d1ecaa9e8db1934f53c54b936fc5fe64cffdab581765f8d310c1e8561b501408736981e97a350fb52d744b5ec4e024eff1af392d94c7ce464c07a366122cda7ab4da3463dfb66c51ec5d0f97de91d70c7f68d3fadc2c030f0310c66a7348515175d7ccb4f9511", 0x92, 0x7}], 0x10090, &(0x7f00000002c0)={[{@sbsector={'sbsector', 0x3d, 0x4}}, {@check_strict}, {@hide}, {@nojoliet}, {@utf8}], [{@uid_gt}, {@obj_role={'obj_role', 0x3d, '*'}}, {@euid_lt}, {@fsuuid={'fsuuid', 0x3d, {[0x64, 0x34, 0x38, 0x30, 0x35, 0x62, 0x31, 0x38], 0x2d, [0x5, 0x39, 0x31, 0x37], 0x2d, [0x64, 0x32, 0x66, 0x32], 0x2d, [0xc2, 0x66, 0x34, 0x33], 0x2d, [0x31, 0x31, 0x61, 0x65, 0x36, 0x35, 0x39]}}}, {@euid_gt={'euid>', 0xee00}}, {@dont_appraise}, {@uid_lt={'uid<', 0xffffffffffffffff}}, {@fowner_gt={'fowner>', 0xee01}}, {@context={'context', 0x3d, 'sysadm_u'}}, {@seclabel}]}) preadv(r6, &(0x7f00000017c0)=[{&(0x7f00000001c0)=""/73, 0x49}, {&(0x7f0000000400)=""/176, 0xb0}, {&(0x7f00000004c0)=""/142, 0x8e}, {&(0x7f0000000580)=""/178, 0xb2}, {&(0x7f0000000640)=""/4096, 0x1000}, {&(0x7f0000001640)=""/254, 0xfe}, {&(0x7f0000000240)=""/19, 0x13}, {&(0x7f0000001740)=""/91, 0x5b}], 0x8, 0xe69f, 0x8) [ 858.851074] ? lock_downgrade+0x6d0/0x6d0 [ 858.851924] ? find_held_lock+0x2c/0x110 [ 858.852534] ? __fget_files+0x2f8/0x520 [ 858.852929] perf: interrupt took too long (8507 > 8457), lowering kernel.perf_event_max_sample_rate to 23000 [ 858.853123] ? __fget_light+0xea/0x290 [ 858.853142] __sys_sendmsg+0xe5/0x1b0 [ 858.853156] ? __sys_sendmsg_sock+0x40/0x40 [ 858.853169] ? rcu_read_lock_any_held+0x75/0xa0 [ 858.853269] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 858.858845] ? syscall_enter_from_user_mode+0x1d/0x50 [ 858.859593] ? trace_hardirqs_on+0x5b/0x180 [ 858.860239] do_syscall_64+0x33/0x40 [ 858.860787] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 858.861550] RIP: 0033:0x7f536cf98b19 [ 858.862095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 858.864749] RSP: 002b:00007f536a50e188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 858.865851] RAX: ffffffffffffffda RBX: 00007f536d0abf60 RCX: 00007f536cf98b19 [ 858.866876] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003 [ 858.867906] RBP: 00007f536a50e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 858.868955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 858.869984] R13: 00007ffca9282e9f R14: 00007f536a50e300 R15: 0000000000022000 [ 858.887058] perf: interrupt took too long (10653 > 10633), lowering kernel.perf_event_max_sample_rate to 18000 13:25:20 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xffffffffffffb) 13:25:20 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x7, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:25:20 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 21) [ 858.976651] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 858.990813] FAULT_INJECTION: forcing a failure. [ 858.990813] name failslab, interval 1, probability 0, space 0, times 0 [ 858.993339] CPU: 1 PID: 7211 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 858.994818] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 858.996603] Call Trace: [ 858.997167] dump_stack+0x107/0x167 [ 858.997956] should_fail.cold+0x5/0xa [ 858.998786] ? alloc_pid+0xd7/0xd30 [ 858.999565] should_failslab+0x5/0x20 [ 859.000394] kmem_cache_alloc+0x5b/0x310 [ 859.001259] alloc_pid+0xd7/0xd30 [ 859.002006] ? copy_namespaces+0x1ca/0x4f0 [ 859.002919] copy_process+0x3b8b/0x78b0 [ 859.003871] ? stack_trace_save+0x8c/0xc0 [ 859.005014] ? __cleanup_sighand+0xb0/0xb0 [ 859.006102] ? kernel_text_address+0xf2/0x120 [ 859.007265] ? find_held_lock+0x2c/0x110 [ 859.008322] ? io_uring_setup+0x1c23/0x2980 [ 859.009265] ? lock_downgrade+0x6d0/0x6d0 [ 859.010149] ? io_uring_cancel_generic+0x2b0/0x2b0 [ 859.011187] create_io_thread+0xb6/0xf0 [ 859.012046] ? pidfd_prepare+0x80/0x80 [ 859.012887] ? io_uring_cancel_generic+0x2b0/0x2b0 [ 859.013952] io_uring_setup+0x1d79/0x2980 [ 859.014844] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 859.015917] ? wait_for_completion_io+0x270/0x270 [ 859.016974] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 859.018094] ? syscall_enter_from_user_mode+0x1d/0x50 [ 859.019198] do_syscall_64+0x33/0x40 [ 859.020009] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 859.021101] RIP: 0033:0x7f943fb71b19 [ 859.021900] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 859.025832] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 859.027497] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 859.029036] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 859.030597] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 859.032277] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 859.033796] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:25:20 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x40000000000000) 13:25:20 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x8, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:25:20 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 36) 13:25:20 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) (fail_nth: 18) [ 859.073955] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 859.077516] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 859.085152] FAULT_INJECTION: forcing a failure. [ 859.085152] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 859.087658] CPU: 1 PID: 7218 Comm: syz-executor.6 Not tainted 5.10.245 #1 [ 859.089093] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 859.090814] Call Trace: [ 859.091366] dump_stack+0x107/0x167 [ 859.092136] should_fail.cold+0x5/0xa [ 859.092947] _copy_to_user+0x2e/0x180 [ 859.093755] simple_read_from_buffer+0xcc/0x160 [ 859.094739] proc_fail_nth_read+0x198/0x230 [ 859.095641] ? proc_sessionid_read+0x230/0x230 [ 859.096612] ? security_file_permission+0xb1/0xe0 [ 859.097630] ? proc_sessionid_read+0x230/0x230 [ 859.098583] vfs_read+0x228/0x620 [ 859.099320] ksys_read+0x12d/0x260 [ 859.100071] ? vfs_write+0xb10/0xb10 [ 859.100854] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 859.101951] ? syscall_enter_from_user_mode+0x1d/0x50 [ 859.103035] do_syscall_64+0x33/0x40 [ 859.103818] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 859.104896] RIP: 0033:0x7f536cf4b69c [ 859.105674] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48 [ 859.109548] RSP: 002b:00007f536a50e170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 859.111141] RAX: ffffffffffffffda RBX: 000000000000002c RCX: 00007f536cf4b69c [ 859.113012] RDX: 000000000000000f RSI: 00007f536a50e1e0 RDI: 0000000000000004 [ 859.114517] RBP: 00007f536a50e1d0 R08: 0000000000000000 R09: 0000000000000000 [ 859.116031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 859.117839] R13: 00007ffca9282e9f R14: 00007f536a50e300 R15: 0000000000022000 [ 859.127705] FAULT_INJECTION: forcing a failure. [ 859.127705] name failslab, interval 1, probability 0, space 0, times 0 [ 859.130483] CPU: 1 PID: 7219 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 859.132105] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 859.134056] Call Trace: [ 859.134686] dump_stack+0x107/0x167 [ 859.135560] should_fail.cold+0x5/0xa [ 859.136473] ? create_object.isra.0+0x3a/0xa30 [ 859.137555] should_failslab+0x5/0x20 [ 859.138458] kmem_cache_alloc+0x5b/0x310 [ 859.139425] ? io_wq_create+0x114/0xc00 [ 859.140381] create_object.isra.0+0x3a/0xa30 [ 859.141429] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 859.142633] kmem_cache_alloc_node_trace+0x16d/0x340 [ 859.143861] io_wq_create+0x6ef/0xc00 [ 859.144782] io_uring_alloc_task_context+0x1f1/0x6a0 [ 859.145984] ? io_import_iovec+0x1120/0x1120 [ 859.147017] ? io_apoll_task_func+0x2d0/0x2d0 [ 859.148079] ? __io_req_find_next+0x300/0x300 [ 859.149151] io_uring_setup+0x1dd1/0x2980 [ 859.150144] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 859.151341] ? wait_for_completion_io+0x270/0x270 [ 859.152523] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 859.153766] ? syscall_enter_from_user_mode+0x1d/0x50 [ 859.154980] do_syscall_64+0x33/0x40 [ 859.155859] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 859.157100] RIP: 0033:0x7f55e908fb19 [ 859.157983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 859.162346] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 859.164170] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 859.165875] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 859.167555] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 859.169257] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 859.170949] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:25:20 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x60000000000000) 13:25:20 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) [ 859.197247] perf: interrupt took too long (13326 > 13316), lowering kernel.perf_event_max_sample_rate to 15000 [ 859.253703] perf: interrupt took too long (16686 > 16657), lowering kernel.perf_event_max_sample_rate to 11000 13:25:33 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x80000000000000) 13:25:33 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:25:33 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x9, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 872.103387] FAULT_INJECTION: forcing a failure. [ 872.103387] name failslab, interval 1, probability 0, space 0, times 0 [ 872.105749] CPU: 1 PID: 7246 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 872.107202] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 872.108973] Call Trace: [ 872.109520] dump_stack+0x107/0x167 [ 872.110275] should_fail.cold+0x5/0xa [ 872.111062] ? percpu_ref_init+0xd8/0x3d0 [ 872.111928] should_failslab+0x5/0x20 [ 872.112735] kmem_cache_alloc_trace+0x55/0x320 [ 872.113696] ? io_async_queue_proc+0x80/0x80 [ 872.114603] percpu_ref_init+0xd8/0x3d0 [ 872.115426] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 872.116580] io_uring_setup+0x14f6/0x2980 [ 872.117460] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 872.118513] ? wait_for_completion_io+0x270/0x270 [ 872.119533] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 872.120634] ? syscall_enter_from_user_mode+0x1d/0x50 [ 872.121725] do_syscall_64+0x33/0x40 [ 872.122499] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 872.123563] RIP: 0033:0x7f55e908fb19 [ 872.124250] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 872.124355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 872.129721] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 872.131303] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 872.131324] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 872.134290] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 872.135796] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 872.137305] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 872.140195] FAULT_INJECTION: forcing a failure. [ 872.140195] name failslab, interval 1, probability 0, space 0, times 0 [ 872.142573] CPU: 1 PID: 7248 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 872.144023] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 872.145775] Call Trace: [ 872.146326] dump_stack+0x107/0x167 [ 872.147091] should_fail.cold+0x5/0xa [ 872.147899] ? create_object.isra.0+0x3a/0xa30 13:25:33 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:25:33 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 22) 13:25:33 executing program 3: r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) r1 = syz_open_dev$vcsa(&(0x7f00000004c0), 0x5, 0x200) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f0000001800)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000017c0)={&(0x7f0000001840)={0x14b4, r2, 0x2, 0x70bd2a, 0x25dfdbfb, {}, [@ETHTOOL_A_LINKMODES_OURS={0x388, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x140, 0x3, 0x0, 0x1, [{0xfc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '$\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xc6, 0x2, 'e\x00\x00tool\x00\xd7\x04K\x97z\x0f\xd5\x85\xb3s\f\xde\xaf\xe4\xd0\xe0\xa7\x8e-,/\x02\x03\xdbj\xd2\xa0\x18%\xd7x\xd9\xa51\x9a\xbd\tlT0\xe96\xfb g\x94\x1bk\xc6o\xc9\x0eo\xcb\x0f`,\x89\x00\xc4\x04\x94-\xc8v)\x7f\xdb\xadXb\xfa\x81=\x9f\x7f\x863\xf3\xb5Cjb\x90\xccL\xc4\xbc\xd8\xe9\xc2#\x18\xa4+\x88C\xff\xe8\x95\xdc\xc4\xcc\xa8\xeb\xc4F\f\xb9\xb8\x7fEG\xa2W\xf5K\xacICc=\x99\xd3\xe1\x00\x80\x8c\x93\xca\x00x\xcbv}\xff\x8c\x12\t&COF\xeaX\xf5\xdalW \xdd\x19\xa3\x1e\xcc\xe1\x1b@\x9ed\x81\xe6\x83\xc5\xa2k\x834;\xf9\xd8k\b\\\xbc~\xb4=\x89\x12\xc5\xd7\xc3\xc9\x83\xda'}, @ETHTOOL_A_BITSET_BIT_NAME={0x1d, 0x2, '@#@$^@#-}.&%l-*/%!{\xa7@-.-\x00'}]}, {0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x800}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x40000000}]}]}, @ETHTOOL_A_BITSET_VALUE={0x13, 0x4, "b10c722b9ba2c4b861ef3a267f3a58"}, @ETHTOOL_A_BITSET_BITS={0x24, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}]}, @ETHTOOL_A_BITSET_VALUE={0xf0, 0x4, "44e2fe8b474bcb87389d2556733ea76e805bf53be15edce202ef9036f5c7cd3035f8bc47f2ea864bca4b7b11d514a0a3465b5e78c610065a516f9bc7265464b4aa4231f799d29c6ebe603dae4b7a294e4389e0d50058410d547f71cc21776008486935b829816170c318472b899e0a24cf0113061c822f6e2870bdb7f888d4cc9822b0f2324d6f9d6dca06761a8f7dcf4e713940a9c2e41d72b7cdc4d88d8d4d3975033f968d5770ec121931514ab3f45ca0c82d7d2e9a8498430e12eb69f0f8bb4532c3d65a72f5e786d197e67ebec0834d33095deadeb0828f0dbc8083c4911de2acab06e4429435b0b842"}, @ETHTOOL_A_BITSET_MASK={0x33, 0x5, "085ba3a190cf775b2bc0fcafbe43afa8cd3d8a21dbc73d6872335f777b9e896b71ed20906086d26e9673e6e7d77281"}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_BITS={0xe4, 0x3, 0x0, 0x1, [{0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '$$#\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, ',)\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xe, 0x2, '[[#]+)*[^\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}, @ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, '](:})@\\-\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x400}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, 'J,\'\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x401}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '$\x00'}]}, {0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x9}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '\\)[[\x00'}]}]}]}, @ETHTOOL_A_LINKMODES_DUPLEX={0x5, 0x6, 0x7}, @ETHTOOL_A_LINKMODES_HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0x10dc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x1004, 0x4, "f7a5b790ea69e2316ca43cfc96a6fcccd55250364113d3676e48205483c99889e296a304cf3fc16388ebe43dedd10e5c810ab565ae357dfff599c18f04f8688bc7b8fd976894936c8f90dca74499fc6a2128236214458d1d44c17dc5482a81f5f4415676b4df8867799a741236ef24f62c105a6a2c09c866c18e69d257f8c64750900875ebbfec9c21317c34e4e85a8145f12fda716c097adf05f4f76d95ca5182c9159a72d08d7914f0f9162a515654839ac5e16188a6f54991fee6fc0d6ae233c3eb925e903a54183b2f7d28fdaa299e7769df39b6992f2f8bd67157a9f9760cebfe09e47ab8f0182c03e9ee03ccef341add11801726c3616e3856f651c6d50f70d2cbc1231b93339caf78f08b19334d86ccda10c6090dca17fbdbcc6ff8bd7ba2b319e987d24727aa090c88dcc6c78ba53346ba1aad2dc8a042769f3707b4fe51aeba600edd14c612810963f454461c023fb3cf57cf4010b98b14e5b030a06fdd40e8f2f3d3003c40033a09529b4a7781b08defae32bb223527d55d7a290323f3b46a192aeb5b0bce63f3127202c84d6024d071359e8b467b0678c384020c8b1789a51a1d778a4ee26a0005abbc47d06cefa7e86445e85799cf784e0e64355da312da4e268106e2ed4d71140150e8ff3fbdb2c4b57ea9faf1ad21f023710572fb2a1566666295c63c1abab9191e050b22993d797be2fee24a14c00a93ce237f751ea7c747585c1ea6da77497d59c8c4f2101e576d6d18388fe9e5e5b1b75d3db645e4ebd484a7c3ab0f1d02d4e470d59eafbb511e2a86f6c844a7dcbf25542d832f9d19a55ed7e01fa41f53cbccba6c7635f362a1c9e42354406fab88544bebd392291db2893be44cb622bae17c05f3bf1382fcc55b42485c948703a2db7ee11a857fccb012baa6077214a66bd7aa0ed959639f9729e0f5cc5e67eb7bfec9814af78d6504a22d1c23224a11c0ee2434ae7a9eeaa73bbb4ccca7b22a87a1b08826e3a38670ccbe83ccac066773059045b70e3ee4168c43944cc0a46adb49a17908b5a871b1519fda7626920a4aa5b6f7a1d69c826fe0419bba338850846ba1cf21bd0b0d07f5f7eedb603e1261e752bd4557802f6d3da2ed1c8dd785b45f8d8caf856eae92c18553670c12e390da56d5a6957e9b8404b4329a1c66c6fb4af15cd4a893360a0e42b3f9b233aaa8af5a6e0b95b0b44069c04619769a711aa1db2a3e41f7167d34fc81d3cd30fac5bba2d2b8aea2f026c05453e0288291b39ff8a8a7d8fd0ace0c82ec52691d63ca6a672415613f9a7addda5be87d124bae1fd6fbbc94b9717dabf0f376d6c15c3fc11accc0fec7e43445b2e7a73807fb41605d0175976c91bda877fc5006b104c6d2183238b4d252b82beff4aaa2098190772883fa222868cf729712f73fd3176da496019dd926dd0f3c981ae1eee9170c5630ce8046f0baf9fa2f2305bb39340ccb3b0ebec8a57053f04d90be53ae4d769644f6cf20a6a6b1731f8f3a8ea2d8d59c5fcd496149232c3bbb770189fd3554954d5200bbfbe5fe1acbf04d55d680e5015613f611210e1909f18cc7babdc679cc2ed08db25cf70d9c88662190c018cbe365ce3b5c986484966d8c6ab9b3e1b222f858179d997775cd83ff62fd2a567624759657622a1b3455034b31f946dc891f98eb53b27be5f852bdfaff08d1dd17688b4c31aff65a3b62cf4434e68149b18aaded5eea1b7a6e702aff9dc9f3e87747541c14f79331ec00f0d490d70954e045b333b7b781826573d2f666be4974583a8502dd5dc2bf91b06864705f2a4f163626e1f92a3e2b803d58bc3c2cffaa05308bde481e3198f5b547fbcbb8e6c0d5bd5362f1624e163d1273193cc5bb225206dcfc050e04bc33f5086b50dff87d2276156883f1d3fa75cc15319d939447db0a8cef289c3e6bc63fb68524d6a55aeb87d078d1021f290410f7cced05cc1eadcb8974270de2ca34af8aa4f4f8157477596f1553a90b2a250ae9d5997c9c43bc08f89eed95391e7b29001e1cc9c425a16780493eeb98352a7608fcfe64a4ef8ce38da3800367bb4fb899d6709a7aeb7ff393c98e28c6748f38e3a31264e04704535c669b01da413ac2c30a27205aa68870effbf51101613e6eec423eae3ad4be4869c894f751fb6040cebb74780af7942f36419696cf3f6b81a3de3a31bc6a113003e6dfc10f73703224fff44327410b63310176b4afee406db197017dbcad92edf08c16c4b407422d061ebc46464b997b8ad71e2d76d32fcb0700ab23f76522b878b241a9cfe3370ee6f72087aaa09e0bd90d3619573766f563bb415e0ab22627958f407673721951a0b6209c5242b5f2c25994cdb4933e543fc43396d1eb10d727b8779ccd3766e081ea5f96b2f0d9095af859e97b3738461a4e73f349aa26f87a775b60fab23e1c03cfb6bb2a1dbbbab31b55ddfb7458d81fba6730b245cee4c1ce26278c4a0afcc54e5cc5469269fcab730335784f0fbec126085277d0cbfe07475e202d35b641ba1e3c858bc4f35633bc7b10dd4a4e1d3acec3455622601f7b67f18df00ba23bc6d7c4bc7b6df5be1e62d0fa3b7de49b32c2c9e82c9f885f8046f809e69bef3142426e0bd19df24621a74497471a7a14236ddd05ba9f861e7d6735e0ec088397307760d5730d9c489a71dd80d54f208fca23231f31b0d12aea212b67b14cedadf02e73281fe070798987f18f8db0848d6bdd7bdbbea54891eec768988ae78947c08fa42c14f362263faaaa4a9743037c121f7ef3dd8efb66f8839597554176eecc3f25194d3532f7704c797a8afec236e8f1d582dad8e9442fdb2837a83023e27c13b27da52a9e3efa15783152b254f4d15ecaf809029b619b99093c53f4790fdcdeefcd7718374b484633f75558acbf3eb882e07417a780fab4c0e2cb2d02e7f4ab683d31d515f4e90990b801804485ded93ca50380c15225ba63ab3c753fa7a55ae2238eb50f785b7657fa6b250adc7381f0a9df90e55b0eb59f9593a75a49cf97e5e7fd4ecebc6014fd0420588a27766ba91c40843ea02f7a32edf44682458fbf674a613d13032b60d6db56f1ba9f44f2ac30d5b1cd6006a04ba697cfde8aab2723c2275720d2690df4df6cbab390476bb39b9136acdad98154792dce51ea7332a728937c99d5732e9ceccfbb36daaa0e9d2fcb735cc886b1c3eceda35063ec098d28c58fcaab9ec3a9ddcbe68562a7b0a98468b501c6f671b24669b893d6de30f57de9e20cf65af48384738b3b935e4fd139789e11b2c2a3a72da99374b08ef574acfe2fd25b9c4f92bc56240521a15bdc1b8300bad7c30f301c020c7c09d33a9f82386d7d6cc628efdcfa4b3301cdaeac59f459b316c0ba9684302267c5fab0067b6dd2e7191889c67de0e1c5941793dd3c095e6e492452a1ee10c29351ff3b28248a35425c0200746d6ad8e1b40758a793eae99c9449246abd774522fde1b2fd7dcec8f8ee084a3892c011e301f7882dde61ad769e3a9eeee1e7f051e307a74126a82e7e464bb60129c94e5e1c0d9652d9d965a683f69e954e39bd6927091e37bd103bede64f7840509d7131bb4068e54bcd0d21b972065b33c4542d45f24bdcbd77cadb4170a1bc49896d34a5f55d24d20be5480479ef8cd8c6ea7a08d383681f6eaa9681fe3c1e312c6bc95da164784e84e8740136c5873aec7a07823454d98145223eb5ec3c4182cf56014e679e32a985d3cf1805cf6543d1745b0fe0bd7b24722ca5fb5df3b1ebdcdde1a57e7c907a931553e1cdd96c91abe2c8b93f7fd00e121f525753b40aa36e5448712b3be02ca44b87671766abb1e3aa80860fea7c3649f962f80aa01fd5e28221967ed25cdd0eb32307a4a8e0cb391a5ab299dd702a2c2f6ad7b238a30e397217c84eb1c481aae6cfaec07ea3f66f4b93eedc74e1b316ec68d2e4cd79ec3ff45cae1ab54e0c6edd9cf4869a1fd71f7bfcdce3642a0ca3ede08ac767e5c7ed77e575b1a5e76ef324a5b4c2c51aea18db57a7d89d85b74fa5babc3316dc5c94fcc4251771b33493ca721c32c1280cd47cceb6662e8c3ddd4f9313c4e0a2532071ddae32ded8413647e835269f82aa3b622de07f5c1c1c8b91ca290d8954d8ce0d08ba5fb2f6f3c384de689f04205a7f508e709af2298ea96570ef315f95c3b6b1046a151b9b540ecdf6166784d00dafeb5d1cabcabe199921b84d900743a6fd16ac4e35bb447190fc1022b2a02550f849471b46844ec9b0f5cd3c916a25c0adffaf7245761a7a899b798e2a5326b3d1ccc4160376d54fb7ed43d1ae35ec0ece50009b478308cc9db381b2f64e8af13162f13e6118331cd567cca43ebe2ddfe9037cf46510428cba1a8b1a28b548cdb83f5bec1df2cc8f9d726bf16bc4eee43877f8653e2b775e1df628b15ac9641619fe24cd434e2ec37081b1c2957312c57e06380f1f4b7a594bff090619201367a74eb7cffa0f9b500c128859d6e2e90c186f08223da32f2801d49643199a611ac34915db3dc8d2649e5905dda4be354cc649ad2fd41241ae771e66a7b5b899823dbd3339beee9de0764c82e352a907a064b039c5bade7343ed693abe1df54a141a58268d0bb0e0b69d36f86e15648c022dd9efc698d7ffe1de03d79a15fdfcd1a276b9eff216842d99dbf2cd4235f695081a3eef52e4a27a9b3e555b3759e7cfb94fd70f85c4ba51c5ffac8b5316246d7352f96f10bdf541d0f96e714c1e8a67fa44b616d2d63b6fbb24f23d53cbc48140cf07a99de17476766c202c6f0fba5e30cc65d4da20de8d4b86c80c7ed4b5a40a76ac3f83915b9da10c75375db44b32407ae31b7349581e462b89d06effe801df8cc36874e17d8f75b1c74a1ef1cd01e86f16e0c0c25b7fcdbb90c959f5f6f617876e2c4cf1fc652f1176389fcdca0ac995ff145e60501ffd0a312b87570cbaf41a6b66179730d4275f81a982d55342029190b822d7faffd4b793474771ce19222212863f01a4a33a7c9e987236be0c53bb4a89b8c166a9474ff308faabc1b382a7e1cf0b8d6a93fb8ff15a511342a5806636e9b910fd3c9c538be6627b00e4e6659d0ccbc9354a4ed6225e2c79661cb7bb6e40f45e86a6369d35ffdc72de3866aab6fc8ced50c50a35b21c90797f954e04e60b1f73312b64ba3dcf615b1e89ae3167ad58e2ec7c41cc39bf5b09c5e607fbb40d57b6ae30046eb0b3f58a943435bd6f482cb5d61238d246b285b6cda0413a79e05b40711a01e0a2330e0dd50579e0d5550b37217875f66ceb92be0b10f43b55b17b7ab56de6e0d30bacb192481001a41e60d9ba9b1e06114b4c9bbfb309abea6576b2e83de6b0b8578c6be26bb10ab4ce5c52fffbd46bfaace1a98c916237fd504f116642fd40594356a783855500eb1e9cfa6fddc7aef7a8c1942dfe70b6e09fbea86ee1df7d73440359b3a656ba2bf1c82c53eaa5d611a9dbac901a3c0cf3a8bdab80d281474437c2b97b93f6a6810618f44065aa0d384bfcd94381af1f99a812111ae9a1fc02f552870f87af8cf338efc2eecc69ba157528492ad7d88641ed711234b27bed588cd57f763939006bc4ca4df77e2972e0fdd280f28f78ebd3421f682491362a10997e49380d7049e417c2d0b7e886220c1242c96b06d2dfb5af75eac56dff3d02ebc048621686a07bd843d61756795c1730c0f7e3d3c3f31c1768b8f701c6a8d77f4a349d9e40cd145e47f3425defaefad749596dcadbc8eb7491b7d1cdb7653454a2d89fa319d1644a424b7795537379f91021b24c1a55154a7fed196de8f9d97f00"}, @ETHTOOL_A_BITSET_VALUE={0x65, 0x4, "521a37398c0d926266063a38fc5ef4852e69123aaed28ff1061cc52a100dbb542b1991323c49cd3eca2fd30d5b5c3617d4ded9baae709fb80e443d92e109e41e5fe6abb11ef7acb23046c32450c713aee894df6f83dfc5f7b95e76267f25aaa369"}, @ETHTOOL_A_BITSET_MASK={0x65, 0x5, "27f519579bb638e7734ec8c22c28a1381e591aaac6b23c4f9332aa614fba4e20dfb76e81c5ce4f403039c77e9d87b59e1632f6bd8cc62890eea4367da4157993575409942d8fede676ac49edfe8b20f5a078f0282d113d75930cb6a65d82899d4c"}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}]}, 0x14b4}, 0x1, 0x0, 0x0, 0xc080}, 0x4040000) sendmsg$ETHTOOL_MSG_PAUSE_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="84000000", @ANYRES16=r0, @ANYBLOB="080025bd7000ffdbdf2515000000140001800800030002000000000003000300000018100180140002006772653000000000000000000000000044000180140002d776657468305f7f9a3dfd88da4b930000080001ca", @ANYRES32=0x0, @ANYBLOB="08000300000000001400020069703665727370616e3000000000000008000100", @ANYRES32=0x0, @ANYBLOB="b40bcf9a0b2989b72d39ac8804d84e3d8d96"], 0x84}}, 0x20040000) r3 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendmsg$NL80211_CMD_FLUSH_PMKSA(r3, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x20, 0x0, 0x200, 0x70bd2d, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x10001, 0x58}}}}, [""]}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x20000000) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) r5 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r8, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) fcntl$dupfd(r8, 0x406, r5) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x2, 0x0, @fd_index=0x1, 0x0, 0x0}, 0x0) r9 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) syz_io_uring_submit(r9, r7, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r10 = open(&(0x7f0000000400)='./file0\x00', 0x101402, 0x121) r11 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r7, &(0x7f0000000480)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x5, 0x0, r10, &(0x7f0000000440)={0xe0002000}, r4, 0x1, 0x0, 0x0, {0x0, r11}}, 0x7) sendfile(r1, r3, 0x0, 0x100000002) 13:25:33 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 37) 13:25:33 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x4) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) [ 872.148875] should_failslab+0x5/0x20 [ 872.148893] kmem_cache_alloc+0x5b/0x310 [ 872.148916] create_object.isra.0+0x3a/0xa30 [ 872.148931] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 872.148954] kmem_cache_alloc+0x159/0x310 [ 872.148977] alloc_pid+0xd7/0xd30 13:25:33 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:25:33 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x80ffff00000000) 13:25:33 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0xf, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 872.148999] ? copy_namespaces+0x1ca/0x4f0 [ 872.149020] copy_process+0x3b8b/0x78b0 [ 872.149045] ? stack_trace_save+0x8c/0xc0 [ 872.149081] ? __cleanup_sighand+0xb0/0xb0 [ 872.149098] ? kernel_text_address+0xf2/0x120 [ 872.149120] ? find_held_lock+0x2c/0x110 [ 872.149143] ? io_uring_setup+0x1c23/0x2980 [ 872.149160] ? lock_downgrade+0x6d0/0x6d0 [ 872.149181] ? io_uring_cancel_generic+0x2b0/0x2b0 [ 872.149199] create_io_thread+0xb6/0xf0 [ 872.149215] ? pidfd_prepare+0x80/0x80 [ 872.149239] ? io_uring_cancel_generic+0x2b0/0x2b0 [ 872.149271] io_uring_setup+0x1d79/0x2980 [ 872.149297] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 872.149312] ? wait_for_completion_io+0x270/0x270 [ 872.149350] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 872.149369] ? syscall_enter_from_user_mode+0x1d/0x50 [ 872.149389] do_syscall_64+0x33/0x40 [ 872.149407] entry_SYSCALL_64_after_hwframe+0x67/0xd1 13:25:33 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x5) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) [ 872.149418] RIP: 0033:0x7f943fb71b19 [ 872.149435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 872.149445] RSP: 002b:00007f943d0c6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 872.149463] RAX: ffffffffffffffda RBX: 00007f943fc85020 RCX: 00007f943fb71b19 [ 872.149473] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 872.149484] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 13:25:33 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 872.149494] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 13:25:33 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x100000000000000) [ 872.149504] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 872.155776] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 872.262754] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 872.264889] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:25:33 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 23) 13:25:33 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x2, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 872.372729] netlink: 'syz-executor.2': attribute type 16 has an invalid length. 13:25:33 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 38) [ 872.408789] FAULT_INJECTION: forcing a failure. [ 872.408789] name failslab, interval 1, probability 0, space 0, times 0 [ 872.411268] CPU: 1 PID: 7271 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 872.412735] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 872.414495] Call Trace: [ 872.415064] dump_stack+0x107/0x167 [ 872.415845] should_fail.cold+0x5/0xa [ 872.416674] ? io_uring_alloc_task_context+0x99/0x6a0 [ 872.417769] should_failslab+0x5/0x20 [ 872.418575] kmem_cache_alloc_trace+0x55/0x320 [ 872.419550] io_uring_alloc_task_context+0x99/0x6a0 [ 872.420617] ? io_import_iovec+0x1120/0x1120 [ 872.421575] io_uring_setup+0x1dd1/0x2980 [ 872.422459] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 872.423532] ? wait_for_completion_io+0x270/0x270 [ 872.423945] FAULT_INJECTION: forcing a failure. [ 872.423945] name failslab, interval 1, probability 0, space 0, times 0 [ 872.424587] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 872.424613] ? syscall_enter_from_user_mode+0x1d/0x50 [ 872.428800] do_syscall_64+0x33/0x40 [ 872.429585] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 872.430661] RIP: 0033:0x7f943fb71b19 [ 872.431446] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 872.435316] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 872.436924] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 872.438414] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 872.439905] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 872.441413] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 872.442906] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 872.444477] CPU: 0 PID: 7274 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 872.445694] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 872.447159] Call Trace: [ 872.447634] dump_stack+0x107/0x167 [ 872.448294] should_fail.cold+0x5/0xa [ 872.448972] ? create_object.isra.0+0x3a/0xa30 [ 872.449787] should_failslab+0x5/0x20 [ 872.450455] kmem_cache_alloc+0x5b/0x310 [ 872.451176] create_object.isra.0+0x3a/0xa30 [ 872.451938] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 872.452839] kmem_cache_alloc_trace+0x151/0x320 [ 872.453669] ? io_async_queue_proc+0x80/0x80 [ 872.454457] percpu_ref_init+0xd8/0x3d0 [ 872.455165] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 872.456129] io_uring_setup+0x14f6/0x2980 [ 872.456862] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 872.457751] ? wait_for_completion_io+0x270/0x270 [ 872.458610] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 872.459530] ? syscall_enter_from_user_mode+0x1d/0x50 [ 872.460451] do_syscall_64+0x33/0x40 [ 872.461104] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 872.462005] RIP: 0033:0x7f55e908fb19 [ 872.462663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 872.463560] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 872.465903] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 872.465920] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 872.465929] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 872.465939] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 872.465947] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 872.465956] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:25:45 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:25:45 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x48, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:25:45 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 39) 13:25:45 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) sendfile(r1, r0, 0x0, 0x100000001) 13:25:45 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x200000000000000) 13:25:45 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x6) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) [ 884.753714] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:25:45 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x3, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:25:45 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 24) 13:25:45 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x4, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 884.811709] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 884.821557] FAULT_INJECTION: forcing a failure. [ 884.821557] name failslab, interval 1, probability 0, space 0, times 0 [ 884.822970] CPU: 1 PID: 7289 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 884.823705] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 884.824670] Call Trace: [ 884.824975] dump_stack+0x107/0x167 [ 884.825389] should_fail.cold+0x5/0xa [ 884.825829] ? create_object.isra.0+0x3a/0xa30 [ 884.826346] should_failslab+0x5/0x20 [ 884.826780] kmem_cache_alloc+0x5b/0x310 [ 884.827244] create_object.isra.0+0x3a/0xa30 [ 884.827739] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 884.828298] kmem_cache_alloc_trace+0x151/0x320 [ 884.828831] io_uring_alloc_task_context+0x99/0x6a0 [ 884.829398] ? io_import_iovec+0x1120/0x1120 [ 884.829905] io_uring_setup+0x1dd1/0x2980 [ 884.830377] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 884.830951] ? wait_for_completion_io+0x270/0x270 [ 884.831481] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 884.832085] ? syscall_enter_from_user_mode+0x1d/0x50 [ 884.832641] do_syscall_64+0x33/0x40 [ 884.833068] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 884.833651] RIP: 0033:0x7f943fb71b19 [ 884.834076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 884.836155] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 884.836970] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 884.837735] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 884.838497] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 884.839257] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 884.840023] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 884.844112] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 884.869233] FAULT_INJECTION: forcing a failure. [ 884.869233] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 884.870544] CPU: 1 PID: 7304 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 884.871278] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 884.872180] Call Trace: [ 884.872465] dump_stack+0x107/0x167 [ 884.872857] should_fail.cold+0x5/0xa [ 884.873273] _copy_to_user+0x2e/0x180 [ 884.873685] io_uring_setup+0x11b5/0x2980 [ 884.874134] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 884.874676] ? wait_for_completion_io+0x270/0x270 [ 884.875212] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 884.875819] ? syscall_enter_from_user_mode+0x1d/0x50 [ 884.876423] do_syscall_64+0x33/0x40 [ 884.876830] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 884.877381] RIP: 0033:0x7f55e908fb19 [ 884.877782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 884.879756] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 884.880578] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 884.881347] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 884.882111] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 884.882874] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 884.883643] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:25:45 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x4c, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:25:45 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x300000000000000) 13:25:46 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x7) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) [ 884.941647] netlink: 'syz-executor.2': attribute type 16 has an invalid length. 13:25:46 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x5, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:25:46 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 25) [ 884.972284] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 884.972978] FAULT_INJECTION: forcing a failure. [ 884.972978] name failslab, interval 1, probability 0, space 0, times 0 [ 884.975609] CPU: 0 PID: 7316 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 884.977061] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 884.978808] Call Trace: [ 884.979375] dump_stack+0x107/0x167 [ 884.980157] should_fail.cold+0x5/0xa [ 884.980968] ? create_object.isra.0+0x3a/0xa30 [ 884.981943] should_failslab+0x5/0x20 [ 884.982750] kmem_cache_alloc+0x5b/0x310 [ 884.983609] create_object.isra.0+0x3a/0xa30 [ 884.984558] kmemleak_alloc_percpu+0xa0/0x100 [ 884.985508] pcpu_alloc+0x4e2/0x1240 [ 884.986318] __percpu_counter_init+0x10d/0x2d0 [ 884.987285] io_uring_alloc_task_context+0xcc/0x6a0 [ 884.988351] ? io_import_iovec+0x1120/0x1120 [ 884.989289] io_uring_setup+0x1dd1/0x2980 [ 884.990173] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 884.991241] ? wait_for_completion_io+0x270/0x270 [ 884.992296] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 884.993399] ? syscall_enter_from_user_mode+0x1d/0x50 [ 884.994488] do_syscall_64+0x33/0x40 [ 884.995272] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 884.996359] RIP: 0033:0x7f943fb71b19 [ 884.997144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 885.001196] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 885.002908] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 885.004431] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 885.005935] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 885.007458] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 885.008967] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 899.944105] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 899.951174] FAULT_INJECTION: forcing a failure. [ 899.951174] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 899.952782] CPU: 0 PID: 7331 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 899.953726] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 899.954850] Call Trace: [ 899.955207] dump_stack+0x107/0x167 [ 899.955705] should_fail.cold+0x5/0xa [ 899.956232] _copy_to_user+0x2e/0x180 [ 899.956757] io_uring_setup+0x11b5/0x2980 [ 899.957328] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 899.958021] ? wait_for_completion_io+0x270/0x270 [ 899.958688] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 899.959392] ? syscall_enter_from_user_mode+0x1d/0x50 [ 899.960095] do_syscall_64+0x33/0x40 [ 899.960600] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 899.961304] RIP: 0033:0x7f55e908fb19 [ 899.961808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 899.964306] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 899.965356] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 899.966521] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 899.967488] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 899.968448] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 899.969384] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:26:01 executing program 3: write(0xffffffffffffffff, &(0x7f00000003c0)="739e1e16e1ffb4b4ba678e54cbcd27248eacd4ebf37d28882461e5aa25bee3c91e01f0643efc3ed4fb8a86b90b7ad6bb5f0356a27f57d2d3a1b50f74f4209c4c9c1f7937453d3636b6ef38855b6afff03e8af32c9fa4bdc8b9b1afc453e10c9d94332b8af451614ccfa292fa235f6b56f398cef59600680add4ba9271a0620f76510", 0x82) r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) r2 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r3, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r3, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r4 = fcntl$dupfd(r3, 0x406, r2) ioctl$FS_IOC_FIEMAP(r4, 0xc020660b, &(0x7f00000002c0)={0x1f, 0x2, 0x1, 0x25, 0x4, [{0x0, 0xd8f, 0x5, '\x00', 0x86}, {0xcb3, 0x8, 0x6, '\x00', 0x4}, {0x0, 0x7ff, 0x9ff, '\x00', 0x802}, {0x5, 0x4f2b, 0x5, '\x00', 0x2801}]}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r4, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r2, {0x1ff}}, './file0\x00'}) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x200002, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@debug={'debug', 0x3d, 0x2}}, {@cache_fscache}, {@version_9p2000}]}}) sendfile(r1, r0, 0x0, 0x100000001) 13:26:01 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x8) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:26:01 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 26) 13:26:01 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x68, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:26:01 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x6, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:26:01 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 40) 13:26:01 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:26:01 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x400000000000000) [ 899.991014] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:26:01 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x400010000000000) [ 900.032738] FAULT_INJECTION: forcing a failure. [ 900.032738] name failslab, interval 1, probability 0, space 0, times 0 [ 900.034269] CPU: 0 PID: 7347 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 900.035144] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 900.036212] Call Trace: [ 900.036553] dump_stack+0x107/0x167 [ 900.037024] should_fail.cold+0x5/0xa [ 900.037524] ? create_object.isra.0+0x3a/0xa30 [ 900.038107] should_failslab+0x5/0x20 [ 900.038596] kmem_cache_alloc+0x5b/0x310 [ 900.039109] create_object.isra.0+0x3a/0xa30 [ 900.039672] kmemleak_alloc_percpu+0xa0/0x100 [ 900.040269] pcpu_alloc+0x4e2/0x1240 [ 900.040751] __percpu_counter_init+0x10d/0x2d0 [ 900.041343] io_uring_alloc_task_context+0xcc/0x6a0 [ 900.041973] ? io_import_iovec+0x1120/0x1120 [ 900.042542] io_uring_setup+0x1dd1/0x2980 [ 900.043069] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 900.043707] ? wait_for_completion_io+0x270/0x270 [ 900.044342] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 900.045008] ? syscall_enter_from_user_mode+0x1d/0x50 [ 900.045657] do_syscall_64+0x33/0x40 [ 900.046128] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 900.046776] RIP: 0033:0x7f943fb71b19 [ 900.047253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 900.049600] RSP: 002b:00007f943d0c6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 900.050562] RAX: ffffffffffffffda RBX: 00007f943fc85020 RCX: 00007f943fb71b19 [ 900.051474] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 900.052389] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 900.053304] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 900.054221] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:26:01 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x6c, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:26:01 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x7, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:26:01 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x500000000000000) 13:26:01 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) write$P9_RREADDIR(r1, &(0x7f0000000040)={0x49, 0x29, 0x2, {0x10000, [{{0x1, 0x4, 0x6}, 0x100000000, 0x8, 0x7, './file0'}, {{0x4, 0x0, 0x1}, 0x4, 0xc0, 0x7, './file0'}]}}, 0x49) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x17e017382379b776, 0x10, r0, 0x17cd7000) sendfile(r1, r0, 0x0, 0x100000001) [ 900.102583] netlink: 'syz-executor.2': attribute type 16 has an invalid length. 13:26:01 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 41) [ 900.131577] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 900.134574] FAULT_INJECTION: forcing a failure. [ 900.134574] name failslab, interval 1, probability 0, space 0, times 0 [ 900.136072] CPU: 0 PID: 7357 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 900.136921] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 900.137933] Call Trace: [ 900.138260] dump_stack+0x107/0x167 [ 900.138705] should_fail.cold+0x5/0xa [ 900.139170] ? create_object.isra.0+0x3a/0xa30 [ 900.139723] should_failslab+0x5/0x20 [ 900.140203] kmem_cache_alloc+0x5b/0x310 [ 900.140702] create_object.isra.0+0x3a/0xa30 [ 900.141233] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 900.141849] kmem_cache_alloc+0x159/0x310 [ 900.142369] __d_alloc+0x2a/0x990 [ 900.142791] ? find_held_lock+0x2c/0x110 [ 900.143297] d_alloc_pseudo+0x19/0x70 [ 900.143757] alloc_file_pseudo+0xce/0x250 [ 900.144268] ? trace_hardirqs_on+0x5b/0x180 [ 900.144788] ? alloc_file+0x5a0/0x5a0 [ 900.145257] anon_inode_getfile+0xc8/0x1f0 [ 900.145775] io_uring_setup+0x138b/0x2980 [ 900.146283] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 900.146897] ? wait_for_completion_io+0x270/0x270 [ 900.147492] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 900.148140] ? syscall_enter_from_user_mode+0x1d/0x50 [ 900.148767] do_syscall_64+0x33/0x40 [ 900.149225] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 900.149850] RIP: 0033:0x7f55e908fb19 [ 900.150312] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 900.152550] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 900.153472] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 900.154331] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 900.155207] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 900.156069] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 900.156943] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:26:01 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x10) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:26:01 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 27) 13:26:01 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x8, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:26:01 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x74, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 900.235591] FAULT_INJECTION: forcing a failure. [ 900.235591] name failslab, interval 1, probability 0, space 0, times 0 [ 900.236974] CPU: 0 PID: 7364 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 900.237772] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 900.238748] Call Trace: [ 900.239061] dump_stack+0x107/0x167 [ 900.239484] should_fail.cold+0x5/0xa [ 900.239931] ? io_uring_alloc_task_context+0x4a3/0x6a0 [ 900.240553] should_failslab+0x5/0x20 [ 900.240996] kmem_cache_alloc_trace+0x55/0x320 [ 900.241528] io_uring_alloc_task_context+0x4a3/0x6a0 [ 900.242119] ? io_import_iovec+0x1120/0x1120 [ 900.242638] io_uring_setup+0x1dd1/0x2980 [ 900.243131] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 900.243727] ? wait_for_completion_io+0x270/0x270 13:26:01 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x28) r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0) ioctl$F2FS_IOC_GET_PIN_FILE(r1, 0x8004f50e, &(0x7f00000000c0)) r2 = syz_open_dev$hiddev(&(0x7f00000001c0), 0x0, 0x10100) fchdir(r2) r3 = syz_io_uring_complete(0x0) sendmsg$IPVS_CMD_GET_DEST(r3, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)={0x88, 0x0, 0x2, 0x70bd27, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x4}, @IPVS_CMD_ATTR_DAEMON={0x6c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @rand_addr=0x64010100}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @loopback}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'xfrm0\x00'}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'vlan0\x00'}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x4}, 0x0) signalfd(r0, &(0x7f0000000040), 0x8) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) ioctl$int_in(r0, 0x5421, &(0x7f0000000100)=0x2) pidfd_send_signal(r0, 0x6, &(0x7f0000000140)={0x2, 0x1, 0x5}, 0x0) creat(&(0x7f00000003c0)='./file0\x00', 0x9) sendfile(r4, r0, 0x0, 0x100000001) [ 900.244309] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 900.245067] ? syscall_enter_from_user_mode+0x1d/0x50 [ 900.245680] do_syscall_64+0x33/0x40 [ 900.246118] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 900.246729] RIP: 0033:0x7f943fb71b19 [ 900.247163] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 900.249313] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 900.250199] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 900.251024] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 900.251849] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 900.252683] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 900.253508] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 900.264207] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 900.286473] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:26:01 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x600000000000000) [ 912.374161] FAULT_INJECTION: forcing a failure. [ 912.374161] name failslab, interval 1, probability 0, space 0, times 0 [ 912.377110] CPU: 1 PID: 7387 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 912.378837] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 912.380926] Call Trace: [ 912.381602] dump_stack+0x107/0x167 [ 912.382527] should_fail.cold+0x5/0xa [ 912.383484] ? __alloc_file+0x21/0x320 [ 912.384504] should_failslab+0x5/0x20 [ 912.385480] kmem_cache_alloc+0x5b/0x310 [ 912.386534] __alloc_file+0x21/0x320 [ 912.387478] alloc_empty_file+0x6d/0x170 [ 912.388517] alloc_file+0x5e/0x5a0 [ 912.389425] alloc_file_pseudo+0x16a/0x250 [ 912.390501] ? alloc_file+0x5a0/0x5a0 [ 912.391480] anon_inode_getfile+0xc8/0x1f0 [ 912.392560] io_uring_setup+0x138b/0x2980 [ 912.393615] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 912.394907] ? wait_for_completion_io+0x270/0x270 [ 912.396161] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 912.397489] ? syscall_enter_from_user_mode+0x1d/0x50 [ 912.398784] do_syscall_64+0x33/0x40 [ 912.399725] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 912.401025] RIP: 0033:0x7f55e908fb19 [ 912.401969] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 912.406612] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 912.408570] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 912.410363] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 912.412170] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 912.413967] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 912.415752] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 912.421194] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 912.431408] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:26:13 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 42) 13:26:13 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) sendfile(r1, r0, 0x0, 0x100000001) 13:26:13 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:26:13 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x9, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:26:13 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x700000000000000) 13:26:13 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x60) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:26:13 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 28) 13:26:13 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x7a, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:26:13 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x4000000000000000) [ 912.464603] FAULT_INJECTION: forcing a failure. [ 912.464603] name failslab, interval 1, probability 0, space 0, times 0 [ 912.465942] CPU: 0 PID: 7407 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 912.466719] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 912.467675] Call Trace: [ 912.467987] dump_stack+0x107/0x167 [ 912.468421] should_fail.cold+0x5/0xa [ 912.468857] ? create_object.isra.0+0x3a/0xa30 [ 912.469376] should_failslab+0x5/0x20 [ 912.469810] kmem_cache_alloc+0x5b/0x310 [ 912.470277] create_object.isra.0+0x3a/0xa30 [ 912.470774] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 912.471357] kmem_cache_alloc_trace+0x151/0x320 [ 912.471891] io_uring_alloc_task_context+0x4a3/0x6a0 [ 912.472475] ? io_import_iovec+0x1120/0x1120 [ 912.472983] io_uring_setup+0x1dd1/0x2980 [ 912.473456] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 912.474035] ? wait_for_completion_io+0x270/0x270 [ 912.474595] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 912.475193] ? syscall_enter_from_user_mode+0x1d/0x50 [ 912.475778] do_syscall_64+0x33/0x40 [ 912.476209] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 912.476792] RIP: 0033:0x7f943fb71b19 [ 912.477216] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 912.479314] RSP: 002b:00007f943d0c6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 912.480191] RAX: ffffffffffffffda RBX: 00007f943fc85020 RCX: 00007f943fb71b19 [ 912.481011] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 912.481824] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 912.482643] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 912.483459] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:26:13 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0xf0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:26:13 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0xf, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:26:13 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x300) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:26:13 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xfbffffffffff0f00) [ 912.528594] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 912.545783] netlink: 'syz-executor.2': attribute type 16 has an invalid length. 13:26:13 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 29) [ 912.601851] FAULT_INJECTION: forcing a failure. [ 912.601851] name failslab, interval 1, probability 0, space 0, times 0 [ 912.603247] CPU: 0 PID: 7421 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 912.604029] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 912.604983] Call Trace: [ 912.605288] dump_stack+0x107/0x167 [ 912.605708] should_fail.cold+0x5/0xa [ 912.606148] ? io_wq_create+0xeb/0xc00 [ 912.606596] should_failslab+0x5/0x20 [ 912.607037] __kmalloc+0x72/0x390 [ 912.607435] io_wq_create+0xeb/0xc00 [ 912.607865] io_uring_alloc_task_context+0x1f1/0x6a0 [ 912.608446] ? io_import_iovec+0x1120/0x1120 [ 912.608945] ? io_apoll_task_func+0x2d0/0x2d0 [ 912.609458] ? __io_req_find_next+0x300/0x300 [ 912.609975] io_uring_setup+0x1dd1/0x2980 [ 912.610453] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 912.611028] ? wait_for_completion_io+0x270/0x270 [ 912.611588] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 912.612195] ? syscall_enter_from_user_mode+0x1d/0x50 [ 912.612785] do_syscall_64+0x33/0x40 [ 912.613208] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 912.613789] RIP: 0033:0x7f943fb71b19 [ 912.614212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 912.616309] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 912.617176] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 912.617989] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 912.618798] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 912.619609] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 13:26:13 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 43) [ 912.620424] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 912.664547] FAULT_INJECTION: forcing a failure. [ 912.664547] name failslab, interval 1, probability 0, space 0, times 0 [ 912.666002] CPU: 0 PID: 7424 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 912.667048] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 912.667999] Call Trace: [ 912.668311] dump_stack+0x107/0x167 [ 912.668730] should_fail.cold+0x5/0xa [ 912.669169] ? create_object.isra.0+0x3a/0xa30 [ 912.669689] should_failslab+0x5/0x20 [ 912.670121] kmem_cache_alloc+0x5b/0x310 [ 912.670585] create_object.isra.0+0x3a/0xa30 [ 912.671082] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 912.671660] kmem_cache_alloc+0x159/0x310 [ 912.672148] __alloc_file+0x21/0x320 [ 912.672574] alloc_empty_file+0x6d/0x170 [ 912.673037] alloc_file+0x5e/0x5a0 [ 912.673442] alloc_file_pseudo+0x16a/0x250 [ 912.673923] ? alloc_file+0x5a0/0x5a0 [ 912.674365] anon_inode_getfile+0xc8/0x1f0 [ 912.674847] io_uring_setup+0x138b/0x2980 [ 912.675321] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 912.675891] ? wait_for_completion_io+0x270/0x270 [ 912.676460] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 912.677055] ? syscall_enter_from_user_mode+0x1d/0x50 [ 912.677642] do_syscall_64+0x33/0x40 [ 912.678064] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 912.678648] RIP: 0033:0x7f55e908fb19 [ 912.679076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 912.681170] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 912.682042] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 912.682850] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 912.683662] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 912.684478] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 912.685287] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:26:29 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) ftruncate(r1, 0x4) sendfile(r2, r0, 0x0, 0x100000001) 13:26:29 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 44) [ 928.076800] FAULT_INJECTION: forcing a failure. [ 928.076800] name failslab, interval 1, probability 0, space 0, times 0 [ 928.078661] CPU: 0 PID: 7435 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 928.079774] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 928.081113] Call Trace: [ 928.081539] dump_stack+0x107/0x167 [ 928.082118] should_fail.cold+0x5/0xa [ 928.082731] ? create_object.isra.0+0x3a/0xa30 [ 928.083458] should_failslab+0x5/0x20 [ 928.084062] kmem_cache_alloc+0x5b/0x310 [ 928.084719] create_object.isra.0+0x3a/0xa30 [ 928.085427] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 928.086237] kmem_cache_alloc+0x159/0x310 [ 928.086902] __alloc_file+0x21/0x320 [ 928.087497] alloc_empty_file+0x6d/0x170 [ 928.088152] alloc_file+0x5e/0x5a0 [ 928.088732] alloc_file_pseudo+0x16a/0x250 [ 928.089402] ? alloc_file+0x5a0/0x5a0 [ 928.090024] anon_inode_getfile+0xc8/0x1f0 [ 928.090704] io_uring_setup+0x138b/0x2980 [ 928.091376] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 928.092205] ? wait_for_completion_io+0x270/0x270 [ 928.092995] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 928.093834] ? syscall_enter_from_user_mode+0x1d/0x50 [ 928.094662] do_syscall_64+0x33/0x40 [ 928.095263] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 928.096086] RIP: 0033:0x7f55e908fb19 [ 928.096691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 928.099664] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 928.100899] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 928.102049] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 928.103202] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 928.104371] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 928.105539] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:26:29 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x500) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:26:29 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xff0f484b00000000) 13:26:29 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:26:29 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 30) 13:26:29 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:26:29 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x105, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 928.120451] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 928.173427] netlink: 'syz-executor.2': attribute type 16 has an invalid length. 13:26:29 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x48, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 928.192351] FAULT_INJECTION: forcing a failure. [ 928.192351] name failslab, interval 1, probability 0, space 0, times 0 [ 928.194332] CPU: 0 PID: 7453 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 928.195511] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 928.196951] Call Trace: [ 928.197407] dump_stack+0x107/0x167 [ 928.198034] should_fail.cold+0x5/0xa [ 928.198694] ? create_object.isra.0+0x3a/0xa30 [ 928.199482] should_failslab+0x5/0x20 [ 928.200140] kmem_cache_alloc+0x5b/0x310 [ 928.200847] create_object.isra.0+0x3a/0xa30 [ 928.201603] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 928.202491] __kmalloc+0x16e/0x390 [ 928.203110] io_wq_create+0xeb/0xc00 [ 928.203755] io_uring_alloc_task_context+0x1f1/0x6a0 [ 928.204640] ? io_import_iovec+0x1120/0x1120 [ 928.205393] ? io_apoll_task_func+0x2d0/0x2d0 [ 928.206164] ? __io_req_find_next+0x300/0x300 [ 928.206946] io_uring_setup+0x1dd1/0x2980 [ 928.207669] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 928.208559] ? wait_for_completion_io+0x270/0x270 [ 928.209415] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 928.210324] ? syscall_enter_from_user_mode+0x1d/0x50 [ 928.211223] do_syscall_64+0x33/0x40 [ 928.211869] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 928.212769] RIP: 0033:0x7f943fb71b19 [ 928.213416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 928.216636] RSP: 002b:00007f943d0c6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 928.217954] RAX: ffffffffffffffda RBX: 00007f943fc85020 RCX: 00007f943fb71b19 [ 928.219199] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 928.220440] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 928.221688] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 928.222925] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 928.224669] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:26:29 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xff3f484b00000000) 13:26:29 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 45) 13:26:29 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) r2 = getpgid(0x0) r3 = getpid() r4 = gettid() process_vm_readv(r4, &(0x7f0000001a40), 0x0, 0x0, 0x0, 0x0) r5 = gettid() process_vm_readv(r5, &(0x7f0000001a40), 0x0, 0x0, 0x0, 0x0) r6 = gettid() clone3(&(0x7f00000001c0)={0x11000000, &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0), {0x3e}, &(0x7f0000000100)=""/10, 0xa, &(0x7f0000000140)=""/26, &(0x7f0000000180)=[0xffffffffffffffff, r2, r3, 0xffffffffffffffff, r4, r5, r6], 0x7, {r0}}, 0x58) sendfile(r1, r0, 0x0, 0x100000001) 13:26:29 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x300, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:26:29 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x4c, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:26:29 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x600) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) [ 928.305345] FAULT_INJECTION: forcing a failure. [ 928.305345] name failslab, interval 1, probability 0, space 0, times 0 [ 928.307818] CPU: 1 PID: 7460 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 928.309289] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 928.311040] Call Trace: [ 928.311598] dump_stack+0x107/0x167 [ 928.312376] should_fail.cold+0x5/0xa [ 928.313184] ? create_object.isra.0+0x3a/0xa30 [ 928.314140] should_failslab+0x5/0x20 [ 928.314949] kmem_cache_alloc+0x5b/0x310 [ 928.315803] ? percpu_ref_put_many.constprop.0+0x4e/0x110 [ 928.316979] create_object.isra.0+0x3a/0xa30 [ 928.317896] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 928.318994] kmem_cache_alloc+0x159/0x310 [ 928.319879] security_file_alloc+0x34/0x170 [ 928.320794] __alloc_file+0xb7/0x320 [ 928.321575] alloc_empty_file+0x6d/0x170 [ 928.322424] alloc_file+0x5e/0x5a0 [ 928.322464] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 928.323168] alloc_file_pseudo+0x16a/0x250 [ 928.323195] ? alloc_file+0x5a0/0x5a0 [ 928.326209] anon_inode_getfile+0xc8/0x1f0 [ 928.327099] io_uring_setup+0x138b/0x2980 [ 928.327980] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 928.329052] ? wait_for_completion_io+0x270/0x270 [ 928.330100] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 928.331226] ? syscall_enter_from_user_mode+0x1d/0x50 [ 928.332330] do_syscall_64+0x33/0x40 [ 928.333110] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 928.334212] RIP: 0033:0x7f55e908fb19 [ 928.334993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 928.338865] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 928.340484] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 928.341990] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 928.343488] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 928.345045] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 928.346535] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:26:29 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xff3f504b00000000) [ 928.391381] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:26:29 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x500, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:26:29 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x700) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:26:29 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x68, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 928.462090] netlink: 'syz-executor.2': attribute type 16 has an invalid length. 13:26:29 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) r2 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r5, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r5, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) fcntl$dupfd(r5, 0x406, r2) syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x2, 0x0, @fd_index=0x1, 0x0, 0x0}, 0x0) r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) syz_io_uring_submit(r6, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) syz_io_uring_submit(r1, r4, &(0x7f0000000000)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x7) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) [ 928.494352] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:26:29 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2(&(0x7f0000000080), 0x84800) openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x149000, 0x40) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r1, r0, 0x0, 0x100000001) 13:26:29 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 31) [ 928.603077] FAULT_INJECTION: forcing a failure. [ 928.603077] name failslab, interval 1, probability 0, space 0, times 0 [ 928.605563] CPU: 1 PID: 7490 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 928.606995] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 928.608755] Call Trace: [ 928.609326] dump_stack+0x107/0x167 [ 928.610093] should_fail.cold+0x5/0xa [ 928.610895] ? io_wq_create+0x6ef/0xc00 [ 928.611728] should_failslab+0x5/0x20 [ 928.612537] kmem_cache_alloc_node_trace+0x59/0x340 [ 928.613592] io_wq_create+0x6ef/0xc00 [ 928.614407] io_uring_alloc_task_context+0x1f1/0x6a0 [ 928.615500] ? io_import_iovec+0x1120/0x1120 [ 928.616622] ? io_apoll_task_func+0x2d0/0x2d0 [ 928.617563] ? __io_req_find_next+0x300/0x300 [ 928.618514] io_uring_setup+0x1dd1/0x2980 [ 928.619389] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 928.620454] ? wait_for_completion_io+0x270/0x270 [ 928.621478] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 928.622559] ? syscall_enter_from_user_mode+0x1d/0x50 [ 928.623632] do_syscall_64+0x33/0x40 [ 928.624419] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 928.625480] RIP: 0033:0x7f943fb71b19 [ 928.626263] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 928.630076] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 928.631664] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 928.633162] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 928.634647] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 928.636145] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 928.637897] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:26:43 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 46) 13:26:43 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) [ 942.849197] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 942.873650] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 942.873777] FAULT_INJECTION: forcing a failure. [ 942.873777] name failslab, interval 1, probability 0, space 0, times 0 [ 942.877817] CPU: 1 PID: 7503 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 942.879247] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 942.880985] Call Trace: [ 942.881540] dump_stack+0x107/0x167 [ 942.882307] should_fail.cold+0x5/0xa [ 942.883102] ? io_uring_alloc_task_context+0x99/0x6a0 [ 942.884178] should_failslab+0x5/0x20 [ 942.884991] kmem_cache_alloc_trace+0x55/0x320 [ 942.885951] io_uring_alloc_task_context+0x99/0x6a0 [ 942.887000] ? io_import_iovec+0x1120/0x1120 [ 942.887925] ? lock_downgrade+0x6d0/0x6d0 [ 942.888802] ? do_raw_spin_lock+0x121/0x260 [ 942.889718] ? rwlock_bug.part.0+0x90/0x90 [ 942.890605] __io_uring_add_tctx_node+0x2c6/0x520 [ 942.891612] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 942.892730] ? alloc_fd+0x2e7/0x670 [ 942.893508] io_uring_setup+0x1fbb/0x2980 [ 942.894381] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 942.895436] ? wait_for_completion_io+0x270/0x270 [ 942.896465] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 942.897560] ? syscall_enter_from_user_mode+0x1d/0x50 [ 942.898642] do_syscall_64+0x33/0x40 [ 942.899425] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 942.900504] RIP: 0033:0x7f55e908fb19 [ 942.901280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 942.905131] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 942.906728] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 942.908220] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 942.909710] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 942.911196] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 942.912693] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:26:43 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 32) 13:26:43 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x4000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:26:43 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x6c, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:26:43 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x501, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:26:43 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000080)={0x0, r1}) syz_io_uring_setup(0x1349, &(0x7f0000000000)={0x0, 0x9826, 0x4, 0x2, 0x7, 0x0, r1}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000080)={0x0, r2}) ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000100)={0x0, 0x0, 0xfe, 0xfffffffffffeffff}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 13:26:43 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) r1 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x162, 0x4, &(0x7f0000000480)=[{&(0x7f00000000c0)="1bf1a0ea162639c7fe0501db29c7e26df28bbcd66a744738ebea7b3fb302574c02b35dfa0b33a7a36ad71e4a6ce7c5ce660a59d0d8eecf63486a032d0fcd77468be2cd72e7278052f4ca92c6c9be7554b460946ce285fdcc767ccc5ef0f2e9d89b1406e1acb93f9db62092bb2a29", 0x6e, 0xb02}, {&(0x7f0000000140)="ac4f1c349b5d2b9ee4ee51a59b68d257c2bc0e4be8c3bdc13033c92ce95acec5b8542822db23bf7fbd6269c33800391c6e8eaf925339d92a396f9c24232474f26168c3664ee324524034db6c8399db57044bfa1cef44d2a2c541f9ac7f3c71d5126fe6eb178911e4c9f9cbf312e9178876789c49b77438fa09c9d8484224106d71ad01d1e4ca4a455466a74fc33482cf9e85bf84daeb159264592061e2d883e2a39d4a02e125616075c6ae23d357cd2e0dc9c7bbf6ee56c98e75369fb9b97f3201", 0xc1, 0x7fff}, {&(0x7f00000002c0)="d5dfdb00b61f6ebbff53967ec97cd5ed39bfde6e41ffb0c6c07d4bbb9ff154d210df4c4fb8800592f241061c09ab666098d77f945f4deb86ad10bbdae0cfe789776a95df1d3fa59926abebb44aeb7df5258c9920f5c160d55bc6af4b32d07e0510479bff3a7d92507c071b2fe6a10be0d0866bd1e7ff296427c3923c81d75655d21cb9eeedf8cba97ae7b0730d5124983c05ffedcda66e983bc75e1ccdbb0eee8b3c36f5817a0cc097c7926dc14cc842aa46ad0238a63a4b17036376c8bcec167d456890105363bb2232d8af0ba7c08f7ceeeb736bf4b59b69b1d45e5454161046113e17d70d61b4cdff7594b7bcfeffff6e", 0xf2}, {&(0x7f00000003c0)="8a0edfa7f27e64f91ae45c5461545d4b9d089c381f1847d047e6e2e3d16369399418a1ece56d76d84fe517353f05b2a1ea442d28927d11a87b549387a36a80d2a5445e690c5fc35ba40a2637c92409d01af881a847da40594f59644265a9a8c6357862fbd5ce4b670db41a73e98cf39b258425a0e6301272f2cc99ccb1fa5faf6cfa", 0x82, 0x7fff}], 0x1, &(0x7f0000000500)={[{@data_journal}, {@stripe={'stripe', 0x3d, 0xc9}}, {@journal_path={'journal_path', 0x3d, './file0'}}, {@grpjquota}, {@noblock_validity}], [{@permit_directio}, {@subj_type={'subj_type', 0x3d, '.:]:%'}}, {@fsuuid={'fsuuid', 0x3d, {[0x66, 0x65, 0x65, 0x30, 0x62, 0x32, 0x31, 0x32], 0x2d, [0x66, 0x30, 0x38, 0x61], 0x2d, [0x65, 0x63, 0x39, 0x61], 0x2d, [0x66, 0x54, 0x61, 0x66], 0x2d, [0x64, 0x33, 0x32, 0x33, 0x31, 0x62, 0x39, 0x32]}}}, {@subj_type={'subj_type', 0x3d, '#'}}]}) recvmmsg$unix(r0, &(0x7f0000000ec0)=[{{&(0x7f00000005c0), 0x6e, &(0x7f0000000880)=[{&(0x7f0000000640)=""/158, 0x9e}, {&(0x7f0000000240)=""/64, 0x40}, {&(0x7f0000000700)=""/54, 0x36}, {&(0x7f0000000740)=""/176, 0xb0}, {&(0x7f0000000800)=""/79, 0x4f}], 0x5, &(0x7f0000000900)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x68}}, {{&(0x7f0000000980)=@abs, 0x6e, &(0x7f0000000d80)=[{&(0x7f0000000a00)=""/245, 0xf5}, {&(0x7f0000000b00)=""/175, 0xaf}, {&(0x7f0000000bc0)=""/231, 0xe7}, {&(0x7f0000000cc0)=""/22, 0x16}, {&(0x7f0000000d00)=""/65, 0x41}], 0x5, &(0x7f0000000e00)=[@rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0x0}}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xa0}}], 0x2, 0x0, &(0x7f0000000f40)={0x0, 0x989680}) ioctl$VFAT_IOCTL_READDIR_SHORT(r2, 0x82307202, &(0x7f0000000fc0)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0xc018937b, &(0x7f0000000f80)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, r3}}, './file0\x00'}) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r6, r0, 0x0, 0x100000001) r7 = openat$cgroup_ro(r5, &(0x7f0000001200)='cpuset.memory_pressure\x00', 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r4, &(0x7f0000001240)={0x40002000}) [ 942.938208] loop3: detected capacity change from 0 to 65024 [ 942.952137] EXT4-fs (loop3): VFS: Can't find ext4 filesystem 13:26:44 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x6000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) [ 942.991126] FAULT_INJECTION: forcing a failure. [ 942.991126] name failslab, interval 1, probability 0, space 0, times 0 [ 942.993592] CPU: 1 PID: 7519 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 942.995058] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 942.996857] Call Trace: [ 942.997437] dump_stack+0x107/0x167 [ 942.998218] should_fail.cold+0x5/0xa [ 942.999037] ? create_object.isra.0+0x3a/0xa30 [ 943.000009] should_failslab+0x5/0x20 [ 943.000825] kmem_cache_alloc+0x5b/0x310 [ 943.001705] ? io_wq_create+0x114/0xc00 [ 943.002566] create_object.isra.0+0x3a/0xa30 [ 943.003498] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 943.004596] kmem_cache_alloc_node_trace+0x16d/0x340 [ 943.005685] io_wq_create+0x6ef/0xc00 [ 943.006615] io_uring_alloc_task_context+0x1f1/0x6a0 [ 943.007707] ? io_import_iovec+0x1120/0x1120 [ 943.008664] ? io_apoll_task_func+0x2d0/0x2d0 [ 943.009626] ? __io_req_find_next+0x300/0x300 [ 943.010611] io_uring_setup+0x1dd1/0x2980 [ 943.011506] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 943.012569] ? wait_for_completion_io+0x270/0x270 [ 943.013599] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 943.014696] ? syscall_enter_from_user_mode+0x1d/0x50 [ 943.015776] do_syscall_64+0x33/0x40 [ 943.016577] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 943.017652] RIP: 0033:0x7f943fb71b19 [ 943.018432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 943.022287] RSP: 002b:00007f943d0c6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 943.023886] RAX: ffffffffffffffda RBX: 00007f943fc85020 RCX: 00007f943fb71b19 [ 943.025392] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 943.027104] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 943.029005] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 943.030611] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:27:00 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:27:00 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x74, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:27:00 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x400000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:27:00 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x20}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_setup(0x33a6, &(0x7f0000000000)={0x0, 0x4c13, 0x10, 0x1, 0x1a5, 0x0, r0}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_READ_FIXED={0x4, 0x3, 0x2007, @fd_index=0x1, 0x9, 0x3ff, 0xff, 0x3, 0x1, {0x3}}, 0x7) 13:27:00 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x600, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 959.232202] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:27:00 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 47) [ 959.249212] FAULT_INJECTION: forcing a failure. [ 959.249212] name failslab, interval 1, probability 0, space 0, times 0 [ 959.250510] CPU: 0 PID: 7544 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 959.251292] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 959.252241] Call Trace: [ 959.252557] dump_stack+0x107/0x167 [ 959.252976] should_fail.cold+0x5/0xa [ 959.253416] ? create_object.isra.0+0x3a/0xa30 [ 959.253940] should_failslab+0x5/0x20 [ 959.254379] kmem_cache_alloc+0x5b/0x310 [ 959.254843] create_object.isra.0+0x3a/0xa30 [ 959.255344] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 959.255937] kmem_cache_alloc_trace+0x151/0x320 [ 959.256485] io_uring_alloc_task_context+0x99/0x6a0 [ 959.257056] ? io_import_iovec+0x1120/0x1120 [ 959.257559] ? lock_downgrade+0x6d0/0x6d0 [ 959.258033] ? do_raw_spin_lock+0x121/0x260 [ 959.258523] ? rwlock_bug.part.0+0x90/0x90 [ 959.259006] __io_uring_add_tctx_node+0x2c6/0x520 [ 959.259553] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 959.260153] ? alloc_fd+0x2e7/0x670 [ 959.260584] io_uring_setup+0x1fbb/0x2980 [ 959.261063] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 959.261640] ? wait_for_completion_io+0x270/0x270 [ 959.262210] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 959.262808] ? syscall_enter_from_user_mode+0x1d/0x50 [ 959.263399] do_syscall_64+0x33/0x40 [ 959.263823] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 959.264425] RIP: 0033:0x7f55e908fb19 [ 959.264850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 959.266945] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 959.267820] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 959.268643] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 959.269458] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 959.270271] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 959.271090] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 959.273504] netlink: 'syz-executor.2': attribute type 16 has an invalid length. 13:27:00 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc018937e, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, @out_args}, './file0\x00'}) openat(r3, &(0x7f0000000080)='./file0\x00', 0x185a00, 0xe5) sendfile(r2, r0, 0x0, 0x100000001) 13:27:00 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 33) [ 959.284333] FAULT_INJECTION: forcing a failure. [ 959.284333] name failslab, interval 1, probability 0, space 0, times 0 [ 959.285626] CPU: 0 PID: 7550 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 959.286404] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 959.287339] Call Trace: [ 959.287641] dump_stack+0x107/0x167 [ 959.288058] should_fail.cold+0x5/0xa [ 959.288501] ? io_rsrc_node_switch_start.part.0+0x43/0x250 [ 959.289134] should_failslab+0x5/0x20 [ 959.289570] kmem_cache_alloc_trace+0x55/0x320 [ 959.290099] io_rsrc_node_switch_start.part.0+0x43/0x250 [ 959.290724] io_uring_setup+0x14f6/0x2980 [ 959.291203] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 959.291781] ? wait_for_completion_io+0x270/0x270 [ 959.292370] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 959.292966] ? syscall_enter_from_user_mode+0x1d/0x50 [ 959.293555] do_syscall_64+0x33/0x40 [ 959.293981] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 959.294566] RIP: 0033:0x7f943fb71b19 [ 959.294992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 959.297097] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 959.297964] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 959.298776] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 959.299584] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 959.300402] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 959.301213] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:27:00 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r1, r0, 0x0, 0x100000001) r2 = openat$cgroup_pressure(r0, &(0x7f0000000040)='cpu.pressure\x00', 0x2, 0x0) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x110, r2, 0xbee07000) 13:27:00 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x700, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 959.334839] netlink: 'syz-executor.2': attribute type 16 has an invalid length. 13:27:00 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x7a, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:27:00 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000000c0)={&(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000000)="454a36e7311054beda27f01c5f824a49cf72be9ed7a27b689d61cffddc6c8406df8916bb09387fbd5d404d59e783f0ee109d21b42df26a8a600e341526a7bffe4aa32247fb8f8f0b43f64af1164d67d93566830e8ff58ada54f1d80c87af17eee9cd8ff1acd30c1fc0443852adac46a883d5204796bea3ae170d8f8c84ee54e5a92a6741b7af59a90e5411f7d4b6fbeba7c3fd273f6cbcc1683a07168104", 0x9e, r0}, 0x68) 13:27:00 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x400, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r2, r0, 0x0, 0x100000001) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000040)={0x7, 0x3f, 0x200, 0x9, 0x4}) 13:27:00 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x900, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 959.388224] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:27:00 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 34) 13:27:00 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 48) [ 959.407554] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 959.428073] FAULT_INJECTION: forcing a failure. [ 959.428073] name failslab, interval 1, probability 0, space 0, times 0 [ 959.429397] CPU: 0 PID: 7569 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 959.430167] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 959.431121] Call Trace: [ 959.431427] dump_stack+0x107/0x167 [ 959.431845] should_fail.cold+0x5/0xa [ 959.432295] ? create_object.isra.0+0x3a/0xa30 [ 959.432815] should_failslab+0x5/0x20 [ 959.433253] kmem_cache_alloc+0x5b/0x310 [ 959.433721] create_object.isra.0+0x3a/0xa30 [ 959.434232] kmemleak_alloc_percpu+0xa0/0x100 [ 959.434748] pcpu_alloc+0x4e2/0x1240 [ 959.435187] __percpu_counter_init+0x10d/0x2d0 [ 959.435713] io_uring_alloc_task_context+0xcc/0x6a0 [ 959.436289] ? io_import_iovec+0x1120/0x1120 [ 959.436795] ? lock_downgrade+0x6d0/0x6d0 [ 959.437270] ? do_raw_spin_lock+0x121/0x260 [ 959.437766] ? rwlock_bug.part.0+0x90/0x90 [ 959.438253] __io_uring_add_tctx_node+0x2c6/0x520 [ 959.438811] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 959.439408] ? alloc_fd+0x2e7/0x670 [ 959.439832] io_uring_setup+0x1fbb/0x2980 [ 959.440322] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 959.440897] ? wait_for_completion_io+0x270/0x270 [ 959.441470] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 959.442066] ? syscall_enter_from_user_mode+0x1d/0x50 [ 959.442654] do_syscall_64+0x33/0x40 [ 959.443081] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 959.443669] RIP: 0033:0x7f55e908fb19 [ 959.444098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 959.446205] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 959.447072] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 959.447895] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 959.448759] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 959.449577] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 959.450390] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 959.480867] FAULT_INJECTION: forcing a failure. [ 959.480867] name failslab, interval 1, probability 0, space 0, times 0 [ 959.482239] CPU: 0 PID: 7575 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 959.483014] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 959.483945] Call Trace: [ 959.484247] dump_stack+0x107/0x167 [ 959.484666] should_fail.cold+0x5/0xa [ 959.485099] ? create_object.isra.0+0x3a/0xa30 [ 959.485620] should_failslab+0x5/0x20 [ 959.486052] kmem_cache_alloc+0x5b/0x310 [ 959.486524] ? _raw_spin_unlock_irqrestore+0x38/0x40 [ 959.487102] ? trace_hardirqs_on+0x5b/0x180 [ 959.487595] create_object.isra.0+0x3a/0xa30 [ 959.488089] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 959.488679] kmem_cache_alloc_trace+0x151/0x320 [ 959.489211] io_rsrc_node_switch_start.part.0+0x43/0x250 [ 959.489826] io_uring_setup+0x14f6/0x2980 [ 959.490304] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 959.490878] ? wait_for_completion_io+0x270/0x270 [ 959.491448] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 959.492042] ? syscall_enter_from_user_mode+0x1d/0x50 [ 959.492639] do_syscall_64+0x33/0x40 [ 959.493064] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 959.493645] RIP: 0033:0x7f943fb71b19 [ 959.494069] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 959.496155] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 959.497028] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 959.497839] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 959.498648] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 959.499463] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 959.500276] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:27:17 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x12900, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x13, r1, 0x8000000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 13:27:17 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) [ 976.121577] FAULT_INJECTION: forcing a failure. 13:27:17 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0xf00, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:27:17 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 35) 13:27:17 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x600000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:27:17 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000080)={0x0, r2}) fallocate(r0, 0x25, 0x100000000, 0x4) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000080)={0x0, r2, 0x0, 0x0, 0x0, 0x1f}) r3 = openat(r0, &(0x7f00000000c0)='./file1\x00', 0x9540, 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) sendfile(r4, r3, 0x0, 0x100000001) ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000000100)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xffffff80}}, './file1\x00'}) 13:27:17 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0xf0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:27:17 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 49) [ 976.121577] name failslab, interval 1, probability 0, space 0, times 0 [ 976.124345] CPU: 1 PID: 7595 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 976.125812] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 976.127573] Call Trace: [ 976.127596] dump_stack+0x107/0x167 [ 976.127625] should_fail.cold+0x5/0xa [ 976.129736] ? create_object.isra.0+0x3a/0xa30 [ 976.130693] should_failslab+0x5/0x20 [ 976.130711] kmem_cache_alloc+0x5b/0x310 [ 976.130735] create_object.isra.0+0x3a/0xa30 [ 976.130760] kmemleak_alloc_percpu+0xa0/0x100 [ 976.130782] pcpu_alloc+0x4e2/0x1240 [ 976.130814] ? io_async_queue_proc+0x80/0x80 [ 976.135938] percpu_ref_init+0x31/0x3d0 [ 976.136796] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 976.137090] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 976.137940] io_uring_setup+0x14f6/0x2980 [ 976.137967] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 976.137983] ? wait_for_completion_io+0x270/0x270 [ 976.138025] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 976.143529] ? syscall_enter_from_user_mode+0x1d/0x50 [ 976.144635] do_syscall_64+0x33/0x40 [ 976.145429] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 976.146505] RIP: 0033:0x7f943fb71b19 [ 976.147295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 976.151204] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 976.152820] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 976.154328] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 976.155838] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 976.157358] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 976.158861] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 976.165190] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 976.165583] FAULT_INJECTION: forcing a failure. [ 976.165583] name failslab, interval 1, probability 0, space 0, times 0 [ 976.169136] CPU: 0 PID: 7601 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 976.170540] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 976.172260] Call Trace: [ 976.172813] dump_stack+0x107/0x167 [ 976.173565] should_fail.cold+0x5/0xa [ 976.174357] ? create_object.isra.0+0x3a/0xa30 [ 976.175287] should_failslab+0x5/0x20 [ 976.176069] kmem_cache_alloc+0x5b/0x310 [ 976.176926] create_object.isra.0+0x3a/0xa30 [ 976.177845] kmemleak_alloc_percpu+0xa0/0x100 [ 976.178783] pcpu_alloc+0x4e2/0x1240 [ 976.179555] __percpu_counter_init+0x10d/0x2d0 [ 976.180501] io_uring_alloc_task_context+0xcc/0x6a0 [ 976.181538] ? io_import_iovec+0x1120/0x1120 [ 976.182442] ? lock_downgrade+0x6d0/0x6d0 [ 976.183290] ? do_raw_spin_lock+0x121/0x260 [ 976.184182] ? rwlock_bug.part.0+0x90/0x90 [ 976.185064] __io_uring_add_tctx_node+0x2c6/0x520 [ 976.186042] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 976.187151] ? alloc_fd+0x2e7/0x670 [ 976.187907] io_uring_setup+0x1fbb/0x2980 [ 976.188771] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 976.189808] ? wait_for_completion_io+0x270/0x270 [ 976.190804] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 976.191874] ? syscall_enter_from_user_mode+0x1d/0x50 [ 976.192945] do_syscall_64+0x33/0x40 [ 976.193708] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 976.194769] RIP: 0033:0x7f55e908fb19 [ 976.195546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 976.199317] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 976.200888] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 976.202337] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 976.203786] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 976.205249] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 976.206707] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:27:17 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x132, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:27:17 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 36) 13:27:17 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x185d, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:27:17 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x4, 0x200}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r1 = accept4$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000040)=0x14, 0x800) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000080)={{0x1, 0x1, 0x18, r1, {0x2, 0x3}}, './file0\x00'}) 13:27:17 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, &(0x7f0000000200)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r1, @ANYBLOB="04000000000000002e2f66696c6530004cd8dc79a9eca93ed1d869ea4f77cbf76daeb7e37421ffb0977850f0a26ba9aa6f746825019719f502159d095a97ff54421bf91dab14993354ac992d5dee03250a"]) mount$9p_fd(0x0, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x82000, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@msize={'msize', 0x3d, 0xfffffffffffffffe}}, {@access_client}, {@access_uid={'access', 0x3d, 0xffffffffffffffff}}], [{@dont_measure}, {@smackfsdef}, {@appraise}, {@fsname}]}}) r3 = socket(0x1, 0x80000, 0x6) openat(r0, &(0x7f0000000040)='./file0\x00', 0x0, 0x141) sendfile(r1, r3, 0x0, 0x100000001) 13:27:17 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 50) [ 976.319439] FAULT_INJECTION: forcing a failure. [ 976.319439] name failslab, interval 1, probability 0, space 0, times 0 [ 976.321944] CPU: 1 PID: 7607 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 976.323394] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 976.325162] Call Trace: [ 976.325725] dump_stack+0x107/0x167 [ 976.326500] should_fail.cold+0x5/0xa [ 976.327307] ? create_object.isra.0+0x3a/0xa30 [ 976.328277] should_failslab+0x5/0x20 [ 976.329089] kmem_cache_alloc+0x5b/0x310 [ 976.329955] create_object.isra.0+0x3a/0xa30 [ 976.330896] kmemleak_alloc_percpu+0xa0/0x100 [ 976.331852] pcpu_alloc+0x4e2/0x1240 [ 976.332668] ? io_async_queue_proc+0x80/0x80 [ 976.333602] percpu_ref_init+0x31/0x3d0 [ 976.334447] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 976.335592] io_uring_setup+0x14f6/0x2980 [ 976.336483] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 976.337550] ? wait_for_completion_io+0x270/0x270 [ 976.338603] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 976.339712] ? syscall_enter_from_user_mode+0x1d/0x50 [ 976.340822] do_syscall_64+0x33/0x40 [ 976.341614] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 976.341703] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 976.342697] RIP: 0033:0x7f943fb71b19 [ 976.342716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 976.342726] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 976.350397] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 976.350527] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 976.350547] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 976.355073] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 976.356602] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 976.358111] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:27:17 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x800000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:27:17 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x300, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 976.473991] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 976.482450] FAULT_INJECTION: forcing a failure. [ 976.482450] name failslab, interval 1, probability 0, space 0, times 0 [ 976.484805] CPU: 0 PID: 7626 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 976.486248] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 976.488021] Call Trace: [ 976.488575] dump_stack+0x107/0x167 [ 976.489325] should_fail.cold+0x5/0xa [ 976.490124] ? io_wq_create+0xeb/0xc00 [ 976.490946] should_failslab+0x5/0x20 [ 976.491710] __kmalloc+0x72/0x390 [ 976.492453] io_wq_create+0xeb/0xc00 [ 976.493219] io_uring_alloc_task_context+0x1f1/0x6a0 [ 976.494286] ? io_import_iovec+0x1120/0x1120 [ 976.495177] ? io_apoll_task_func+0x2d0/0x2d0 [ 976.496136] ? __io_req_find_next+0x300/0x300 [ 976.497050] ? do_raw_spin_lock+0x121/0x260 [ 976.497939] ? rwlock_bug.part.0+0x90/0x90 [ 976.498798] __io_uring_add_tctx_node+0x2c6/0x520 [ 976.499798] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 976.500865] ? alloc_fd+0x2e7/0x670 [ 976.501627] io_uring_setup+0x1fbb/0x2980 [ 976.502473] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 976.503519] ? wait_for_completion_io+0x270/0x270 [ 976.504522] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 976.505614] ? syscall_enter_from_user_mode+0x1d/0x50 [ 976.506663] do_syscall_64+0x33/0x40 [ 976.507419] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 976.508464] RIP: 0033:0x7f55e908fb19 [ 976.509229] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 976.512932] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 976.514488] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 976.515979] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 976.517453] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 976.518911] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 976.520338] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:27:31 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:27:31 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 37) 13:27:31 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x500, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:27:31 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x1c00, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:27:31 executing program 3: ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xffffffffffffffff}}, './file0\x00'}) sendmsg$IPCTNL_MSG_TIMEOUT_GET(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x64, 0x1, 0x8, 0x801, 0x0, 0x0, {0x1, 0x0, 0x9}, [@CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @sctp=[@CTA_TIMEOUT_SCTP_SHUTDOWN_ACK_SENT={0x8, 0x7, 0x1, 0x0, 0x6}]}, @CTA_TIMEOUT_DATA={0x44, 0x4, 0x0, 0x1, @sctp=[@CTA_TIMEOUT_SCTP_SHUTDOWN_ACK_SENT={0x8, 0x7, 0x1, 0x0, 0x7}, @CTA_TIMEOUT_SCTP_SHUTDOWN_RECD={0x8, 0x6, 0x1, 0x0, 0xd}, @CTA_TIMEOUT_SCTP_SHUTDOWN_RECD={0x8, 0x6, 0x1, 0x0, 0x4}, @CTA_TIMEOUT_SCTP_HEARTBEAT_ACKED={0x8, 0x9, 0x1, 0x0, 0x9}, @CTA_TIMEOUT_SCTP_SHUTDOWN_RECD={0x8, 0x6, 0x1, 0x0, 0x9}, @CTA_TIMEOUT_SCTP_HEARTBEAT_SENT={0x8, 0x8, 0x1, 0x0, 0x56ebbf2d}, @CTA_TIMEOUT_SCTP_HEARTBEAT_ACKED={0x8, 0x9, 0x1, 0x0, 0x7fffffff}, @CTA_TIMEOUT_SCTP_SHUTDOWN_ACK_SENT={0x8, 0x7, 0x1, 0x0, 0x4}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x40}, 0x10) execveat(r0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000440)=[&(0x7f0000000340)='\x00', &(0x7f0000000380)='\x00', &(0x7f00000003c0)='&[,%!\x00', &(0x7f0000000400)='\x00'], &(0x7f0000000640)=[&(0x7f0000000480)='\x00', &(0x7f00000004c0)=')\x00', &(0x7f0000000500)='/\x00', &(0x7f0000000540)='\x00', &(0x7f0000000580)='-&!\x8a#\x00', &(0x7f00000005c0)='\x00', &(0x7f0000000600)='\x00'], 0x800) r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) r4 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r5, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r5, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) fcntl$dupfd(r5, 0x406, r4) sendmsg$AUDIT_GET(r5, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x10, 0x3e8, 0x300, 0x70bd26, 0x25dfdbfb, "", [""]}, 0x10}, 0x1, 0x0, 0x0, 0x2090}, 0x20000801) sendfile(r3, r2, 0x0, 0x100000001) 13:27:31 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x80ffff) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:27:31 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000080)={0x0, r1}) sendmsg$nl_generic(r1, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000040)={&(0x7f0000000240)={0x1244, 0x34, 0x200, 0x70bd2b, 0x5, {0xd}, [@nested={0x10f4, 0x8e, 0x0, 0x1, [@generic="4a7e1834217cd010ab53debdb614a3914edb8491169ef40b6fc5c5ee26071c3a8bd45a0cf3d6b91558bf4e0c476c54a0feeebf6ee8e1f8e8d3de3c5e29eb90b1a18949074c5ce3ce92fa45e674224bcede6d640f955191fe70ce2849b4c126a2437f5ca6644d2d0a7bae8e35d1b509b9dbb02108bba508e6ccf61222e7da9f3f6d47c69de18542ff0ffece9dd3c547c4f273904553daca4f312f", @generic="d04aa1690c67d528c77c13052ee6d5c597871889efc1f12316073d62d15d4223c3bff72fe1863baed88cac9dabf8351cbd161d404aee5c00ad6887e6c2775eb8926bac769ab48a94a7a1135a0732ba86b72f8f9c60afe944f6cb62c151667f23e4e189fd6f140633fd3af13b23e72e7e02318c40b9da3a11813fba0222853591be021df25cd11e9889498d9f585bd9fd1d5c74cadf5b3ef257f9e4c8e2605ade7261e976eb1024994ad86e87f7e32a71fca50847964fa40a4bb12893948dcf2fe2fdbbb0936f2eac0cf22c856a2c7d07d5a5bd9afb9155f0e13ccbcf0f7b369c5a91c2e00c07053fca9008c26c1993dd375e3ff76d3e29fbde6437a8b9d7e1c441fe234761117c3df9c4c939453b806b4e34bb7f821fb721c204171ed38b5298d94a4971ac5c001144ccd46fd0db8e91787645022ada661eb9cefcf89b765a364824cf4622418abc571a5d0958b5415ef77f30de5a26732c1a63c52a16fc1264ebbcecc2e8eac7f6ae765d540bdf3eb09148f6b1a5aa5d8e0187a6d21a2216f15d0f0c024a271076a36565900a437171dc0061ab5568778130701d1485f33d94af8fe5e47064d1aa4b2231e44eccbc8978f0ef9a2a9f89b80f5765e3b97af3aba997f0865fca7121db5c5d7c725144e4d2734b96352486cda11862f14a585384240f3191f507842ba9f6958a1d1cc2a2f0fa90b19f7befe637b263e6feca437e6de8ffc841748a85deacf632ee9f4c041010dd90ab71a7cdcff73597628ef04292f0773bdc2883044ecd7fc5ad095d08a19225fa93b418a6192a98ca81f3c26930b8e48dc8c7bceb61b8ddfac639491f7d0c1643d768946587a74c8c1d0bed12a999e93c46304f3ba92e68f310ebc1aaeb0445dc84da0edefeecd92eb24e0301708977d838e158361aae2451cb4f3fd3087b5056f1a627bdde2b4b270869fc03dd8877fc60dffd1e2244cb25473f7af4c33e2b469359a9c775ade3834acdf0a06b02ee5eaf30d286f2019288cbe7f9f6dc35d7a9619adcf360965f7f02a8e302e6ef65a76754bd10162eb7ba4c245571e199da10ed34fadc258ebf77eb78fa3504da717cc2c4153abea63a5bc9293b402476309618e67fd63706408bbfbece2e01cbc07000da1eb3bffb7d9fc4df96c5e74f8a73cc31196541199c8f41e3a6b7996472320198f4e33621ec04e414d0f9c76fb051cbf1c39a50986197d2a8fe8b1ea154785453a68d2a51e092c79d763b4665186b5bfd51123fc04d3c7f62849af53575f13985eb52abd25ba90940df7b78b68ba2b39eff110517a6c0c8258587f8d8c173977c637fd83c34a4dd4ac8f3830d67d223d30c1781e86ee1215aa466b0b00114305a50573ed202ee63897e82e861b494090cbed30d99d3acabe2d95605e83821d072108059c6266ac37319bf03489bbb0fdfd6ed8034433cad8ab90500c67d4a74bede45fe56720e44a7027326f4759b1b4b7d2591238af4d5bdd4e5d714fd8f618a075b339483b3dc03a2a1a24c61f69586a8bfcc22edc8f81864bad519e17f7a505dc25cd7a4baab048697b22a1512adf17e2c959a08ebcf28933ee2c738f1c65677a14747ca4f361eac0e9bfc3200e9fb2075855fe84221b7e0082bbea0f593df029fdfbf85fa46dc6a262c1b2f09a6522b047c449cdd9ccca910345c4353696f8a60cae2116df9124403940e1b98dc2ce1eb2724c952afcb5c718d6c49ad02730fb545eadc7ecde305906af58d85ee3f394e441701b43d668bef0b603aec766142d98232ea9ffbeab6e1d2563f2ac8f82fefaba4ee2fd3bf77f6477a45fb9b0dfdf9324b5a8a7c287e7d442c0c10a31e8654f2e1dabddc35486d75145325cbeed16f2623ac55dcceb4b11aafbe5e2a3d7e68f19214855bc006899008f4c94b5296bfee84dc39ec4e894553af29ceb3752d83501c4f8f32a6398a7123a7d8d7c32b3dd2d0f5d2140b68b8b4125d51d7452cafa887d28a0d054cadd95c6d32db08afe07002ffad22b77dc858b6316c27ac4444b97c4fc7ddec93048a9f4d31a19b356126694981f26cc67180e4ae0f452d09daf92b7ae316f79d62a5e98770ec82ba0c3c08b690f02506a2d7a6d7a5ab53854f7692275be0517dfac6e0e7c60ad991e4209fc10bf51ce103a59602ed8b767347f028f2b3c48172aeba94c9d7a62b78082be049cb799cb3fa04ae4d69cfa8247fe1a02d7be5208e2f2d45403d6bf376c527f4d03d465ab730cf29a85c328ac2df08facf5738b525b99a53d08fd03abed72e18fcd8f8757f09d22cc304a8214017f432c18ac3a5548a0cd0f99e8d92ba2bd9c22a94373519607fe6bec22354e8bc615dc5cb90e8f03fcdb1a2bfdcdfa05f432c3aaf8eb0a7eefa3b5302b983c77c025dcaf8c5877252e13a36acbd846fa11c5d37fbcb6383462fa0b1fb231fc8cbfc2f5418a985aba938b8d67466bccf5121c47bb001c206395ed7e9716c0cf73f6b254bd848d02e3261779b6b84aef3650ffc8d6d374b78aa15f6e98e1936de0e28bd7c5dd79f2d1660e9e96c5c15d63d2a0296ebc5088507bdd52ca50388169f2df433f896d60e40664d5c4fdcde5e6a6abd1efb5eeab1f825bbcb2f7ca442badc28a90da3d249c2910a161fbe75634411f399cb41ee97f810d97d9987002a6a7b1c47d098706cc68418275e11a61a73624ebc3db2422398b619e19dbc13e6ad0db48006c97fa38e74d20c8ab1f4c30fe00db3a19a44990bee8b10cdfd5a4792f258b1966f943a38f7ef059e554f42b600de97b7474ecdc5020a08ea21ea07c0bd6bed6aa105eef569d67888bf4e5d9b9bf2016824123d5fbc960aadb9936b78d8f34f89b64e70e096cc09c5791cec68426bd26e8fc69887e892e3c217c9f2ace25ec36a5acb4f034963278a2a4e980477713f6eca9e10adfa0ef92e9966f0d069a5e5ace3636b2af144451927be9453a7e485231e9d79e5e63ef207a3622ed4fd9219ff4ddce477d80d81d6090e8863599d339e2a85d6ef5893f7a19531bd536d03a65d4db49c528cd9b023c40008564bc5e7c16c4b6b7075d181f6063626fc1390caa25e417250def7564c9132d90ea2ddf1c66180af72b81d2f3e1473d3cc09b064eb57c0fe335ebf1ae008bb3175aaef30aa0bee9d0d64baf3aec0966637e8c2695b5c9bd8da96fca8967cdc15e183e7ff249fba666ddc28999cdda70bbef860bd925115520a105e55e68d5af3afa413a2dd3a5e3d6b1ce9cfc2484198eec60c6397f5011879c11f3ea147876a0f0919598fcede117fa3fb5f4aaaf2199433cc8ae8f475474965d0835feb69b71295e456e76fea9cca02dab5b1251ffd0078f3bccef44dcfda5c82a977b596c83dd08a00504ac586fa6dc29c9b0ce71cb121d6fb0b3d579b36d8420054b76c6ee85603ef6b66d2bb5a27b97fb4acdba0364b7ebd7e977a8cd1bed1215ed564a191ba328b298c1039980ca926d3f0d3ecb5364beb9498ab42417dce3cedb377b8e4bfa37ba6d9efb80e0ddc58a2e13225ad92f2bfc91a78b521258b180555db0ac986a5001c9e80338ff3789965aa6389229503eec9a34249da40e8b34a90a0b6ebcbab0258d7ea204196202c5240d4ece50855a911727496345a228824128bf799cd5dc4aae6c3c71b84ca095f8b4e47277af683fa95bcd37b551c841e99078db5863534affb32d403e06f7e3cf257e19006e56e0c36dfca33960b9f2fcd11873f6c4a614b948cd4b86c4044c140a842ab9b94f45a1c9ac8d05e954cc6e9a4eb94236045c5a94e059545d1719abba83cd88d3cb0d3cfd2fdac9e6dd2a772412e481ad0a1db1b105f730fb1d9c5c003399e23d331d805718712a68e7f2fe1793646536aea16196f9a9bd57470d11f70cb25e86501c85a764144e8be001da3ea8870727ab32b1485e92bf3a6821f3b7bd71d5a50475e5d11d011864ac42a9883712c0086c94f4953b502f87026c7be646cc09c30965918d51e7f00b001340e714a97d438ffb5000f81faef4dd049bb79c2e05b36b92146bf9d5e172d60863ba130ca0f7a1b23b5fb2aafa4eeb961c6a5c5851644c785c44d3ce56236560b97e50786a3a8c3a86b744ae71d65cee87066004d4cd0e2574dad0696d7aae28c48aab74cc4f424c2392e196cccbddff7b802381e60ae49393af0976b66c8315d0373bad2bce3231fbd6c9dff87541ff7c67041a63bd69f9629ebeabcf5b8288e5b8940092823247c9d8c6cf5d442298b16fe2b581d4f75276eb5a572ddd5c9283e8e592129d7d1689b16d069fd6772acf84320d3ef2ff84ba6a157a7fc15045784dc0d914fe579d46f97a9dcbbad1db5fe8539a877eb1b62fa8c9432d0355eda3f76492c6317d67049d0e42b5b5953e266331edc8994021a2eb531a68608532524c54348855c5257a1794e91d6b1920beac5c3c5cefd43be66ffd66b98573949027d919131189c9e70e58ed2068e8896df84cb0fdb4dba351c01a9a409a68ae1746800ceab107bc91a14c98a61e10a6dda90d2324348efb97f0daa6f8950dc79fe46b8bf54945d446b0ff378dbe40523b5e503c0b72bf05afe889f340a2783ed094eb0aef19c223422fea357fd3a7a68379e34dc9e1d7e4017655dca8a2109123002924fb862141e76734aeb444f6f84d07a66e65dd9aba03a98c36fd6d00fe5ed278b3aa4910b145c05156758d6dac55bbd7b306581be7f45f6a94f6a3addff2f35cb8c12620235d2952869a741077e4b0a9b319164e031e78a15cce95c77f6ccefa490563dc016a017e0254d08278ea1fce39d99cdbab068718bd5db9adc2a8e5bf1c44c984d8d121b01cfdbbe1ff7ae6e3d2dc1c872b5748f658f8307c297072a1ba048db03ba459efb98f2d9ef465a37485c056431c188b872e0b7c267460e0b5be1ac5e6ca5b5a9bd4f5d42b2a21ec4ccce031b1a2192a8f455ae31ef9d09bc6ba7697bd35bce486fbc99d910f4530a9bfd7ed4f36fe129947b01dfc7c213eeebf9d1c2e0b86f31d129886918c1156921f2fd029c4e0f0ddeb0b475ac73f78b4d23c981f8690dd8974bc4f6c7d5562fcec610442734ff47c20b208165364e9cc6a4548afe5b0cb1eb7e9194c6f4fd5b8de8db888970ea7708063f706a450ca42cc40963cc7b48b8f413345c086f39edc394c04f8866b8f8bfdd3a5260ac6bae8e338213a12947124e4682f950daafc70469b068fa481aa74ed2043a995e6df79ba1449838bc8658bac1e9d7ea29cb2606a4354af63170774481a045ff140c9e7fceb858bcd23ad74948914acd510cd2d129def01dd2a48b1455a6968bb41faf56fde7a0b98b07207bfae437c7cf21d5cc47f524b0ef5c77ed796224ba845c54d8470df99e0e83aab3f65d0c4ca152e6202e41c17b5fc519a05a7a65e31708cd2875865a46075e0286b994b9996159fb4b054ebadcf7f1ac0ca27348e3d12307ddc06232784a32a39ebf469aea9cd5827865c1d3cb15c16a7c75a09ba6f6f68faa464bf0a600e335634c55aff53ac0738a8a9db40407130c28cae34342f697c5276825cb63e56ccd5f18b31417bb69e7dff3b44193e720f161b98060f87f107b5417cbb29eccdd4311f6130cb8e46909282c0524ca20469b25a41d60ceb7196fb65de2f5619648509c928ac8d4a110ef3b199c73082544c6ad24e36d745badfd961ec12b7e2feea55bf013c68e39235ddc18c659552d1a6cafff02a7cecff93c761523f8dff58d580fdf53526b15bba5b0ddac3fba26c6f68b6bb8c5525badaec7cd8dae6630098268fd9c2c0801dcd49b2c90a17cd8b0525834", @generic="a31ec4a3b5802215aa406169a67b833c37dbbf045c9456a25a73c71fa09f0d5dfe8ac07b4a27a28b3a46939305dfb95dbb5f1882a748e73fb50ec2e517c20123edc60e96540c961d11dfaa58ecc0ab199925658b38ac"]}, @typed={0x14, 0x81, 0x0, 0x0, @ipv6=@local}, @nested={0x4, 0x94}, @generic="309f55228844e54950667d52c48896cd3290d29f13d83aaf5a0125d008a4dc0376ad6a5c1a8f072ed7e4ea74404f9e23be2c3d9c4f37930c301d33482423b2674786bc7399d63d77602aad24fb31befe21b1ff15db86d52d99d6edd099f500e1ab601929", @typed={0x8, 0x21, 0x0, 0x0, @fd=r0}, @generic="85175f2e7ed7a6beaa800abc1ed70f9428e128b132d282cd4a2c83f92b4d3c6bb2547779ea0c98d9311272222ddbccca3608998bb40712553264250527bd7cacecafb0e4abefbd0ba2025154e7ed0e6ac2d06588878d09018fef9db8947b7ad05c637ce81113e50ee88d0fbeeb4ccb34a47d3da00325ee6b25963307caee1e1a83b51fe8d0954d0748c95d091581108ef43d4a8584e4af20465506bda8329eff5bb8123713206be795dab31f0005939d441c67cdcc"]}, 0x1244}, 0x1, 0x0, 0x0, 0x40050}, 0x24000804) 13:27:31 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 51) [ 990.762934] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 990.779914] FAULT_INJECTION: forcing a failure. [ 990.779914] name failslab, interval 1, probability 0, space 0, times 0 [ 990.782338] CPU: 1 PID: 7645 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 990.783817] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 990.785615] Call Trace: [ 990.786190] dump_stack+0x107/0x167 [ 990.786980] should_fail.cold+0x5/0xa [ 990.787807] ? create_object.isra.0+0x3a/0xa30 [ 990.788801] should_failslab+0x5/0x20 [ 990.789624] kmem_cache_alloc+0x5b/0x310 [ 990.790503] ? io_uring_alloc_task_context+0xf5/0x6a0 [ 990.791620] create_object.isra.0+0x3a/0xa30 [ 990.792579] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 990.793684] __kmalloc+0x16e/0x390 [ 990.794460] io_wq_create+0xeb/0xc00 [ 990.795268] io_uring_alloc_task_context+0x1f1/0x6a0 [ 990.796363] ? io_import_iovec+0x1120/0x1120 [ 990.797336] ? io_apoll_task_func+0x2d0/0x2d0 [ 990.798298] ? __io_req_find_next+0x300/0x300 [ 990.799262] ? do_raw_spin_lock+0x121/0x260 [ 990.799542] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 990.800194] ? rwlock_bug.part.0+0x90/0x90 [ 990.800218] __io_uring_add_tctx_node+0x2c6/0x520 [ 990.800240] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 990.804885] ? alloc_fd+0x2e7/0x670 [ 990.805657] io_uring_setup+0x1fbb/0x2980 [ 990.806534] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 990.807595] ? wait_for_completion_io+0x270/0x270 [ 990.808643] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 990.809742] ? syscall_enter_from_user_mode+0x1d/0x50 [ 990.810823] do_syscall_64+0x33/0x40 [ 990.811603] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 990.812691] RIP: 0033:0x7f55e908fb19 [ 990.813469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 990.817355] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 990.818943] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 990.820446] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 990.821941] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 990.823433] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 990.824948] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:27:31 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x600, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 990.888104] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:27:32 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x4800, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 990.897987] FAULT_INJECTION: forcing a failure. [ 990.897987] name failslab, interval 1, probability 0, space 0, times 0 [ 990.900378] CPU: 0 PID: 7657 Comm: syz-executor.4 Not tainted 5.10.245 #1 13:27:32 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x1000000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) [ 990.901842] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 990.903719] Call Trace: [ 990.904281] dump_stack+0x107/0x167 [ 990.905068] should_fail.cold+0x5/0xa [ 990.905869] ? percpu_ref_init+0xd8/0x3d0 [ 990.906755] should_failslab+0x5/0x20 [ 990.907561] kmem_cache_alloc_trace+0x55/0x320 [ 990.908533] ? io_async_queue_proc+0x80/0x80 [ 990.909460] percpu_ref_init+0xd8/0x3d0 [ 990.910307] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 990.911443] io_uring_setup+0x14f6/0x2980 [ 990.912319] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 990.913357] ? wait_for_completion_io+0x270/0x270 [ 990.914392] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 990.915462] ? syscall_enter_from_user_mode+0x1d/0x50 [ 990.916566] do_syscall_64+0x33/0x40 [ 990.917345] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 990.918437] RIP: 0033:0x7f943fb71b19 [ 990.919222] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 990.923113] RSP: 002b:00007f943d0c6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 990.924742] RAX: ffffffffffffffda RBX: 00007f943fc85020 RCX: 00007f943fb71b19 [ 990.926238] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 990.927738] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 990.929242] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 990.930746] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 990.947001] netlink: 'syz-executor.2': attribute type 16 has an invalid length. 13:27:32 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10010, r0, 0x8000000) 13:27:32 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r1, r0, 0x0, 0x100000001) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0x4}}, './file0\x00'}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r3, 0xc028660f, &(0x7f0000000080)={0x0, r3}) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f00000002c0)={0x1188, 0x37, 0x400, 0x70bd2d, 0x25dfdbfd, {0x5}, [@nested={0x1159, 0x1d, 0x0, 0x1, [@generic="7f1a9be2bee6358a62dd46a82d63742c485dcfcfb97a435812f4f697c39752bd0daa6ea44385b15ee04587481632c5baddcb39ee04090affd95cc301323e68d7f93d6f187cce51b5e43424052b35b2c84e0e0acc96c1a6f0b085b7ddd5f6456db1c14d393f68b1c28531d4262798010cc85c9a19718170", @generic="767e0fa446879e558d89788e8b83d31e6e2317546c3a9eaf56940a224cee0f4b79c2ced63e123b4bea37f04a8f77dd8e2220f5384e3c9159c57c7f5baa2f6cebeea7ddf1239faa0d660af291f12c4c995539d68290133116fe827944c7ef94a71c2d4eb161ef320d9f7b7232dfb323bc69b93e6d316de82e55e74fc9edbf24821924243a919d20e117de5b781a4172fc2da6ba4789689fb155aabfbe259b339cf21b059a987a7649b036396da3619a90cab16be2568af2e788b88efc8c05d1536ac96d86b394b99db152ebe8e3328ad1586a56148a613bf67e6559ece3326450f7bc081b3f9d9825a5a0110a466bba23bc04ad04ebe06b84779b23d5fcbd466ffb747fa75cc9b71a0089a9eb17871f4bfd9d93dccc51d3efb951b62576c76be8e34ecfb91b73985b43c89aac4efb97bcd6d6e1117db9e2a3cd25fc9239d11541a57eb1f8b0e6617b4049e37e3fb40ad3b511a688e215baf7e2e6372ca9bacbc274293f3511b8613a97c0af9fdeeebc1c75ffcd07b63fe0feaf242f41be38340617433df493ea44a8cd7219f238f58c9617b722ca1d1e772e5ed1d104c0156357dc651f500f4fd3a08edd809e358820473ddab9a52d2aee31a5a5851746c4f46adc494d174aaeee002a3e6d9badd725faf9c1d40578b1fd46fd552ae32eec9e4f0b97ff438c0a7cd7d83c4c8e77460fabf924207c4787fb68f55e1a5462585fb1bb809b00c2f98bd928ba20d433dc02cdb812a744623a95f1080493b3ebf0e4e34c2fdcfbb4c58e4308352008da5afc8fee0f8381816a81a227da8a409cff814e99accc277f2f7b2fdc0c8dad54bf02ea67cc17b3047942fb94b2cb531f33188051c4b6ec10816b48805a74c3af7dd839e58b7dac70af68b7cfa1e2fc8eee3a36de43d50b19f18bcb369f6fbeb99cc756260d7c8b30244309244ccdc421a4e07a3ef5a84569c72bdd385162c2300dafb990b3e7b0644065d2220721478ec9303d748b8b1a955f378ead17d865ca69805d241bb67e8533dc43e779085a5bd2593f1f1dfc65a39893142559cd4525a0e9cbf6c5de89ab2bbcd18198fa712aaae202c6ffbfb9f7bed1ab9f2ecbbdb5fde829622663f18ab5e01391b7b6acda052f6c9625985bd91bd74744f3ed77e675c23c4ea344665df0bc0ca86122033a3faaf34cf62bc31f198f264238e4d0ab57233e5347b0b808eab3f2caffe18a6b9a2ffe5fe674737dbc9443853d9ee2db3f7f151ee5a1823de370249a377fea8a1b66bc88b444991f080bab806a4d31f826aa110cc05552c5fb9458f03232a890cede6dd5d8062d72919f835308cb0d782c78958be47d8a5b23be0dc3707d0b7cfbcf23e2d0e9f968c57bfc92d2a700364ae5a53c4193415a755ee6b2dc59969eff7098a1620f4968c9dcaab5016b4050e76870f641e819831ac7f2e6f65e8e5a89f8c5311616edd87fcc4aaf023630fa4bf120dc80a5ece3e5f0775125461281aa67c573b03eada078b50a52ff536483ffff292e6a2b110cd762d49d6ed71c6384c5cdd44de6d171dac89549f4ef994a4aeba4176c73734a1a8285855d8d47280b08debfee4873b193c3dcadead315666d68e710062bd7ae12ad9c4818f189d2bf23cc45fae15648cc27795aba3f5a4487aa54cb0b36c503a0aa32860aaaea31797544bdd9e8d482402b71657edf876893b84539ec8b0ba6b58d34361e5beb4190acc95a42d18d0cc66b3f6838342d895435b5af5f7c5aa9d17d4a9e75ce35ef7080c4e8124dac33e5419486219b1233655597a61eed406eacd300f783c58de53062a6659f8751e0aff8ff4349b98f9b0a42887919c67a2e3d51ef52d049c5f92a8866ac679a3a4c1a739d8f298a117c02088ce12a2fc3e07cbc9d845a5aae36dd3f1e472ad0ceaa9fec882e6bb3fdbc4c50bc92b3d692fc2dac492d44661a432d4cb2a4d6266a311cc621b4511a434411356b0522e0d22892a755936397ad1a96dafe0da96105f28559f190358fd7ff94fc716f8a613e4704d9d0da7cbe7a9aef7af74bf6ce55df93c7ed6b6bdb564154b8c88c6e92f0be3533f57047084a229891172cae6008c73af81272d400372bc0a6caaffcc40f717deb0576e823bf48ef11bd6af4f89b62b47cfeb4eba6c75c99828d843e6413a8c83e32c6b9ca2ce111d22a70ac4b60d10d2f2609c2903eb95dc6ee8ae32ae2759fbdbc70c054358b6a2e255963132f40aa3ae4c1f9d18010dfcfc4a83fa9f4b0aa01267ae9c02910ec9baaeef074988cbc27719ff09baa969f4e35602f4353e97191d27e8cf90e86b51281d2a9a1af12c9785b4b63746065354e283249c3094f22931846fa639cedacd6a91b43cf804bde9dfa55e7c81bad1abf086938ba6edc555af6606851f35cc562d0bf565bd2180f9922c4ca1508c485949264be69197061184d4af8b20362493277b6d4e144848212e1e0445d6fb88a7fa11e58850e1a75d7412b635ed3f74e8decc590530cdb98f646c0b6426846f243ddc9a0b9fc3c0de703095fd5d841d1de3f676d13e654d439a4b0a64033bf9a570c16fbb7f2155f42664565aed2ce662721305c7036a9e1de25f4a4edde8ac01fdd84d5bebc00bef4d859902fc0f190a3b8d6f6ecdcdaf23e874715fcf48e658441c8db31e2445fbd1ef4657d81dbf946b4d5e7812403e171d41b371b9418c83e8c9a9924cfed64b8ca2c95296d8bed9bfa90cc830f24c3bf2341d10cdf9ff638b7d34a07b0fd077b2155af95fff8ed3906323906640ec8dd886114650e40ad81f48396e95800c458c6662be45936103738688a289b363683cd9e653bf71498b4379a97a70ad62cd7a64577f2780593888c4a805d789374666876bb3b5d68f3c0fd7626cf9a10b469d1c37e30dd58c0ea8ed398f5998f03fb526ee4b6172cf9996aaefa5dd21c87c9aaebb8f162cb50b284ba76047f2d0e72b43b469cd9937431d71ef56be2b395e7540d186435cd9b7e89d17d7020717dbca9c400578b5a731e28f73b0995a4192405401241de066190f4ee133c02f07486c6e085a337dfa1e7d197ffcaf7c3c09de295706da6ff47ee97f0adc96479274879c4fd15394c5bb2443a39c034b925ea390c02fa1dcb3aa026a847e3946d24791b12f05a2c9e46239936768df0d6a09b5c155b23ebc4532f539e2546fb22781fa42adb8c4a8e84396a812c9378bdca4ec9c8010229a3eb41d07b6a17f2e874262c8d0d929f92c49bf1c505ee3acded6bc7d0c8ae9722cac48053d2f9e7aaaad72e9cd986f563ec524e4d3db265fba851454a20e819605e714f3f903ee2542f68aaee4927aaec4bf2d1dc3f851ff404509d17991993272061f6677201467ba9dca70b5080aa281178482a8b7aac2e5881c6089ad8985c39b386950a225d69debdd4ac814500785d6da7f0a605526232dacb2c8f57719d07c3182d083573d8a1e59287834ef8671f24736cae6ac9236effa209f3be07caf013883a27169b26f8ad324f08f68983507c6802d92a27f32b426d808f713525e4fbf880b79a90d14774b69430f03cb402e0caedc2f5335fda434b3a534917372a7fc936053bb73c7ded909bd4e0a11fdca2151b831a15fa64967bdc220c8b8dcbcbce2bcc6afd02aa76cddb36d7ef45a3bf48173c2bf9ac03703e598132bd069b25bbd875d9e89c7f75efab8618fcb115960be7e69a150e2bd5ad22e0c12d3d75d73d513ab718935b6dc65852f68187e81ed81c360d12fbe47b9f263c2dd96b12a04ce120250ab029abefaabfb10492f5a46180f3dc3fe53388a98d9ee311512be1281ef4253261d4e61511c868eae6cedee20d98eae909c0f6f2abebb91b94e6a9f6f0dccfdc47df17c4a2617f197ae8190ac444bcbbb44afeed4490e6fcea13456b7c3edc1a9b7af223f323c751d70db692f74aaf5e506f2a0a2701d7f083a299d078b6266f5aa8540849508d9672e96fba02f739f5dd26b6f99295f1acdcbf024b5dfe17883a737fa86b364fabd2b0650244b8bc409d9d078b28ff229b4274f75d6d5d384d72cca79b19e5cbc1413f05a7e86bed97b2eb483df0adafbbe7f3e61275fed88389345862bbb48054f2d9679d4240748506ff223e8f07ea194c4b6971aa151eb7bdd3121778ad3190c6bd60ed8a938621b2016ff51092d811630445e3f1bed5306e4edd77f2b548d05c44fcbe67a3131a37b171feae2b5c900b48c545540edf6693e56802432c95e12d0d2ed3826b89fe35c8a6205e7bf9dc532d6eae15e6a22699721faa6f8a915f5a58ba351181913e4d75451eb24a9565589b25e39b2dbe87003602b18d75fa3f0fa715067fe2804add5a4a5dfc085757868672aae1199260ee8a580502891f74fc5928052487260bb47ce1ff38dd6b7490cda8e5badf498e8812549bbc193bd69d233ee51f62909827b618e2ee62fd03ecc1083bac23232a149f7be412d14fcf988a0901959014d3e71fb03485c8400e1fbea79369ad3d77307cccfe7466f72fbd0b9380aed60ecaba2d116c98aa6a372beb793962647c22a028f11a7c288f8a27fa0f2cc98cd3e45c44fcff58b4e3864634814ef81fbba775a577ca50a5ade3792920e17b6121db4a0e848e3e700500f4cd5a10f3a8753a27e0b850e00f808cd2f78fefa2f226875a211cad48529ce28b3c80d82937b4f213338b57e71b347c34367d327b8516c848f729ad9c46918f25b89e06e24ebfc72af51fedbe7b21d13f9f9136ee9ed447aaec789d96e986098842c4a44401a2c185a6a0d423ff2e4381465fa030693e99fdb21c7b9d9409be7937f3b69b46d1eb407bbe62327bf970ec5b7b0b33e6190050cb990e7a047d2b8f9bd56600ac194e4767c71b6bd57312be85c0ec4b25eddb143708f5fd96023aa4b56900dde723819762c82a51646cac76319261a450fc2e0ee966e1c82be4777d0d0d852ba20f5c18b5a6b7b4d808d55faed1c48f6da5c2a698e307d23bbef92ee29acaf79918deae5d26fd3b6f01cbbe55bae5a37ac9283c97d6c8e3b821e49018da80ad772394d538990f629123f82688fae87c3d51eca385313a8343ab3fc4f97bd1415beca9adb0f96cd93228be9c548c20716c4cf490d0167d68b85774ffae4ea61d90c56db9ca96e7272749e0614277d526d540ef37cbc5531eb86487dea729facdeff13ed0ff64a9f197d318658f3d73991b90af468bd9ba6a8ad27ff65f055c24c647078aa8d19c9799787a85b7a0faed26b7cdcb2867fff9d74904e0676a7acc95b376ed69d2c50e386da05de29a88636d7f4b37b044b78d4f67586d7f6d3f85c87a10ce89cd79b317fb7c01860ea2153f75f77cc8ea2c7ff4e6289307413a71cde4d53f7296586ec96a7c05c16249a10564d30cbfc9bea8a5a72db7388e1d491f9c6a502db152f1734348dea044a40d815b7fd8d137f1c34617692ca8d6f30837e4c7921b4f82df30262468e4daf733633637b8323f37ddde331c8bf66480c9e7a674d44820f68ce8452a6c8e9ef09843171f8fd677df3ac30ad51ce11ba10ddbc75323c323ac6e533599bd5bd9a580e4b73935f9ac01f08226f8d1049620c158e3baa4657898358c5c121f8796f3faf90df1f3024567861da200bc495ce4fb90e73d746bfc8afe281acb4a40079be30a2fb12909e46f5917f6e6d7519935ce3459c0c7f512763387bf53b4e88ba0269ec8cbdc6898477d30438a17d7ed0f4f2f8ebc5f43e45501f307a5ad53f48d605fa8f90c486794ef70030e316ec23f30c487fc35d5ea1b2214521e5e4a9a336e454eab53b70f7a7ed5eac055ec2570", @generic="74357f88eccacb1b7718fe6c6660adfa8a5f752222bd9e2a540603afd2914c42e494de307aa7deaaf27246db07fa920fe20baa1104afaeccd542470f4b68bbd8ed5729e5da705dbc315d16ca97de5ec86bd855fda6ef1a93f992392d1b006d8e65ea2e6586331841c34c5d25078c0e4c748abbe2e1518d015bc16e2eb384c067c7bb8aea6d8fd0fe0443341f82ba3c7f1f0839bf1b4363aff872743bd58ad548ffb08eb3d5072d2f5c7615c432515fe39f4ba0af7d010606b5b3b945af666da65373ad0530e1f6abc842b7d1db3507fc59e5c642de2c4bf7e70c18cec022"]}, @typed={0xc, 0x70, 0x0, 0x0, @u64=0x4}, @nested={0xc, 0x2f, 0x0, 0x1, [@typed={0x8, 0x23, 0x0, 0x0, @fd=r3}]}]}, 0x1188}, 0x1, 0x0, 0x0, 0x50050}, 0x80) ioctl$RTC_ALM_SET(r2, 0x40247007, &(0x7f0000000080)={0x25, 0x2d, 0x16, 0x7, 0x4, 0x3, 0x0, 0x14}) ioctl$RTC_AIE_ON(r0, 0x7001) 13:27:32 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x700, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:27:32 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x4c00, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:27:32 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) sendfile(r1, r0, 0x0, 0x100000001) r2 = syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x65ae6763, 0x9, &(0x7f0000001600)=[{&(0x7f00000000c0)="19812d6c71b8a1376c5716c23d823eb03c692c8aa1277db04507477a7e15ef29451e413c48f5fa4c4eaf92074974713626d1cd45d015f1b68d63490bf49b6abc7154f105d51fe6bf5cf488f9ed9433298d94f3fe8c1ae25044abf9d2cce9888c2980f912698b192b687c526839ff71d3518f6fb0fb8f01f048b7f6733cca", 0x7e, 0x9}, {&(0x7f0000000140)="0c144d70d8397b2a23707a7af616c43541ec309632ec4ac51f50cab53e2750599c8133f5883e223a21361ffee4b4f5d60b5d9e31598d6c00511eb4c78d19e827a7555e2a238f50b794f52b8034fb9f26f3b7f16e4c", 0x55, 0x3ff}, {&(0x7f00000001c0)="96049370a3f45c629fe3925cd96701ce52dcd70148caf1fe938a8a2f01acf722f223fb555a50226a5ece0d", 0x2b}, {&(0x7f00000002c0)="b30d4d72320ee0ba02f60243f1665a4b6d983d34df4ed22c3d1f335b269aa6bdf8e2a882b33d70aa38eb3c8da3cff770e470ec2e7ea22b152ce06ee23ed57b889d659b86f5507864fe8594efde2e5b4cd4f5ecedee58624745f27d7cc8338ae5f3272137394a36750f98ac349c776c9816a6ba985a937c18016369347def9b41c3c4c95445a76d38a2e3e16a1be067a8deed4912653b2adb4dba4854e4ac769c1df431cef3dd40b5cd1faa37c03ecc38023d41c191a251b5ccc271cd2052f760f7cf8db516c45ad930b4d3f2ec84aeaf6ba9ecd25422a42da801d4", 0xdb, 0x7}, {&(0x7f0000000200)="1f118a337e908eab79476a2952f4ee605ec52c0b1ce88f5514cd2dc73e6f9096b7d6229fbe1ef943a2becc44e249411478d9af2e86d8ad60960be68598ced708eeda45472f8d6663dabbeae87f7cd8c3c1f341", 0x53, 0xff}, {&(0x7f00000003c0)="d05648735fda0a91ab6d60aafaf010ab473329d5d1f29cb78efba2afc2fd1c69cf82c9843af33569d677366f379cbd057b7fe04076d1ca4094aae745be7d01e1478289cc341de165871882bed4be2582c4ba288321bddd3e94026bcc70765e1a6d828a2e31f40b38071463d9e4c94df71501b6495dae205c163f27a07039a7703a5b39f386f8b705df1b135c180ef505a70374454066ee92ee7e49aa2fca08b1baef9c9b3f1fbf9fe7c37e72b613f1d4b21268dc49a74fac6e9fc6ada95dfc60005e528c91b853990c6e07431da1e715eee6c5eec1da657256531325c3d6b96c6bd5013283c57d5643308be360e4377d8a2b3f7bfd4b3de52ac1e940cbdc8a3dc4577e208db3f1d5de4a44cf6ed73c4cbfcbaba2c48145685fb95d1dc51ee19987fb40774704017d7290f1a5f2b36376b43d1b06b91a42079614976aca5d3764c2746189c2290e3bebcc9623d3614cf8522cf276fab2c00c7bb4f9f0a01393a00b621fc309170e56a29388ffbb4fa4ba664177771c204d6d7f4c06e156adfcd8dc0929d88196f856d226d8d3d40db013095002f48be08c341de17e7d9096fd90476bc83d9a850d5bcb90612b154aaa705999dde6aea55aea7b347ec6c69abf6771d0079aaa3d848f623bbf70e56a9cc898039b944d235ba44fd83078113ef4de76e6b552a3d89ec04c8707e718b05b681cd67eed05d7e72184eb3160ace43dad64347f5e8c877ebb75b86c62883605dc32b2b7dde6babf0ebd6ea0589c9c9f7bbc4f626378e721038659fc00db9263c3e2c80fb950f73287551ff188b1d939fc458c450ae1fe617194fd787126b546b6e19a38237c037ecf4fb88e763e2dfd1c4f9a9f515005446c79dc5ef3e0b1bedbd33537f1b6a6cf9c5145424afdd8b8743c30c5b26b518924e5b5bc3e7d14b27857bd499faa4bd78c01b96c9650d6eef895931d36126c46144d9f9f533bb518c24b6feeeafb77c4a15e365cd1a2736517f3e4c70fdabadd61fedf0e628f1492d56827196448cb999bcf89db2faa8cdbd724d2f6218c05283ac06334498706439ce2eb2bf6b8916a8c3f963137b121611558b972be0cc477cfe5025de8739db8efbfcc10c805dc33ec5a3c6616c08596063a853f49953954cb7dc5b1bdfa83b28d61813d233dde5978579a7fc0d795ffce99e3fb937ecd4d75b8e103516ce856c427840842551fe38b327e3d434eb0f30b0e60bbc6d66dd85c199387fd4e7a7abde8fb3d64d3956ea325d7f92412c14a45d614ac7ff5b723412d43eb35fe614f6cb158377eccad591f387c20869bb47875ecb8460bc9b986c25898dd3ff89dce4124880918e9d279c2c846903f66cf5524256b32f80109ce6635e7361820472dcc586b5ce42f28285dae04c0640f8bec6ede92009afb40226bc1a75cb03d5ba0e42726c68101193a451b3fe0c5df85978a07aa28c57bc6ed351ca0c246825c91bbae359f206467aef20463c92482320429bfc767bb058a6c95271aad4c805d4d2f09d6198c6cf0dea3a4ad3ec2fcef62287416d4e1fcdb9fa6ff5f81977032fe1ca518d1016a65efd260ea41af35aa96baf8a7e395cad3db59449fe1c67a538c26bec63da180967c96cbbaec2499edf6360c4b5eb64bf599f5fd22d8d5b776852d0ee6cdfd76273f79611ecc9d0e385d94f9f762197d2d1eee1cb1ee463ce26b5a1025dbc30f4788d67be70e1b6df6ba1edbc4da5a1e2d3ef39e273a71f125ab29595c5ce99ed0a520ac773134f0d9bb6afc1e1dc736b84c0d136a423e78c103432c2831aae5d3cd23242e3ead862b543678455dd8ed482d87e5bb931c7af848e2faf695243d3f684c6c797264bae773859f76447ada42c8acd212c6583914076d51d92caf869f253c1f034957d85b347201fff7a692942b9f06d8f7c6c93f8b44139f0c8c736767de3c319633b9d14856d517d7dec6e234d5d5bed2b44cee995687096fe971fdc03595abb5a14b1059c7abfd0fd3dbd462f95b7c78e7a84b7b57b84a6f9b95a56ef18f7de2af6ab7441e100a794bcac49cf85a646f398664fc85190139b83961b9516c5af53cf62fed7abacbebb230e7a4a26903e45d96e8b3a3191928aef08cd163ca984c4c333b6a813d05dc52a0c212d26398ac309540466dc2349dea758fd8858a33f1def3f137f0fc7234fa636c9626bb026d374b556d78be815e46aa670af6ce75fbfaecd01c6d4e2cee972d0ba69d33a39293ace8b3ccf0fb5b74a202a076b19277d5e42583e6ff517328f0a80ae7e47bb387b378405c99c780f9c0ccda47dee79ed74b60ca92ef3c658853609d847ffe78188f4b8cf78c74383c4574d538389ee255e65118591deec47573de93e84f43f735ff9940639ec58a7bc3b97806a79a3f74d60a73ef6e8c2b6b76344b6e50111452e268d3ea37e20be4b1ba97fde29b13a5e31c1ff52dfc96038c14bafef04e206f908355ab40f86d6b49ad7d6f5c56277d4a8c1ec0ee77cf74a38981cf86a36d04c3b86879670b025379e03b73f13035ba68f3d43f64254e1a18937ef43778792dc05f4c4715d8354342eb42120dca1ddb2e0573483d98dc7c73e85aa91d08e6ec1f97fa75caab158d67d32b531465d7826c6753b0ea0dc3912cef10b3e1f4d1ef97e869b00f31fc58fcbecc2f15222939b307aeb8a1f69f6e41ee54bf02710419cf9343c4888560a2c8bbac09fef163320002d02c6ed1ee127e0e21a74bfef61b6aeebf6933499e4b14991ab2eb999ad091330b4162956b1c10ef587edf9e6009b4614f878f7a199fd2de13879fe744ce242bbfa8010ec1d1c6e68f6cbbb54f60937d72a6fe9de508014c4a50aaa5f06c80ea4b01a84fcb4840aba6d9ecd43dd0c9c5e3d70a5d126419127a104c6852d7bb07d77983e057cd1816d995d86069bc1f6579ed419dde877bd1e5eb4e2cb56f5daed90613008b662be68eac15f127b3c4e2a98c616647cc08454c25416a5519278a18387ba6fdb64f7aa68fecc0956dc3b3d516e588f8382105759ae6d2d3c4e1ced96523442c5fc592e48731835a748e20806d3a003d4ad54ce42234fd6bf0eaec0091f1771c8ead6f58dfad90850f1bb4cfc028c94591151e85d33ac2d4db41eed5bebba6728ff41f80fe2e9f214e49d18fa509e28f2be9ea3637667d75ab697ff43ec3f4036cff6f6292851800d319b1224b1d3a4a07469b1fc80a9e0a36b2acd79095c31259e694349a93a1dbef05c04de9c633cb8f02b8b14d732c4813da3db5516336c889986480cb2161bb35408ef20e5c8ec40988af14bb30ec064cd83e5aa6ead7a16a9b36d0d5396f9b45f3b2591afe806cd414a955ea023d6f723fe3a2970331daeb558914d3c8ae6e18d1900380437ef977978aee97bf217bfe6097f3393b33a310cba0f9ac125f0093232d15ee3d58886e4b07a5f1524f5f887a0168bd06167cb13330f5022a1ae98a88e462ca3c07048461d9c26c458413f2776e64baceeb5b728125d166c70bb26bc3aa9ee5f0b7ff6e4dc04f952158d8d455f889319ba851d1193da939a86a96453fac437dc32496cb27ac796184e94a00d6e9dd911d0b4cc91568426ac701ba742571150ada340e27f2014720332e726c221101af7e324fdc7e5b3790ecd435fd7429c444cc7cd59b67aceb20b2652fdf60ff37f41c1e5f8bef171cd070804d9ac94be45843d0dfa3b7e5877a7b29db1b303eb4026acac9ac7fba8242be3f0d383823baadf51695f3fdd09a603b1b852920a90a87619b4c128e701fc6f829dd9a63da8534d719ba1fe2b18b48d8c8cf5d42fd3329efc8bfb355d9b3bae37a02236b248eca244de285f68055366c80341115a11cdd713abe53fe0769ae2ddaf2d6a54c844a42c6237d77f6bfb8399ad093399c10c1291c16c401314881197ccd67f4d566c431d8f3271dfe5fde36145b8031403d35f4dfb2443b7f8c26f109f866b4a5a9055a639d61e79b3b7c2c9bddfc63fb30d0b04cc30247730076bf547cbc3db1b60b920e5d39c6b5929d0d62809e7c69688838d0e8d50bca3e7138b2394891834b542e6625a6260ee0276f7bb7ff46a0db7a1b562ac638eb7f1a1c5618e1dc7d277a353559cb653008f66e0752e775ed741de4be9f2e587e9bbcc1f750c6b812b7661526a4d4c1a22c50b2fe75b6d8bd80700b78845555b286c5b8740dc2109b1732a95c9dd35caac3b5f752ec42060ebc91fbfe38380f0a531ee4da9806a21921605c6bb155ddec9f29d0a9d8536e9885c07de5d6ef1d71a3d217392ef4c04f8b4d1ab18b61cba6239bd0780548695d936cdaae8a265712008af9209fe364930a7a3cf863131dfdecd1ab04fb70d4195f78f0b6d51e87b9020388de06a0a601e02088afba11c3960822ce9828d2b5c7e352b4e3df777670ef3b08a4a8bf4bc0e62cacce9c1082842bc25a83b30f316e1468607a2f3b0e6978a72929f0dc715baab5af2a7d1cc77f0cb3498ec33af2de2da6ac8511d8269cc1f5caa305c7113a314199ba5907da439e4e22f0d7b0c5f007d38475b194ecde739dd0ff983f01bd15c440eb1c3b3bdc2c01ee938f3d01c49e81fd73081c8edfec82f5058b2465c0bbb1a791f23508a96a8e396a04b9afaca083fca87d40c6fdb29752ae433b2df3cc5cda3804b8a0a9b97c9ae79770f1f4797b16da65e03b7f600715d29b706cf727b7b9bc3380a6ad496d0a2d32b48481717bb4fa4c621b87ac1aac9ddba0bc5963a23e14334d1446713b9e5872403db6c3093d9e74bb430c18229e9cff1da81b8b142ba70afd76d64e264f6324d9ff89f5da0b5e12d7900eab1dcc53ea67b4db746fcbfddc17d649e6a543062653d7a22c5b02722dc58fc8f6cb08c64b01eca9e9bfb40abed88eb93acf574a42813079c26a11829064d118b5d7005b3868331045353aaa1bd8a2cc05e21887ffdee0dd38311a6ab15427baf7485807756bbb283ed3b7563e6e4d96d55b8a48ed0111dadda07047bf4ab3a4652c868a30bdcc6613b6a9a07d3fe2f24d6595c8651cf8ae63d8d55e8d5a6b266e72f0a8aaa70c092722d7b3adc28bfe3458590115a17e288823b6f2f4428af9cb2d47a333d4cda6e2cde66650294ebab07cc384f149384219e187150351beb7188975cd4c3290c904ddbbc8003f6266a7e89aa3e4687a3b8766c2b5cd621076614846ef46896d0a0331d36f7230d47de05722c7c3be8114536425a11b64d1d84d6e8449a7cd55b8c3b40bbd83f05c98eac564319800c8cffb9da3948235497df44273ff0a8e4116a66f38ad9312e9fddb0f5bb36a6ad74879a5b06ae52a411b742e0c0964703a8a93e75b988779d4336d41d71b42674ae8ceeb59c92f650a0f8ba0fe8f10fe3b431b775ac94e998e52f2881c5d3af6add33a982b5b35691d568f1e652e0866da0e72a4c3f199c93797285d0680e5ab6bab8a2495e0d03ca178812a5ee5267a613ada30b4a927fdecf58805984c5ce3816e29de7664a616260152032b07c01e3c059ef3198ccea3fa7834b3710c3e3e2709441bb720a93bbec26dbcbb35145060a2f34122f635740f59e36c7579a3cb0adf86b82c1fd28eb781978cf4fd688018e5b6927959ee30aa4314ebc6f68ae48418c100537f79c6fc74ba8961634e401b54e42644ae91f80c97a344a597d90a1736f1b2ce4b842321951ba762451b1f454bb744a38d82bc7427c1b735325c3c1267e6955a885d1741caff7607221d2e1133a783f517a2bd1e44dee3eb41114078fead2cfaea2e20b24329f3e355c66e06f20874424733d7362338a8a5640de844133f8d", 0x1000, 0x9}, {&(0x7f00000013c0)="81647beca1d4a97f427bd44e1dd376d30c724be638543fda4a7874f3dba252210f8fc90928499524d27ef3a389087467e7cc9024b9cca0dd7451a7e63aca68ea245b1cb34a474e2c1cce65e2343af31bc7bed0d79279e9c5aa331739c06edb872b10a94e7171ecad6d1e7c48214868fd5b11e546a1c231c63da87caaade8c3cd8ab813291aad88f67dc953bedb2da35c542c46ccc87ca2bba7dc1210a26f6de0ea33ec2147141b68c421407b59a001ec3d6f26039d3399b0dde6bef15394c1964501dcffb2f4d51bf153de79baaf2c9063a7a022e6fe0cd04b17784ceb3a1386", 0xe0, 0x1}, {&(0x7f00000014c0)="6ee6d98dfd181e8e5285a74ebf9db78098b8df287275f3aa5144b10ad548", 0x1e}, {&(0x7f0000001500)="1af4f170b79da6e33689a395d80bab3a592c5f17d29b824a227c70b73514c70d822e95da3e6ccabfb7fc832d502eb45dc0df9892cc16d4f7ffc73f44a166eb701ed1f3c5f1a441c71ff6d273c2fd9ea184acbc1e79ade44b39cc531a7a535a1526b5f7e11f786d8dcfdf9aca23d1c4926f229a6c2962d10483a66124dfca7720a4261c773e97f6525024f2a3ae9e728f7d9e9b60178a40962d6a70e3dd9e12871ffb53da5663d7b72b279ad395e3f4cf33da388ee03ad7a61b82e92b2936d5ee9c97a9ad5d3c8cc183cbb5d66f70cca5752e6ab5f1c7f5e13e3ae33314f9a9705983de582ce9bdffe68948d03c31", 0xee, 0x1}], 0x8010a0, &(0x7f0000001700)={[{@check_strict}, {@nocompress}, {@session={'session', 0x3d, 0x38}}], [{@defcontext={'defcontext', 0x3d, 'root'}}, {@fsmagic={'fsmagic', 0x3d, 0xa6}}, {@fowner_eq={'fowner', 0x3d, 0xee00}}, {@fsmagic={'fsmagic', 0x3d, 0x7}}]}) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r3, 0xc028660f, &(0x7f0000000080)={0x0, r3}) sendfile(r2, r3, &(0x7f00000017c0)=0xff, 0x2) [ 991.046519] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 991.102726] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 991.160242] loop3: detected capacity change from 0 to 135266304 13:27:46 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r2, r1, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x4, 0x0, @fd_index=0x4, 0x0, 0x0, 0x1f, 0x2, 0x1, {0x0, 0x0, r0}}, 0x5) 13:27:46 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) r2 = syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x8, 0x8, &(0x7f0000000500)=[{&(0x7f00000000c0)="60c396859e3376785df96b69fae06f09bf229190160c7d80ed8471cf0f97ec610bd986b3ac675ee7757d0776b881f06f58e08278df2b8fc8ba5faf7ac54a", 0x3e, 0x4}, {&(0x7f0000000100)="a7607c306e64b2553fcab3a6476859f1c0b9fd95f2e0263e51d7050176042d94e7830c0dcc2d5973ae115430793750db20b5e02a81a212d84077d622a35829afbf44fdeaa255884a1f871843000d1fdd0f8fdbb417677837ebb24247f02b7d8454e74c4005e4d58a82278025aa242e7ef81f93f0e92873ba95", 0x79, 0x4}, {&(0x7f0000000180)="ce41c94c97eb2645635be89cecb8e5b168816cf75d4cc7fbdae8d8e7041e39edc6dbcca24b92236a273096095a860efed73eb717eff3e6e6e541a76de90f3b17dc8f9f3bdbeb0e00a2aa20bdb9d7a64564038b2896954c355564", 0x5a, 0xb6}, {&(0x7f0000000200)="e5be9b0d04e6085a8ddd67a025fe8893904252b26a5a7cf90a3cccee91ec3bdaecf907c75cbd5f3bd9f197e49c2b8ad053aa3c250b02af032e27c9b5dbd9a706c7b396d21e7fe3bbb736dbe65f64844c85375e4eecefc84b068d2ef0a2a9f292e5bab6b5e5dafb3a6e46dca975", 0x6d, 0x7}, {&(0x7f00000002c0)="a0deb7a76372a455d02efe20669a08d8e3374b8e8ee2709f07d152c77372daceab9dcf919f568732a7725d8f", 0x2c, 0xdb0a}, {&(0x7f0000000300)="1b414f230f0c471129f48f2e7a72c937af0e51e592156f638f03726554a1f374f5851ba7f8ee50e9d3a7b353d3f0b6c23ca71ae5b509789dbda0043c254f9d698f79550d0aa091cf37a6ed62fb7e7801faa76521692f4349b2d9a6878127f4201ca4c8aab8fe4240b3ec48ea1eb9e186e22345e2b511d79109b7c9f03ac54a5f4b0c50ca04f37e196a59f6fcbfff7076361813a4e7cabf1437057b0c6f25c0b8dfc25959958a3982a66a0be1ee943eea874dbd4cfaca8cad17d0dc5e202c88050d1b3172acf294347bffd277b8a75b115550d680f5c6bcf7dd6b6b915deecbcc95158a2b941247c0462aba3d4d05931005868bde6093a1cc4d7dbcf1ff0b", 0xfe, 0x10001}, {&(0x7f0000000400)="17696461a335827d80adda854c0db161cf5b497ca7727a7fe814be9e2d9aa97de89b7ab6b4ac44cc71f8496d67e8fdd2257355cf33797d14e44034c6add59e31eb57528a93312ff07fc45dba1f5aa28bb7149a02d6ffe7375db26228d119c67c0b448cc27e6f86452e0ee380954d039166aadb1cdff3783ff085ba61fc", 0x7d, 0x7fffffff}, {&(0x7f0000000480)="24d58676289cf006dfde8c190c0417b979d716bc9a1b9ecd7d5f0c498c6a3d02268ca2a3770ac73e532646878d72666eccfbde1086d551dd3c1c3f18714cd6695df87796f9560c5ea6f95c91395f0e50a93e3fad81dba6d4a002e102e01b", 0x5e, 0x9}], 0x20400, &(0x7f00000005c0)=ANY=[@ANYBLOB='sortname=win95,uni_xlate=0,nnonumtail=1,fscontext=root,dont_measure,measure,uid>\x00', @ANYRESDEC, @ANYBLOB=',fowner=', @ANYRESDEC=0xee00, @ANYBLOB=',subj_role=(()#,measure,uid>', @ANYRESDEC=0xee00, @ANYBLOB=',appraise,\x00']) preadv(r2, &(0x7f00000006c0)=[{&(0x7f0000000680)}], 0x1, 0x3, 0x7fff) sendfile(r1, r0, 0x0, 0x100000001) 13:27:46 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:27:46 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x900, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:27:46 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 38) 13:27:46 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x5d18, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:27:46 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 52) 13:27:46 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x2000000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) [ 1005.313310] FAULT_INJECTION: forcing a failure. [ 1005.313310] name failslab, interval 1, probability 0, space 0, times 0 [ 1005.317980] CPU: 1 PID: 7689 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1005.319687] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1005.321756] Call Trace: [ 1005.322415] dump_stack+0x107/0x167 [ 1005.323324] should_fail.cold+0x5/0xa [ 1005.324273] ? create_object.isra.0+0x3a/0xa30 [ 1005.325418] should_failslab+0x5/0x20 [ 1005.326365] kmem_cache_alloc+0x5b/0x310 [ 1005.327371] ? io_uring_alloc_task_context+0xf5/0x6a0 [ 1005.328668] create_object.isra.0+0x3a/0xa30 [ 1005.329757] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1005.331022] __kmalloc+0x16e/0x390 [ 1005.331914] io_wq_create+0xeb/0xc00 [ 1005.332859] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1005.334122] ? io_import_iovec+0x1120/0x1120 [ 1005.335214] ? io_apoll_task_func+0x2d0/0x2d0 [ 1005.336325] ? __io_req_find_next+0x300/0x300 [ 1005.337483] ? do_raw_spin_lock+0x121/0x260 [ 1005.338548] ? rwlock_bug.part.0+0x90/0x90 [ 1005.339654] __io_uring_add_tctx_node+0x2c6/0x520 [ 1005.340911] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1005.342269] ? alloc_fd+0x2e7/0x670 [ 1005.343190] io_uring_setup+0x1fbb/0x2980 [ 1005.344270] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1005.345542] ? wait_for_completion_io+0x270/0x270 [ 1005.346764] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1005.348065] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1005.349355] do_syscall_64+0x33/0x40 [ 1005.350279] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1005.351549] RIP: 0033:0x7f55e908fb19 [ 1005.352490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1005.357082] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1005.358962] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 1005.360734] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1005.362498] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1005.364264] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1005.366037] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1005.368312] FAULT_INJECTION: forcing a failure. [ 1005.368312] name failslab, interval 1, probability 0, space 0, times 0 [ 1005.369910] CPU: 0 PID: 7700 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1005.370850] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1005.371991] Call Trace: [ 1005.372356] dump_stack+0x107/0x167 [ 1005.372817] should_fail.cold+0x5/0xa [ 1005.373278] ? create_object.isra.0+0x3a/0xa30 [ 1005.373823] should_failslab+0x5/0x20 [ 1005.374277] kmem_cache_alloc+0x5b/0x310 [ 1005.374762] create_object.isra.0+0x3a/0xa30 [ 1005.375285] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1005.375896] kmem_cache_alloc_trace+0x151/0x320 [ 1005.376455] ? io_async_queue_proc+0x80/0x80 [ 1005.376989] percpu_ref_init+0xd8/0x3d0 [ 1005.377463] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 1005.378115] io_uring_setup+0x14f6/0x2980 [ 1005.378611] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1005.379212] ? wait_for_completion_io+0x270/0x270 [ 1005.379795] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1005.380423] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1005.381045] do_syscall_64+0x33/0x40 [ 1005.381487] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1005.382098] RIP: 0033:0x7f943fb71b19 [ 1005.382538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1005.384732] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1005.385641] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 1005.386491] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1005.387342] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1005.388192] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1005.389135] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1005.391050] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 1005.398148] netlink: 'syz-executor.2': attribute type 16 has an invalid length. 13:27:46 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x2, 0x0, @fd_index=0x1, 0x0, 0x0}, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r3, 0xc028660f, &(0x7f0000000080)={0x0, r3}) syz_io_uring_submit(r1, 0x0, &(0x7f0000000040)=@IORING_OP_FILES_UPDATE={0x14, 0x3, 0x0, 0x0, 0x7, &(0x7f0000000000)=[0xffffffffffffffff, r3], 0x2}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) [ 1005.408085] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 1005.414302] loop3: detected capacity change from 0 to 135266304 13:27:46 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 39) [ 1005.464067] loop3: detected capacity change from 0 to 135266304 13:27:46 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x6800, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:27:46 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 53) 13:27:46 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0xf00, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:27:46 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x3000000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) [ 1005.498239] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 1005.500725] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 1005.517144] FAULT_INJECTION: forcing a failure. [ 1005.517144] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1005.518101] FAULT_INJECTION: forcing a failure. [ 1005.518101] name failslab, interval 1, probability 0, space 0, times 0 [ 1005.519862] CPU: 1 PID: 7722 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1005.522700] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1005.524636] Call Trace: [ 1005.525248] dump_stack+0x107/0x167 [ 1005.526090] should_fail.cold+0x5/0xa [ 1005.526976] _copy_to_user+0x2e/0x180 [ 1005.527859] io_uring_setup+0x11b5/0x2980 [ 1005.528833] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1005.530000] ? wait_for_completion_io+0x270/0x270 [ 1005.531135] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1005.532345] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1005.533553] do_syscall_64+0x33/0x40 [ 1005.534410] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1005.535589] RIP: 0033:0x7f943fb71b19 [ 1005.536444] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1005.540700] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1005.542454] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 1005.544116] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1005.545772] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1005.547421] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1005.549071] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1005.550733] CPU: 0 PID: 7721 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1005.551542] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1005.552518] Call Trace: [ 1005.552820] dump_stack+0x107/0x167 [ 1005.553241] should_fail.cold+0x5/0xa [ 1005.553690] ? create_object.isra.0+0x3a/0xa30 [ 1005.554228] should_failslab+0x5/0x20 [ 1005.554674] kmem_cache_alloc+0x5b/0x310 [ 1005.555149] ? io_wq_create+0x114/0xc00 [ 1005.555615] create_object.isra.0+0x3a/0xa30 [ 1005.556127] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1005.556739] kmem_cache_alloc_node_trace+0x16d/0x340 [ 1005.557336] io_wq_create+0x6ef/0xc00 [ 1005.557786] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1005.558381] ? io_import_iovec+0x1120/0x1120 [ 1005.558899] ? io_apoll_task_func+0x2d0/0x2d0 [ 1005.559425] ? __io_req_find_next+0x300/0x300 [ 1005.559949] ? do_raw_spin_lock+0x121/0x260 [ 1005.560454] ? rwlock_bug.part.0+0x90/0x90 [ 1005.560957] __io_uring_add_tctx_node+0x2c6/0x520 [ 1005.561521] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1005.562132] ? alloc_fd+0x2e7/0x670 [ 1005.562564] io_uring_setup+0x1fbb/0x2980 [ 1005.563052] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1005.563646] ? wait_for_completion_io+0x270/0x270 [ 1005.564222] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1005.564847] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1005.565447] do_syscall_64+0x33/0x40 [ 1005.565883] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1005.566486] RIP: 0033:0x7f55e908fb19 [ 1005.566921] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1005.569081] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1005.569977] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 1005.570814] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1005.571622] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1005.572459] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1005.573278] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:27:46 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x1c00, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:27:46 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x6c00, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1005.615442] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 1005.633249] netlink: 'syz-executor.2': attribute type 16 has an invalid length. 13:27:46 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x4000000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:27:46 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x3201, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1005.659431] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:28:00 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 54) 13:28:00 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r3 = pidfd_getfd(0xffffffffffffffff, r0, 0x0) r4 = syz_io_uring_setup(0x40132, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3, 0x0, 0x0, r3}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000280)={0x0, ""/256, 0x0, 0x0}) syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_SPLICE={0x1e, 0x3, 0x0, @fd_index=0x7, 0x1, {0x0, r7}, 0x8, 0x8, 0x0, {0x0, 0x0, r3}}, 0x3) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000002700)={0x9, [{r9, r10}, {r8, r10}, {r8, r10}, {0x0, r10}, {r8, r10}, {r9, r10}, {r9, r10}, {0x0, r10}, {r8}, {r9, r10}, {r9, r10}, {r9, r10}, {r8, r10}, {r9, r10}, {r8, r10}, {r8, r10}, {r9, r10}, {r8, r10}, {r9, r10}, {r8, r10}, {r8, r10}, {r8, r10}, {r8, r10}, {0x0, r10}, {}, {r9, r10}, {r8, r10}, {r8, r10}, {r9}, {r8, r10}, {r8, r10}, {r8, r10}, {r9, r10}, {r9, r10}, {r9, r10}, {r9, r10}, {r8, r10}, {r9, r10}, {0x0, r10}, {r8, r10}, {r9, r10}, {r9, r10}, {r8, r10}, {r8, r10}, {0x0, r10}, {r9, r10}, {r8}, {r8}, {r9}, {r8, r10}, {r9, r10}, {r9, r10}, {r8, r10}, {r9, r10}, {r8, r10}, {r8}, {r9}, {}, {r9, r10}, {r8, r10}, {r9}, {r8, r10}, {r8, r10}, {r8, r10}, {r8, r10}, {r8, r10}, {0x0, r10}, {r9, r10}, {r8, r10}, {r8, r10}, {r8, r10}, {r8, r10}, {r8, r10}, {r8, r10}, {r8, r10}, {r9, r10}, {r9, r10}, {r8, r10}, {r9, r10}, {r9, r10}, {r9, r10}, {r8, r10}, {r8, r10}, {r8, r10}, {r8}, {r8, r10}, {r8, r10}, {0x0, r10}, {0x0, r10}, {0x0, r10}, {r9, r10}, {r8, r10}, {r8, r10}, {r8, r10}, {r8, r10}, {r8, r10}, {r9, r10}, {r8}, {r9, r10}, {r8, r10}, {r8, r10}, {r9, r10}, {r9, r10}, {0x0, r10}, {r8, r10}, {r8, r10}, {r8, r10}, {r9, r10}, {r9, r10}, {r8, r10}, {r9, r10}, {r9, r10}, {r8, r10}, {r8, r10}, {r8, r10}, {r8, r10}, {r9, r10}, {0x0, r10}, {r8, r10}, {r9, r10}, {0x0, r10}, {r8, r10}, {r8, r10}, {r9, r10}, {r9, r10}, {0x0, r10}, {r9, r10}, {}, {r8, r10}, {r8}, {r9}, {r9, r10}, {r8, r10}, {r9, r10}, {r8}, {r9, r10}, {}, {r8}, {r8, r10}, {r9, r10}, {r8}, {r8, r10}, {r9, r10}, {r8, r10}, {r8, r10}, {0x0, r10}, {0x0, r10}, {r9, r10}, {r8, r10}, {r8}, {r9, r10}, {r9, r10}, {r8, r10}, {}, {r8, r10}, {r9, r10}, {r9, r10}, {r9, r10}, {r8, r10}, {r9, r10}, {r8, r10}, {r9, r10}, {r9, r10}, {r8, r10}, {r9, r10}, {r8, r10}, {r8, r10}, {r9, r10}, {r8, r10}, {r8, r10}, {r9, r10}, {r8, r10}, {r9, r10}, {0x0, r10}, {r9, r10}, {0x0, r10}, {r9, r10}, {r8, r10}, {r9, r10}, {r9, r10}, {r9, r10}, {r8, r10}, {r8}, {r8, r10}, {r8, r10}, {r8, r10}, {r8, r10}, {r9, r10}, {r9, r10}, {r9, r10}, {r9}, {r9}, {r8, r10}, {0x0, r10}, {r9, r10}, {0x0, r10}, {r9, r10}, {r8, r10}, {r8, r10}, {r9, r10}, {r9, r10}, {r8, r10}, {r9, r10}, {r9}, {0x0, r10}, {r9, r10}, {r8, r10}, {r9}, {r8, r10}, {0x0, r10}, {r8, r10}, {r9, r10}, {r9, r10}, {r8}, {}, {r9, r10}, {r8}, {r9, r10}, {r8, r10}, {r9, r10}, {r8}, {r8, r10}, {r9, r10}, {r8, r10}, {r8, r10}, {r8, r10}, {0x0, r10}, {0x0, r10}, {r8, r10}, {r9}, {r8, r10}, {r8, r10}, {0x0, r10}, {r8, r10}, {r9}, {r9, r10}, {0x0, r10}, {r9}, {r8, r10}, {r8, r10}, {r8, r10}, {r9, r10}, {r9, r10}, {r8}, {r9, r10}, {r9, r10}, {r8, r10}, {r8, r10}, {r8, r10}, {0x0, r10}, {0x0, r10}, {r8, r10}, {r8, r10}, {r8, r10}, {r8, r10}], 0x2, "cb10218698cd11"}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r3, 0xd000943e, &(0x7f0000003700)={r11, r12, "4ff5db0def63e015113944b9054f9a19241a6e4e2ce40592c815d742fbc4511183d7a1451b19f05cf8216032a0cd07e9524e297dca9333a81bdf2c1d882d3b38b8cc54d2064330390b012a9d2ab8f128696156c437ce788df6098ddd099be2ca19842a173539896b7139a1d19572baf3c5d2569c265f85bb5c61833e110bfcb4377e303baa2342db9651a078825b6806d221779d5871a0455ca60928cf29d6c2e8f4f9cbb310e6476f66d090e1f6f92163d61c8aa6633ac907a285d0bf5cd07db3bc3e357e3ac6495c8fb0faab11cf7b3e91b448f663d5f208531f282f717945b2b1f28ecb566cc1011f421f4b13f4781ce8699c6c30085deb36db0ad8d11969", "4d286f37f52ff1bde4817fb2d78bdfc5877d7c4cd81ae3601aefabd4b4ebf30379a29d36e1273b73898c55e5f47a403cfa2bec5c59118d6f2d292dbd46ffe39b28ba9c52eef5b8e5f0ad67d3804522a3dda48edfe426272a5ed05fa5058622d82eb33292408e9610ffa338b23d8d5fa711cc94278318937cabac9264a99a4182693f1ebff4bc2d3e9798f182c9e22012b1d5d10eb1a3c430ce4f5ec529902dd8e15eb87f61a172eee6959b212f0ab875d205ab4fc78b5e252bafe694cdcceec17303d2e2b3047bf3bb8469fc61608defb1413fdaf277488dae58af7772aee64fbfe8c6f54af486b05b45e49d6780bc9051fe8f76e7d7b26a066a33853ce38a7df5904c497163de3fa57c1ffd4a89e80eb4570f84ecb9737cd05b1d3e5f3cb76d1e3a60feef52313e048855da9b9c23758444b2bebc79f54cb8138d279ee1cc60f342b868b52d4d6280212aa9fa163aebe7405f2f0c2b8c02e54c4e142375212f934085a4f01e6be130ae6b78c91ff5710413b8c45a5565d90cc3f44935142fa5c22bbcf020a579c61d78b47cb6f8c4bf4cfc72c6dad3e84ac7c5d4293a9636f319f4060a1ab3cd625a8741872e8ae7f20fb0d746766b2f4ff88277653ab334d0ab0c8f17c1002c2fba9d6ad95a9f228ae7d3898e3e1488ba04c7801d33df90c99ad4831a714418c0100ac0b54a942584a731890c52f1fdae7f841ca7865b7a884361e4d6e54ea7424cfd6355e81200152458cb155013e8affe014c9cb106c71e8def1d59e07c6a6e27e12b987df0f1ff638210530642715a6e75019a8c4d8eb240dab174c0dbbc1498cb080543874a68cc244b1554eb09573b523b94ff373e88135778545ffee8718364fe25a0023ba9ad108d5dbed47e85d0db821f64bd236e13a1499aec95c9ef6562a8e9c3765029d1ae871501ad15a7ef4a36fa7c9a94ec7ae94f60bc93b9d8f82e99546f5d391397a8d4eb3041dd2c32ba2c460e516215a5414217d40d7c2ef33034b4f39a5a469c3f341330547dd7db4d0214749b228cc905937d4a6b532053f549490054f2419f6be335bd3675e6106ecfe945786c07e260b1ebaec4e0e3441ba64bb13ed14d8defb0ab624473d2f232923021d6d47318f73b7e1acc06a43368feaefc3ff6795fccca10d0280918c6d6599d47633fb0e82a775b478df2cca05213681a49dedfb0d050994b7246c37fcc5045e9ce0540f9196ebc79322baed45a4f861de845f3df23db640ed27ab8cca0a35d62576f59e40e0e7caff012820d25b61ebc8832a8b3c6600614e1e28103f28a47ca8fd6446c89173d434f1096c91af33011b6857b2dd9185b8b48959e254643bcca918dcd541d4cc5099c230ddb9e33f56603c267295e069d6d3ae689f2e77969c923401c71582f54b8a91a9a5090c9b80c395b6f893ccc6e5133b51ae5271f84df36470b36a575fee88b98cf6d51f6fd732d6a7bb8b9a62856dd14d866bb80e0ffe60e7c591d0771ac8f742e705c0cecd04461bc47a2857a93a2860b6bb386318d8d08914ee3e73c54e8e91923868ba4326de7e7e27137ca4c443b7251bdfa9ac495d1214194a736e8f3b592c1e2213858e9e32999c42ebfd061e129b021f7018de506d2e3fd7cbbe07841a29af839204e5457d3dbf46214bf214b80f80fbf436c4a3a7382653a20e1d1f57b4c0bf8cdcf15f8a368b79f6b284ca74be805aef3674f3f99d3a52d785974ba1803246ce3be053a3adde17a0b998721f3e95dbe97b28a71d60873f8f232362a4cec9ad13de0194c11cbf96e3102ce500ae4868a4552a025d558d89c89010a0bad497f7c8fe1194adfb30b90a640c6b8cb8a9a98044fd6430fbdfad07a35d30b07099a70747b592cabbc8e3037c629674f7b72708188f3d12ac2da20cfe5e6c2d900b4fd868680cfa8fc3219a572c9cff988f270d11c9e74c947935ce58e2c287f8df709abd896e35f11f1400a7a5bc6a7c55313430f2c5dfc20d443498cd7051592aecff440835e669fad0d4de4ea910779f49680848e043ffd5350a9a1b1eeebd30b78da8c4a2aea44d3ff8592289575479d51e29cd455f1bcd773189d54fb7ca6388bcbdbad421fbcae0a3b4bd42d87b9a682ce3a2d5f1e49eb5e2afbac0a2f189f7c7a20e532249c68790dd315b72d3e76e29bcdb65db89be236b18012641924d8b79bfcd71c53ae713328d296a931f48c3b47206ee79efc00d09a4263d49369be90fe07113d6c6ec4973db51c5cfdef83043997bc769e03ece2e8e0e1c4b7e0452b7dbae3625a678e4871039b00a8011f39ddbccd8c054d723002310b993d4b7ef0e4fe861a2d83eebbb3c2a2058e3b0ed80892e7133d7c1863ed99ee893604d140e48870e8a49ea64ed6eb13e271c918e05d814914ad4987ea6135ce04b48e0499c8ee6b75e7b1351d9ceedd2340a8cda63d705e6c6b7feb09e77847bb565769d6a9cc80fdeeb5eb9644797f7eab9d9d3918b1e280251c386aeab48c76c87ff2c7d02292003a13ab001d4c472c023fd8e2e8c45a59b58ad6885bdec99004393744b1b0c559c6703a4e5ffe285e4c1ed2cb1fea3b71f0f8dcea8d9d8cafac556070f94c5ba9c480760b69226456bdf12856428979e746df66b7ca74df684898c0c0e453e4ce4297721ee5b731eba93e6a8a7d1ee0b8bb320317497c0e4949277eae1af606ad4010de1970c8e9d724d8e3833fbb4196d8285369f186ceaa0f29ab825462bf92cfcbac502917003e05a97453c8d7599baa7fbf7634bcadede226c69e66de50f111df622c5d2b05c88ca6ffd6b5676335bd7a0e1aacc9175db137b2797fd353bd7e5cbff584433eee80aa6bade5d5297d1ec3f934221b7f9410596d927a9c0f481fd329854ed54594f0bc15734b5e27d1fe8e6355a2cf3a33000eb7b26f32ef449d88895c1b83733ed8a28a19e18606b6169ee453ebb4faa40584aa9ea7cc2d5a2d9e02183561ca136853d72fab26ab79f2b0dea107162c936f5d6da27628bb9e83af58748ae02c0ca7bf7b5b8d9bb19c6924ce249ff71b4b1081f50587553b33672d662ceae026403dd662c5cf89dda5a940e1785cd39d7d41e268e28a50f9ae049dc0911e0de2cb99922de51a10d85d96bcae95310bdbb81e4ad4f20dac3ab40239c83179d0bd56ee025fa35b346a563f840f645e69c443130b96e3d53c8190b8ac36c1dd4ecfa699bf10ba0b66e6903a96c0ad8f73cc75f252ea4f3556bece1cc412cf1f35fdf15e283acb13c3b0bd91a7be8bbb1dd9f923f555dd61b7d40e8333ab004480f27adccdb4f422cd9f5ac3899270d5623eca96427833e56184f46c013428cd6b32a642a3bec24f894d52776608edccc2d893925b1aa8523d27e68d9eb1fbed4f432ed247405567d08271285a37b35354713046de032d0c53f5770da4722e23c756686ae34d14f0c3c62b2c4317f4ca768fd2959d465b122a32a225204c4b9bc02a5a6e6938aa6b03383f8d6b548a06fe752b6459531238fede1af509da934c62f685f689d55210ee64f5e7065112ad8819077d6db17a9a62e1aa671e9d802d4740e81bf68ed69e16d25ab80c152748abf9decf4442641ccbf9b65ce6e7eac48fb2d21f67a5b3278ff1684edb3b478bcd22e01724c7a0a964b5c29cf4d31bb7c1e5669f22cb0b44c4ec9189914d58c95bdda4b28e4733c7768b1db7837f17b31451be7402ef5e090fdea2b8653557434c004200b035385f5fd16d26a1ec57c21157c94fa7ce6606790f2574f1f354ca2882433d8af9af88561520f9b1b65337c79349d3d1f8e4b3120a0b16f1f75ee21d6b5bec1481f4e11d1df4c92f5b4d569589f8266cccf182bea4255303c15361c75499b8db0baed327a1bcefe6dfdf6b320a1cebdfb5e1ade99b483fc42d798a67ad0606ec8f5ca84b21cc234e333bf2d3c857dde033810378078aea4896f954cac581ca83d8192697c5d7f7789e34342b779271fd2a5d74f52890720a7c18f5a048d11cf359b25f6144f4a2160cb417492311e377c822d514bbf546ac5831847b04f8723605a147c654a43ec0532ba698017763c248539aae06c5b477300e8a808944115f5125b4c7defa67ca35558d413e5e6a3a7b49fc0f1c6314e42ca7749c0a7abea5852f1ddb88925820f137d4bda35e11f17e1c7c27b0d8a98b228bb57591298c4b04de463707770c4a19c4ca14c3adffabd7d17e2e70945ad21c270f2f281b5341151e2fa9a532c304ffafa2a4f627e0f831737e5598ca16279a3333dc6351fbee0cc135a261a8ecb2f25041e1d018ea54007f1f6f764e0f3a42fdb182a65ef5243c46ab361a2daa379431ba7f2534eb022e441d5fd752424b03a432aa57dbecc50f625b53101e994d9dc87aeb253f5af14669a1c4572bfbf328ba3c3150a17f94f16384b6be2313e42d8679c56420ef010ca4b71a210db153e79bd6a077d1bba627651e936462ac9b61f59e3d53a8abb61379b5a6302cd6a311c122b021568332db25aeb2d2b957e8ffe3695a02aa9c8ab1c9f4096d1224a678ba92b26255ec582546920845675c29a3d6a00634062b7baa0eee25dabfdd42a25d11ca57c45d34e336304f9b96354629df3866f878c322a71b983ecf1a23b658cad825e733b1daa8bac99475927bcd7ad1fac6263622f4d3c0d43fae779ae311d56eac3dbc2c6b49e29c3d63407d6b8898933b7acdcac216be04505b6d316c8bf5f90e18dd0ff7b1016bbf1bc639222b6ed63dc742bba1a6bc4bf79b50e2c7c7283028f22c2be94eeeb5c2907a792e2e1a8e05882e81b215f5db8c41a96caade82503f472fa3c71a333c7cf118864f881cc74d32e8cee5039b5b4724d76d28b35695e70e6f9c056972dbf99bd242e257290a46c105cd4c54b03969a71966b019845f6e5274e1a22bf99049aeabd278d11f539429c51835abbff499cdf9df8d372e57294b45667da05ed5cc20428a12972f9e4f29c1fed97ee0464db3b07a62ee9e7b43e1b61e4951c5f721d1283a14ee2d887b83f82530f625e27a6d1e1e9e592f478cf0b28227d21af8dbb6bac2b3a8dbe9325a3c67043cc7100dd2be12999398c7bb57ce0edfe14568a9821e72301c2e99ef36f9d6416a3056048932edd3555e4b398ec231c863dc5faca08802d51808090040dc802c696d5e2c10a0b5bc2ce09d34637e52bdf8c12bf6b9ece000dc980175733232d10c389314cf346489f3bac61e281eaddd485fef6c65bd250af02e42bb266861e26e0a37322496c56b9c945a5ae84099bfafd966f88cbafd9436934ac48e4176ed47e313b1565fffba14a8bfca65e56c3f9bca5359fc79944183d66baad2f6fc79f7560505f9f6e59cd3b9dfc0a5adf4d9ff2c9218070a987a4658f87ded7d41cf1346cf6434f6cfb3cf81dfead170514a76892d27e2c948"}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r7, 0x81f8943c, &(0x7f0000004700)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, &(0x7f0000000700)={0x10000, [{r8, r10}, {r9, r10}, {r9, r10}, {r8, r10}, {0x0, r10}, {r8, r10}, {}, {r9, r10}, {0x0, r10}, {r8, r10}, {0x0, r10}, {r13, r10}, {r9, r10}, {r9, r10}, {r9, r10}, {r8, r10}, {r9}, {r8, r10}, {r8}, {r8, r10}, {r9, r10}, {r9, r10}, {0x0, r10}, {0x0, r10}, {0x0, r10}, {r9, r10}, {r8, r10}, {r8, r10}, {r8}, {r8}, {r8, r10}, {r9}, {r8, r10}, {r9, r10}, {r8, r10}, {0x0, r10}, {r9, r10}, {0x0, r10}, {0x0, r10}, {r8, r10}, {r8, r10}, {r9}, {r9}, {0x0, r10}, {r8, r10}, {r8, r10}, {r9, r10}, {r9, r10}, {r8, r10}, {r8}, {r8, r10}, {r9, r10}, {0x0, r10}, {r8, r10}, {r8, r10}, {r8, r10}, {r9, r10}, {r9, r10}, {r9, r10}, {r8, r10}, {r8}, {r8, r10}, {0x0, r10}, {r8, r10}, {r9}, {r9, r10}, {r9, r10}, {0x0, r10}, {r8, r10}, {r9, r10}, {r9, r10}, {r8, r10}, {r8, r10}, {r8}, {r8, r10}, {r9, r10}, {r8, r10}, {r9, r10}, {r8, r10}, {0x0, r10}, {r8, r10}, {r9, r10}, {r9, r10}, {r8}, {r8, r10}, {r9, r10}, {r8}, {r8, r10}, {r8, r10}, {r8, r10}, {r8, r10}, {r8, r10}, {r9, r10}, {r9, r10}, {r8, r10}, {r9, r10}, {r9, r10}, {r9, r10}, {r8, r10}, {r8, r10}, {r9, r10}, {r8, r10}, {r8, r10}, {r9, r10}, {r9, r10}, {r9, r10}, {r9, r10}, {0x0, r10}, {r9, r10}, {r9, r10}, {r9, r10}, {r8, r10}, {r9, r10}, {r8, r10}, {r9, r10}, {r8, r10}, {r8, r10}, {r9, r10}, {r8, r10}, {r8, r10}, {r9, r10}, {r8, r10}, {r8}, {r9, r10}, {r9, r10}, {r9, r10}, {r9, r10}, {r9, r10}, {0x0, r10}, {r8, r10}, {r8, r10}, {r9, r10}, {r8, r10}, {r9, r10}, {r8, r10}, {0x0, r10}, {r8, r10}, {0x0, r10}, {r9, r10}, {r8, r10}, {r8, r10}, {r9, r10}, {r9, r10}, {r9, r10}, {r9, r10}, {r8, r10}, {r9, r10}, {r9, r10}, {r8, r10}, {r8, r10}, {r9, r10}, {r9, r10}, {0x0, r10}, {0x0, r10}, {r9, r10}, {r9, r10}, {r9}, {}, {r9, r10}, {r9, r10}, {r9}, {r9, r10}, {r9, r10}, {0x0, r10}, {r8, r10}, {r9, r10}, {r8, r10}, {r9, r10}, {r9, r10}, {r8, r10}, {0x0, r10}, {0x0, r10}, {r8, r10}, {r9, r10}, {r8}, {r9, r10}, {r9, r10}, {r9, r10}, {r8, r10}, {r8, r10}, {r9, r10}, {r8, r10}, {0x0, r10}, {r8, r10}, {r8, r10}, {r9, r10}, {r8, r10}, {r9, r10}, {r8, r10}, {r8, r10}, {r8, r10}, {r8, r10}, {r8}, {r8, r10}, {0x0, r10}, {r9, r10}, {r8, r10}, {r9, r10}, {r8, r14}, {r9, r10}, {r9, r10}, {r9, r15}, {r9, r10}, {r8, r10}, {r8, r10}, {r8}, {r8, r10}, {0x0, r10}, {r8, r10}, {r8, r10}, {r8, r10}, {r8}, {r8, r10}, {r8, r10}, {r8}, {r8}, {r8, r10}, {r8, r10}, {r9}, {r9, r10}, {r8, r10}, {r8, r10}, {r8, r10}, {r8, r10}, {r9, r10}, {}, {r9, r10}, {r8, r10}, {r8, r10}, {r9}, {r9, r10}, {r8, r10}, {r9, r10}, {r9, r10}, {r9}, {r9}, {r9, r10}, {r9, r10}, {r9, r10}, {r8}, {r8, r10}, {r8, r10}, {r9, r10}, {r9, r10}, {r8, r10}, {r9, r10}, {r9, r10}, {r8, r10}, {r8, r10}, {r9, r10}, {r9, r10}, {r9, r10}, {0x0, r10}, {r9, r10}, {r8, r10}], 0x78, "225a044ec74521"}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r4, 0xd000943e, &(0x7f0000001700)={r16, r8, "607f8c540fb2183ed458d7c0743609135238e0639b25995f8aa709e46046846eca30d5cf990cf9c754ab0a3ac73fd94126fd4b32a5c4887fac67432d3b15406844a9cd2355ae2cf6e421ba0c16b7eb500029a0e00b6c00772a13c886b858a4153c3bdea9ff68912417780aa00740dbe2b59f67d5695fd7d3546593e4c04c7fab07cc57372cc2df5761adba5c815c7979070a86c9ccba85e13d7be150b6cadc3042d3b42d50e64284d043ddb065a93ce9922f04152f9ec1194d78ee487496cfd94f7124e046c4804eda63c6c804af19ceda87714aeebde57dd1629fee964b19d12af36a71b80d1e5c5ffdd6c1ec1bd9e6423b313aa05127a422bce097846da2c7", "80391d836b8e428d9b8eeebaac9aac8858cde80079d0a2ba007924a3f1558fb48b3a4447d2b32f0bf97e3d24674f25a9ee01ce2aaf19472f6061d692dcd35d236fa54ba5599a95ad0b07e957bf503f78d17452ac490178aa35c49b4b5dd0ab1cc6de235aa981b04226b75bf91453afd050a72f906ac950a6dc6b55f0d84899eab72d2d6ba6bf59fa83164a6af935867b8d08dfa0e75777263ad55a559cc87caeac709615b8713b028e2833ed253f9a77643ad992ed6a8e5fab18307397630de6454e2fb5bafd4b3ab84b174f85d2451ee93eb37d9eaa7265d1cd4ed22c5a1e8db5fe13d7e00ca1dccf10c92df7e9d8af5fcb495711119214ee1db0f58410958a8506ec9a91c888cf2f26c0d7181a6a36200592242fd180f0a13c3d2cf91098016329c41c12d67a0f7aee7eb459803746196bcf96c21924e9da41d421815074f46e1a767eddf13ca134af281bb46a91f49089fc5647c2af7448dedfe0b83edd9388848d9081a1d9391f6cceaf9e96b00eb7eb7882e4518a94a36c3bc9c444287e695ca1f6e516d48b6e1b459717d693cc8f7cb5ac180d0287359956b2afa303a9d13c35d6850911833df1c0ab55c6695dba19700d40cc3ac2bae7cd482a601e4477ccccfea965742f66ecf4122936cbe350a4250209209130fb04cac257512a7d4bac1e0adf4b64cfe62d47c8d937e1e75a6f83f5155beef19299ecfa6fcb9e06ff460dce2754ee4379985a9987b415aab924c805e70ab7d043c6f59a26893f4b7ce485e0fe939848f450560c078182e2f0200e42ee757668a5c5084fde4deba9ff268a2cf6c0f0e6d5f61bba64bc81af94c0411ba19ad1d325a251ef6929c4112ead0d68e58a504b0336998b7b64c6356071850660235bd9b2430fbf052e4a3b48fb334a35145c8313e191a319e9ee167f388751102c4634ec44ae216a74f90271da210e47aebb0e8e1ff01503ee1cd41e23e87ed8feb44748d83d1e7b01e22f3cdd73198ef00e607916e1e19cd9316eeca75d36c7fa0c519bbbdccc5bc22082107d10cbc2631a1547456fc3f8ddcdb8862b4c066156729fa44182e39056e58e58f0843c67505d7d1ac58712390a430240d8d8fb38b6b39a5ca90cf1fd959a5af9e9d9820333456f1b5a157b6c6ca8298a3062248a71f8691643228267250f37e103f7ef4f8f5145796ef30039b7fc4b75487d9c3d88d4df0486eb9fcbf94707b6805ad3e4296900fae679690ad460e417c0d23c39657bf1874063929b13652a5e258e97dcdb32d5c830f769403d7463a71892f6645afd36c4e80312f38ede5c30f6b764434ccd7ae41560638cfc69898c6e3169d1f62203ec6d00a954e081a458abb4691fb137d3b31688dbb42c109a1bb460576a1884b1cdb5dfa526c4579bca8d9d424c9b857a6de053f3a2ee8fb0ffc52928d9c4ea50ae9df81e66fc879ff4bb01d20f73daaf9164ecd8a9f9b4a0a7c8fdc408a1121864e70eb173574ebbcf0dd68261ade61a8650bc3628c878eaff1fece3a295634074e61d6dcd97e9f4d5a83a4170ef40de975d0bfcba490d69a665f80d4a3d81e4df666863cbd7bdfb918216a5f02ccb4d775e207354e0a4002b7e8642dd9bfaadc6f0809ff34920dcc99ca1d0cfd2ad7041de4d6a131df6564a6d687d0c5343d79bd080d6b62be77389324488b65440d32ce0a267cf753e721d721159fe1420f31c3504ca8d500e983799d616f42141253a85f97b0d1b15e216ddb1158c7a8aea16c3d68d09ff6758964efe956bc79c98925f58f98e14dbd6d452dfae6e92d072bf1b02be689cf0008b20d470d694d2796f9eb3fb0c83d1a5c2dc39d9d0c3ba2288ce8367d98c29f07e1ae28bb517028c2e45c9ab8aa4c63a622c439e7c6dfe81d5631d17f8484b88680febae46bdaaaa86e3a9164a9a4f701f22ae9c98e28fe5201a409c53a0d765592ba15f5da8ba9caa6678a26d0edafed46a7e4f5ca3c728f784501e08ef3b9dea04018a75230a1607dc6bed0b9b72aa0c2bc02c42c83cc3b46461b48f2255d759425cb70d5e99bd458ed0ba8eb2765cbb07ce82118a33455a18806e60167cf4f37745f58368151ada959f0e9eed35255909d5107c7012c9669d18948e73457407a4758ef0be50531a0e2c16ca7e620f71294563f069fd618095714c886d710ccd8cb622fa3c0cb4871f7e8ebad2267c6fbc8aa667f997bfe7704708dc8e2729517746598b07966e3910aa3794e92645a4de724da339c8cf410eeaf06fe24091c8ff6e903a02e86b612957c00588f84b4e9138c473310d58487e021012d139432b21f4be107292204a0cf2e99607407e2d56f0aa0170c11e84b917ebfabcc9a90babecdffc42bd4e78b3ba78e780da3abcd6e7a41fd9637ffc25493985f58f4752476d301c83a7d420c0611bfd9c8bfc3c524fa7f58e437823aef19b924cae08dfd2adbfaeddd7aba47b8bd44e0517a8727aba23917e15dc0b5b359258bfcafec2fadaa5e329e054a8b4082bb284c990e16f2182e23496ec239be5e341b1f1ec42b5b1fbb7313d2a4123fd41c1c6df8e7edee5b5371a3029ea8ce90cdfc96a5e1645d37ec7a91fd245e0eb5523f1703e07028cd2d416f2ad320f9db437fb42bd94a374de1440d25b2e9a0779044bb914e3a8aedd230b75a78764e7bf5cf689836b23020f5946aa7cf7fc7a0f93e377fc2065fbc481cb951befcd74cc75bff8be9910e1a5c103fdef644d64a290c0f62bd54f49694cfbc393b195cbb3c13309424aa8852e61c984ea62a63b94d4d466af6901e40513ab68c7ee615cb5bbd502e427deb2ad50b02beddf9c505faa6c4a83725d2109637605ce2ff49993c389a202ac74052f469c941db87749412eca69d72a82261d6e1fed94b90968984e085c23d33e272ee17bf1dc7bf3567395b80dadf41138c285eb769842c1915e583ebad306c4d4681d4c350bbf899b88f914eec368ec564feeda73856f5d757ac8696678e27d917d9124690cbb5e2568329a0bb4e6d906644812a152f1a0e690e6765786a099cba81a30bffcc706f2a1928373f840f6c96a09f00592ed3e04569dbb0dc97366be86cc1839ce2b990508b69c049c9d0b5d85df8ad33efd4f3ed485d151bf2b44e0846c356625bc0856d13bba7e57d4836cf85f6e21cd6865b74d660d1891d05ebff478a6ccb2d4e14bf3bdfc53303a1888b41e11cfafa7f6874a1b7416562e5f3c1e4b20c47d82ea6d80149dc45fd894182409aa1b914202b0ce37bd11bc1e98b343a015f40e541b246635da04987523e51dbd24f4158a6d8fe8bf44c1ec80a1d0e79f5d961a13ce95e0636fe72d4dc0e765e633284166f41cf347c313b1be43923979cf2f1b39788928fe92fa48e7040073b128118ca8a041671924864e6a98d4bd95853ce276eee2a856c605d664864f02c34b59a989b112d16bfce2893e1474911328c34b72d89428480efa15cb0039929dbec56cddc94e3c04f95a983f11ea72c5b1e502d805c8431f3ee63467da22038fe1dcee89a3c8b3c7c43ee97bd792c53e0aeb18c9e3744a31de0a38f6cc2241bf0dc1bb7f48aec1b2b5bbed401cbd4ab71b0033fd0b99180b12a0eca678c889190fb476134d9d2fb31ddf0f075dc379ee8d947d387d9684a39d6c7bbe029ec7ee09dde26fb1d1e03b37be2c7628d136cde812d3b1dbcc3a550ac73349a2aa335da42cc60fad62596a067193a152f02e017b50e1b8b0364abdb19a3e33e56000596664e924a211d8305bb5cd860f33e1eea3048c80fe14d71f26d27b5fa25a5aa80c1e7fa4074c3ae711990b9a39ee6d4ff956193324390be65ac04a769463636c86ae32a9e7525d92af86dc925d7dcbb706cb81cb033180d610ad4072467632846604d7a3bf95afb977c586ce32823d344fdea4f47c455b363bbc7ee044419bb6449cd857ce3a12063ea77e9fb553ef5af9dcec548551645db75258f89ea29cd48b59fe823bdf1eea5cd1cc3086fc35be8034717f691ed8e93175b492745623e8105bfde3efcbfc92bb2f3dd97ef7166dbabbb1c4baa48edd8f68f944ffdcef479c98b9ca3926e8ae6b60f59386c0f6542122afb07d2d76f72e664a28ba77f9d81c0d92e3697e6d08cf6eb9d6e72801164d74b905490946b234f32bf16c2cf105e3b88ff910e7d31be113521d2f89fab83f26314e3ae7afaace3fe7cc829ed5a0783abc0d501781cffa0b7f8e08cedd329ca2e7ab320f51ef8cf76ee192d02ff3c89374220c6a4aa55d5e17d846040cb8c1497ac58567ec75bf4d290d1e3446888ef86755064db15819c4fb9354d655c4798f0fb0ecf782210054737fd847f0ae1f65b9b6a2c1565eb750916ae310674eba8e32044b7eff5dd09138a6538a8c169b6ebe15481ce69d271bf08b253a942dd32924e0583afcda9df32609fcbfb6232e753bfa737b5744987ca8160149940a48d095c4645131fa4e57076e5b0fda05089836fd4dace193d73d6ea8ec3465876c9a45107aee210b754b2cbc74ae160af330e46ad62a447e71616a53c2a2fada17b7696bc64a3cdde3145df4c863e69fe50536deb09351b61c61e13abcb09f50f159f36d449bd53369383f64ef0828439686c68abc0b40aca5597d7e1574bfd2f855137336e48a7177d8bdb933a1ad18d640ed8212bf4efd0fcae862fb8b843fdea72c8b8f12340b18643a8ff7b842dc72ac38f603498931a8dde6d0fca3fef67aa130bde72398660bf8c2d8e11594ce529131f19afa38762257606a2890bedbf43f633a5aa353215aa6fb35ccc1f1d8caab81f31a6b403b811c92db5cec19b0ff1bcac04bd7d90f96f17546b89e1d1f644752d0a4833b8ecb1a888d6b90ce5a3a7a179f1c269613098bcfe2fe0f1c76e26a7d34db7680dd3ab224abb38b1bd1c6a4f59f0f6507d4e66ba56a30b1ea9672d081a291aff9a73ed9a7e3b5beb808c294b5b30c268a801c668a9bb1b689bc5e833d5cecb2a3a5a1230f268cf01e75b8508b109303bd75a0d04be9ab0679a38a874f245a09006b85caf5ed432d59ec3f088e276ac1691c3df7976a01d12cfc7a9bb57ca310e12e1698f2435ed4eadf7e5a586b065438152816bf79a12c97c789eec33d2732c8f5c523d109dcedce5618cd56b6598670f7c44c647e9f6e194cd45c956a880cfb6ce6553a500b22856a68d95c6deb9d8c418ff49b6b224c9b3916b9d16d82a236915f285b585720ecd8ad974b9e4ea4e00b2003c0db18f7a769c9f88f5fbc02c3be2ff916f51d933def9f074ad66fd8511ed060bc216b6aae4a47029e681b66a99f508f81a7b3c4bc32660895e5f4c3a947fe454703f38fc4c1a0f8910260eeba61be8a0f76cf173ef656a393b74a0ebd18f0cedf84d5a3fb11a69dba613ad8822fd60b240d8ca5e1915af3f2166f96e7e380e2bf"}) syz_io_uring_setup(0x262e, &(0x7f0000000480)={0x0, 0xc82c, 0x10, 0x3, 0xee}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000500), &(0x7f0000000540)=0x0) syz_io_uring_submit(0x0, r17, &(0x7f00000006c0)=@IORING_OP_STATX={0x15, 0x4, 0x0, 0xffffffffffffffff, &(0x7f0000000580), &(0x7f0000000680)='./file0\x00', 0x4, 0x4000, 0x1}, 0x4) syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x2, 0x0, @fd_index=0x1, 0x0, 0x0}, 0x0) syz_io_uring_submit(r5, r2, &(0x7f0000000040)=@IORING_OP_FILES_UPDATE={0x14, 0x2, 0x0, 0x0, 0x60, &(0x7f0000000000)=[r0], 0x1}, 0x7) 13:28:00 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x7400, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:28:00 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 40) 13:28:00 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x4800, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:28:00 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:28:00 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x5000000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) [ 1019.574502] FAULT_INJECTION: forcing a failure. [ 1019.574502] name failslab, interval 1, probability 0, space 0, times 0 [ 1019.577196] CPU: 1 PID: 7749 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1019.578718] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1019.580577] Call Trace: [ 1019.581187] dump_stack+0x107/0x167 [ 1019.582005] should_fail.cold+0x5/0xa [ 1019.582870] ? __io_uring_add_tctx_node+0x15c/0x520 [ 1019.583982] should_failslab+0x5/0x20 [ 1019.584844] kmem_cache_alloc_trace+0x55/0x320 [ 1019.585864] __io_uring_add_tctx_node+0x15c/0x520 [ 1019.586932] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1019.588095] ? alloc_fd+0x2e7/0x670 [ 1019.588930] io_uring_setup+0x1fbb/0x2980 [ 1019.589856] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1019.590974] ? wait_for_completion_io+0x270/0x270 [ 1019.592067] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1019.593252] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1019.594399] do_syscall_64+0x33/0x40 [ 1019.595227] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1019.596360] RIP: 0033:0x7f55e908fb19 [ 1019.597194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1019.601291] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1019.602970] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 1019.604557] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1019.606215] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1019.607644] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 1019.607851] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1019.607878] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1019.617214] FAULT_INJECTION: forcing a failure. [ 1019.617214] name failslab, interval 1, probability 0, space 0, times 0 [ 1019.619813] CPU: 1 PID: 7754 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1019.621412] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1019.623334] Call Trace: [ 1019.623931] dump_stack+0x107/0x167 [ 1019.624784] should_fail.cold+0x5/0xa [ 1019.625654] ? __d_alloc+0x2a/0x990 [ 1019.626517] should_failslab+0x5/0x20 [ 1019.627408] kmem_cache_alloc+0x5b/0x310 [ 1019.628353] __d_alloc+0x2a/0x990 [ 1019.629119] ? find_held_lock+0x2c/0x110 [ 1019.630057] d_alloc_pseudo+0x19/0x70 [ 1019.630930] alloc_file_pseudo+0xce/0x250 [ 1019.631867] ? trace_hardirqs_on+0x5b/0x180 [ 1019.632850] ? alloc_file+0x5a0/0x5a0 [ 1019.633731] anon_inode_getfile+0xc8/0x1f0 [ 1019.634726] io_uring_setup+0x138b/0x2980 [ 1019.635668] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1019.636832] ? wait_for_completion_io+0x270/0x270 [ 1019.637954] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1019.639092] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1019.640588] do_syscall_64+0x33/0x40 [ 1019.641458] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1019.642644] RIP: 0033:0x7f943fb71b19 [ 1019.643494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1019.647628] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1019.649352] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 1019.650946] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1019.652554] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1019.654148] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1019.655738] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1019.662822] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:28:00 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xee01}}, './file1\x00'}) syz_mount_image$tmpfs(&(0x7f0000000280), &(0x7f00000002c0)='./file0/file0\x00', 0x7, 0x1, &(0x7f0000001300)=[{&(0x7f0000000300)="5ba181f478efd0864d0f40aa300b7f311bdd82db77dd007159f68aeee1f216e87b5e15251bbde644a173f429560d25a8751c4d1e7751a096548b709218f6f4229f4ba7dcb3b8019028cbbb5034dfe17cef752de01864d67acc9bbf86313d0f29c2af5a659daed7087eaa9dbd03cf127a2f6e51c4a8d89483221b43d916ee0b2f9ee5bdadcf5cfa9193d69852312c2243253e0cce7c692473a38afaf394169ba1cc2275965a58b47ca86a7323a3782c56d1a83e0d0010d9f5cf3840141525ea584e2be50258f6d72cb33d83b9c106b1e56b0b389c3b25efa6eb63f608a4e7f094d78a740b54e0a80bb759497fa858937ae91da1c065a45ebbe6da1ed86b5ac3e29f3974ffc8846db166d29d0c14a4d210130c3e8e92f0c1f941d7cbe2b8847e035f5081e7ba5100707a7f1ca1dcefa735714035581b143cbb12b67872c2dd19947898fcbec627886805a70edc459ecf811a9e4dcd5832149c3da775c33745d63d5be67817e61426ae57c49f9ed4fcc76d7c2a18f2a5d4cb6a4d2ac87b1fa1592d907d68192b577ddd324c1f88f142dd22792f748b023ca0764ea74167b0ed29abd61aa8e21e71acf76ce7b4b53c5e3aa27f4f1f31b1f71e5a6d49fc191dfe4fec18adc135a5605ed3666e55b28f641e4f440160ed7c7e0b1a082515e9c0332d2d6e472e3c74a998adcbcd56f1d99b7577501e54789ffea1ead4bc2dd227a21d694f1d310bcfce685c7bf61ae3f7c353340414702619807c6c85c90c7730444f13f713d80ec3cd589843bfd55816dff0bf241a32194ab357dc1799a818f9f04d57673c97f5dd575da6955c79210a244259292fe8d779f0e1e2ad74687ed825962a239c93c6bc28b862ac7d51a6ceb677f21bdec2eff4e78580a4e2b28090ebe442cc925033af8c196cde42541e88444ace4add9ce06acceed169a3df387ee5647d6d210c284303cdc84109f87647926a182003fac047f4ec79922b6de5f34c87fd51d9b4bcdf88ff9c050a0700e830797e5b6a716a0d39e481efaa476ca19a94bd3401af2f4976109ef1a0784715e276536c7b16aaa6981d3b38c6c0eb07743c4299c5b4afd0537b495548e0d04a53f8ef128d2a321ca8c33894bb0a3009e21ba15fea17c91df1ac30aa0883ce7de129bb1f30b01334b37344fc39c87a3f0774c74a982686faf3bf0e35601851708c6b377509fdfc9a3b124481b435e47bce06e2929e2fb05ce7a147b44a817c22ab36aa36612a25b67e22f9397760092a4db9d6429cc57c40f5580000c1838f6f3820568302eb6b48ec482c2356b416fba2d9c367479c6207f335f378788024d74e667f1bbbef645a589f0a6fb6cd2fbc1dcfc5ff991ae1d56da2443e31c942e1bbba03276acb5a90abf34cc7cd8626a1415d09fcc3839dc28a1716ce0f3239ae7ebc0eeca98db16ceaec5e46330828343e8e4c6d145e341c52908923ec7cfd494117bb91b8f765a6efaee9935161fdcf9940119cd3c3cf927a7c2aa6ea6e999428325fa3c0d89348280bb455bff14401ab0f98024d6c25bdcd613e11522aa215b57ec4e69e11c5859bde93cb62323ff38ef6ba54a614cdca03988e3a9b972da8ce020bf603c44831d9532611c1c2b2c172be2ebd0f70eef30f1665b90fd077e81b0ddef174b5103098d16f99a8da7d7fbd8f88921af7c8c2a693de889c77bf3b3efb02f24f1e1652e8d5e268e1f6584a6d78891bae81ac8d13bb4c88c15c9be6330feaa4c1880fc95aee4726f0b25a2dc6fd8796779d7be7aa18d18f1bec0f6bec10a7e798a3ee69b05c80baad47b11e12fc2a30f8d1d1b53ab32e683ea94fba9e57af5068d5a52809cc22b591d16f4ad03e68944575d7eea58bb3f49b514a2d48189b7b0e3ed00976fc6cd4ee560f3329e5666153ef210a58c7fd55ce07072777fe7b1418f813bdda099905d23e321751f718899a4de21900e533dbab337c93ec7e08487fd930758e3b2c4a45cba110c37062f60ecce139de09fd2e958f4093ea2ddd5e6e22a4a26654129e818a0f7f5de2577717fbaf04efa706cfb1fa4a0aeaf4049190169204d5ea1492be81f38d42208ea121007afdf3308a2cea5d18038017afeb46d3382aaf0df4c3e8ca87e9a00952876a3ec904225bee09aa8021934e1c808981e3e6672fd63b284332e8b145af77ee84faaae19fa4d5f83ad21e00859117e51f5d2c29544523e4356e656d8a6456486a4aaa13cb4d0a547ed3b32a04d466d260a00682e1f253817ac1f38b8b51145fffab005b208dcb7b0727048ef037d110ee045c0cf7b60d305ef63b45b5c46b90724d15664d642c8581d087732e0d89d18100f4d1c7ea79843ca90216d4fd1bdc0b4e6babf2b9e116b8df60ca42221422cea1140a45935fbd20d990eba3832f2bcb93e07203a56665c924a0c5fe21c9f688dd804be383736902f1eed900a549aba65de1959c6325b02aec29c1904d1791656a3253511a424bee9c1e8bc2aed5be5b34c7484115c704935fb3a2f67efbc73d7b6f62d691f497e328ffdf22d6af9b8149a58cfb0d5fd8a0026d27ad48a1c70d9a4d93b7810db6ef921c8c790eadc567cbea40e5a0cde441d154997d750918d17a1305011374fb07d9017a288c6bdd70db87b09ab3816f6d8a2ddf9c3239ad03ed15b1b8a14778c3b945168a1a67cae2bfba97bf251e4cd9adb1da9d6414d36518761e327019bd57f11a58b296a1cf4658ef995d7bde14d686d74a2f6f79291adb58e2a85f8ed06dc81289afa9846712f0ac6cd142e82ec4270108e91e974823df51bb7b9daa38a3fb3bf1bd16ab64446af68131165e1e9c7f85da5708edc884d6d370d0c9ad6b7bccfced32f244255e46a3105d4e49d7da2f3009b8a00d44e100d72d9d53b3498ea3df10854ef512c2ed805f09dd61a6912e32ead327683fb1134e7a770fa01d5a938faf483be9c3c7889841c341aef81408969da428faf3999ff69a4dda64b6aec8baf4a3cffd73569b7f3560f01c1f7b286c4f96a915ecc15743b686d6dbc4a1563b728f1321bda8aeceb4568d9a814be1b9caa8a2ff87270ee90edce20953ba3f1a3c3ff4ad7f1d102b416c3cc598910b1c1f2d1869026f4cdad08bb0fc58d6ca12629c43cf78d41b37787073db96f8715703c181b9726c6ffca323df724624006db6cc55af0a9539459f20a7232c092b6e69ff46e72c64383bbe6baa9b9bc89f9559d772e5f817f082c529b2df664adc963f10461413c77251e8a3bd0c69b16b1ad48de8cbd9d8c272dbd303b97c6d2e69dd324e457ef0433963e27c4663987f07328f1dd30f9c92a8eade9dbfca0a845520fd60cc4e2dfadce95b058c9d943393594c7ae7552860e837af14def816626ab1739e963beec6fd55c75487ff477a088f264644973666e43ec4e5af7bc70f7de8ba31db2e58f541853563448a14676e32d956676753124fceafa9c64a250fd898b2480c7efa31152d54e037cc72928544ab98f6daddf6fc75840d1f6ae303a9af95d6f1d265eaccf01ab7ec9e4f3e88e21d294b9b322606bbc8412c4cf4d6da0a1be12914220c57770f39657a1d23842100a0152e8453d2993a4abe72229feac4c9509b00d46fd22a25b7834d2f5d6645e894ad270373df222b8cebd090b27303f22530efb82a7eee787d3c5d78a82027f3ddb289e8e6c46a79409be3e21d595e3b7ce558e56f0379b38c083b970771871242862a95d10a3938a5dd67ccc53d4bf959bec956ff8e858b635d6d9cf572ef0068b159286e25063229fb192d7965dbb78f86f5aa84e15b4e64030a0f57bfc523a3f4a3b6f03605c7e45b5992ab05125bd34a010749ac9ca814607513df037b67b0bb631a7967761d71ffb3f5dfe21ceec185b73221ad834c60d2c1c01e7639c3b6949981339e227db5393780090931851db073aa1b35e39ed295e68b0e1319fec86046254d4dc3b4d5d2f6863a42b23a6aa3857b5f245e4936a2953c3502870898c8701b0be8429d014e7bbe876027c7a2061a96ff1702029dd210d0fe694059a22fc628fdc99e959baa4589e7111f6ddb0a17c124a5301415db6383787631d12074fc4868352c2b93f352182d4681cd27554d9de6b9aef7440e8fd2e699ca33c433978bc9da618844e0ca9c05d2a53e45e7a19c61d20782798d939935abf4f88b9e2288536ec0f90e2f0d8e6477bc25f0f2229d93da920b5481f08c2504518c43297262ef805bb1870c76d77d917619feebaa2917cf2fcaa470462dfd6e09623258bb1e16607268fcdb99d13d07316a9ee5ed8fc2b9d486c23f4e9fee3ce287ed840485f9eae48d651dbaf663a6c5610b475a783a7ba2a4eca144890b7fee4b3045817c77d5a96b69a18698e6e4975dfa6b2e5be8fb02fa8a9f9db9476a7d50133e39409cbbe0442ee9c7e6ab08842182b652d28075d8d8fa16c8680e0811c0830a8f6b94bddf7ad387fe036d3d40826d20496c1b925be4aee023b07e732f167b4e58c17d09e53ae3159f4145ea8cf064b4ebc10ab753dfc5a25873bd2cc683f0cecf8861cc4b481e5d70b1f293e771dee384928bcc224c0249c61400eb8afeab1b87f3a7cc1237e8bb4db6ca71fdab4b0c8072f0740bbe0ef4a86b4a6d91dfcb5814194f1d0158c6be9ec093d92699e92803400072afd76c06eaf190032bd45e419cdec6c881b8e21bd1faa40198b6d1ee8b4d319693f9edda309af9df0e751d6f62d4dfb09813a39f97236c276db0d1e877a229fb21093d2b61a40f1fa74ef294ed62fa0b79b834c120a7c278ef9a0186e855757f5ab3d91574d6fac5074d82c9dc9f20432aaeabf19c02abc1427c630985ee90f207161d68c33306f545d84bde3c54545e305c32299fab10a53ad11d96e458d97f0c820df3e59dab86432e1f2bdce98aa94dee890a2c3f84dd9aa18d0890f42d92e0612481e0e828246407e6da2cecc8b8f8b5405562f45b82b9b253f9b86ead55c45646778e334f95a5c2dee3984a4d51fd509fd991ae3df0abd7c66cf575eb57a07be55a57d36c87d2b2370cb057afc06cbd067a954f694d291cc780de2fb859d3d539d2a7f7fff68edbe044507ace8d471a0563b2ae2b70f90d60c89879a30f7b3c84eacd9592758a9f098d068e039b641ee4d7fc9fac40894633df23b01bce913bf783600ee4a500dc1e060ce23f5a0cbfd1930bd87dbf271395dd41161ac2e81650ef7aa7819a0d73c1e585fdc3395d71b7a301a9179d533f44793924505759bbfcd0e3e6158df64d0f56d68114b9c33a6cd4da91a52fa7c5e571fd5d5f6382480551733a47969e1eab1c7424b20d0db4e822854e2568a7d2282f46477f239ca6966305e0678a983500acbb35789290a76be5b9d41edc850976caa4a302a031c2f2f74d4edb03739ca596f45642379fbed8550b4a6753f8b095bc9e3c24d10d6e07cd8e953af34cd4374f7486fcca90bc9087887168fca1d9e861b741efd94c560faecefd1bbd50c46574e1e897a56742fa22ab606eb90e74c80dcd0700b272d024cfc98da3d815e787cfbdea789c877356c87d05107c5bd2cbaa543e78d254f99a022d05b78b354482f7b121c7b3d68cb6e713e6cfee4ade5b3887aff8e5429b9c194810c8bfec45d431db3330ca0f8d7c1c78a55f0528f8d4f8ab4c016e6c9c50e1aad456ad7d2a8ec1111ea189122d39a1541ffb8a130128300b0416b9232a1cab558b436b41f2b065849ba6b080cfd0350f1585a15bb5cbe50494b584159d9a5182645a610aa43453b42f4c4f8fbbcd1e36d12b75a501a4368a22e92298c340b93e336ecc5bde8bc2", 0x1000}], 0x1000, &(0x7f0000001340)=ANY=[@ANYBLOB="73697a653d2d322c687567653d6164766973652c6d70fe0f6f6c3d7072656665723a332f33392c687567653d6e65c9843a4afe959dbe", @ANYRESHEX, @ANYBLOB="2c6d706f6c3d64656661756c743d72656c61746976652c687567653d6e657665722c666f776e65723d6d0a5bd59fe0a904f315271257e098b6a62a7c", @ANYRESDEC, @ANYBLOB=',\x00']) stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xee01, r3}}, './file1\x00'}) [ 1019.685259] loop3: detected capacity change from 0 to 4096 [ 1019.703469] loop3: detected capacity change from 0 to 4096 [ 1019.730616] loop3: detected capacity change from 0 to 4096 [ 1019.744261] loop3: detected capacity change from 0 to 4096 [ 1019.766173] loop3: detected capacity change from 0 to 4096 [ 1019.770814] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 1019.783187] loop3: detected capacity change from 0 to 4096 syz_mount_image$tmpfs(&(0x7f0000000280), &(0x7f00000002c0)='./file0/file0\x00', 0x7, 0x1, &(0x7f0000001300)=[{&(0x7f0000000300)="5ba181f478efd0864d0f40aa300b7f311bdd82db77dd007159f68aeee1f216e87b5e15251bbde644a173f429560d25a8751c4d1e7751a096548b709218f6f4229f4ba7dcb3b8019028cbbb5034dfe17cef752de01864d67acc9bbf86313d0f29c2af5a659daed7087eaa9dbd03cf127a2f6e51c4a8d89483221b43d916ee0b2f9ee5bdadcf5cfa9193d69852312c2243253e0cce7c692473a38afaf394169ba1cc2275965a58b47ca86a7323a3782c56d1a83e0d0010d9f5cf3840141525ea584e2be50258f6d72cb33d83b9c106b1e56b0b389c3b25efa6eb63f608a4e7f094d78a740b54e0a80bb759497fa858937ae91da1c065a45ebbe6da1ed86b5ac3e29f3974ffc8846db166d29d0c14a4d210130c3e8e92f0c1f941d7cbe2b8847e035f5081e7ba5100707a7f1ca1dcefa735714035581b143cbb12b67872c2dd19947898fcbec627886805a70edc459ecf811a9e4dcd5832149c3da775c33745d63d5be67817e61426ae57c49f9ed4fcc76d7c2a18f2a5d4cb6a4d2ac87b1fa1592d907d68192b577ddd324c1f88f142dd22792f748b023ca0764ea74167b0ed29abd61aa8e21e71acf76ce7b4b53c5e3aa27f4f1f31b1f71e5a6d49fc191dfe4fec18adc135a5605ed3666e55b28f641e4f440160ed7c7e0b1a082515e9c0332d2d6e472e3c74a998adcbcd56f1d99b7577501e54789ffea1ead4bc2dd227a21d694f1d310bcfce685c7bf61ae3f7c353340414702619807c6c85c90c7730444f13f713d80ec3cd589843bfd55816dff0bf241a32194ab357dc1799a818f9f04d57673c97f5dd575da6955c79210a244259292fe8d779f0e1e2ad74687ed825962a239c93c6bc28b862ac7d51a6ceb677f21bdec2eff4e78580a4e2b28090ebe442cc925033af8c196cde42541e88444ace4add9ce06acceed169a3df387ee5647d6d210c284303cdc84109f87647926a182003fac047f4ec79922b6de5f34c87fd51d9b4bcdf88ff9c050a0700e830797e5b6a716a0d39e481efaa476ca19a94bd3401af2f4976109ef1a0784715e276536c7b16aaa6981d3b38c6c0eb07743c4299c5b4afd0537b495548e0d04a53f8ef128d2a321ca8c33894bb0a3009e21ba15fea17c91df1ac30aa0883ce7de129bb1f30b01334b37344fc39c87a3f0774c74a982686faf3bf0e35601851708c6b377509fdfc9a3b124481b435e47bce06e2929e2fb05ce7a147b44a817c22ab36aa36612a25b67e22f9397760092a4db9d6429cc57c40f5580000c1838f6f3820568302eb6b48ec482c2356b416fba2d9c367479c6207f335f378788024d74e667f1bbbef645a589f0a6fb6cd2fbc1dcfc5ff991ae1d56da2443e31c942e1bbba03276acb5a90abf34cc7cd8626a1415d09fcc3839dc28a1716ce0f3239ae7ebc0eeca98db16ceaec5e46330828343e8e4c6d145e341c52908923ec7cfd494117bb91b8f765a6efaee9935161fdcf9940119cd3c3cf927a7c2aa6ea6e999428325fa3c0d89348280bb455bff14401ab0f98024d6c25bdcd613e11522aa215b57ec4e69e11c5859bde93cb62323ff38ef6ba54a614cdca03988e3a9b972da8ce020bf603c44831d9532611c1c2b2c172be2ebd0f70eef30f1665b90fd077e81b0ddef174b5103098d16f99a8da7d7fbd8f88921af7c8c2a693de889c77bf3b3efb02f24f1e1652e8d5e268e1f6584a6d78891bae81ac8d13bb4c88c15c9be6330feaa4c1880fc95aee4726f0b25a2dc6fd8796779d7be7aa18d18f1bec0f6bec10a7e798a3ee69b05c80baad47b11e12fc2a30f8d1d1b53ab32e683ea94fba9e57af5068d5a52809cc22b591d16f4ad03e68944575d7eea58bb3f49b514a2d48189b7b0e3ed00976fc6cd4ee560f3329e5666153ef210a58c7fd55ce07072777fe7b1418f813bdda099905d23e321751f718899a4de21900e533dbab337c93ec7e08487fd930758e3b2c4a45cba110c37062f60ecce139de09fd2e958f4093ea2ddd5e6e22a4a26654129e818a0f7f5de2577717fbaf04efa706cfb1fa4a0aeaf4049190169204d5ea1492be81f38d42208ea121007afdf3308a2cea5d18038017afeb46d3382aaf0df4c3e8ca87e9a00952876a3ec904225bee09aa8021934e1c808981e3e6672fd63b284332e8b145af77ee84faaae19fa4d5f83ad21e00859117e51f5d2c29544523e4356e656d8a6456486a4aaa13cb4d0a547ed3b32a04d466d260a00682e1f253817ac1f38b8b51145fffab005b208dcb7b0727048ef037d110ee045c0cf7b60d305ef63b45b5c46b90724d15664d642c8581d087732e0d89d18100f4d1c7ea79843ca90216d4fd1bdc0b4e6babf2b9e116b8df60ca42221422cea1140a45935fbd20d990eba3832f2bcb93e07203a56665c924a0c5fe21c9f688dd804be383736902f1eed900a549aba65de1959c6325b02aec29c1904d1791656a3253511a424bee9c1e8bc2aed5be5b34c7484115c704935fb3a2f67efbc73d7b6f62d691f497e328ffdf22d6af9b8149a58cfb0d5fd8a0026d27ad48a1c70d9a4d93b7810db6ef921c8c790eadc567cbea40e5a0cde441d154997d750918d17a1305011374fb07d9017a288c6bdd70db87b09ab3816f6d8a2ddf9c3239ad03ed15b1b8a14778c3b945168a1a67cae2bfba97bf251e4cd9adb1da9d6414d36518761e327019bd57f11a58b296a1cf4658ef995d7bde14d686d74a2f6f79291adb58e2a85f8ed06dc81289afa9846712f0ac6cd142e82ec4270108e91e974823df51bb7b9daa38a3fb3bf1bd16ab64446af68131165e1e9c7f85da5708edc884d6d370d0c9ad6b7bccfced32f244255e46a3105d4e49d7da2f3009b8a00d44e100d72d9d53b3498ea3df10854ef512c2ed805f09dd61a6912e32ead327683fb1134e7a770fa01d5a938faf483be9c3c7889841c341aef81408969da428faf3999ff69a4dda64b6aec8baf4a3cffd73569b7f3560f01c1f7b286c4f96a915ecc15743b686d6dbc4a1563b728f1321bda8aeceb4568d9a814be1b9caa8a2ff87270ee90edce20953ba3f1a3c3ff4ad7f1d102b416c3cc598910b1c1f2d1869026f4cdad08bb0fc58d6ca12629c43cf78d41b37787073db96f8715703c181b9726c6ffca323df724624006db6cc55af0a9539459f20a7232c092b6e69ff46e72c64383bbe6baa9b9bc89f9559d772e5f817f082c529b2df664adc963f10461413c77251e8a3bd0c69b16b1ad48de8cbd9d8c272dbd303b97c6d2e69dd324e457ef0433963e27c4663987f07328f1dd30f9c92a8eade9dbfca0a845520fd60cc4e2dfadce95b058c9d943393594c7ae7552860e837af14def816626ab1739e963beec6fd55c75487ff477a088f264644973666e43ec4e5af7bc70f7de8ba31db2e58f541853563448a14676e32d956676753124fceafa9c64a250fd898b2480c7efa31152d54e037cc72928544ab98f6daddf6fc75840d1f6ae303a9af95d6f1d265eaccf01ab7ec9e4f3e88e21d294b9b322606bbc8412c4cf4d6da0a1be12914220c57770f39657a1d23842100a0152e8453d2993a4abe72229feac4c9509b00d46fd22a25b7834d2f5d6645e894ad270373df222b8cebd090b27303f22530efb82a7eee787d3c5d78a82027f3ddb289e8e6c46a79409be3e21d595e3b7ce558e56f0379b38c083b970771871242862a95d10a3938a5dd67ccc53d4bf959bec956ff8e858b635d6d9cf572ef0068b159286e25063229fb192d7965dbb78f86f5aa84e15b4e64030a0f57bfc523a3f4a3b6f03605c7e45b5992ab05125bd34a010749ac9ca814607513df037b67b0bb631a7967761d71ffb3f5dfe21ceec185b73221ad834c60d2c1c01e7639c3b6949981339e227db5393780090931851db073aa1b35e39ed295e68b0e1319fec86046254d4dc3b4d5d2f6863a42b23a6aa3857b5f245e4936a2953c3502870898c8701b0be8429d014e7bbe876027c7a2061a96ff1702029dd210d0fe694059a22fc628fdc99e959baa4589e7111f6ddb0a17c124a5301415db6383787631d12074fc4868352c2b93f352182d4681cd27554d9de6b9aef7440e8fd2e699ca33c433978bc9da618844e0ca9c05d2a53e45e7a19c61d20782798d939935abf4f88b9e2288536ec0f90e2f0d8e6477bc25f0f2229d93da920b5481f08c2504518c43297262ef805bb1870c76d77d917619feebaa2917cf2fcaa470462dfd6e09623258bb1e16607268fcdb99d13d07316a9ee5ed8fc2b9d486c23f4e9fee3ce287ed840485f9eae48d651dbaf663a6c5610b475a783a7ba2a4eca144890b7fee4b3045817c77d5a96b69a18698e6e4975dfa6b2e5be8fb02fa8a9f9db9476a7d50133e39409cbbe0442ee9c7e6ab08842182b652d28075d8d8fa16c8680e0811c0830a8f6b94bddf7ad387fe036d3d40826d20496c1b925be4aee023b07e732f167b4e58c17d09e53ae3159f4145ea8cf064b4ebc10ab753dfc5a25873bd2cc683f0cecf8861cc4b481e5d70b1f293e771dee384928bcc224c0249c61400eb8afeab1b87f3a7cc1237e8bb4db6ca71fdab4b0c8072f0740bbe0ef4a86b4a6d91dfcb5814194f1d0158c6be9ec093d92699e92803400072afd76c06eaf190032bd45e419cdec6c881b8e21bd1faa40198b6d1ee8b4d319693f9edda309af9df0e751d6f62d4dfb09813a39f97236c276db0d1e877a229fb21093d2b61a40f1fa74ef294ed62fa0b79b834c120a7c278ef9a0186e855757f5ab3d91574d6fac5074d82c9dc9f20432aaeabf19c02abc1427c630985ee90f207161d68c33306f545d84bde3c54545e305c32299fab10a53ad11d96e458d97f0c820df3e59dab86432e1f2bdce98aa94dee890a2c3f84dd9aa18d0890f42d92e0612481e0e828246407e6da2cecc8b8f8b5405562f45b82b9b253f9b86ead55c45646778e334f95a5c2dee3984a4d51fd509fd991ae3df0abd7c66cf575eb57a07be55a57d36c87d2b2370cb057afc06cbd067a954f694d291cc780de2fb859d3d539d2a7f7fff68edbe044507ace8d471a0563b2ae2b70f90d60c89879a30f7b3c84eacd9592758a9f098d068e039b641ee4d7fc9fac40894633df23b01bce913bf783600ee4a500dc1e060ce23f5a0cbfd1930bd87dbf271395dd41161ac2e81650ef7aa7819a0d73c1e585fdc3395d71b7a301a9179d533f44793924505759bbfcd0e3e6158df64d0f56d68114b9c33a6cd4da91a52fa7c5e571fd5d5f6382480551733a47969e1eab1c7424b20d0db4e822854e2568a7d2282f46477f239ca6966305e0678a983500acbb35789290a76be5b9d41edc850976caa4a302a031c2f2f74d4edb03739ca596f45642379fbed8550b4a6753f8b095bc9e3c24d10d6e07cd8e953af34cd4374f7486fcca90bc9087887168fca1d9e861b741efd94c560faecefd1bbd50c46574e1e897a56742fa22ab606eb90e74c80dcd0700b272d024cfc98da3d815e787cfbdea789c877356c87d05107c5bd2cbaa543e78d254f99a022d05b78b354482f7b121c7b3d68cb6e713e6cfee4ade5b3887aff8e5429b9c194810c8bfec45d431db3330ca0f8d7c1c78a55f0528f8d4f8ab4c016e6c9c50e1aad456ad7d2a8ec1111ea189122d39a1541ffb8a130128300b0416b9232a1cab558b436b41f2b065849ba6b080cfd0350f1585a15bb5cbe50494b584159d9a5182645a610aa43453b42f4c4f8fbbcd1e36d12b75a501a4368a22e92298c340b93e336ecc5bde8bc2", 0x1000}], 0x1000, &(0x7f0000001340)=ANY=[@ANYBLOB="73697a653d2d322c687567653d6164766973652c6d70fe0f6f6c3d7072656665723a332f33392c687567653d6e65c9843a4afe959dbe", @ANYRESHEX=r3, @ANYBLOB="2c6d706f6c3d64656661756c743d72656c61746976652c687567653d6e657665722c666f776e65723d6d0a5bd59fe0a904f315271257e098b6a62a7c", @ANYRESDEC, @ANYBLOB=',\x00']) stat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getgroups(0x1, &(0x7f0000000180)=[0xee01]) stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xee01, r6}}, './file1\x00'}) syz_mount_image$tmpfs(&(0x7f0000000280), &(0x7f00000002c0)='./file0/file0\x00', 0x7, 0x1, &(0x7f0000001300)=[{&(0x7f0000000300)="5ba181f478efd0864d0f40aa300b7f311bdd82db77dd007159f68aeee1f216e87b5e15251bbde644a173f429560d25a8751c4d1e7751a096548b709218f6f4229f4ba7dcb3b8019028cbbb5034dfe17cef752de01864d67acc9bbf86313d0f29c2af5a659daed7087eaa9dbd03cf127a2f6e51c4a8d89483221b43d916ee0b2f9ee5bdadcf5cfa9193d69852312c2243253e0cce7c692473a38afaf394169ba1cc2275965a58b47ca86a7323a3782c56d1a83e0d0010d9f5cf3840141525ea584e2be50258f6d72cb33d83b9c106b1e56b0b389c3b25efa6eb63f608a4e7f094d78a740b54e0a80bb759497fa858937ae91da1c065a45ebbe6da1ed86b5ac3e29f3974ffc8846db166d29d0c14a4d210130c3e8e92f0c1f941d7cbe2b8847e035f5081e7ba5100707a7f1ca1dcefa735714035581b143cbb12b67872c2dd19947898fcbec627886805a70edc459ecf811a9e4dcd5832149c3da775c33745d63d5be67817e61426ae57c49f9ed4fcc76d7c2a18f2a5d4cb6a4d2ac87b1fa1592d907d68192b577ddd324c1f88f142dd22792f748b023ca0764ea74167b0ed29abd61aa8e21e71acf76ce7b4b53c5e3aa27f4f1f31b1f71e5a6d49fc191dfe4fec18adc135a5605ed3666e55b28f641e4f440160ed7c7e0b1a082515e9c0332d2d6e472e3c74a998adcbcd56f1d99b7577501e54789ffea1ead4bc2dd227a21d694f1d310bcfce685c7bf61ae3f7c353340414702619807c6c85c90c7730444f13f713d80ec3cd589843bfd55816dff0bf241a32194ab357dc1799a818f9f04d57673c97f5dd575da6955c79210a244259292fe8d779f0e1e2ad74687ed825962a239c93c6bc28b862ac7d51a6ceb677f21bdec2eff4e78580a4e2b28090ebe442cc925033af8c196cde42541e88444ace4add9ce06acceed169a3df387ee5647d6d210c284303cdc84109f87647926a182003fac047f4ec79922b6de5f34c87fd51d9b4bcdf88ff9c050a0700e830797e5b6a716a0d39e481efaa476ca19a94bd3401af2f4976109ef1a0784715e276536c7b16aaa6981d3b38c6c0eb07743c4299c5b4afd0537b495548e0d04a53f8ef128d2a321ca8c33894bb0a3009e21ba15fea17c91df1ac30aa0883ce7de129bb1f30b01334b37344fc39c87a3f0774c74a982686faf3bf0e35601851708c6b377509fdfc9a3b124481b435e47bce06e2929e2fb05ce7a147b44a817c22ab36aa36612a25b67e22f9397760092a4db9d6429cc57c40f5580000c1838f6f3820568302eb6b48ec482c2356b416fba2d9c367479c6207f335f378788024d74e667f1bbbef645a589f0a6fb6cd2fbc1dcfc5ff991ae1d56da2443e31c942e1bbba03276acb5a90abf34cc7cd8626a1415d09fcc3839dc28a1716ce0f3239ae7ebc0eeca98db16ceaec5e46330828343e8e4c6d145e341c52908923ec7cfd494117bb91b8f765a6efaee9935161fdcf9940119cd3c3cf927a7c2aa6ea6e999428325fa3c0d89348280bb455bff14401ab0f98024d6c25bdcd613e11522aa215b57ec4e69e11c5859bde93cb62323ff38ef6ba54a614cdca03988e3a9b972da8ce020bf603c44831d9532611c1c2b2c172be2ebd0f70eef30f1665b90fd077e81b0ddef174b5103098d16f99a8da7d7fbd8f88921af7c8c2a693de889c77bf3b3efb02f24f1e1652e8d5e268e1f6584a6d78891bae81ac8d13bb4c88c15c9be6330feaa4c1880fc95aee4726f0b25a2dc6fd8796779d7be7aa18d18f1bec0f6bec10a7e798a3ee69b05c80baad47b11e12fc2a30f8d1d1b53ab32e683ea94fba9e57af5068d5a52809cc22b591d16f4ad03e68944575d7eea58bb3f49b514a2d48189b7b0e3ed00976fc6cd4ee560f3329e5666153ef210a58c7fd55ce07072777fe7b1418f813bdda099905d23e321751f718899a4de21900e533dbab337c93ec7e08487fd930758e3b2c4a45cba110c37062f60ecce139de09fd2e958f4093ea2ddd5e6e22a4a26654129e818a0f7f5de2577717fbaf04efa706cfb1fa4a0aeaf4049190169204d5ea1492be81f38d42208ea121007afdf3308a2cea5d18038017afeb46d3382aaf0df4c3e8ca87e9a00952876a3ec904225bee09aa8021934e1c808981e3e6672fd63b284332e8b145af77ee84faaae19fa4d5f83ad21e00859117e51f5d2c29544523e4356e656d8a6456486a4aaa13cb4d0a547ed3b32a04d466d260a00682e1f253817ac1f38b8b51145fffab005b208dcb7b0727048ef037d110ee045c0cf7b60d305ef63b45b5c46b90724d15664d642c8581d087732e0d89d18100f4d1c7ea79843ca90216d4fd1bdc0b4e6babf2b9e116b8df60ca42221422cea1140a45935fbd20d990eba3832f2bcb93e07203a56665c924a0c5fe21c9f688dd804be383736902f1eed900a549aba65de1959c6325b02aec29c1904d1791656a3253511a424bee9c1e8bc2aed5be5b34c7484115c704935fb3a2f67efbc73d7b6f62d691f497e328ffdf22d6af9b8149a58cfb0d5fd8a0026d27ad48a1c70d9a4d93b7810db6ef921c8c790eadc567cbea40e5a0cde441d154997d750918d17a1305011374fb07d9017a288c6bdd70db87b09ab3816f6d8a2ddf9c3239ad03ed15b1b8a14778c3b945168a1a67cae2bfba97bf251e4cd9adb1da9d6414d36518761e327019bd57f11a58b296a1cf4658ef995d7bde14d686d74a2f6f79291adb58e2a85f8ed06dc81289afa9846712f0ac6cd142e82ec4270108e91e974823df51bb7b9daa38a3fb3bf1bd16ab64446af68131165e1e9c7f85da5708edc884d6d370d0c9ad6b7bccfced32f244255e46a3105d4e49d7da2f3009b8a00d44e100d72d9d53b3498ea3df10854ef512c2ed805f09dd61a6912e32ead327683fb1134e7a770fa01d5a938faf483be9c3c7889841c341aef81408969da428faf3999ff69a4dda64b6aec8baf4a3cffd73569b7f3560f01c1f7b286c4f96a915ecc15743b686d6dbc4a1563b728f1321bda8aeceb4568d9a814be1b9caa8a2ff87270ee90edce20953ba3f1a3c3ff4ad7f1d102b416c3cc598910b1c1f2d1869026f4cdad08bb0fc58d6ca12629c43cf78d41b37787073db96f8715703c181b9726c6ffca323df724624006db6cc55af0a9539459f20a7232c092b6e69ff46e72c64383bbe6baa9b9bc89f9559d772e5f817f082c529b2df664adc963f10461413c77251e8a3bd0c69b16b1ad48de8cbd9d8c272dbd303b97c6d2e69dd324e457ef0433963e27c4663987f07328f1dd30f9c92a8eade9dbfca0a845520fd60cc4e2dfadce95b058c9d943393594c7ae7552860e837af14def816626ab1739e963beec6fd55c75487ff477a088f264644973666e43ec4e5af7bc70f7de8ba31db2e58f541853563448a14676e32d956676753124fceafa9c64a250fd898b2480c7efa31152d54e037cc72928544ab98f6daddf6fc75840d1f6ae303a9af95d6f1d265eaccf01ab7ec9e4f3e88e21d294b9b322606bbc8412c4cf4d6da0a1be12914220c57770f39657a1d23842100a0152e8453d2993a4abe72229feac4c9509b00d46fd22a25b7834d2f5d6645e894ad270373df222b8cebd090b27303f22530efb82a7eee787d3c5d78a82027f3ddb289e8e6c46a79409be3e21d595e3b7ce558e56f0379b38c083b970771871242862a95d10a3938a5dd67ccc53d4bf959bec956ff8e858b635d6d9cf572ef0068b159286e25063229fb192d7965dbb78f86f5aa84e15b4e64030a0f57bfc523a3f4a3b6f03605c7e45b5992ab05125bd34a010749ac9ca814607513df037b67b0bb631a7967761d71ffb3f5dfe21ceec185b73221ad834c60d2c1c01e7639c3b6949981339e227db5393780090931851db073aa1b35e39ed295e68b0e1319fec86046254d4dc3b4d5d2f6863a42b23a6aa3857b5f245e4936a2953c3502870898c8701b0be8429d014e7bbe876027c7a2061a96ff1702029dd210d0fe694059a22fc628fdc99e959baa4589e7111f6ddb0a17c124a5301415db6383787631d12074fc4868352c2b93f352182d4681cd27554d9de6b9aef7440e8fd2e699ca33c433978bc9da618844e0ca9c05d2a53e45e7a19c61d20782798d939935abf4f88b9e2288536ec0f90e2f0d8e6477bc25f0f2229d93da920b5481f08c2504518c43297262ef805bb1870c76d77d917619feebaa2917cf2fcaa470462dfd6e09623258bb1e16607268fcdb99d13d07316a9ee5ed8fc2b9d486c23f4e9fee3ce287ed840485f9eae48d651dbaf663a6c5610b475a783a7ba2a4eca144890b7fee4b3045817c77d5a96b69a18698e6e4975dfa6b2e5be8fb02fa8a9f9db9476a7d50133e39409cbbe0442ee9c7e6ab08842182b652d28075d8d8fa16c8680e0811c0830a8f6b94bddf7ad387fe036d3d40826d20496c1b925be4aee023b07e732f167b4e58c17d09e53ae3159f4145ea8cf064b4ebc10ab753dfc5a25873bd2cc683f0cecf8861cc4b481e5d70b1f293e771dee384928bcc224c0249c61400eb8afeab1b87f3a7cc1237e8bb4db6ca71fdab4b0c8072f0740bbe0ef4a86b4a6d91dfcb5814194f1d0158c6be9ec093d92699e92803400072afd76c06eaf190032bd45e419cdec6c881b8e21bd1faa40198b6d1ee8b4d319693f9edda309af9df0e751d6f62d4dfb09813a39f97236c276db0d1e877a229fb21093d2b61a40f1fa74ef294ed62fa0b79b834c120a7c278ef9a0186e855757f5ab3d91574d6fac5074d82c9dc9f20432aaeabf19c02abc1427c630985ee90f207161d68c33306f545d84bde3c54545e305c32299fab10a53ad11d96e458d97f0c820df3e59dab86432e1f2bdce98aa94dee890a2c3f84dd9aa18d0890f42d92e0612481e0e828246407e6da2cecc8b8f8b5405562f45b82b9b253f9b86ead55c45646778e334f95a5c2dee3984a4d51fd509fd991ae3df0abd7c66cf575eb57a07be55a57d36c87d2b2370cb057afc06cbd067a954f694d291cc780de2fb859d3d539d2a7f7fff68edbe044507ace8d471a0563b2ae2b70f90d60c89879a30f7b3c84eacd9592758a9f098d068e039b641ee4d7fc9fac40894633df23b01bce913bf783600ee4a500dc1e060ce23f5a0cbfd1930bd87dbf271395dd41161ac2e81650ef7aa7819a0d73c1e585fdc3395d71b7a301a9179d533f44793924505759bbfcd0e3e6158df64d0f56d68114b9c33a6cd4da91a52fa7c5e571fd5d5f6382480551733a47969e1eab1c7424b20d0db4e822854e2568a7d2282f46477f239ca6966305e0678a983500acbb35789290a76be5b9d41edc850976caa4a302a031c2f2f74d4edb03739ca596f45642379fbed8550b4a6753f8b095bc9e3c24d10d6e07cd8e953af34cd4374f7486fcca90bc9087887168fca1d9e861b741efd94c560faecefd1bbd50c46574e1e897a56742fa22ab606eb90e74c80dcd0700b272d024cfc98da3d815e787cfbdea789c877356c87d05107c5bd2cbaa543e78d254f99a022d05b78b354482f7b121c7b3d68cb6e713e6cfee4ade5b3887aff8e5429b9c194810c8bfec45d431db3330ca0f8d7c1c78a55f0528f8d4f8ab4c016e6c9c50e1aad456ad7d2a8ec1111ea189122d39a1541ffb8a130128300b0416b9232a1cab558b436b41f2b065849ba6b080cfd0350f1585a15bb5cbe50494b584159d9a5182645a610aa43453b42f4c4f8fbbcd1e36d12b75a501a4368a22e92298c340b93e336ecc5bde8bc2", 0x1000}], 0x1000, &(0x7f0000001340)=ANY=[@ANYBLOB="73697a653d2d322c687567653d6164766973652c6d70fe0f6f6c3d7072656665723a332f33392c687567653d6e65c9843a4afe959dbe", @ANYRESHEX=r6, @ANYBLOB="2c6d706f6c3d64656661756c743d72656c61746976652c687567653d6e657665722c666f776e65723d6d0a5bd59fe0a904f315271257e098b6a62a7c", @ANYRESDEC, @ANYBLOB=',\x00']) stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xee01, r7}}, './file1\x00'}) syz_mount_image$tmpfs(&(0x7f0000000280), &(0x7f00000002c0)='./file0/file0\x00', 0x7, 0x1, &(0x7f0000001300)=[{&(0x7f0000000300)="5ba181f478efd0864d0f40aa300b7f311bdd82db77dd007159f68aeee1f216e87b5e15251bbde644a173f429560d25a8751c4d1e7751a096548b709218f6f4229f4ba7dcb3b8019028cbbb5034dfe17cef752de01864d67acc9bbf86313d0f29c2af5a659daed7087eaa9dbd03cf127a2f6e51c4a8d89483221b43d916ee0b2f9ee5bdadcf5cfa9193d69852312c2243253e0cce7c692473a38afaf394169ba1cc2275965a58b47ca86a7323a3782c56d1a83e0d0010d9f5cf3840141525ea584e2be50258f6d72cb33d83b9c106b1e56b0b389c3b25efa6eb63f608a4e7f094d78a740b54e0a80bb759497fa858937ae91da1c065a45ebbe6da1ed86b5ac3e29f3974ffc8846db166d29d0c14a4d210130c3e8e92f0c1f941d7cbe2b8847e035f5081e7ba5100707a7f1ca1dcefa735714035581b143cbb12b67872c2dd19947898fcbec627886805a70edc459ecf811a9e4dcd5832149c3da775c33745d63d5be67817e61426ae57c49f9ed4fcc76d7c2a18f2a5d4cb6a4d2ac87b1fa1592d907d68192b577ddd324c1f88f142dd22792f748b023ca0764ea74167b0ed29abd61aa8e21e71acf76ce7b4b53c5e3aa27f4f1f31b1f71e5a6d49fc191dfe4fec18adc135a5605ed3666e55b28f641e4f440160ed7c7e0b1a082515e9c0332d2d6e472e3c74a998adcbcd56f1d99b7577501e54789ffea1ead4bc2dd227a21d694f1d310bcfce685c7bf61ae3f7c353340414702619807c6c85c90c7730444f13f713d80ec3cd589843bfd55816dff0bf241a32194ab357dc1799a818f9f04d57673c97f5dd575da6955c79210a244259292fe8d779f0e1e2ad74687ed825962a239c93c6bc28b862ac7d51a6ceb677f21bdec2eff4e78580a4e2b28090ebe442cc925033af8c196cde42541e88444ace4add9ce06acceed169a3df387ee5647d6d210c284303cdc84109f87647926a182003fac047f4ec79922b6de5f34c87fd51d9b4bcdf88ff9c050a0700e830797e5b6a716a0d39e481efaa476ca19a94bd3401af2f4976109ef1a0784715e276536c7b16aaa6981d3b38c6c0eb07743c4299c5b4afd0537b495548e0d04a53f8ef128d2a321ca8c33894bb0a3009e21ba15fea17c91df1ac30aa0883ce7de129bb1f30b01334b37344fc39c87a3f0774c74a982686faf3bf0e35601851708c6b377509fdfc9a3b124481b435e47bce06e2929e2fb05ce7a147b44a817c22ab36aa36612a25b67e22f9397760092a4db9d6429cc57c40f5580000c1838f6f3820568302eb6b48ec482c2356b416fba2d9c367479c6207f335f378788024d74e667f1bbbef645a589f0a6fb6cd2fbc1dcfc5ff991ae1d56da2443e31c942e1bbba03276acb5a90abf34cc7cd8626a1415d09fcc3839dc28a1716ce0f3239ae7ebc0eeca98db16ceaec5e46330828343e8e4c6d145e341c52908923ec7cfd494117bb91b8f765a6efaee9935161fdcf9940119cd3c3cf927a7c2aa6ea6e999428325fa3c0d89348280bb455bff14401ab0f98024d6c25bdcd613e11522aa215b57ec4e69e11c5859bde93cb62323ff38ef6ba54a614cdca03988e3a9b972da8ce020bf603c44831d9532611c1c2b2c172be2ebd0f70eef30f1665b90fd077e81b0ddef174b5103098d16f99a8da7d7fbd8f88921af7c8c2a693de889c77bf3b3efb02f24f1e1652e8d5e268e1f6584a6d78891bae81ac8d13bb4c88c15c9be6330feaa4c1880fc95aee4726f0b25a2dc6fd8796779d7be7aa18d18f1bec0f6bec10a7e798a3ee69b05c80baad47b11e12fc2a30f8d1d1b53ab32e683ea94fba9e57af5068d5a52809cc22b591d16f4ad03e68944575d7eea58bb3f49b514a2d48189b7b0e3ed00976fc6cd4ee560f3329e5666153ef210a58c7fd55ce07072777fe7b1418f813bdda099905d23e321751f718899a4de21900e533dbab337c93ec7e08487fd930758e3b2c4a45cba110c37062f60ecce139de09fd2e958f4093ea2ddd5e6e22a4a26654129e818a0f7f5de2577717fbaf04efa706cfb1fa4a0aeaf4049190169204d5ea1492be81f38d42208ea121007afdf3308a2cea5d18038017afeb46d3382aaf0df4c3e8ca87e9a00952876a3ec904225bee09aa8021934e1c808981e3e6672fd63b284332e8b145af77ee84faaae19fa4d5f83ad21e00859117e51f5d2c29544523e4356e656d8a6456486a4aaa13cb4d0a547ed3b32a04d466d260a00682e1f253817ac1f38b8b51145fffab005b208dcb7b0727048ef037d110ee045c0cf7b60d305ef63b45b5c46b90724d15664d642c8581d087732e0d89d18100f4d1c7ea79843ca90216d4fd1bdc0b4e6babf2b9e116b8df60ca42221422cea1140a45935fbd20d990eba3832f2bcb93e07203a56665c924a0c5fe21c9f688dd804be383736902f1eed900a549aba65de1959c6325b02aec29c1904d1791656a3253511a424bee9c1e8bc2aed5be5b34c7484115c704935fb3a2f67efbc73d7b6f62d691f497e328ffdf22d6af9b8149a58cfb0d5fd8a0026d27ad48a1c70d9a4d93b7810db6ef921c8c790eadc567cbea40e5a0cde441d154997d750918d17a1305011374fb07d9017a288c6bdd70db87b09ab3816f6d8a2ddf9c3239ad03ed15b1b8a14778c3b945168a1a67cae2bfba97bf251e4cd9adb1da9d6414d36518761e327019bd57f11a58b296a1cf4658ef995d7bde14d686d74a2f6f79291adb58e2a85f8ed06dc81289afa9846712f0ac6cd142e82ec4270108e91e974823df51bb7b9daa38a3fb3bf1bd16ab64446af68131165e1e9c7f85da5708edc884d6d370d0c9ad6b7bccfced32f244255e46a3105d4e49d7da2f3009b8a00d44e100d72d9d53b3498ea3df10854ef512c2ed805f09dd61a6912e32ead327683fb1134e7a770fa01d5a938faf483be9c3c7889841c341aef81408969da428faf3999ff69a4dda64b6aec8baf4a3cffd73569b7f3560f01c1f7b286c4f96a915ecc15743b686d6dbc4a1563b728f1321bda8aeceb4568d9a814be1b9caa8a2ff87270ee90edce20953ba3f1a3c3ff4ad7f1d102b416c3cc598910b1c1f2d1869026f4cdad08bb0fc58d6ca12629c43cf78d41b37787073db96f8715703c181b9726c6ffca323df724624006db6cc55af0a9539459f20a7232c092b6e69ff46e72c64383bbe6baa9b9bc89f9559d772e5f817f082c529b2df664adc963f10461413c77251e8a3bd0c69b16b1ad48de8cbd9d8c272dbd303b97c6d2e69dd324e457ef0433963e27c4663987f07328f1dd30f9c92a8eade9dbfca0a845520fd60cc4e2dfadce95b058c9d943393594c7ae7552860e837af14def816626ab1739e963beec6fd55c75487ff477a088f264644973666e43ec4e5af7bc70f7de8ba31db2e58f541853563448a14676e32d956676753124fceafa9c64a250fd898b2480c7efa31152d54e037cc72928544ab98f6daddf6fc75840d1f6ae303a9af95d6f1d265eaccf01ab7ec9e4f3e88e21d294b9b322606bbc8412c4cf4d6da0a1be12914220c57770f39657a1d23842100a0152e8453d2993a4abe72229feac4c9509b00d46fd22a25b7834d2f5d6645e894ad270373df222b8cebd090b27303f22530efb82a7eee787d3c5d78a82027f3ddb289e8e6c46a79409be3e21d595e3b7ce558e56f0379b38c083b970771871242862a95d10a3938a5dd67ccc53d4bf959bec956ff8e858b635d6d9cf572ef0068b159286e25063229fb192d7965dbb78f86f5aa84e15b4e64030a0f57bfc523a3f4a3b6f03605c7e45b5992ab05125bd34a010749ac9ca814607513df037b67b0bb631a7967761d71ffb3f5dfe21ceec185b73221ad834c60d2c1c01e7639c3b6949981339e227db5393780090931851db073aa1b35e39ed295e68b0e1319fec86046254d4dc3b4d5d2f6863a42b23a6aa3857b5f245e4936a2953c3502870898c8701b0be8429d014e7bbe876027c7a2061a96ff1702029dd210d0fe694059a22fc628fdc99e959baa4589e7111f6ddb0a17c124a5301415db6383787631d12074fc4868352c2b93f352182d4681cd27554d9de6b9aef7440e8fd2e699ca33c433978bc9da618844e0ca9c05d2a53e45e7a19c61d20782798d939935abf4f88b9e2288536ec0f90e2f0d8e6477bc25f0f2229d93da920b5481f08c2504518c43297262ef805bb1870c76d77d917619feebaa2917cf2fcaa470462dfd6e09623258bb1e16607268fcdb99d13d07316a9ee5ed8fc2b9d486c23f4e9fee3ce287ed840485f9eae48d651dbaf663a6c5610b475a783a7ba2a4eca144890b7fee4b3045817c77d5a96b69a18698e6e4975dfa6b2e5be8fb02fa8a9f9db9476a7d50133e39409cbbe0442ee9c7e6ab08842182b652d28075d8d8fa16c8680e0811c0830a8f6b94bddf7ad387fe036d3d40826d20496c1b925be4aee023b07e732f167b4e58c17d09e53ae3159f4145ea8cf064b4ebc10ab753dfc5a25873bd2cc683f0cecf8861cc4b481e5d70b1f293e771dee384928bcc224c0249c61400eb8afeab1b87f3a7cc1237e8bb4db6ca71fdab4b0c8072f0740bbe0ef4a86b4a6d91dfcb5814194f1d0158c6be9ec093d92699e92803400072afd76c06eaf190032bd45e419cdec6c881b8e21bd1faa40198b6d1ee8b4d319693f9edda309af9df0e751d6f62d4dfb09813a39f97236c276db0d1e877a229fb21093d2b61a40f1fa74ef294ed62fa0b79b834c120a7c278ef9a0186e855757f5ab3d91574d6fac5074d82c9dc9f20432aaeabf19c02abc1427c630985ee90f207161d68c33306f545d84bde3c54545e305c32299fab10a53ad11d96e458d97f0c820df3e59dab86432e1f2bdce98aa94dee890a2c3f84dd9aa18d0890f42d92e0612481e0e828246407e6da2cecc8b8f8b5405562f45b82b9b253f9b86ead55c45646778e334f95a5c2dee3984a4d51fd509fd991ae3df0abd7c66cf575eb57a07be55a57d36c87d2b2370cb057afc06cbd067a954f694d291cc780de2fb859d3d539d2a7f7fff68edbe044507ace8d471a0563b2ae2b70f90d60c89879a30f7b3c84eacd9592758a9f098d068e039b641ee4d7fc9fac40894633df23b01bce913bf783600ee4a500dc1e060ce23f5a0cbfd1930bd87dbf271395dd41161ac2e81650ef7aa7819a0d73c1e585fdc3395d71b7a301a9179d533f44793924505759bbfcd0e3e6158df64d0f56d68114b9c33a6cd4da91a52fa7c5e571fd5d5f6382480551733a47969e1eab1c7424b20d0db4e822854e2568a7d2282f46477f239ca6966305e0678a983500acbb35789290a76be5b9d41edc850976caa4a302a031c2f2f74d4edb03739ca596f45642379fbed8550b4a6753f8b095bc9e3c24d10d6e07cd8e953af34cd4374f7486fcca90bc9087887168fca1d9e861b741efd94c560faecefd1bbd50c46574e1e897a56742fa22ab606eb90e74c80dcd0700b272d024cfc98da3d815e787cfbdea789c877356c87d05107c5bd2cbaa543e78d254f99a022d05b78b354482f7b121c7b3d68cb6e713e6cfee4ade5b3887aff8e5429b9c194810c8bfec45d431db3330ca0f8d7c1c78a55f0528f8d4f8ab4c016e6c9c50e1aad456ad7d2a8ec1111ea189122d39a1541ffb8a130128300b0416b9232a1cab558b436b41f2b065849ba6b080cfd0350f1585a15bb5cbe50494b584159d9a5182645a610aa43453b42f4c4f8fbbcd1e36d12b75a501a4368a22e92298c340b93e336ecc5bde8bc2", 0x1000}], 0x1000, &(0x7f0000001340)=ANY=[@ANYBLOB="73697a653d2d322c687567653d6164766973652c6d70fe0f6f6c3d7072656665723a332f33392c687567653d6e65c9843a4afe959dbe", @ANYRESHEX=r7, @ANYBLOB="2c6d706f6c3d64656661756c743d72656c61746976652c687567653d6e657665722c666f776e65723d6d0a5bd59fe0a904f315271257e098b6a62a7c", @ANYRESDEC, @ANYBLOB=',\x00']) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0xc018937b, &(0x7f0000000240)={{0x1, 0x1, 0x18, r1, {0x0, 0xee01}}, './file0\x00'}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000002c0)={0x0, 0x0, 0x0}, &(0x7f0000000300)=0xc) getresgid(&(0x7f0000000340), &(0x7f0000000380), &(0x7f00000003c0)=0x0) fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000040)='system.posix_acl_default\x00', &(0x7f0000000400)={{}, {0x1, 0x4}, [{}, {0x2, 0x1, 0xee00}], {0x4, 0x5}, [{0x8, 0x3}, {0x8, 0x2, r3}, {0x8, 0x6, r4}, {0x8, 0x1, r5}, {0x8, 0x3, r6}, {0x8, 0x3, r7}, {0x8, 0x3, r8}, {0x8, 0x5, r9}, {0x8, 0x1, 0xffffffffffffffff}, {0x8, 0x0, r10}], {0x10, 0x2}}, 0x84, 0x0) sendfile(r2, r0, 0x0, 0x100000001) 13:28:00 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x7a00, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:28:00 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x4c00, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:28:00 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) io_uring_enter(r0, 0x6290, 0x86b5, 0x2, &(0x7f0000000000)={[0x9]}, 0x8) [ 1019.801987] loop3: detected capacity change from 0 to 4096 [ 1019.813481] loop3: detected capacity change from 0 to 4096 13:28:00 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x6000000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) [ 1019.836169] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:28:00 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 55) 13:28:00 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 41) [ 1019.865356] FAULT_INJECTION: forcing a failure. [ 1019.865356] name failslab, interval 1, probability 0, space 0, times 0 [ 1019.867677] CPU: 1 PID: 7787 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1019.869065] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1019.870738] Call Trace: [ 1019.871276] dump_stack+0x107/0x167 [ 1019.872018] should_fail.cold+0x5/0xa [ 1019.872803] ? create_object.isra.0+0x3a/0xa30 [ 1019.873733] should_failslab+0x5/0x20 [ 1019.874505] kmem_cache_alloc+0x5b/0x310 [ 1019.875334] create_object.isra.0+0x3a/0xa30 [ 1019.876223] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1019.877263] kmem_cache_alloc_trace+0x151/0x320 [ 1019.878208] __io_uring_add_tctx_node+0x15c/0x520 [ 1019.879181] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1019.880240] ? alloc_fd+0x2e7/0x670 [ 1019.881004] io_uring_setup+0x1fbb/0x2980 [ 1019.881850] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1019.882876] ? wait_for_completion_io+0x270/0x270 [ 1019.883881] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1019.884955] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1019.886001] do_syscall_64+0x33/0x40 [ 1019.886762] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1019.887795] RIP: 0033:0x7f55e908fb19 [ 1019.888560] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1019.892283] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1019.893837] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 1019.895283] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1019.896746] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1019.898192] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1019.899646] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:28:01 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0xf000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1019.953489] FAULT_INJECTION: forcing a failure. [ 1019.953489] name failslab, interval 1, probability 0, space 0, times 0 [ 1019.955905] CPU: 1 PID: 7790 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1019.957318] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1019.959000] Call Trace: [ 1019.959545] dump_stack+0x107/0x167 [ 1019.960288] should_fail.cold+0x5/0xa [ 1019.961075] ? create_object.isra.0+0x3a/0xa30 [ 1019.962001] should_failslab+0x5/0x20 [ 1019.962768] kmem_cache_alloc+0x5b/0x310 [ 1019.963599] create_object.isra.0+0x3a/0xa30 [ 1019.964490] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1019.965535] kmem_cache_alloc+0x159/0x310 [ 1019.966382] __d_alloc+0x2a/0x990 [ 1019.967085] ? find_held_lock+0x2c/0x110 [ 1019.967914] d_alloc_pseudo+0x19/0x70 [ 1019.968693] alloc_file_pseudo+0xce/0x250 [ 1019.969532] ? trace_hardirqs_on+0x5b/0x180 [ 1019.970401] ? alloc_file+0x5a0/0x5a0 [ 1019.971185] anon_inode_getfile+0xc8/0x1f0 [ 1019.972050] io_uring_setup+0x138b/0x2980 [ 1019.972907] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1019.973935] ? wait_for_completion_io+0x270/0x270 [ 1019.974934] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1019.976000] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1019.977065] do_syscall_64+0x33/0x40 [ 1019.977825] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1019.978863] RIP: 0033:0x7f943fb71b19 [ 1019.979620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1019.983361] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1019.984925] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 1019.986390] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1019.987839] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1019.989316] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1019.990782] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1020.000294] netlink: 'syz-executor.2': attribute type 16 has an invalid length. 13:28:01 executing program 1: syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) clock_gettime(0x0, &(0x7f00000021c0)={0x0, 0x0}) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000002080)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000000)=""/142, 0x8e}, {&(0x7f00000000c0)=""/84, 0x54}, {&(0x7f0000000240)=""/23, 0x17}], 0x3}}, {{&(0x7f00000002c0)=@abs, 0x6e, &(0x7f00000003c0)=[{&(0x7f0000000340)=""/100, 0x64}], 0x1, &(0x7f0000000400)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0xb0}}, {{0x0, 0x0, &(0x7f0000001780)=[{&(0x7f00000004c0)=""/8, 0x8}, {&(0x7f0000000500)=""/248, 0xf8}, {&(0x7f0000000600)=""/4096, 0x1000}, {&(0x7f0000001600)=""/192, 0xc0}, {&(0x7f00000016c0)=""/147, 0x93}], 0x5}}, {{&(0x7f0000001800)=@abs, 0x6e, &(0x7f0000001a80)=[{&(0x7f0000001880)=""/87, 0x57}, {&(0x7f0000001900)=""/82, 0x52}, {&(0x7f0000001980)=""/209, 0xd1}], 0x3, &(0x7f0000001ac0)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x88}}, {{0x0, 0x0, &(0x7f0000002000)=[{&(0x7f0000001b80)=""/181, 0xb5}, {&(0x7f0000001c40)=""/168, 0xa8}, {&(0x7f0000001d00)=""/101, 0x65}, {&(0x7f0000001d80)=""/135, 0x87}, {&(0x7f0000001e40)=""/243, 0xf3}, {&(0x7f0000001f40)=""/144, 0x90}], 0x6}}], 0x5, 0x40002020, &(0x7f0000002200)={r0, r1+10000000}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) 13:28:01 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x7000000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) [ 1032.622010] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 1032.627754] FAULT_INJECTION: forcing a failure. [ 1032.627754] name failslab, interval 1, probability 0, space 0, times 0 [ 1032.630420] CPU: 0 PID: 7815 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1032.631850] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1032.632722] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7819 comm=syz-executor.3 [ 1032.633581] Call Trace: [ 1032.635577] dump_stack+0x107/0x167 [ 1032.636340] should_fail.cold+0x5/0xa [ 1032.637141] ? xas_alloc+0x336/0x440 [ 1032.637919] should_failslab+0x5/0x20 [ 1032.638710] kmem_cache_alloc+0x5b/0x310 [ 1032.639563] ? stack_trace_consume_entry+0x160/0x160 [ 1032.640629] xas_alloc+0x336/0x440 [ 1032.641406] xas_create+0x34a/0x10d0 [ 1032.642198] ? kernel_text_address+0xf2/0x120 [ 1032.643160] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1032.643208] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7819 comm=syz-executor.3 [ 1032.644250] xas_store+0x8c/0x1c40 [ 1032.644288] __xa_store+0x164/0x2d0 [ 1032.647342] ? xa_delete_node+0x280/0x280 [ 1032.648332] ? trace_hardirqs_on+0x5b/0x180 [ 1032.649365] xa_store+0x31/0x50 [ 1032.650152] __io_uring_add_tctx_node+0x1cf/0x520 [ 1032.651301] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1032.652538] ? alloc_fd+0x2e7/0x670 [ 1032.653426] io_uring_setup+0x1fbb/0x2980 [ 1032.654413] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1032.655612] ? wait_for_completion_io+0x270/0x270 [ 1032.656788] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1032.658023] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1032.659536] do_syscall_64+0x33/0x40 [ 1032.660452] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1032.661682] RIP: 0033:0x7f55e908fb19 [ 1032.662561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1032.666907] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1032.668696] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 1032.670380] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1032.672083] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1032.673784] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1032.675460] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:28:13 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x6800, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:28:13 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 56) 13:28:13 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:28:13 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_setup(0x18f6, &(0x7f00000003c0)={0x0, 0xf920, 0x0, 0x0, 0x32, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)=0x0) syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f00000004c0)=ANY=[@ANYBLOB="1f0000000000000002000000000000000100000025000000040000000000000000020100000000008e14aad22e0e8f0d00000000000005000000000000000000000000000000000000000009000000000000000000000800000000000000b30c000000000000080000000000000006000000000000000000000000000000000000000000000004000000000000000000000000000000000000ff07000000000000ff090b0000000000000000000000a84100000000000000000208000000000000000000000000000005000000000000002b4f0000000000000500000000000000000000000000000001280000000000000000000000000060a729039305dedd3deb1c88dc69bfdd67858e134fcaf04da91254cf91e187c371eba75a2980663c185b87387f39ee79553bac896827179f4c0ead64b3ba247927020d3fb14482a67da92f73ef1aec90e22bab06067c4cc9d00d4b9ef3648739f69587a41f6f0e7d00099203fcf926ae356d552defb1256f63a3dbf94f846a1802760fb91279b44938f8f72fdc19f78b27555f9f134f1278f9ad9b947a69bacacc346ec73d834c2a106613b6ebaab926ddeb9ae9b6ed0151b63027955c1dd1ce4dcc593f518419740b95c2c1d5b3fa"]) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000440)=ANY=[@ANYBLOB="01abba8db424aa000000010086d8dcbf4387a049b0af2ea0a616ce7f32fd502cdb13b490078957d9dd175954fd532a00", @ANYRES32, @ANYBLOB="ff010000000000002e2f66696c653000"]) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r1, &(0x7f0000000240)=@IORING_OP_EPOLL_CTL=@del={0x1d, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x0, {0x0, r4}}, 0x10000) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x2, 0x0, @fd_index=0x1, 0x0, 0x0}, 0x0) r5 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r8, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) fcntl$dupfd(r8, 0x406, r5) syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x2, 0x0, @fd_index=0x1, 0x0, 0x0}, 0x0) r9 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) syz_io_uring_submit(r9, r7, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r10 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r2, r7, &(0x7f0000000100)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x3, 0x0, 0xfffffff8, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r10}}, 0x400) 13:28:13 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) fsetxattr$trusted_overlay_redirect(r0, &(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x8, 0x1) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) r3 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000040), 0x6b0101, 0x0) mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x260428, &(0x7f0000001680)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_loose}, {@aname={'aname', 0x3d, ' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}, {@afid={'afid', 0x3d, 0x20}}, {@nodevmap}, {@posixacl}, {@version_9p2000}, {@afid}], [{@measure}, {@fscontext={'fscontext', 0x3d, 'user_u'}}, {@dont_hash}, {@uid_eq={'uid', 0x3d, 0xee00}}]}}) openat(0xffffffffffffffff, &(0x7f00000008c0)='./file0\x00', 0x18100, 0x67) sendmsg$nl_generic(r3, &(0x7f0000000100)={&(0x7f0000000080), 0xc, &(0x7f00000000c0)={&(0x7f0000002ac0)={0x132c, 0x36, 0x0, 0x70bd2c, 0x25dfdbfb, {0x10}, [@nested={0x118, 0x19, 0x0, 0x1, [@generic="dad094a838d5d5d1d751131897d35543", @typed={0x14, 0x47, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @typed={0x8, 0x2c, 0x0, 0x0, @u32=0x3}, @typed={0xc, 0x7c, 0x0, 0x0, @u64=0x316}, @generic="8e716ca98e01f5c77e5bb8d909516e0b35ba676984372eb5b44c7997", @typed={0x8, 0x85, 0x0, 0x0, @fd=r2}, @typed={0x8, 0x5c, 0x0, 0x0, @ipv4=@private=0xa010101}, @generic="547ea011b5507b16f2f4ac0fe92517073f50ce1a26c466e1609a829bdad7a8466e430b3899cab80e35b5b172f2df8b7b540ab8a079b7c83ef2392f3e196c00626f004ef5702cb8c00f5a6bee23b4deac13fc01ccddf4db18b2ce9b43ac46a31b2c4319fc870918bdf008680014ff93ae7bc99e7e94cd9f8cdda465d0056d3d2841826afa01b35b0c91c877892c853ccd616feeac9c5a69d6c1ce23f56e16b0ff7e06016d70ac6697", @typed={0x8, 0x4b, 0x0, 0x0, @u32=0x400}]}, @nested={0x164, 0x60, 0x0, 0x1, [@generic="3dfc42b39a35483e02c246521d257599dfa4ac2d521f875dc469bd3f24ccf4ceb224a1f2a7c5fa61c8e90b5bbc6e145786745b551c5e0dbd675d6fd112dafd7f930419b32852950be7b7cbb3bd86274402854b9f15dd19", @typed={0x8, 0x27, 0x0, 0x0, @uid=0xee00}, @generic="6be255d7cfff1f00afaca8d5bfd257c61abbf53104dfed647d8d3096bc04e9528d36990e0d587659332c09c488dec041d7c5890496cbef57d89ffec11700f68cebae6c9c07a0083197adbd63f96789da94725dc8ecab821f99e460b708914dde1212fae586434c653f4814d45c7e09732a327f10b698a70250fd90300f69a688ee43795c3f8e53d1ac299a0ce8604b4d96f86c851390b9eb3b3612f3a7d0b435626232a91d9244657e3231fbff952cb231e996d5ae0c48d0efc7a723eb9dc04c95d6e2b3f12b6479737e6abfcaec1720b52105a9879c94a59c3df87d3edd5b47f66cf08f7570b19420deedb257c2af2d75", @typed={0x8, 0x70, 0x0, 0x0, @u32=0x3}, @typed={0x8, 0x8e, 0x0, 0x0, @uid=0xffffffffffffffff}]}, @typed={0x8, 0x61, 0x0, 0x0, @u32=0x6}, @nested={0x1094, 0x6f, 0x0, 0x1, [@generic="be58f46035997a71ef7677c9d2ab6fcb68db1494cd54817d6cad936b64a7670b96cedbd92e", @typed={0x8, 0x2b, 0x0, 0x0, @fd=r3}, @generic="1e3e67e08050be3b160a904b18f3f42277c2840acfadbe4500a98a1bb4a1616b2b37ae2b68a5d6ff6daeae6799219450dbe4928466849b100b3d85", @typed={0x8, 0x8e, 0x0, 0x0, @uid=0xee01}, @typed={0x14, 0x22, 0x0, 0x0, @ipv6=@remote}, @generic="708752056b331def67ffe766f7f0f59e71988f78b24c16a27289167a4a48f1a37a2f48f1ba1f592aa5da944e1c814b126ab7646bcb9b9d16acf51a1cfda9591628709d185525419858ed15be5356e0d91663f33778511551c238381e2b41d3dbae26ec4e8d7ba91763902bcc46c1b7dfeafa52d62738658a70a9ce22646acc071bc72d1ec9e1de33d17a6a8271278af00d4300c44c4791639053140dde875d1976c13c77662a977e88820409e95975c130314f4247cee5cd4c6bacc795346b812bbc85d0dc8128e0ea4fc53269dcf57927f430ce7a1abf7e76fe2fc6ae5e260d43bd78ec328c981c48ce6f37ec9b1585c8eb986057e0c2c18ce52cec7cb559a36c1ef8b551d864daa7d8729eb476f9c715f097089d12366eedf830f7d09e78e4e2eaf5ce06061ec2cc0d95feda9696879ce6b55b82740a9461b8ce3b1ed1b7ae749c6082fd0f011b48ddf11ab22a5c8b00bf464b259df6315fff10005b13a375b0f817e463ddca89cf2cf8020b436188fdb4cf74ea222145545c0e69a9a109ae4cdb89c846d9cd85685d5c25e5149842cecf19efb4a5ca4128ab1baa8426cd2dd2a5d22d70d84085898ba62865c76ff3ea291c81848f8b1b982f2d8d24c842045275530683f41dba3887389ced70df8c3357c5aa8f3576881584c93622df53bf4bd263fb36562f534cca80ac325cf19171ea2483830168714a92e671e6931050a3065279e0a79ffed8977677046fa97c1a2fa20384fe96aada51638e5255d865f34d9ec27143e936dc9ba69890f132c9bfc77d79348ba12fce0a92a739cbeb2457109213ffaa1c8f0845a236b7b02bdcc0a3aaec81986ec6ba8b145fa04f0dcc1252c4b17f428d5d31476607f050b2150e4071c9317a7f3d12e5a7424bfce7dbb746a68a93434cc71fe8aa2bebf5b47365b1465564e4ef797b827a5ace3f2bc1b26ce86f15f63d222e3d696e0164ffe491c6dc4a7f852902bdc1aad26939a31d1ad777aafd2da6efabc4fb734fdca82cfea54c7a3fe87e8d6307a99c07b978fa5460768e8c6d68480280073b5daccf61034b96b043c8b9bfa760d85e3390756753ad618bae1b7ff0f44e9ccfca5b544081f2499a47c575ec6a845e0bab6ff1d439a0ff7f84addf81faa083cc6a48ceff5a231b19dd30c15f340b6154f6b7fe758638b3b006cda7eafd3e417f424e50b40fef70e9f4c26ca97435311eeb115397fbb958fbc5e672159f2d2ac8d59a1722bcaa5b62c4b6b17a55623e36a569349400040e77cf503d4c4aa8e481d9e18484c26da128fe9ed7ad7fee24c9fca3a3290fc5334465650038576d9d2c852bca2b80f9b80d0d0b289d223f3ec582a4dab0dca8ab40274a0ff82eb6c4b516cac1a0d2ea4c62cc1e73fa4bba2ea415588af408886d93540c6ee7eac02c8fb1a0fc47ca6e502b3356af90f31e2a8b612bd9a106d5790788834d424a4d893d26a2846091702fe61a3936181f21dcc0980c60a7b6d4f8cd8e6580ae73a2214b7c8bfc242cfe4a8fb5fa36f406c4d6a6acbe071ad1be1e526f0c840e2ab4b894b1e8487060aabb36b26f3ff27ce4af2713539ff3ba6268519194c04440eaac368e948e6ec79ebcddfa5c904d6603bb7d1eaeff0a6f5b6ccca6adec8d16fcfacf28d832f45b7d7d4303707f0c56dd501e4dc505db945480a0d31a2ee0f22224db7a287f64ccbab2b4dcd32cbac36bcc3d7c92f8dd7d45ab38509a685ae489472e1634b9e9f04d71ddbba78722ded5f90fb2fda679e77874e0a518e692e3f6e51a9ac9cbefa54fded1784386e96a651afbcedc61aeb3b2dd65227179ddce5d8c2cef610f6a68e320f88cb1860b04f520f276c9c09e38091a2d13c129e1dd1b952b9d40395e4d034f37b50cf2e3b51d3f2905f4855085a28dd6fc1e4339750dff33527b200a66686e621b28cb2b6f0213ec2527509c1ec2366a523160334018b37a83679320e604fcb01706802ac99ef658a68069c70fc71d408bd9de8aede9d026c5edad592e8b7449fc670d21987851f186274eb82c0f2e8310ab5a7d4a975c936d9d7915cb053e75623fc3a31524400fedcdc07a1d25b6789a4fe8cce7ee34a2d794b5b587d9a86fee0115bebc23c0ed984bc9b9edffc5402df8f3d2cac357d2f1378268e688a0727f7dc6658107c0e2bd3ef3dbb5d9934337797cde5607929f269907e1a86cbfea704a0e9c1d0c220fd0ca12eb13132447429caab4c2c8aa36bd386a9388846be64b87bc759c0bbfab84273441e7bb97a34423f4dda3e1adf0c9013c50bfd5cec12dabaf3657a098605e2c1d26e0df6ff6e5696b1679f840398fa987e10c4ea851a4884a80551dd94b87e30f4af5ded18a1597b4f4cdeaea72e3a3a495c65956d33bc1cee44ec3907ce4cd077e174cdde456817637d6500c02d9cf97ae63e846e1f3509dd761fabf6fe60c9134773457d0092383048ec25bcfa47b3c8718d903b0d42b9c4ecfa36b5350d69f2410f3a54e1cdb8e2cbbb7f2e8c5ca3f25376a42c8b1ac054aaf1ae2a597f71317bd6729748cad5eb987a5e23a0a3da2bf95688d70176434404a22440e321e76852753a41084d9a4f225643b39448ab3023884f0dfefcabe898abbd85d3463b1510bfc6411ff321a9f6c81255a755017da91c58c0fe7cb0d5e42bedd7bcd2bb0ef029c3af032a6897d93e3cc88c26e97850a00d8fca86b75700b99eab7034f48bfea267bbc13cd6a279beb49768cc0425d4e45168797087a69120c14ef6769f42a38543053f17efa44f14ef7e2f704d86de686aff80d22ace53aea3c3229296bb6709a5398135383def0157443d77a2d773874e56ed68a4d4ca3841a014f0e434b4e361a8e8ab2b689389fc93040fd30cdb0853da2b629fc27a40ca8790f13826c3566ee53740c2950e10cad4f42100cde1dfbdc8cb3505173dec8b5d008cab8c0e54be028bfff301c2e7fc51ba3e7d3fd5ecfc292119a976116e551d3840d43a001fec41dd8e39c894de28dc994b6cb98daac6fe48fc6979ba72c63e398682bccb32409c48963aa6465d45d0315d40c585cc286aa3b4142a68ab6f39d52d459aa992e481a9852203738b6cfa8ef6de3d144550dc743cf4206335b96cd9ec0022a18e6e95bab8ce51e4bbffddef1a3b9b3ff07165effa0b551e489af550f142bb84d557c9562783826dd7a23ccdbb10a780419ebf7215dd3d9fbca61fb26e7c423560afffa058b7e1b378df7fda4f4a40aa5a50a564f5896054dc81baefe487b481a8e6994232c61d378b10e8148a7c1e6547b47e1a311e38b4ba17c945cd445841374cbe6b03655df3539975a4b4552d199e8fbb4545c4e00bf99d215f2420ce4f1031edf6da0c6521808cd179dc4337b0b44c776cade2d4ba42f8725c0a7cd88ff0421fc91ed7f1e4089676d213b28c03541952029bda3f487aae390228b5933ac00d20b83df34680bc5ef372706d7922e890e37e456dcabf21114030ba0bfefcea9670cf95d6fae8759b50c1db59b93efa5f6d026b9ea27dd283bca09a193bb4f39f74805891e4835b11271c4a69a36b825512501d7e844bfc831271b2470f49f80d5fec58b856ec44440edbc694413686c91970280f590284b7d5f67981edd5fd6f8fbd5499d885344ab13b3d6b562cec98777b6d0119bbdb5e337abb45e3280a8135a3526efd3a0bfe4540e894b7df9f8e2a270fd83f864503be7688f91a107b47686670ae687a089ca12122310bc692fa6d4096ac76a5fc081dd2a203068e2fa973b82f42e0e58527eca36cd86ea84dc90d44de3615ee7f65a7038d9fb0d0c156a54205ad9d2734cc68777f689b8036f92e4a51b404a4d5c9873446ba7d990f3a7e71a81e0298d7fdaa8bad739999c3d8df6d290f816dbeb3c4e7449824fb8f9697f34d01d50fc3b2c509f15faef7ed6e4328a472fa8ff284e64461d513364013fea78210e21fb8f702095fff5b54aac4719ce0891b8c95b12dfaebf935cf951c83d23e89f405025296e02204b1ee47534f89c8a9b8112029aba28df8e03b84b5ee9efeff6ef16e181bfe8b52c634b6c9f35b80800eb9d01bb0b3bd2ada288f8f3e72def19ba855c4edfdc0c993746110bc6dffe0f3350bc37c85b8e6b2a4ad3c4ca016a3e401c6d42ca85ec0785e329dc3a4c667f79b0d4e6db9e7b52995f50c3400aa2c397977f50a5b58baa94f608cabeb16e5a986c4561b9ca83da7bbc214e00846c6e59521b73363878e7b21d576972c548cd845815a59b50885f389dbd391ee352af39a043595e899d0ab7904d19933cd8c5a5fbdfcb4fdcf849a6ef51e26812beb03b6dee5f766a1db080bd7338244054cd00320f937cc154eec35eb1b940763eb719117f67309549528301ef22eef60d107c698bf0330f96dc9b58dbbe3981bad3d13324745e61c31547280a7060c0d833b6b748089de359aacbe3216b65c03d76c52fdeef787580e6160f1a8ff668237f410603bbb578fae9f80d3f0de0107c866278fbcfeb9f10f139f4d14a7a9a1306fbf5ffa5ed7fe31f872df78411613c3a20399429f465eaf84b9241f2333e8e9a27e7d266b835472cb2496c8e31c997f5fa22365874dcda3f44ab62f6586b4cd6cd19d4f89e5768e0c9acb493ec66f45625d6d7dfdb69d673e4152e91860244b0972ffab3923784aa16cdfba239ed15aa39f1c166424566b14d15823688845308fd970662a4e212f64173655a53a5207d5b800db84e53fbee8b00eba88bd16f5492054ecddc7917980a7d6b6e56bf145e0cb796db8f4909855a723c0e4881b163d2fa8289ba7cb2f77a4868f4e882cefa2e4628689e9cd80ef5782a3a396d52f5402041be9d3709dddf67d757b2de0764cf663071bed5c419cd6d4238a96babfe996512b6f8ca2e14a98453ba3a6991021cdc77be8ea2ac466af4cd2c3c196228d722f5a065c6128c8143852920225748208335b243c4ce7e73c454336d2fd8ca45b659ffb30247058a186f2cf7c3a98cf33b5b9f7e8b5eeec4f388efe052e66e07fabcb27e56bb70d234d86f9c29c5db481680a0691de119a11e98b953a847ad167f537a31c520e26d6f6483bbf4f3ac5b180b3d9a1cc9c41499ddd7209b72a5d67025a908d6b2348c483a0a8bde81a9f5d65eac567983cf295896feaa2e85b959ec82e5b88893b075ac54a5210632ecd0c15af8f4d82c32b4ed818c353c4fcf2d3ed9a42af28b9b6ca7316bb077246c06bf887253e68a8ddecf8ac64ec0ee84cd5b57638054b26071a92b7cb9643e7d31bdd97117bbdf753cb4f4b37a139d48ba64e514a1e74d782a8c5f33ed79902757b6116e15e5ad289c9bd37b9143a2994e233eeb2a3eaec78bb3d13543e9b63b434186459ec4f480f95b62eac70ac9a582f2e0481e62aae61cbb7799511c8c06a89b23b017684f060313260cae2ac3ecc31a7d38d5b14994620eacc982eb9d42d04dd7c8560b04648dd065bcef07cbc0c63011a99403fd9371c92cca3e15f2987bad500012df499749bbd9c10cd08e18d8f089f0e3da249a9d24fbd0ebc0d9beab1a53c42b1e39e0c5f8e2dc29750f2f84d723fedb06cf6ea61a48d53256baaa503bf627f726e1169c584fbd3d20ccb771548c64eb6b7f940a4a3ee086621efb3b6436e6ac8ada0dd2adb874fe6bc71177b44794edcab259bea4a8dd35490ecc8ee2cd83b179f642f054c698a03f6fd1489975aea51ec28d9073f2855a99a772ff7f94fdc1ef577c35ceeb7ba0efe74fa055f77e0fccd89d044c169d53580de681f9b06eebcaa915dae9e8b4b3b34464289d3c89772af5d04a", @typed={0xc, 0x54, 0x0, 0x0, @u64=0xffffffffffffff5e}]}]}, 0x132c}, 0x1, 0x0, 0x0, 0x4001}, 0x21) sendfile(r2, r0, 0x0, 0x100000001) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r5 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r6, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r6, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r7 = fcntl$dupfd(r6, 0x406, r5) ioctl$FS_IOC_FIEMAP(r7, 0xc020660b, &(0x7f00000002c0)={0x1f, 0x2, 0x1, 0x25, 0x4, [{0x0, 0xd8f, 0x5, '\x00', 0x86}, {0xcb3, 0x8, 0x6, '\x00', 0x4}, {0x0, 0x7ff, 0x9ff, '\x00', 0x802}, {0x5, 0x4f2b, 0x5, '\x00', 0x2801}]}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r7, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x1ff}}, './file0\x00'}) sendmsg$NL80211_CMD_TDLS_MGMT(r7, &(0x7f0000000500)={&(0x7f0000000300), 0xc, &(0x7f00000004c0)={&(0x7f0000000340)={0x180, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0xfffffffe, 0xa}}}}, [@NL80211_ATTR_TDLS_PEER_CAPABILITY={0x8, 0xcb, 0x7}, @NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5, 0x89, 0x75}, @NL80211_ATTR_TDLS_INITIATOR={0x4}, @NL80211_ATTR_IE={0x10f, 0x2a, [@link_id={0x65, 0x12, {@random="5a997489f30f", @broadcast, @broadcast}}, @ssid={0x0, 0xc, @random="adde3f9505a75e3b08ecbe20"}, @measure_req={0x26, 0xc4, {0x0, 0x0, 0x1, "3d5b643f77564d4c34d9292d5f5f156e909118f1d3c8249af4fe1585778631b80bca5980762d683f3a26d828990060557767cb36baf831f6e850af0f9222d46d25c642d0e8cd15a920704863a2d9d7b3a4e47454880172162e43fa83c75827ada0066ecc2cb6edb3a9c96c1cb8acb2499fe88ea2939ed424943a9437adb13b215305422d42fbafb27ada4baa6d584bacbec895670e4339f8b966253cb412dc1943766667da725b87a5f4cb7d7851d1b665e5c4b8e2790e234bd76cabba9b9a32bc"}}, @mic={0x8c, 0x18, {0x167, "e3114ee0d276", @long="8dd72762bdf32061d0bb196ddf4a83a3"}}, @mesh_config={0x71, 0x7, {0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x5, 0x1}}]}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x65}, @NL80211_ATTR_TDLS_INITIATOR={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0x6}, @NL80211_ATTR_TDLS_PEER_CAPABILITY={0x8, 0xcb, 0x9}]}, 0x180}, 0x1, 0x0, 0x0, 0x40}, 0x4040880) lseek(r4, 0x9, 0x2) getsockopt$sock_int(r4, 0x1, 0x28, &(0x7f0000000240), &(0x7f00000002c0)=0x4) 13:28:13 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 42) 13:28:13 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x8000000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:28:13 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x80000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1032.697717] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 1032.700527] netlink: 'syz-executor.2': attribute type 16 has an invalid length. 13:28:13 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0xe0ffff, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1032.720859] FAULT_INJECTION: forcing a failure. [ 1032.720859] name failslab, interval 1, probability 0, space 0, times 0 [ 1032.722291] CPU: 1 PID: 7823 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1032.723082] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1032.724040] Call Trace: [ 1032.724348] dump_stack+0x107/0x167 [ 1032.724786] should_fail.cold+0x5/0xa [ 1032.725235] ? __alloc_file+0x21/0x320 [ 1032.725685] should_failslab+0x5/0x20 [ 1032.726125] kmem_cache_alloc+0x5b/0x310 [ 1032.726599] __alloc_file+0x21/0x320 [ 1032.727029] alloc_empty_file+0x6d/0x170 [ 1032.727500] alloc_file+0x5e/0x5a0 [ 1032.727913] alloc_file_pseudo+0x16a/0x250 [ 1032.728404] ? alloc_file+0x5a0/0x5a0 [ 1032.728860] anon_inode_getfile+0xc8/0x1f0 [ 1032.729355] io_uring_setup+0x138b/0x2980 [ 1032.729841] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1032.730427] ? wait_for_completion_io+0x270/0x270 [ 1032.730993] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1032.731599] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1032.732201] do_syscall_64+0x33/0x40 [ 1032.732641] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1032.733236] RIP: 0033:0x7f943fb71b19 [ 1032.733668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1032.735786] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1032.736667] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 1032.737493] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1032.738318] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1032.739144] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1032.739967] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:28:13 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x101800, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff}, 0x84800) ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0x2}}, './file0\x00'}) socket$inet_tcp(0x2, 0x1, 0x0) openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r3, 0xc028660f, &(0x7f0000000080)={0x0, r3}) getsockopt$sock_int(r3, 0x1, 0x21, &(0x7f0000000100), &(0x7f0000000140)=0x4) ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000080)={0x0, r2}) sendfile(r2, r1, 0x0, 0x1) 13:28:13 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x10000000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:28:13 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x6c00, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1032.807205] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:28:28 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0xf0ffff, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:28:28 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:28:28 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 57) [ 1047.018114] FAULT_INJECTION: forcing a failure. [ 1047.018114] name failslab, interval 1, probability 0, space 0, times 0 [ 1047.018349] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 1047.019462] CPU: 1 PID: 7851 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1047.021791] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1047.022740] Call Trace: [ 1047.023044] dump_stack+0x107/0x167 [ 1047.023459] should_fail.cold+0x5/0xa [ 1047.023892] ? xas_alloc+0x336/0x440 [ 1047.024313] should_failslab+0x5/0x20 [ 1047.024753] kmem_cache_alloc+0x5b/0x310 [ 1047.025214] ? stack_trace_consume_entry+0x160/0x160 [ 1047.025795] xas_alloc+0x336/0x440 [ 1047.026203] xas_create+0x34a/0x10d0 [ 1047.026632] ? kernel_text_address+0xf2/0x120 [ 1047.027141] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1047.027736] xas_store+0x8c/0x1c40 [ 1047.028165] __xa_store+0x164/0x2d0 [ 1047.028579] ? xa_delete_node+0x280/0x280 [ 1047.029061] ? trace_hardirqs_on+0x5b/0x180 [ 1047.029558] xa_store+0x31/0x50 [ 1047.029936] __io_uring_add_tctx_node+0x1cf/0x520 [ 1047.030482] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1047.031075] ? alloc_fd+0x2e7/0x670 [ 1047.031492] io_uring_setup+0x1fbb/0x2980 [ 1047.031966] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1047.032541] ? wait_for_completion_io+0x270/0x270 [ 1047.033106] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1047.033698] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1047.034291] do_syscall_64+0x33/0x40 [ 1047.034716] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1047.035294] RIP: 0033:0x7f55e908fb19 [ 1047.035728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1047.037828] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1047.038697] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 1047.039509] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1047.040318] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1047.041127] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1047.041936] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1047.073071] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:28:28 executing program 3: r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x41a002, 0x7c) r1 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r2, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r3 = fcntl$dupfd(r2, 0x406, r1) ioctl$FS_IOC_FIEMAP(r3, 0xc020660b, &(0x7f00000002c0)={0x1f, 0x2, 0x1, 0x25, 0x4, [{0x0, 0xd8f, 0x5, '\x00', 0x86}, {0xcb3, 0x8, 0x6, '\x00', 0x4}, {0x0, 0x7ff, 0x9ff, '\x00', 0x802}, {0x5, 0x4f2b, 0x5, '\x00', 0x2801}]}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r3, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1, {0x1ff}}, './file0\x00'}) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0) sendfile(r0, r1, 0x0, 0x5) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r4, r0, 0x0, 0x100000001) 13:28:28 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x40000000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:28:28 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 43) 13:28:28 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x440400, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) 13:28:28 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x7400, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1047.077651] FAULT_INJECTION: forcing a failure. [ 1047.077651] name failslab, interval 1, probability 0, space 0, times 0 [ 1047.079038] CPU: 1 PID: 7863 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1047.079812] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1047.080766] Call Trace: [ 1047.081068] dump_stack+0x107/0x167 [ 1047.081481] should_fail.cold+0x5/0xa [ 1047.081914] ? create_object.isra.0+0x3a/0xa30 [ 1047.082430] should_failslab+0x5/0x20 [ 1047.082861] kmem_cache_alloc+0x5b/0x310 [ 1047.083322] create_object.isra.0+0x3a/0xa30 [ 1047.083819] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1047.084393] kmem_cache_alloc+0x159/0x310 [ 1047.084874] __alloc_file+0x21/0x320 [ 1047.085293] alloc_empty_file+0x6d/0x170 [ 1047.085752] alloc_file+0x5e/0x5a0 [ 1047.086151] alloc_file_pseudo+0x16a/0x250 [ 1047.086626] ? alloc_file+0x5a0/0x5a0 [ 1047.087064] anon_inode_getfile+0xc8/0x1f0 [ 1047.087546] io_uring_setup+0x138b/0x2980 [ 1047.088017] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1047.088586] ? wait_for_completion_io+0x270/0x270 [ 1047.089153] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1047.089742] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1047.090323] do_syscall_64+0x33/0x40 [ 1047.090750] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1047.091332] RIP: 0033:0x7f943fb71b19 [ 1047.091752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1047.093828] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1047.094692] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 1047.095499] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1047.096303] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1047.097118] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1047.097932] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:28:28 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x7a00, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:28:28 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 44) 13:28:28 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x1000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1047.158353] FAULT_INJECTION: forcing a failure. [ 1047.158353] name failslab, interval 1, probability 0, space 0, times 0 [ 1047.159735] CPU: 1 PID: 7869 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1047.160515] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1047.161468] Call Trace: [ 1047.161772] dump_stack+0x107/0x167 [ 1047.162190] should_fail.cold+0x5/0xa [ 1047.162622] ? security_file_alloc+0x34/0x170 [ 1047.163130] should_failslab+0x5/0x20 [ 1047.163561] kmem_cache_alloc+0x5b/0x310 [ 1047.164023] security_file_alloc+0x34/0x170 [ 1047.164510] __alloc_file+0xb7/0x320 [ 1047.164945] alloc_empty_file+0x6d/0x170 [ 1047.165407] alloc_file+0x5e/0x5a0 [ 1047.165813] alloc_file_pseudo+0x16a/0x250 [ 1047.166295] ? alloc_file+0x5a0/0x5a0 [ 1047.166741] anon_inode_getfile+0xc8/0x1f0 [ 1047.167229] io_uring_setup+0x138b/0x2980 [ 1047.167702] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1047.168278] ? wait_for_completion_io+0x270/0x270 [ 1047.168849] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1047.169453] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1047.170046] do_syscall_64+0x33/0x40 [ 1047.170469] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1047.171057] RIP: 0033:0x7f943fb71b19 [ 1047.171479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1047.173590] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1047.174459] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 1047.175269] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1047.176084] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1047.176908] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1047.177706] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:28:28 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 13:28:28 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 58) [ 1047.200607] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 1047.214290] netlink: 'syz-executor.2': attribute type 16 has an invalid length. 13:28:28 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x4b500fff) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) [ 1047.235662] FAULT_INJECTION: forcing a failure. [ 1047.235662] name failslab, interval 1, probability 0, space 0, times 0 [ 1047.237012] CPU: 1 PID: 7879 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1047.237787] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1047.238739] Call Trace: [ 1047.239050] dump_stack+0x107/0x167 [ 1047.239465] should_fail.cold+0x5/0xa [ 1047.239913] ? create_object.isra.0+0x3a/0xa30 [ 1047.240433] should_failslab+0x5/0x20 [ 1047.240881] kmem_cache_alloc+0x5b/0x310 [ 1047.241349] create_object.isra.0+0x3a/0xa30 [ 1047.241861] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1047.242438] kmem_cache_alloc+0x159/0x310 [ 1047.242917] xas_alloc+0x336/0x440 [ 1047.243329] xas_create+0x34a/0x10d0 [ 1047.243758] ? kernel_text_address+0xf2/0x120 [ 1047.244272] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1047.244881] xas_store+0x8c/0x1c40 [ 1047.245295] __xa_store+0x164/0x2d0 [ 1047.245714] ? xa_delete_node+0x280/0x280 [ 1047.246190] ? trace_hardirqs_on+0x5b/0x180 [ 1047.246684] xa_store+0x31/0x50 [ 1047.247063] __io_uring_add_tctx_node+0x1cf/0x520 [ 1047.247618] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1047.248212] ? alloc_fd+0x2e7/0x670 [ 1047.248636] io_uring_setup+0x1fbb/0x2980 [ 1047.249126] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1047.249705] ? wait_for_completion_io+0x270/0x270 [ 1047.250270] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1047.250873] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1047.251461] do_syscall_64+0x33/0x40 [ 1047.251885] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1047.252471] RIP: 0033:0x7f55e908fb19 [ 1047.252912] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1047.255005] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1047.255878] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 1047.256694] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1047.257499] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1047.258314] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1047.259136] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:28:28 executing program 3: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x40) connect(r4, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) fcntl$dupfd(r4, 0x406, r1) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x2, 0x0, @fd_index=0x1, 0x0, 0x0}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) syz_io_uring_submit(r5, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, &(0x7f00000002c0)=ANY=[@ANYBLOB="010023110000000a000018df8f8fee2ae798876a203dd3f7434a55d4f2374e745b6c326a9df27b914b0ef9a475a26c76f7676be34ed958f559be01ac4531a661e0af244c780ad085d6d16e2563c868d9e3f93243a9ac66b18973d4b83f6ebea461e71cfcc421fdb6c4f898ab91", @ANYRESDEC=r3, @ANYRESHEX=r1]) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x0, 0x132) creat(&(0x7f0000000080)='./file0\x00', 0x29) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r7, r6, 0x0, 0x100000001) ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f00000002c0)={0x1f, 0x2, 0x1, 0x25, 0x4, [{0x0, 0xd8f, 0x5, '\x00', 0x86}, {0xcb3, 0x8, 0x6, '\x00', 0x4}, {0x0, 0x7ff, 0x9ff, '\x00', 0x802}, {0x5, 0x4f2b, 0x5, '\x00', 0x2801}]}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000240)=ANY=[@ANYBLOB="3d0000000000020000000000", @ANYRES32=r4, @ANYBLOB="ff010000000000002e2f66696c653000"]) io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, r6) ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(0xffffffffffffffff, 0x80089419, &(0x7f00000000c0)) 13:28:28 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 45) 13:28:28 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0xf000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1047.348498] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 1047.359493] FAULT_INJECTION: forcing a failure. [ 1047.359493] name failslab, interval 1, probability 0, space 0, times 0 [ 1047.361957] CPU: 0 PID: 7892 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1047.363437] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1047.365218] Call Trace: [ 1047.365783] dump_stack+0x107/0x167 [ 1047.366557] should_fail.cold+0x5/0xa [ 1047.367367] ? create_object.isra.0+0x3a/0xa30 [ 1047.368334] should_failslab+0x5/0x20 [ 1047.369156] kmem_cache_alloc+0x5b/0x310 [ 1047.370026] create_object.isra.0+0x3a/0xa30 [ 1047.370958] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1047.372030] kmem_cache_alloc+0x159/0x310 [ 1047.372922] __alloc_file+0x21/0x320 [ 1047.373703] alloc_empty_file+0x6d/0x170 [ 1047.374563] alloc_file+0x5e/0x5a0 [ 1047.375322] alloc_file_pseudo+0x16a/0x250 [ 1047.376208] ? alloc_file+0x5a0/0x5a0 [ 1047.377042] anon_inode_getfile+0xc8/0x1f0 [ 1047.377947] io_uring_setup+0x138b/0x2980 [ 1047.378830] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1047.379904] ? wait_for_completion_io+0x270/0x270 [ 1047.380967] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1047.382084] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1047.383179] do_syscall_64+0x33/0x40 [ 1047.383970] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1047.385065] RIP: 0033:0x7f943fb71b19 [ 1047.385859] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1047.389768] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1047.391385] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 1047.392910] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1047.394416] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1047.395942] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1047.397471] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1058.871398] FAULT_INJECTION: forcing a failure. [ 1058.871398] name failslab, interval 1, probability 0, space 0, times 0 [ 1058.872942] CPU: 0 PID: 7912 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1058.873835] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1058.874889] Call Trace: [ 1058.875230] dump_stack+0x107/0x167 [ 1058.875703] should_fail.cold+0x5/0xa [ 1058.876200] ? io_uring_alloc_task_context+0x99/0x6a0 [ 1058.876887] should_failslab+0x5/0x20 [ 1058.877374] kmem_cache_alloc_trace+0x55/0x320 [ 1058.877983] io_uring_alloc_task_context+0x99/0x6a0 [ 1058.878661] ? io_import_iovec+0x1120/0x1120 [ 1058.879228] ? lock_downgrade+0x6d0/0x6d0 [ 1058.879772] ? do_raw_spin_lock+0x121/0x260 [ 1058.880333] ? rwlock_bug.part.0+0x90/0x90 [ 1058.880886] __io_uring_add_tctx_node+0x2c6/0x520 [ 1058.881504] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1058.882189] ? alloc_fd+0x2e7/0x670 [ 1058.882683] io_uring_setup+0x1fbb/0x2980 [ 1058.883231] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1058.883910] ? wait_for_completion_io+0x270/0x270 [ 1058.884555] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1058.885236] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1058.885904] do_syscall_64+0x33/0x40 [ 1058.886108] FAULT_INJECTION: forcing a failure. [ 1058.886108] name failslab, interval 1, probability 0, space 0, times 0 [ 1058.886389] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1058.886398] RIP: 0033:0x7f943fb71b19 [ 1058.886412] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1058.886429] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1058.893491] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 1058.894392] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1058.895323] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1058.896231] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1058.897146] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:28:39 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 59) 13:28:39 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:28:39 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 46) 13:28:39 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x4b503fff) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:28:39 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r1 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r2, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r3 = fcntl$dupfd(r2, 0x406, r1) ioctl$FS_IOC_FIEMAP(r3, 0xc020660b, &(0x7f00000002c0)={0x1f, 0x2, 0x1, 0x25, 0x4, [{0x0, 0xd8f, 0x5, '\x00', 0x86}, {0xcb3, 0x8, 0x6, '\x00', 0x4}, {0x0, 0x7ff, 0x9ff, '\x00', 0x802}, {0x5, 0x4f2b, 0x5, '\x00', 0x2801}]}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r3, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1, {0x1ff}}, './file0\x00'}) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x7, 0x59, 0x3, 0x6, 0x0, 0x8001, 0x400, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1000, 0x1, @perf_config_ext={0x0, 0x2}, 0x40140, 0xffffffffffffffff, 0x4, 0x9, 0x2, 0x4, 0x1, 0x0, 0x48}, 0xffffffffffffffff, 0x8, r3, 0x2) 13:28:39 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x2000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:28:39 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x80000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:28:39 executing program 3: clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_TIMEOUT={0xb, 0x5, 0x0, 0x0, 0x6, &(0x7f0000000080)={r0, r1+10000000}, 0x1, 0x7e233246435de558}, 0x6) r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r3, r2, 0x0, 0x100000001) [ 1058.898096] CPU: 1 PID: 7915 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1058.899941] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1058.901734] Call Trace: [ 1058.902309] dump_stack+0x107/0x167 [ 1058.903105] should_fail.cold+0x5/0xa [ 1058.903924] ? create_object.isra.0+0x3a/0xa30 [ 1058.904893] should_failslab+0x5/0x20 [ 1058.905691] kmem_cache_alloc+0x5b/0x310 [ 1058.906553] create_object.isra.0+0x3a/0xa30 [ 1058.907519] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1058.908588] kmem_cache_alloc+0x159/0x310 [ 1058.909480] xas_alloc+0x336/0x440 [ 1058.910240] xas_create+0x34a/0x10d0 13:28:40 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 47) [ 1058.911059] ? kernel_text_address+0xf2/0x120 [ 1058.912133] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1058.913250] xas_store+0x8c/0x1c40 [ 1058.914019] __xa_store+0x164/0x2d0 [ 1058.914816] ? xa_delete_node+0x280/0x280 [ 1058.915702] ? trace_hardirqs_on+0x5b/0x180 [ 1058.916628] xa_store+0x31/0x50 [ 1058.917338] __io_uring_add_tctx_node+0x1cf/0x520 [ 1058.918366] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1058.919500] ? alloc_fd+0x2e7/0x670 [ 1058.920286] io_uring_setup+0x1fbb/0x2980 [ 1058.921188] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1058.922277] ? wait_for_completion_io+0x270/0x270 [ 1058.922647] FAULT_INJECTION: forcing a failure. [ 1058.922647] name failslab, interval 1, probability 0, space 0, times 0 [ 1058.923340] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1058.923365] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1058.926939] do_syscall_64+0x33/0x40 [ 1058.927736] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1058.928845] RIP: 0033:0x7f55e908fb19 [ 1058.929635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1058.933539] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1058.935159] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 1058.936682] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1058.938190] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1058.939691] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1058.941216] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1058.942768] CPU: 0 PID: 7920 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1058.943632] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1058.944679] Call Trace: [ 1058.945016] dump_stack+0x107/0x167 [ 1058.945471] should_fail.cold+0x5/0xa [ 1058.945634] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 1058.945945] ? create_object.isra.0+0x3a/0xa30 [ 1058.945957] should_failslab+0x5/0x20 [ 1058.945969] kmem_cache_alloc+0x5b/0x310 [ 1058.945988] create_object.isra.0+0x3a/0xa30 [ 1058.949587] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1058.950225] kmem_cache_alloc_trace+0x151/0x320 [ 1058.950804] io_uring_alloc_task_context+0x99/0x6a0 [ 1058.951430] ? io_import_iovec+0x1120/0x1120 [ 1058.951982] ? lock_downgrade+0x6d0/0x6d0 [ 1058.952495] ? do_raw_spin_lock+0x121/0x260 [ 1058.953035] ? rwlock_bug.part.0+0x90/0x90 [ 1058.953561] __io_uring_add_tctx_node+0x2c6/0x520 [ 1058.954156] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1058.954241] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 1058.954811] ? alloc_fd+0x2e7/0x670 [ 1058.954830] io_uring_setup+0x1fbb/0x2980 [ 1058.957385] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1058.958016] ? wait_for_completion_io+0x270/0x270 [ 1058.958624] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1058.959275] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1058.959911] do_syscall_64+0x33/0x40 [ 1058.960370] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1058.961008] RIP: 0033:0x7f943fb71b19 [ 1058.961471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1058.963754] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1058.964706] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 1058.965599] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1058.966482] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1058.967367] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1058.968270] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:28:40 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 48) [ 1059.016841] FAULT_INJECTION: forcing a failure. [ 1059.016841] name failslab, interval 1, probability 0, space 0, times 0 [ 1059.018321] CPU: 0 PID: 7927 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1059.019163] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1059.020169] Call Trace: [ 1059.020493] dump_stack+0x107/0x167 [ 1059.020946] should_fail.cold+0x5/0xa [ 1059.021421] ? create_object.isra.0+0x3a/0xa30 [ 1059.021974] should_failslab+0x5/0x20 [ 1059.022436] kmem_cache_alloc+0x5b/0x310 [ 1059.022933] create_object.isra.0+0x3a/0xa30 [ 1059.023475] kmemleak_alloc_percpu+0xa0/0x100 [ 1059.024034] pcpu_alloc+0x4e2/0x1240 [ 1059.024496] __percpu_counter_init+0x10d/0x2d0 [ 1059.025062] io_uring_alloc_task_context+0xcc/0x6a0 [ 1059.025673] ? io_import_iovec+0x1120/0x1120 [ 1059.026212] ? lock_downgrade+0x6d0/0x6d0 [ 1059.026711] ? do_raw_spin_lock+0x121/0x260 [ 1059.027234] ? rwlock_bug.part.0+0x90/0x90 [ 1059.027754] __io_uring_add_tctx_node+0x2c6/0x520 [ 1059.028341] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1059.028995] ? alloc_fd+0x2e7/0x670 [ 1059.029446] io_uring_setup+0x1fbb/0x2980 [ 1059.029956] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1059.030571] ? wait_for_completion_io+0x270/0x270 [ 1059.031168] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1059.031807] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1059.032441] do_syscall_64+0x33/0x40 [ 1059.032906] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1059.033525] RIP: 0033:0x7f943fb71b19 [ 1059.033976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1059.036212] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1059.037140] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 1059.037999] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1059.038859] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1059.039715] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1059.040582] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:28:40 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0xf0ffff, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:28:40 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x3000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:28:40 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x20bd17, 0x0, 0x1}, &(0x7f0000ff8000/0x2000)=nil, &(0x7f0000ff5000/0xb000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 13:28:40 executing program 3: r0 = timerfd_create(0x8, 0x0) kcmp(0xffffffffffffffff, 0x0, 0x5bbcbbdcd4bbec2d, r0, 0xffffffffffffffff) r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000080), 0x26000, 0x0) sendmsg$DEVLINK_CMD_SB_POOL_SET(r1, &(0x7f0000000140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000100)={&(0x7f00000002c0)={0x1c0, 0x0, 0x400, 0x70bd26, 0x25dfdbfe, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x6}, {0x6, 0x11, 0xffff}, {0x8, 0x13, 0x800}, {0x5, 0x14, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x8000}, {0x6, 0x11, 0x9}, {0x8, 0x13, 0x90}, {0x5, 0x14, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x437}, {0x6, 0x11, 0x1f}, {0x8, 0x13, 0x10000}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x5}, {0x6, 0x11, 0x7}, {0x8, 0x13, 0x2}, {0x5, 0x14, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x593f15ae}, {0x6, 0x11, 0xfff8}, {0x8, 0x13, 0xffffff15}, {0x5, 0x14, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x8}, {0x6, 0x11, 0x100}, {0x8, 0x13, 0x2}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x2}, {0x6, 0x11, 0x3}, {0x8, 0x13, 0x26}, {0x5}}]}, 0x1c0}, 0x1, 0x0, 0x0, 0x4000041}, 0x40000) r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r3, r2, 0x0, 0x100000001) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000002740), 0xffffffffffffffff) r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) sendmsg$ETHTOOL_MSG_EEE_SET(r4, &(0x7f0000002800)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x20, r5, 0x1, 0x0, 0x0, {0x9}, [@ETHTOOL_A_EEE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}]}]}, 0x20}}, 0x0) sendmsg$ETHTOOL_MSG_TSINFO_GET(r2, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x34, r5, 0x400, 0x70bd26, 0x25dfdbfb, {}, [@HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}]}, 0x34}}, 0x800) ioctl$HIDIOCSREPORT(r2, 0x400c4808, &(0x7f0000000040)={0x2, 0x2, 0x1000000}) [ 1059.086788] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 1059.089184] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:28:40 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x1000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1059.148795] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:28:55 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x4000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:28:55 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:28:55 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 49) 13:28:55 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 60) 13:28:55 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x4ba83fff) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:28:55 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) io_uring_enter(r0, 0x734, 0x4308, 0x2, &(0x7f0000000000)={[0x6]}, 0x8) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r1 = fsmount(0xffffffffffffffff, 0x1, 0xc) io_uring_enter(r1, 0x2dd1, 0x39b7, 0x0, &(0x7f0000000040)={[0x8]}, 0x8) 13:28:55 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x2000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:28:55 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r1, r0, 0x0, 0x100000001) openat(0xffffffffffffffff, &(0x7f0000000040)='\x00', 0x4200, 0x22) [ 1074.755709] FAULT_INJECTION: forcing a failure. [ 1074.755709] name failslab, interval 1, probability 0, space 0, times 0 [ 1074.758329] CPU: 0 PID: 7956 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1074.759877] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1074.761767] Call Trace: [ 1074.762363] dump_stack+0x107/0x167 [ 1074.763189] should_fail.cold+0x5/0xa [ 1074.764047] ? xas_alloc+0x336/0x440 [ 1074.764897] should_failslab+0x5/0x20 [ 1074.765754] kmem_cache_alloc+0x5b/0x310 [ 1074.766683] xas_alloc+0x336/0x440 [ 1074.767486] xas_create+0x34a/0x10d0 [ 1074.768333] ? kernel_text_address+0xf2/0x120 [ 1074.769360] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1074.770540] xas_store+0x8c/0x1c40 [ 1074.771354] __xa_store+0x164/0x2d0 [ 1074.772173] ? xa_delete_node+0x280/0x280 [ 1074.773123] ? trace_hardirqs_on+0x5b/0x180 [ 1074.774105] xa_store+0x31/0x50 [ 1074.774850] __io_uring_add_tctx_node+0x1cf/0x520 [ 1074.775937] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1074.777117] ? alloc_fd+0x2e7/0x670 [ 1074.777950] io_uring_setup+0x1fbb/0x2980 [ 1074.778898] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1074.780032] ? wait_for_completion_io+0x270/0x270 [ 1074.781173] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1074.782356] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1074.783520] do_syscall_64+0x33/0x40 [ 1074.784355] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1074.785510] RIP: 0033:0x7f55e908fb19 [ 1074.786350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1074.790498] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1074.792211] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 1074.793842] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1074.795451] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1074.797069] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1074.798675] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:28:55 executing program 1: r0 = syz_io_uring_setup(0x1b3a, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x40000000}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) [ 1074.817373] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 1074.826610] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:28:55 executing program 1: r0 = syz_io_uring_setup(0x5632, &(0x7f0000000000), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) [ 1074.903144] FAULT_INJECTION: forcing a failure. [ 1074.903144] name failslab, interval 1, probability 0, space 0, times 0 [ 1074.905484] CPU: 1 PID: 7971 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1074.906818] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1074.908402] Call Trace: [ 1074.908932] dump_stack+0x107/0x167 [ 1074.909626] should_fail.cold+0x5/0xa [ 1074.910360] ? create_object.isra.0+0x3a/0xa30 [ 1074.911236] should_failslab+0x5/0x20 [ 1074.911959] kmem_cache_alloc+0x5b/0x310 [ 1074.912734] create_object.isra.0+0x3a/0xa30 [ 1074.913610] kmemleak_alloc_percpu+0xa0/0x100 [ 1074.914471] pcpu_alloc+0x4e2/0x1240 [ 1074.915200] __percpu_counter_init+0x10d/0x2d0 [ 1074.916078] io_uring_alloc_task_context+0xcc/0x6a0 [ 1074.917050] ? io_import_iovec+0x1120/0x1120 [ 1074.917888] ? lock_downgrade+0x6d0/0x6d0 [ 1074.918668] ? do_raw_spin_lock+0x121/0x260 [ 1074.919503] ? rwlock_bug.part.0+0x90/0x90 [ 1074.920318] __io_uring_add_tctx_node+0x2c6/0x520 [ 1074.921249] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1074.922243] ? alloc_fd+0x2e7/0x670 [ 1074.922945] io_uring_setup+0x1fbb/0x2980 [ 1074.923746] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1074.924697] ? wait_for_completion_io+0x270/0x270 [ 1074.925658] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1074.926661] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1074.927638] do_syscall_64+0x33/0x40 [ 1074.928354] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1074.929348] RIP: 0033:0x7f943fb71b19 [ 1074.930039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1074.933495] RSP: 002b:00007f943d0c6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1074.934927] RAX: ffffffffffffffda RBX: 00007f943fc85020 RCX: 00007f943fb71b19 [ 1074.936275] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1074.937636] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1074.938984] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1074.940327] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:28:56 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x3000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:28:56 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x5000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:28:56 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_SAVE(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="2c00e14fb934030000000000000000050000050900020073797a310093007379000442a6a01da1bf3b9f024c112dc6b75dc5c63bf509562f4c8f813acd3542ea27dbd6c2648b24400804877760dc2e51f25879622130c30a2b4aca86ebf6c3644258f0917cc3e95be1ec542a4cdfacad30c723303e8586ce4892ad3732e972bdae7a86dc50f1acb9aad7031b6e4efe4bfe38f83387707b047f1e8209f1f58f3c6c0960889f1e1904a55c0e148dae02ebbf3bd334547bdae6e176cf4193d4af3a78e567db923d4148434a7f8e5bc9be5e7a4384a967ce76c29bfb00"/232], 0x2c}}, 0x1) r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}, 0x9800) sendfile(r2, r1, 0x0, 0x100000001) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(0xffffffffffffffff, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x2, 0x0, @fd_index=0x1, 0x0, 0x0}, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r3, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r4 = syz_io_uring_setup(0x7155, &(0x7f00000002c0)={0x0, 0x400, 0x0, 0x0, 0x0, 0x0, r1}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r7 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r7, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r7, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) fcntl$dupfd(r7, 0x406, r4) syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_CLOSE={0x13, 0x1, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0) r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r4, 0x0) syz_io_uring_submit(r8, r6, &(0x7f0000000100)=@IORING_OP_SEND={0x1a, 0x2, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000540)="305ab3aa195783d39633a3dc6ee7b162be1c47efcba2d3f0e24c8b3dcdce13a53c7c39af37088d1141563200892acab3929ea33e0a0000d48403f85d7e611bb89ccc4f709ddbeaa33a1bb13c6e2bc87f8e2f10cc26fe813f91095506cfb692dc2bf264bced4cd6ac5dc2f114eb1dac07c494a67c593f486953ff1b535c8b897d8b8d400eafda5a4d8bd269abc096a932833a9570e111a3cb69518e604bf8e7ffbedd27954b7fefe423b229520c19315fbbd2c19212d0e5fcebadf791516b70e7ea2dfd757708060b1f8e5414696577c4c12d3a6264e67b43dd16594eccc42a944c0b947cf6b6533448683f448c428d0f48adc09381503169e2be03eb6d213f7472adf74e36ebc42d72f8fbfe4a88036468440aaaef0def335ed30fd9af51bbbf596a20db42dd3314f01610fb020a63254eec57e63810e6a3a484d1d5b0e9c8bebcdf94556734956eefa2f12e5ac6437c", 0x150, 0x10}, 0x8001) syz_io_uring_submit(r3, r6, &(0x7f00000001c0)=@IORING_OP_OPENAT2={0x1c, 0x7, 0x0, r1, &(0x7f0000000140)={0x40003, 0x8, 0x4}, &(0x7f0000000180)='./file0\x00', 0x18, 0x0, 0x12345}, 0x5) [ 1074.988568] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 1074.993867] netlink: 'syz-executor.2': attribute type 16 has an invalid length. 13:28:56 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xff0f504b) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:28:56 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x4000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:28:56 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 61) 13:28:56 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x5010000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1075.106512] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 1075.109276] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 1075.114775] FAULT_INJECTION: forcing a failure. [ 1075.114775] name failslab, interval 1, probability 0, space 0, times 0 [ 1075.117475] CPU: 0 PID: 7992 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1075.119015] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1075.120891] Call Trace: [ 1075.121487] dump_stack+0x107/0x167 [ 1075.122311] should_fail.cold+0x5/0xa [ 1075.123176] ? xas_alloc+0x336/0x440 [ 1075.124018] should_failslab+0x5/0x20 [ 1075.124885] kmem_cache_alloc+0x5b/0x310 [ 1075.125804] xas_alloc+0x336/0x440 [ 1075.126607] xas_create+0x34a/0x10d0 [ 1075.127454] ? kernel_text_address+0xf2/0x120 [ 1075.128472] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1075.129667] xas_store+0x8c/0x1c40 [ 1075.130495] __xa_store+0x164/0x2d0 [ 1075.131318] ? xa_delete_node+0x280/0x280 [ 1075.132261] ? trace_hardirqs_on+0x5b/0x180 [ 1075.133263] xa_store+0x31/0x50 [ 1075.134008] __io_uring_add_tctx_node+0x1cf/0x520 [ 1075.135097] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1075.136274] ? alloc_fd+0x2e7/0x670 [ 1075.137116] io_uring_setup+0x1fbb/0x2980 [ 1075.138057] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1075.139200] ? wait_for_completion_io+0x270/0x270 [ 1075.140312] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1075.141501] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1075.142662] do_syscall_64+0x33/0x40 [ 1075.143517] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1075.144673] RIP: 0033:0x7f55e908fb19 [ 1075.145524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1075.149672] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1075.151378] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 1075.152988] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1075.154579] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1075.156192] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1075.157805] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:28:56 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0x0, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:29:10 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x2, 0x0, @fd_index=0x1, 0x0, 0x0}, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) r4 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r5, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r5, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r6 = fcntl$dupfd(r5, 0x406, r4) ioctl$FS_IOC_FIEMAP(r6, 0xc020660b, &(0x7f00000002c0)={0x1f, 0x2, 0x1, 0x25, 0x4, [{0x0, 0xd8f, 0x5, '\x00', 0x86}, {0xcb3, 0x8, 0x6, '\x00', 0x4}, {0x0, 0x7ff, 0x9ff, '\x00', 0x802}, {0x5, 0x4f2b, 0x5, '\x00', 0x2801}]}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r4, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r6, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r4, {0x1ff}}, './file0\x00'}) io_uring_enter(r4, 0x58ab, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, 0x0) syz_io_uring_submit(r7, 0x0, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) r8 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r8, 0x9, 0x0, 0x0) syz_io_uring_submit(r7, 0x0, &(0x7f00000000c0)=@IORING_OP_OPENAT={0x12, 0x1, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x402, 0x23456, {0x0, r9}}, 0x80000000) syz_io_uring_submit(r1, 0x0, &(0x7f0000000040)=@IORING_OP_SPLICE={0x1e, 0x0, 0x0, @fd=r3, 0x0, {0x0, r4}, 0x4, 0x5, 0x1, {0x0, r9, r0}}, 0x4) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 13:29:10 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0xfc093f6e0aefc681) r3 = openat$hpet(0xffffffffffffff9c, &(0x7f00000000c0), 0x101140, 0x0) r4 = syz_io_uring_setup(0x132, &(0x7f0000000180)={0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, r3}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r5, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r5, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) fcntl$dupfd(r5, 0x406, r4) fcntl$dupfd(r5, 0x0, r1) sendfile(r2, r0, 0x0, 0x100000001) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x200000f, 0x4010, 0xffffffffffffffff, 0x869ed000) 13:29:10 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x6000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:29:10 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 50) 13:29:10 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:29:10 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 62) 13:29:10 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xff3f504b) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) [ 1088.932455] FAULT_INJECTION: forcing a failure. [ 1088.932455] name failslab, interval 1, probability 0, space 0, times 0 [ 1088.933831] CPU: 0 PID: 8016 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1088.934659] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1088.935602] Call Trace: 13:29:10 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x5000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1088.935909] dump_stack+0x107/0x167 [ 1088.936431] should_fail.cold+0x5/0xa [ 1088.936890] ? xas_alloc+0x336/0x440 [ 1088.937341] should_failslab+0x5/0x20 [ 1088.937783] kmem_cache_alloc+0x5b/0x310 [ 1088.938267] xas_alloc+0x336/0x440 [ 1088.938692] xas_create+0x34a/0x10d0 [ 1088.939143] ? kernel_text_address+0xf2/0x120 [ 1088.939678] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1088.940299] xas_store+0x8c/0x1c40 [ 1088.940709] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 1088.941598] __xa_store+0x164/0x2d0 [ 1088.942034] ? xa_delete_node+0x280/0x280 [ 1088.942529] ? trace_hardirqs_on+0x5b/0x180 [ 1088.943049] xa_store+0x31/0x50 [ 1088.943441] __io_uring_add_tctx_node+0x1cf/0x520 [ 1088.944008] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1088.944622] ? io_uring_setup+0x13c4/0x2980 [ 1088.945146] ? io_uring_setup+0x13d1/0x2980 [ 1088.945651] io_uring_setup+0x1fbb/0x2980 [ 1088.946128] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1088.946720] ? wait_for_completion_io+0x270/0x270 [ 1088.947311] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1088.947935] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1088.948545] do_syscall_64+0x33/0x40 [ 1088.948982] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1088.949584] RIP: 0033:0x7f55e908fb19 [ 1088.950033] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1088.952214] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1088.953125] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 1088.953973] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1088.954815] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1088.955670] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1088.956528] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1088.958638] FAULT_INJECTION: forcing a failure. [ 1088.958638] name failslab, interval 1, probability 0, space 0, times 0 [ 1088.960012] CPU: 0 PID: 8011 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1088.960794] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1088.961828] Call Trace: [ 1088.962129] dump_stack+0x107/0x167 [ 1088.962556] should_fail.cold+0x5/0xa [ 1088.963009] ? io_wq_create+0xeb/0xc00 [ 1088.963458] should_failslab+0x5/0x20 [ 1088.963901] __kmalloc+0x72/0x390 [ 1088.964308] io_wq_create+0xeb/0xc00 [ 1088.964749] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1088.965352] ? io_import_iovec+0x1120/0x1120 [ 1088.965875] ? io_apoll_task_func+0x2d0/0x2d0 [ 1088.966402] ? __io_req_find_next+0x300/0x300 [ 1088.966930] ? do_raw_spin_lock+0x121/0x260 [ 1088.967434] ? rwlock_bug.part.0+0x90/0x90 [ 1088.967944] __io_uring_add_tctx_node+0x2c6/0x520 [ 1088.968518] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1088.969163] ? alloc_fd+0x2e7/0x670 [ 1088.969604] io_uring_setup+0x1fbb/0x2980 [ 1088.970115] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1088.970706] ? wait_for_completion_io+0x270/0x270 [ 1088.971292] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1088.971889] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1088.972492] do_syscall_64+0x33/0x40 [ 1088.972942] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1088.973535] RIP: 0033:0x7f943fb71b19 [ 1088.973983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1088.976150] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1088.977057] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 1088.977897] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1088.978734] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1088.979593] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1088.980442] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1088.981599] netlink: 'syz-executor.2': attribute type 16 has an invalid length. 13:29:10 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x7000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:29:10 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x6000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:29:10 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xff3fa84b) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:29:10 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 51) 13:29:10 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 63) [ 1089.065927] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 1089.067492] netlink: 'syz-executor.2': attribute type 16 has an invalid length. 13:29:10 executing program 1: r0 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r3, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) r4 = syz_open_dev$vcsa(&(0x7f0000000000), 0xffff, 0x800) ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f0000000240)=0x0) sendmsg$nl_generic(r4, &(0x7f0000000600)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={&(0x7f00000003c0)={0x1c4, 0x2d, 0x1, 0x70bd25, 0x25dfdbfd, {0x1f}, [@nested={0x1ad, 0x25, 0x0, 0x1, [@typed={0x8, 0x71, 0x0, 0x0, @uid=0xffffffffffffffff}, @typed={0x8, 0x3f, 0x0, 0x0, @fd=r3}, @typed={0x8, 0x58, 0x0, 0x0, @uid=0xffffffffffffffff}, @typed={0x8, 0x76, 0x0, 0x0, @pid=r5}, @typed={0x8, 0x91, 0x0, 0x0, @ipv4=@empty}, @generic="30b2dd3d1a99e3de43852555f647f1d912fd963eb21d0f8780953e5d2198c7efe4f15743e13c0588344867e31cd2f0f5bd8e4b02b37023b5cf4ff978b630a4285de7119d21ecc297ba9ef7b9e38e232d77", @generic="7ca692bb3d06bac5203663e35510a5a458816ec758da4093414b77d4149ec8e829ae54be39ecbca83a43def31413b5f7e791cebbaa04d9c089b4f775d800c2f72abc576bcd", @generic="42abbb416107635b4b9a41035f24d10fe09e123e68a577f6b92b5953f72a60b715e21bc718012443f77ee5d13cbb771551f1e8ea6d17decdf8cd202a27b90bdc1aedd12725ce9d76edd08769948ec4f3c3acb2bb30860c87046cb628eb2cb6e3e9c1750336a4b479f5cf6a1322c8dc2a0c7eb7342295da3c6ce62ee01f75297d53ac4d6437d6bb6b2d7ccdd37447059271bfbe2e31afa25c825185ee8e398f4c6539305e435e6ad6a4fb75c72e65ff6fad868a9df863da512dbc28fdf6a931adaed4c350140b65b3134990fe893806bf008bed495c5bfa7197a229bcf1d91adaf4f895ce62674f826f9cb0"]}]}, 0x1c4}, 0x1, 0x0, 0x0, 0x4000}, 0x1) connect(r3, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r6 = fcntl$dupfd(r3, 0x406, r0) ioctl$FS_IOC_FIEMAP(r6, 0xc020660b, &(0x7f00000002c0)={0x1f, 0x2, 0x1, 0x25, 0x4, [{0x0, 0xd8f, 0x5, '\x00', 0x86}, {0xcb3, 0x8, 0x6, '\x00', 0x4}, {0x0, 0x7ff, 0x9ff, '\x00', 0x802}, {0x5, 0x4f2b, 0x5, '\x00', 0x2801}]}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file0\x00'}) io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000680)=@IORING_OP_FILES_UPDATE={0x14, 0x5, 0x0, 0x0, 0x2, &(0x7f0000000640)=[0xffffffffffffffff, 0xffffffffffffffff, r3, 0xffffffffffffffff, 0xffffffffffffffff], 0x5, 0x0, 0x1, {0x0, r7}}, 0x7ff) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r6, 0xc018937d, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="ff01000000000000bf2f66696c653000"]) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1000002, 0x12, r0, 0x92ec5000) r8 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r8, 0x0) [ 1089.096510] FAULT_INJECTION: forcing a failure. [ 1089.096510] name failslab, interval 1, probability 0, space 0, times 0 [ 1089.097859] CPU: 0 PID: 8039 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1089.098677] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1089.099672] Call Trace: [ 1089.099966] dump_stack+0x107/0x167 [ 1089.100397] should_fail.cold+0x5/0xa [ 1089.100846] ? io_wq_create+0xeb/0xc00 [ 1089.101316] should_failslab+0x5/0x20 [ 1089.101738] __kmalloc+0x72/0x390 [ 1089.102135] io_wq_create+0xeb/0xc00 [ 1089.102565] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1089.103142] ? io_import_iovec+0x1120/0x1120 [ 1089.103653] ? io_apoll_task_func+0x2d0/0x2d0 [ 1089.104161] ? __io_req_find_next+0x300/0x300 [ 1089.104651] ? do_raw_spin_lock+0x121/0x260 [ 1089.105096] FAULT_INJECTION: forcing a failure. [ 1089.105096] name failslab, interval 1, probability 0, space 0, times 0 [ 1089.105172] ? rwlock_bug.part.0+0x90/0x90 [ 1089.105191] __io_uring_add_tctx_node+0x2c6/0x520 [ 1089.108608] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1089.109236] ? alloc_fd+0x2e7/0x670 [ 1089.109667] io_uring_setup+0x1fbb/0x2980 [ 1089.110144] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1089.110743] ? wait_for_completion_io+0x270/0x270 [ 1089.111308] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1089.111923] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1089.112510] do_syscall_64+0x33/0x40 [ 1089.112936] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1089.113541] RIP: 0033:0x7f943fb71b19 [ 1089.113973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1089.115968] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1089.116830] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 1089.117607] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1089.118450] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1089.119275] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1089.120115] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1089.120984] CPU: 1 PID: 8041 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1089.122480] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1089.124272] Call Trace: 13:29:10 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x7000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1089.124834] dump_stack+0x107/0x167 [ 1089.125734] should_fail.cold+0x5/0xa [ 1089.126571] ? create_object.isra.0+0x3a/0xa30 [ 1089.127548] should_failslab+0x5/0x20 [ 1089.128372] kmem_cache_alloc+0x5b/0x310 [ 1089.129257] ? mark_held_locks+0x9e/0xe0 [ 1089.130129] create_object.isra.0+0x3a/0xa30 [ 1089.131067] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1089.132156] kmem_cache_alloc+0x159/0x310 [ 1089.133059] xas_alloc+0x336/0x440 [ 1089.133821] xas_create+0x34a/0x10d0 [ 1089.134620] ? kernel_text_address+0xf2/0x120 [ 1089.135583] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1089.136683] xas_store+0x8c/0x1c40 [ 1089.137463] __xa_store+0x164/0x2d0 [ 1089.138225] ? xa_delete_node+0x280/0x280 [ 1089.139108] ? trace_hardirqs_on+0x5b/0x180 [ 1089.140019] xa_store+0x31/0x50 [ 1089.140712] __io_uring_add_tctx_node+0x1cf/0x520 [ 1089.141731] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1089.142822] ? alloc_fd+0x2e7/0x670 [ 1089.143592] io_uring_setup+0x1fbb/0x2980 [ 1089.144468] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1089.145547] ? wait_for_completion_io+0x270/0x270 [ 1089.146602] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1089.147707] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1089.148794] do_syscall_64+0x33/0x40 [ 1089.149590] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1089.150662] RIP: 0033:0x7f55e908fb19 [ 1089.151452] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1089.155328] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1089.156467] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 1089.156961] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 1089.156974] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1089.156986] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1089.157002] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1089.163794] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:29:21 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:29:21 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xffff8000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:29:21 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 64) 13:29:21 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x9000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:29:21 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x80, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r1, r0, 0x0, 0x100000001) 13:29:21 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x9000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:29:21 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_setup(0x3c54, &(0x7f0000000000)={0x0, 0x1d81, 0x10, 0x1, 0x3d2, 0x0, r0}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000080), &(0x7f00000000c0)=0x0) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0xe735}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, 0x0) syz_io_uring_submit(r3, 0x0, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) r4 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, 0x0, &(0x7f00000000c0)=@IORING_OP_OPENAT={0x12, 0x1, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x402, 0x23456, {0x0, r5}}, 0x80000000) io_uring_enter(0xffffffffffffffff, 0x292f, 0xec48, 0x1, &(0x7f0000000240)={[0x97]}, 0x8) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_FADVISE={0x18, 0x1, 0x0, @fd=r0, 0x2, 0x0, 0x5, 0x4, 0x0, {0x0, r5}}, 0x7) [ 1100.888030] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 1100.891303] FAULT_INJECTION: forcing a failure. [ 1100.891303] name failslab, interval 1, probability 0, space 0, times 0 [ 1100.893697] CPU: 1 PID: 8060 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1100.895126] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1100.896863] Call Trace: [ 1100.897430] dump_stack+0x107/0x167 [ 1100.898195] should_fail.cold+0x5/0xa [ 1100.898988] ? xas_alloc+0x336/0x440 [ 1100.899764] should_failslab+0x5/0x20 [ 1100.900560] kmem_cache_alloc+0x5b/0x310 [ 1100.901427] xas_alloc+0x336/0x440 [ 1100.902179] xas_create+0x34a/0x10d0 [ 1100.902968] ? kernel_text_address+0xf2/0x120 [ 1100.903917] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1100.905033] xas_store+0x8c/0x1c40 [ 1100.905794] __xa_store+0x164/0x2d0 [ 1100.906559] ? xa_delete_node+0x280/0x280 [ 1100.907431] ? trace_hardirqs_on+0x5b/0x180 [ 1100.908341] xa_store+0x31/0x50 [ 1100.909040] __io_uring_add_tctx_node+0x1cf/0x520 [ 1100.910045] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1100.911142] ? alloc_fd+0x2e7/0x670 [ 1100.911917] io_uring_setup+0x1fbb/0x2980 [ 1100.912789] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1100.913864] ? wait_for_completion_io+0x270/0x270 [ 1100.914909] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1100.916006] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1100.917095] do_syscall_64+0x33/0x40 [ 1100.917881] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1100.918975] RIP: 0033:0x7f55e908fb19 [ 1100.919753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1100.923632] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1100.925239] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 1100.926725] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1100.928219] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1100.929722] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1100.931226] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1100.939364] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 1100.947444] FAULT_INJECTION: forcing a failure. [ 1100.947444] name failslab, interval 1, probability 0, space 0, times 0 [ 1100.948764] CPU: 0 PID: 8072 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1100.949550] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1100.950496] Call Trace: [ 1100.950805] dump_stack+0x107/0x167 [ 1100.951228] should_fail.cold+0x5/0xa [ 1100.951671] ? io_wq_create+0x6ef/0xc00 [ 1100.952129] should_failslab+0x5/0x20 [ 1100.952566] kmem_cache_alloc_node_trace+0x59/0x340 [ 1100.953151] io_wq_create+0x6ef/0xc00 [ 1100.953593] io_uring_alloc_task_context+0x1f1/0x6a0 13:29:21 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 52) 13:29:22 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x800000000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) [ 1100.954178] ? io_import_iovec+0x1120/0x1120 [ 1100.954816] ? io_apoll_task_func+0x2d0/0x2d0 [ 1100.955327] ? __io_req_find_next+0x300/0x300 [ 1100.955845] ? do_raw_spin_lock+0x121/0x260 [ 1100.956339] ? rwlock_bug.part.0+0x90/0x90 [ 1100.956826] __io_uring_add_tctx_node+0x2c6/0x520 [ 1100.957391] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1100.957990] ? alloc_fd+0x2e7/0x670 [ 1100.958413] io_uring_setup+0x1fbb/0x2980 [ 1100.958892] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1100.959475] ? wait_for_completion_io+0x270/0x270 [ 1100.960041] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1100.960640] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1100.961244] do_syscall_64+0x33/0x40 [ 1100.961669] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1100.962223] RIP: 0033:0x7f943fb71b19 [ 1100.962649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1100.964627] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1100.965517] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 1100.966303] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1100.967069] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1100.967834] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1100.968596] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:29:22 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0xf000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:29:22 executing program 3: r0 = openat2(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x20a002, 0x4a, 0x4}, 0x18) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000240)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @link_local}, 0x14) r3 = socket$packet(0x11, 0x2, 0x300) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'veth1_macvtap\x00', 0x0}) bind$packet(r3, &(0x7f0000000240)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @link_local}, 0x14) sendmsg$TEAM_CMD_NOOP(r0, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000002c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="74010000", @ANYRES16=0x0, @ANYBLOB="000126bd7000fbdbdf250000000011000100f706602d014e0496f9a020edbf62b0a315ad02374178d7778da0d703", @ANYRES32=r2, @ANYBLOB="5801028038000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000500030003000000080004000200000038000100000001006e6f746966795f70656572735f636f756e740000000000000000000000000000000003000300000000000400000000008a0001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004009b04000008000600", @ANYRES32=r5, @ANYBLOB="64000100240001006270665f379b686173685f66756e6300000000000000000000000000000000000000050003000b00000034000400ff0707020104000008004006920000000900ff5c0300000004003f0508000000920000ff0f030000da000608ff03000040000100240001006c625f686173685f7374617473000000000000000000000000000000000000005b41bb107133158c754a2fa8050003000b0000000800382837c9541fd6280e16af5463132d91a693c57dbf2690a15490f5cab6199c0e6339cedd167ace6d"], 0x174}, 0x1, 0x0, 0x0, 0x20008011}, 0x5e3ff4025a43438e) r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r6, 0xc028660f, &(0x7f0000000080)={0x0, r6}) r7 = socket$packet(0x11, 0x2, 0x300) r8 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000140)={'lo\x00', 0x0}) bind$packet(r7, &(0x7f0000000240)={0x11, 0x0, r9, 0x1, 0x0, 0x6, @link_local}, 0x14) ioctl$sock_inet6_SIOCDIFADDR(r6, 0x8936, &(0x7f0000000340)={@mcast2, 0x6e, r9}) r10 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r11, r10, 0x0, 0x100000001) 13:29:22 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0xf000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1101.021328] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 1101.044601] netlink: 'syz-executor.2': attribute type 16 has an invalid length. 13:29:22 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x1000000000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:29:22 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x1c000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:29:22 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0xfffffffc, 0x0, 0x0, 0xffffffff}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) [ 1101.087710] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:29:22 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x10000000000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:29:40 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000), 0x84800) r1 = open_tree(r0, &(0x7f0000000040)='./file0\x00', 0x8800) r2 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r3, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r3, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x0, 0x0, 0x2}, 0x80) r4 = fcntl$dupfd(r3, 0x406, r2) ioctl$FS_IOC_FIEMAP(r4, 0xc020660b, &(0x7f00000004c0)=ANY=[@ANYBLOB="1f0000000000000002000000000000000100000025000000040000000000000000000000000000008f0d000000000000050000000000000000000000000000000000000000000000860000000000000000000000e0ffffffb30c0000000000000800000000000000060000000000000000000000000000000000000000000000040000000000000000312142197dbbe6a8b36c000000000000000000000000000000ff07000000000000ff09000000000000000000000000000000000000000000000208000000000000000000000000000005000000000000002b4f000000000000050000000000000000000000000000000000000000000000012800000000000000000000000000008fd8ab357339ae47e3a0bed930f2a486db0bdc6b0d3401cb9305a92b786606ddbafac87458b16c4c40da4cb4cf02c5b5b401fc23826bc585a16acd5f1c2fd60a05acdd4132e11d531bdb0e741dda1efa6fa6f5299831fb59213b0164c3cb14faa8ada46777b571752a9790ce9d8e1a9f4e14068bb29d0b1d2b5bcc27b6fb933e363083b2c69448051ca20275f8268a2735b8446647f39966b18875fea8638b7b937eb98ae1cf04d2d9454678e8bf0f43195c3ae6458bf4ce216e88384fee8e9dcb630d65d8d2362fb0cfaaf7a4"]) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r4, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r2, {0x1ff}}, './file0\x00'}) io_uring_enter(r2, 0x58ab, 0x0, 0x0, 0x0, 0x0) sendfile(r1, r2, 0x0, 0xc9) 13:29:40 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x1c000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:29:40 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:29:40 executing program 1: llistxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=""/222, 0xde) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 13:29:40 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 65) 13:29:40 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xffffffffffffb) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:29:40 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x32010000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:29:40 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 53) [ 1119.046392] FAULT_INJECTION: forcing a failure. [ 1119.046392] name failslab, interval 1, probability 0, space 0, times 0 [ 1119.048962] CPU: 1 PID: 8114 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1119.050508] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1119.052481] Call Trace: [ 1119.053119] dump_stack+0x107/0x167 [ 1119.053986] should_fail.cold+0x5/0xa [ 1119.054875] ? create_object.isra.0+0x3a/0xa30 [ 1119.055934] should_failslab+0x5/0x20 [ 1119.056837] kmem_cache_alloc+0x5b/0x310 [ 1119.057797] ? io_wq_create+0x114/0xc00 [ 1119.058715] create_object.isra.0+0x3a/0xa30 [ 1119.059752] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1119.059862] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 1119.060877] kmem_cache_alloc_node_trace+0x16d/0x340 [ 1119.060907] io_wq_create+0x6ef/0xc00 [ 1119.064558] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1119.065730] ? io_import_iovec+0x1120/0x1120 [ 1119.066756] ? io_apoll_task_func+0x2d0/0x2d0 [ 1119.067805] ? __io_req_find_next+0x300/0x300 [ 1119.068839] ? do_raw_spin_lock+0x121/0x260 [ 1119.069576] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 1119.069886] ? rwlock_bug.part.0+0x90/0x90 [ 1119.069922] __io_uring_add_tctx_node+0x2c6/0x520 [ 1119.073140] FAULT_INJECTION: forcing a failure. [ 1119.073140] name failslab, interval 1, probability 0, space 0, times 0 [ 1119.073515] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1119.077059] ? alloc_fd+0x2e7/0x670 [ 1119.077914] io_uring_setup+0x1fbb/0x2980 [ 1119.078881] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1119.080057] ? wait_for_completion_io+0x270/0x270 [ 1119.081190] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1119.082395] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1119.083545] do_syscall_64+0x33/0x40 [ 1119.084381] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1119.085558] RIP: 0033:0x7f943fb71b19 [ 1119.086435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1119.090772] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1119.092555] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 1119.094243] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1119.095902] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1119.097571] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1119.099242] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1119.100917] CPU: 0 PID: 8125 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1119.102375] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1119.104136] Call Trace: [ 1119.104708] dump_stack+0x107/0x167 [ 1119.105488] should_fail.cold+0x5/0xa [ 1119.106298] ? xas_alloc+0x336/0x440 [ 1119.107094] should_failslab+0x5/0x20 [ 1119.107913] kmem_cache_alloc+0x5b/0x310 [ 1119.108784] xas_alloc+0x336/0x440 [ 1119.109557] xas_create+0x34a/0x10d0 [ 1119.110350] ? kernel_text_address+0xf2/0x120 [ 1119.111305] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1119.112410] xas_store+0x8c/0x1c40 [ 1119.113184] __xa_store+0x164/0x2d0 [ 1119.113956] ? xa_delete_node+0x280/0x280 [ 1119.114833] ? trace_hardirqs_on+0x5b/0x180 [ 1119.115748] xa_store+0x31/0x50 [ 1119.116455] __io_uring_add_tctx_node+0x1cf/0x520 [ 1119.117480] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1119.118584] ? alloc_fd+0x2e7/0x670 [ 1119.119371] io_uring_setup+0x1fbb/0x2980 [ 1119.120259] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1119.121349] ? wait_for_completion_io+0x270/0x270 [ 1119.122387] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1119.123496] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1119.124582] do_syscall_64+0x33/0x40 [ 1119.125371] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1119.126448] RIP: 0033:0x7f55e908fb19 [ 1119.127234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1119.131119] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1119.132727] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 1119.134242] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1119.135751] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1119.137256] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1119.138752] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:29:40 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x48000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:29:40 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x48000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:29:40 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r2, r0, 0x0, 0x100000001) ioctl$EXT4_IOC_CHECKPOINT(r1, 0x4004662b, &(0x7f0000000040)) 13:29:40 executing program 1: r0 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f0000000400)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x14, 0x0, 0x4, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4008040}, 0x400c4) connect(r1, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r2 = fcntl$dupfd(r1, 0x406, r0) ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f0000000480)=ANY=[@ANYBLOB="1f0000000000000002000000000000000100000025000000040000000000000000000000000000008f0d0000000000000b000000000000000000000000000000000000000000000086000000000000000000000000000000b30c0000000000000800000000000000060000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000ff07000000000000ff09000200000000000000000000000000000000000000000208000000000000000000000000000005000000000000002b4f000000000000050000000000000000000000000000000000859b1119ef000000000000012800"/261]) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r2, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0x1ff}}, './file0\x00'}) stat(&(0x7f0000001cc0)='.\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r3, 0x0) write$P9_RGETATTR(r2, &(0x7f0000000000)={0xa0, 0x19, 0x2, {0x80, {0x10, 0x4}, 0x2, r3, 0x0, 0x1, 0x100000001, 0x7, 0x2, 0x101, 0x5, 0x1, 0xa40, 0x0, 0x101, 0x1, 0xffffffffffffffff, 0x9, 0x6, 0x7}}, 0xa0) r4 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x5722, 0x20, 0xfffffffe, 0x2227, 0x0, r2}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000300), &(0x7f0000000440)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r4, 0x0) [ 1119.244023] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 1119.261440] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:29:40 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x40000000000000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:29:40 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x4c000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:29:40 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r1, r0, 0x0, 0x100000001) r2 = syz_open_dev$mouse(&(0x7f00000000c0), 0x8, 0x200) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x210000, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000}, {@version_L}, {@posixacl}, {@debug={'debug', 0x3d, 0x5}}, {@fscache}, {@version_L}, {@dfltgid={'dfltgid', 0x3d, 0xffffffffffffffff}}], [{@smackfstransmute={'smackfstransmute', 0x3d, '-\n'}}, {@dont_hash}, {@fsname={'fsname', 0x3d, ']\\\'.;@,/%'}}, {@euid_eq={'euid', 0x3d, 0xffffffffffffffff}}, {@fowner_lt={'fowner<', 0xee01}}, {@mask={'mask', 0x3d, 'MAY_EXEC'}}, {@appraise_type}]}}) [ 1119.297987] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8140 comm=syz-executor.1 [ 1119.313877] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=537 sclass=netlink_route_socket pid=8140 comm=syz-executor.1 13:29:40 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x4c000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1119.335036] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=537 sclass=netlink_route_socket pid=8140 comm=syz-executor.1 13:29:40 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 54) [ 1119.365714] netlink: 'syz-executor.2': attribute type 16 has an invalid length. 13:29:40 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x2fd264d521385ef6) sendfile(r1, r0, 0x0, 0x100000001) [ 1119.392795] FAULT_INJECTION: forcing a failure. [ 1119.392795] name failslab, interval 1, probability 0, space 0, times 0 [ 1119.394164] CPU: 1 PID: 8152 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1119.394955] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1119.395931] Call Trace: [ 1119.396245] dump_stack+0x107/0x167 [ 1119.396325] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 1119.396674] should_fail.cold+0x5/0xa [ 1119.398729] ? __io_uring_add_tctx_node+0x15c/0x520 [ 1119.399311] should_failslab+0x5/0x20 [ 1119.399754] kmem_cache_alloc_trace+0x55/0x320 [ 1119.400285] __io_uring_add_tctx_node+0x15c/0x520 [ 1119.400847] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1119.401467] ? alloc_fd+0x2e7/0x670 [ 1119.401898] io_uring_setup+0x1fbb/0x2980 [ 1119.402387] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1119.402983] ? wait_for_completion_io+0x270/0x270 [ 1119.403552] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1119.404158] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1119.404754] do_syscall_64+0x33/0x40 [ 1119.405196] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1119.405787] RIP: 0033:0x7f943fb71b19 [ 1119.406218] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1119.408324] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1119.409208] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 1119.410028] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1119.410850] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1119.411670] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1119.412491] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:29:54 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 55) 13:29:54 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x68000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:29:54 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 13:29:54 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x60000000000000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:29:54 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 66) 13:29:54 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x5d180000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:29:54 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, 0x0, 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:29:54 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0xa0480, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) fcntl$setlease(r1, 0x400, 0x1) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r3, 0xc028660f, &(0x7f0000000080)={0x0, r3}) fcntl$setflags(r3, 0x2, 0x0) [ 1133.315510] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 1133.354454] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:29:54 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) sendfile(r1, r0, 0x0, 0x100000001) r2 = accept$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @private}, &(0x7f0000000100)=0x10) fcntl$F_GET_FILE_RW_HINT(r2, 0x40d, &(0x7f0000000140)) r3 = inotify_init1(0x80000) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x30082, 0x0) openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0x1d1200, 0x0) inotify_add_watch(r0, &(0x7f00000001c0)='./file0\x00', 0x41000156) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r3, 0xf501, 0x0) [ 1133.371184] FAULT_INJECTION: forcing a failure. [ 1133.371184] name failslab, interval 1, probability 0, space 0, times 0 [ 1133.374029] CPU: 0 PID: 8181 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1133.375699] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1133.377731] Call Trace: [ 1133.378379] dump_stack+0x107/0x167 [ 1133.379273] should_fail.cold+0x5/0xa [ 1133.380209] ? create_object.isra.0+0x3a/0xa30 [ 1133.381333] should_failslab+0x5/0x20 [ 1133.382269] kmem_cache_alloc+0x5b/0x310 [ 1133.383272] create_object.isra.0+0x3a/0xa30 [ 1133.384501] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1133.385809] kmem_cache_alloc_trace+0x151/0x320 [ 1133.386995] __io_uring_add_tctx_node+0x15c/0x520 [ 1133.388196] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1133.389524] ? alloc_fd+0x2e7/0x670 [ 1133.390429] io_uring_setup+0x1fbb/0x2980 [ 1133.391469] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1133.392709] ? wait_for_completion_io+0x270/0x270 [ 1133.393929] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1133.395217] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1133.396500] do_syscall_64+0x33/0x40 [ 1133.397422] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1133.398682] RIP: 0033:0x7f943fb71b19 [ 1133.399596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1133.404151] RSP: 002b:00007f943d0c6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1133.406032] RAX: ffffffffffffffda RBX: 00007f943fc85020 RCX: 00007f943fb71b19 [ 1133.407796] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1133.409576] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1133.411323] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1133.413066] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:29:54 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x2, 0x0, @fd_index=0x1, 0x0, 0x0}, 0x0) r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x4, 0x70, r0, 0x10000000) r4 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) munmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r5, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r5, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r6 = fcntl$dupfd(r5, 0x406, r4) ioctl$FS_IOC_FIEMAP(r6, 0xc020660b, &(0x7f00000002c0)={0x1f, 0x2, 0x1, 0x25, 0x4, [{0x0, 0xd8f, 0x5, '\x00', 0x86}, {0xcb3, 0x8, 0x6, '\x00', 0x4}, {0x0, 0x7ff, 0x9ff, '\x00', 0x802}, {0x5, 0x4f2b, 0x5, '\x00', 0x2801}]}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r4, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r6, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r4, {0x1ff}}, './file0\x00'}) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, 0x0) syz_io_uring_submit(r7, 0x0, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) r8 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r8, 0x9, 0x0, 0x0) syz_io_uring_submit(r7, 0x0, &(0x7f00000000c0)=@IORING_OP_OPENAT={0x12, 0x1, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x402, 0x23456, {0x0, r9}}, 0x80000000) syz_io_uring_submit(r1, r3, &(0x7f0000000000)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r6, 0x0, &(0x7f0000000240)="2673ced8cf4bacb8f460c31c5870b677d6f94bc7221e53e6cade03a92b937c22e5d0eb47af353fdaba80009904bbd9531d6d721fb8399ffa9118e87641aaf316bf3d645717667da8522caca772a9dc9835b5525e54b1deed8e816967d90c46a36f9a538a1409d6da5dad09f90221c62e0cc8a39bad327ebfe375b057781ed6042628e1776f48a69cfd698ef2a85896eab35d4491303a0ed53de7728e125a7789bf1fd9c4828d4ccef3984b33a2ef1ecb8ebebca5ce092d641b39c20a051c325ff35c5e996e154411f0e4a5437cebf32fbb1097edfd01c1e271e1d7f6e2c9998929ae5b55e5d0eb658f770e91beb4884e4c72ca1d2540e477a292ca938e452fa3fb20901d13100cd776fc912bbd302a0044ddf921023674c37959609b6869822e0bb4751ee0e3cda09f1e3011f18ebfc59a9f4c1f0a65021bdaabb628aad56432f889e8e725268b8a544ad84da64af9b3a96e39e7b4e2deca73d8c656642bfa7a2f6daa18ef8952697e0521d60f4b2e8ecf62d912f0a546ec50470b2d7a6e15d1f81bd6b0a7626312ee13623194a62e947dd551d8090a983e087748a59f4fc44939e61d9ca6792bbe6c9738ccf273ee5a296007ae7680da21f575cafb58af6a19f607b953523177b086c3f7a50781921279fd982832795a4c6bec929c2fb17c9e897a50effe0ce9c81bace8e5150c1043ca3a12685a13a8bda7c52383f239c2d5b25b26431609f3335678b8509bdb04cfe0f9f490318266a78cf225a9649d417f9aa72882660aaa72a73b2fe4427838c5d171ecb63e78916cadf3401ce75409e2512e2a13fba12fec9a1b4fd3eb2eef96f22a5bb4700af5bd7b976d82277e1d202677460833619bd32b36f41ec71aa3d0737a35cd36426f1d4782ae4d698c6d145fbaa989482f7f006d51e00fe953c1323f6a3a8eea465cf42bd789a3dc88bdeed2e12d683f86b2ea6ab51ebb4e7be8f9ff8b45714e8466ba3fd6ff12d938175ef47ceb1cb84d5b37cffe6fcd1d1fdd76e199a36685d0f05b25371b70c4dd85b93a5a740871d81657b5fade3bf5c69c30fbcd0c80290de127b08e3bfb3f8d95cf62a3ff95f5a7e19c56f2f8c573110451936e00f54c436e0e6d1882bd6dcd3bf82b3e9363a57694568c3235a19557cdfd8f3194258327ec1c537f3112addb0161742cc6d1872add20e3bb84fed16fa255541b4b5053e018d17e64aede191ad1eab782486ec57ce26bb90dc32bb3527e62fe1f98493fa824142d8bd25d874a48ae85e99915b003e30e3b78949fdb285107b4abdab4ee4a4b5aab247a8be54d86babb27525fb475d1b13e042530eed63b665c0bc9e14b1e5025c3300c82e749f61766a9a434faa0eee5bf61ac0e5d08c6e7c0ce8fdbc1fe3aac7eda2ce93b32f0d592b74a4ac8e9e3df6e8869af16f272028e8b337e120a161ecefe9f7d8bb910d516186ab2f955cc4ebee85b2d6e2ee8bf306a527516cfc8d71220ee5174dd2afb594cc25326c4f4f4d264be893effdfb5f5c467c5dcffc200421ece655311f55677df2093316df008c93c64471ebd1fcb9c879421e530e885e6073f7638934555b17b5e625946136e4a36b549ba1eeab2e4ab137af12c236e5edfb627c9f4d1190926a2ff53e91acc4f5c6f14d5c00f1a1f719fd88d417091017b957bf3e40ba235dfbed6551e37e576fbf865bad4e478e517dcc36aaa334c48ac864dae0bf661dda314fc43e6f27c5cb74ed39d8a1a69929b76da7769bd36686eae159aca1d25a26957d70b41fea7fe5fea153cfd642f40cc45359125de0eb6f72c4537d3e144e4bbf47304c4f480d4edb9eef973b20f615b89b837600f0c24befb3466868ddc3b1b860ac3720798d581ee0b7052540c94fcb34724171f1a2cedd58267c4b9190f6accd99df35678fa215ac42cef41f023845f4aa01395a0960437a4d5b48d816f9b1d8ac8c7cc3f78dfccb3873de5d8c4b270aba6c7558087cdf42217f51615f1780fb8f08582afa094804c7e96f1604a9d4c262640066e4b816f1df0d7228346e64326036b62544d867a66ea963a5fbd812f12b66eefb54a25d911808bbe9bfb2d85a13f4d16ec590bd7399f2d6df48176ec53a467fa1f082e15d61ee6399f522cb127de5b78f8aefc0d893eecd2d1d17c1e4622569ca9cb78ebcf63c3b72057932cfaaa63d61d12db281b1b723a3d4fad9d409155eab8b0e070a037ef8b19b9069084582645cf6dd0cc583c2d6d4dabcbf64808fd1e8572016a293d6127e6c4df477c3107f78da3959dec75d9c747a542e8dee3b31125769a9ee57d3cc557098e37589f6c625489f132a6d2bd73bdecc2113359919ede6066304190b2383e258605976f9abc27e546573322f6aa0bda593debb7b386c5ce6ffad45d73ec693f6b307e931648cfaaafc98dda10a2be0adb082856ebf0495b8cfdb2f92febecda1ce38859cadd3aec006f932f6b3ea3470ea876cd63bb74cb1032a12e7046771b2375403dbf344a7c7743ea972d005911f2043f694eec7a744377016e498f08b090537364593c12a5c3dea5a3483b9c37335697a5deaf1fc99929d62612d417e164a9e02683d24670ffb40d2b51591db52fe008ee155cae3d1be6672259530fb703a3018907a41ce55d17a727a29168b30a14d9a10f16ad85cfdbd4c0561eac039ab6eda3d834e61330899859304b27b393466eb8af7987128425992c609aafd873ccd4a56029745f4e71a093e5becd3bd9ce29af8fb4e815bbc9bef8db10ba76a632dbde0e2b81e6283326c49e6410ed9fb5d19228b7ded4e2549f426891125a2865d1f0232b6928274085f0df08b09e4bc78950af4b6407e022868946812f1b56c799fc50125b094c5cb0371fd1911467499c80432d7fcbeb9534c1b9b1463f541907aacca23900eea96297a9a94d89dfa20ae2540f86377ed55f3162e337cabdd495e4bbca092aa1d3c8049407568eceb74e4821a2da7585d6d2f364f1ac496657be63660e0baa4ba52554f52a248cd549c55826b07095d02c7a6adec3e8fbdf05bf3c782c2989adeaf647fa946d59a1da47438d90e4c683d0c187e44a042d44189f95fe7fe657dedd61c69aae457bcfbbd5d2c4e69c76ca78af02bbcb82ac8355ff31a61d587eb2a73e98bf23b6fd5f85168ff034a21b850eb1638af66e9e24f8553ef47c41d00689265cb5257ed46c5bbe628e018bcf5868d037281e2e36a4e337240cd631ab5e13457c34525b8959427f4c8215e0ca0321b924248910fc45e5ddb3c812d82f957870446477bc22487d6ff39b15fec6fda1a392839584696d68fcd4bf8efb86a61205ca6f052b467234a2f8a02f96195d4201384b0b227a030ef40e7c6b1f52b9706d00f4bd029f4ea5c10d50e1834e224c136fe3fddbb5df49ad1f943856347375d0c2a67bfb1b5177aa9deb97f6c2b38411091c1275d1038201cb15d400e47b91fc13e102ff340e4c06b4f1acbc013e4600ba19aa65481ed145dc76e1ccfa8d729f5193237e8dc05cf70e4754a32759876795b66c2751b34c28eec3d747d3a51d67e1aeb2aa02e593b105b77b8ec6f59fb587f765fdf1a140011f8c0261d941f9fcb6f5f6590704ce93c7d9f5ebec741d0b218deec801bb35218d7803fc09fe29e558893476b0b21777066ba7e6bb8334bad8d677d2e487196d931e043d25068291829b3334d030f6b9ab202496dca92d9c4b4b9f21820d0b31f20bfb38e3750e7a2109dd208ac39f8e373cfc370ae7ed3226b23afd57b856508db08ae171f885e4bd193086bb58e92b022e1a70d509d3a633a6de45b8f0e75c6568f5c298957b89a51073a0448952ca226eef4986ba4e8560048d4c668ccdb06cc3fc5708a7649bf5e53e363b92e4296b8de7769c2608dd7d147b1e5e927f98703b70de511250cf622a23c5c82bfa90b67fa89ecba466a54c2cb3e0ef1a8428af849dd36da4576650353ce0cdad7713c60629792c51f0fbb78178a2dc5d04ff39e431749e94b3b5cb4543eb2786d2c412c21b1f8217af8c704ff7d39ba808556c83ac77ed44aa9070fd544b3e40467bfc94aad3968ed7babaa1ca6ad8b4681bc58252cff5efefa9d09ea6287ac48c58b308ecc63c052f329eaa1ad96670a152574a152ccc835732969e6e5c45d4284aeba3ae51df139b1768529d9af32454beeb912aa117e70f9d1639d224b8ed92e0fc95fe0e1fdb97b3d5b133eda4527d61478e8d4103f6274e791d072c9b0b4eda014d464b7955bad47ef2c0f416854003bda4e31bea12f7cb84f80f9770d63c1d8407323391d5245aeb74a0f5c94b2cc6a68a808d195da079874e2be8ee3c20391a5c419f12b4a41280fa9a85fe9ef25389a7d223069ff0418fdaff0563395412468e8859cd25fb496b376c949e74afc188e90aeec49f7e913b22f9f9b82e590d0de712736d8dfa3188d5fb45ec7f426608fef68315908a8db0b0fad26fa6472ff4bb6d3e4312fb1137be66a8e4afe61ad0b704f5c466ea88bcd221cb8c7de8a7bdfe31d0af003e30080d7053e45e42bb69f0e1d45862a51eb39c866ecbeadd00df0f27064b44845be9b55a5432c31e85ebf8cee2842d55b8bdb2d1beb144e1b59d43c59729f0284d00b41a5ee5f15cdc8a8b2fb843fe3977edaf797c4c00b14232d815b824beb92b71623ec8885832a18579cacac90c5fca6a5e15e47e1c154f3496d4074767e2007e159b9275bbec8cfc17b34946764f99f7bf31d617e2c85ee1701e6f4a0e7c6e560af95e98e3d2c44eb76cd96b1ef45e738ffd35c0990565403187d5922a45cbbdef02e9143c570992aabb8017c4f34a66c4b6c9f26392086c317823d5058b410f2853d72f73a58114252f0cd3f6c7c7567baa8e2fb674f9ddecd7860d73f35bd7b4a6bc7394d3542b6a761e155a91ae2e5c59ae942ada3e5013c478622f1c5fbf7d075f223305a38231de1cf63bee54f990ddd519bf1cd18dd8bf0ae7b360f363d88c372e52973800b36f921a8122bfeb6f1160330d3c487f38dd0fcbdf16a2ca8b496ca0a1bf9cd35d7a2ca0345ccf644487f6b51b382f368388eaa560c0347b9e4cb937fc7d5dddc1d8d7fd6fb65c1e8542369dc395eeda43622c9e014ace8bb8b3475c57e68603c58b098241d9016766a26934d40057cc80eafdaf9078e0d21485c780ed60abf0c1bea13232a4cc19e8d8f02534757165d34acd34bbd77444014ab468e5b71bb03e557ec2c5461b1c0f2eb6108386ec0f9c7efd31cf3f33ffc20f4903de77fce2e7da9c268c042e7dd1ae5eebcda1e03c3ddde3ab0f8c198429a2462dd690e33d4797d908edbdcd10ba4f76056a63f95ef070222ef24c25136038c284ffdaed8992cd8470d23c1dc684a318b516fa553731831f9258b12bcd5cc3f6be75c8a538610c357171fec93f51f914577da19facfb63c671258f4585bf98b9bad3a0232804660c18fb197ee74c5dfdfd18b21ba0a35901c826bdb71138e42728fa9f207a0afba62bd879387d043400480d9a185f187eb0c83b6d4b63a52f2ac2677685d0974ab40a0e5ae33fe7f804e3963c9442c4c80608153322e1b57a4dac12c17289191d91448455cf3376d862963044998ccfae9f8d3f349d26156dc699e348d4a47b75ea1c252db3c2fcf8d0e30943b82e6abc6cc76c57c21e7fbac29b42d7338bf7bdf5a89f5af3de3af395aabfdffd14b56a6cde942fccf563917ee9abeb771f8efc4319f6b9a2a0bdef6878f9f9b7d96118dbf8632d13d16c4017ac886b25bfad4f997a2407df87270a572099b419b9fcd96f658ed0be4746b01c", 0x1000, 0x40004, 0x0, {0x0, r9}}, 0x200) 13:29:54 executing program 3: ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000080)={{0x1, 0x1, 0x18}, './file1\x00'}) r0 = openat(0xffffffffffffffff, 0x0, 0x0, 0x80) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r1, r0, 0x0, 0x100000001) r2 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r3, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r3, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r4 = fcntl$dupfd(r3, 0x406, r2) ioctl$FS_IOC_FIEMAP(r4, 0xc020660b, &(0x7f00000002c0)={0x1f, 0x2, 0x1, 0x25, 0x4, [{0x0, 0xd8f, 0x5, '\x00', 0x86}, {0xcb3, 0x8, 0x6, '\x00', 0x4}, {0x0, 0x7ff, 0x9ff, '\x00', 0x802}, {0x5, 0x4f2b, 0x5, '\x00', 0x2801}]}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r4, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r2, {0x1ff}}, './file0\x00'}) accept4$unix(r4, &(0x7f00000000c0), &(0x7f0000000040)=0x6e, 0x80000) 13:29:54 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x68000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1133.476345] FAULT_INJECTION: forcing a failure. [ 1133.476345] name failslab, interval 1, probability 0, space 0, times 0 [ 1133.479267] CPU: 0 PID: 8195 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1133.480914] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1133.482919] Call Trace: 13:29:54 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x80000000000000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:29:54 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x6c000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1133.483554] dump_stack+0x107/0x167 [ 1133.484549] should_fail.cold+0x5/0xa [ 1133.485470] ? xas_alloc+0x336/0x440 [ 1133.486364] should_failslab+0x5/0x20 [ 1133.487266] kmem_cache_alloc+0x5b/0x310 [ 1133.488235] xas_alloc+0x336/0x440 [ 1133.489087] xas_create+0x34a/0x10d0 [ 1133.490008] ? kernel_text_address+0xf2/0x120 [ 1133.491082] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1133.492345] xas_store+0x8c/0x1c40 [ 1133.493228] __xa_store+0x164/0x2d0 [ 1133.494105] ? xa_delete_node+0x280/0x280 [ 1133.495092] ? trace_hardirqs_on+0x5b/0x180 [ 1133.496129] xa_store+0x31/0x50 [ 1133.496906] __io_uring_add_tctx_node+0x1cf/0x520 [ 1133.498076] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1133.499309] ? alloc_fd+0x2e7/0x670 [ 1133.500192] io_uring_setup+0x1fbb/0x2980 [ 1133.501198] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1133.502404] ? wait_for_completion_io+0x270/0x270 [ 1133.503577] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1133.504827] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1133.506049] do_syscall_64+0x33/0x40 [ 1133.506939] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1133.508170] RIP: 0033:0x7f55e908fb19 [ 1133.509058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1133.510632] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 1133.513469] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1133.513499] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 1133.516167] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 1133.517843] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1133.517857] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1133.517870] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1133.517887] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:30:06 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 56) 13:30:06 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 67) [ 1145.774443] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:30:06 executing program 1: r0 = syz_io_uring_setup(0x40001b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 13:30:06 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x74000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:30:06 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x6c000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:30:06 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x80ffff00000000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:30:06 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, 0x0, 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:30:06 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b40)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000bd81b87afc1f961b041591112692a5d1aab19c6a9e208d1c28da156afb4ddd1c034b19e9834dac56f129ae740f48534d34c69c7c8f7a384336ebb2944c29225ff12f8b046906f15c85d62e0a33ee1e26fa8cdafd5b4230f8a3080ce94c020921c94d3d80cf8e3b0005243578f5cb037d73d389cfca1f80e0d2f968feac4f065ffe3cb0ac3a25ca5c1ff5a7d310a614982b1fd43abc07e6b5975ba7d712426b37c55d1e490df0153a78786913ed7637b1d840bfde0e1b7d339417ed280b1ddb49ee61eafedbaaa0a8d2cbc5bdccb0afa62f64ea4ff187fa6628397f9891a1f34aa8dd36d70ce1b5f09bc0043a0bd1f8bdfb33e073ebbcea086bc8e8da27d76939786776a523785c8d9f855bdebf1edf10e03337ab01cd5cf01d1029cd73f7ed80e25303ae4adcc92c32141d362f09f0ddfd8ac96f4ac935755951deec4790aad73f2a0d0ea95e61d823c36e791793088f62efa7b533a598b5f634fbe212122f2f9c63a532034d073e07cc71c615bae3b6b1df1a24dd6175d334661166bce3c68c4bf5c9aca8fdf97ce0c2525150eb06ac7260499d032c6431eb2102"], 0x24}}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) r3 = openat$full(0xffffffffffffff9c, &(0x7f00000003c0), 0x1, 0x0) sendmsg$NL80211_CMD_LEAVE_MESH(r3, &(0x7f0000000440)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000540)={&(0x7f0000000280)=ANY=[@ANYBLOB=')\x00\x00 ', @ANYRES16, @ANYBLOB="280026bd704a826946", @ANYRES32=r2, @ANYRESOCT=r1], 0x28}, 0x1, 0x0, 0x0, 0x408c0}, 0x8054) r4 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000240), r3) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f00000002c0)={'wg2\x00', 0x0}) sendmsg$WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80500}, 0xc, &(0x7f0000000380)={&(0x7f0000000580)={0x60, r4, 0x10, 0x70bd28, 0x25dfdbfc, {}, [@WGDEVICE_A_FWMARK={0x8, 0x7, 0x3}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x6}, @WGDEVICE_A_IFINDEX={0x8}, @WGDEVICE_A_IFINDEX={0x8}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0xf94}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x6}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r5}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000000}, 0x640c1) sendmsg$WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r4, 0x200, 0x70bd2d, 0x25dfdbff, {}, [@WGDEVICE_A_FWMARK={0x8, 0x7, 0x3f}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x10000}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x41) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) sendfile(r7, r6, 0x0, 0x100000001) 13:30:06 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x7a000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1145.802729] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 1145.816926] FAULT_INJECTION: forcing a failure. [ 1145.816926] name failslab, interval 1, probability 0, space 0, times 0 [ 1145.818219] CPU: 1 PID: 8223 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1145.818994] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1145.819944] Call Trace: [ 1145.820254] dump_stack+0x107/0x167 [ 1145.820668] should_fail.cold+0x5/0xa [ 1145.821104] ? __io_uring_add_tctx_node+0x15c/0x520 [ 1145.821685] should_failslab+0x5/0x20 [ 1145.822121] kmem_cache_alloc_trace+0x55/0x320 [ 1145.822644] __io_uring_add_tctx_node+0x15c/0x520 [ 1145.823191] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1145.823797] ? alloc_fd+0x2e7/0x670 [ 1145.824225] io_uring_setup+0x1fbb/0x2980 [ 1145.824710] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1145.825303] ? wait_for_completion_io+0x270/0x270 [ 1145.825880] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1145.826485] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1145.827084] do_syscall_64+0x33/0x40 [ 1145.827514] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1145.828104] RIP: 0033:0x7f943fb71b19 [ 1145.828532] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1145.830637] RSP: 002b:00007f943d0c6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1145.831510] RAX: ffffffffffffffda RBX: 00007f943fc85020 RCX: 00007f943fb71b19 [ 1145.832327] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1145.833150] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1145.833976] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1145.834794] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1145.835781] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1145.843907] FAULT_INJECTION: forcing a failure. [ 1145.843907] name failslab, interval 1, probability 0, space 0, times 0 [ 1145.846218] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 1145.846803] CPU: 0 PID: 8226 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1145.849318] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1145.851425] Call Trace: [ 1145.852096] dump_stack+0x107/0x167 [ 1145.853024] should_fail.cold+0x5/0xa [ 1145.854011] ? xas_alloc+0x336/0x440 13:30:06 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x74000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1145.854962] should_failslab+0x5/0x20 [ 1145.856039] kmem_cache_alloc+0x5b/0x310 [ 1145.857104] xas_alloc+0x336/0x440 [ 1145.858028] xas_create+0x34a/0x10d0 [ 1145.858985] ? kernel_text_address+0xf2/0x120 [ 1145.860140] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1145.861481] xas_store+0x8c/0x1c40 [ 1145.862399] __xa_store+0x164/0x2d0 [ 1145.863327] ? xa_delete_node+0x280/0x280 [ 1145.864384] ? trace_hardirqs_on+0x5b/0x180 [ 1145.865500] xa_store+0x31/0x50 [ 1145.866266] __io_uring_add_tctx_node+0x1cf/0x520 [ 1145.867360] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1145.868536] ? alloc_fd+0x2e7/0x670 [ 1145.869383] io_uring_setup+0x1fbb/0x2980 [ 1145.870326] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1145.871144] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 1145.871462] ? wait_for_completion_io+0x270/0x270 [ 1145.871507] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1145.874574] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1145.875740] do_syscall_64+0x33/0x40 [ 1145.876586] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1145.877753] RIP: 0033:0x7f55e908fb19 [ 1145.878597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1145.882769] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1145.884487] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 1145.886105] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1145.887711] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1145.889328] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1145.889699] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:30:06 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x9effffff, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1145.890928] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:30:07 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x7a000000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:30:07 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2, 0x10, r0, 0x0) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r2, r1, &(0x7f0000000100)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd=r0, 0x0, 0x0, 0x0, 0x1, 0x0, {0x0, r3}}, 0x3) syz_io_uring_setup(0x46dc, &(0x7f0000000000)={0x0, 0x8ded, 0x2, 0x1, 0x252, 0x0, r0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) [ 1145.937695] netlink: 'syz-executor.2': attribute type 16 has an invalid length. 13:30:07 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0xf0ffffff, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:30:07 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x100000000000000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) [ 1145.977631] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 1146.018502] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. 13:30:18 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, 0x0, 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:30:18 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x9effffff, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:30:18 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 57) 13:30:18 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x200000000000000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:30:18 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000080)={0x0, 0x0, 0x4}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000000)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 13:30:18 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0xfffff000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:30:18 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) flock(r1, 0x4) sendfile(r1, r0, 0x0, 0x100000001) 13:30:18 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 68) [ 1157.407331] FAULT_INJECTION: forcing a failure. [ 1157.407331] name failslab, interval 1, probability 0, space 0, times 0 [ 1157.408954] CPU: 0 PID: 8272 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1157.409957] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1157.411139] Call Trace: [ 1157.411529] dump_stack+0x107/0x167 [ 1157.412055] should_fail.cold+0x5/0xa [ 1157.412602] ? xas_alloc+0x336/0x440 [ 1157.413130] should_failslab+0x5/0x20 [ 1157.413696] kmem_cache_alloc+0x5b/0x310 [ 1157.414307] xas_alloc+0x336/0x440 [ 1157.414817] xas_create+0x34a/0x10d0 [ 1157.415360] ? kernel_text_address+0xf2/0x120 [ 1157.416006] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1157.416751] xas_store+0x8c/0x1c40 [ 1157.417281] __xa_store+0x164/0x2d0 [ 1157.417806] ? xa_delete_node+0x280/0x280 [ 1157.418409] ? trace_hardirqs_on+0x5b/0x180 [ 1157.419024] xa_store+0x31/0x50 [ 1157.419505] __io_uring_add_tctx_node+0x1cf/0x520 [ 1157.420197] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1157.420944] ? alloc_fd+0x2e7/0x670 [ 1157.421484] io_uring_setup+0x1fbb/0x2980 [ 1157.422082] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1157.422811] ? wait_for_completion_io+0x270/0x270 [ 1157.423514] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1157.424257] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1157.425017] do_syscall_64+0x33/0x40 [ 1157.425570] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1157.426295] RIP: 0033:0x7f55e908fb19 [ 1157.426829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1157.429474] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1157.430556] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 1157.431580] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1157.432601] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1157.434007] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1157.435812] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1157.436278] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 1157.438372] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:30:18 executing program 1: mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x5893, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x2e3d, 0x8109, 0x2, &(0x7f0000000000), 0x8) r0 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r1, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r2 = fcntl$dupfd(r1, 0x406, r0) ioctl$FS_IOC_FIEMAP(r2, 0xc020660b, &(0x7f00000002c0)={0x1f, 0x2, 0x1, 0x25, 0x4, [{0x0, 0xd8f, 0x5, '\x00', 0x86}, {0xcb3, 0x8, 0x6, '\x00', 0x4}, {0x0, 0x7ff, 0x9ff, '\x00', 0x802}, {0x5, 0x4f2b, 0x5, '\x00', 0x2801}]}) r3 = syz_open_dev$vcsa(&(0x7f0000000100), 0x2, 0xa001) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x8, 0x2010, r3, 0x8000000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r2, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0x1ff}}, './file0\x00'}) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0x100010, r0, 0x8000000) 13:30:18 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0xffffff7f, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:30:18 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000), 0x84800) r1 = accept(r0, &(0x7f0000000040)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @remote}}, &(0x7f00000000c0)=0x80) sendfile(r1, r0, 0x0, 0x100000001) 13:30:18 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0xf0ffffff, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1157.501930] FAULT_INJECTION: forcing a failure. [ 1157.501930] name failslab, interval 1, probability 0, space 0, times 0 [ 1157.503240] CPU: 1 PID: 8263 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1157.504019] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1157.504966] Call Trace: [ 1157.505280] dump_stack+0x107/0x167 [ 1157.505698] should_fail.cold+0x5/0xa [ 1157.506135] ? create_object.isra.0+0x3a/0xa30 [ 1157.506660] should_failslab+0x5/0x20 [ 1157.507095] kmem_cache_alloc+0x5b/0x310 [ 1157.507562] create_object.isra.0+0x3a/0xa30 [ 1157.508059] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1157.508641] kmem_cache_alloc+0x159/0x310 [ 1157.509122] xas_alloc+0x336/0x440 [ 1157.509539] xas_create+0x34a/0x10d0 [ 1157.509969] ? kernel_text_address+0xf2/0x120 [ 1157.510484] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1157.511080] xas_store+0x8c/0x1c40 [ 1157.511494] __xa_store+0x164/0x2d0 [ 1157.511909] ? xa_delete_node+0x280/0x280 [ 1157.512387] ? trace_hardirqs_on+0x5b/0x180 [ 1157.512880] xa_store+0x31/0x50 [ 1157.513260] __io_uring_add_tctx_node+0x1cf/0x520 [ 1157.513820] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1157.514418] ? alloc_fd+0x2e7/0x670 [ 1157.514841] io_uring_setup+0x1fbb/0x2980 [ 1157.515319] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1157.515894] ? wait_for_completion_io+0x270/0x270 [ 1157.516453] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1157.517059] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1157.517648] do_syscall_64+0x33/0x40 [ 1157.518077] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1157.518660] RIP: 0033:0x7f943fb71b19 [ 1157.519083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1157.521187] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1157.522061] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 1157.522875] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1157.523698] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1157.524515] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1157.525333] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:30:18 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x300000000000000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:30:18 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r1 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x6, 0x10010, r1, 0x8000000) connect(r4, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) fcntl$dupfd(r4, 0x406, r1) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x2, 0x0, @fd_index=0x1, 0x0, 0x0}, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) syz_io_uring_submit(r5, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r3, &(0x7f0000000100)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, {0x0, r6}}, 0x7) syz_io_uring_setup(0x6d8e, &(0x7f0000000000)={0x0, 0xd877, 0x4, 0x3, 0x1cc, 0x0, r0}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ff7000/0x9000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) r7 = signalfd(r0, &(0x7f0000000240)={[0x8000]}, 0x8) io_uring_enter(r7, 0x474b, 0x286, 0x1, &(0x7f00000002c0)={[0x4800]}, 0x8) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) [ 1157.554577] netlink: 'syz-executor.2': attribute type 16 has an invalid length. 13:30:18 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 69) [ 1157.574780] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 1157.580439] FAULT_INJECTION: forcing a failure. [ 1157.580439] name failslab, interval 1, probability 0, space 0, times 0 [ 1157.581818] CPU: 1 PID: 8295 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1157.582601] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1157.583549] Call Trace: [ 1157.583857] dump_stack+0x107/0x167 [ 1157.584278] should_fail.cold+0x5/0xa [ 1157.584718] ? create_object.isra.0+0x3a/0xa30 [ 1157.585240] should_failslab+0x5/0x20 [ 1157.585684] kmem_cache_alloc+0x5b/0x310 [ 1157.586154] ? mark_held_locks+0x9e/0xe0 [ 1157.586622] create_object.isra.0+0x3a/0xa30 [ 1157.587124] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1157.587713] kmem_cache_alloc+0x159/0x310 [ 1157.588189] xas_alloc+0x336/0x440 [ 1157.588598] xas_create+0x34a/0x10d0 [ 1157.589030] ? kernel_text_address+0xf2/0x120 [ 1157.589553] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1157.590153] xas_store+0x8c/0x1c40 [ 1157.590566] __xa_store+0x164/0x2d0 [ 1157.590985] ? xa_delete_node+0x280/0x280 [ 1157.591463] ? trace_hardirqs_on+0x5b/0x180 [ 1157.591961] xa_store+0x31/0x50 [ 1157.592341] __io_uring_add_tctx_node+0x1cf/0x520 [ 1157.592892] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1157.593494] ? alloc_fd+0x2e7/0x670 [ 1157.593917] io_uring_setup+0x1fbb/0x2980 [ 1157.594395] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1157.594977] ? wait_for_completion_io+0x270/0x270 [ 1157.595539] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1157.596143] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1157.596733] do_syscall_64+0x33/0x40 [ 1157.597155] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1157.597749] RIP: 0033:0x7f55e908fb19 [ 1157.598175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1157.600271] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1157.601144] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 1157.601968] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1157.602785] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1157.603600] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1157.604417] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:30:18 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0xffffe000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:30:18 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0xffffff9e, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:30:18 executing program 3: r0 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r1, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r2 = fcntl$dupfd(r1, 0x406, r0) r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000240), 0x400001, 0x0) ioctl$FS_IOC_FIEMAP(r3, 0xc020660b, &(0x7f00000002c0)={0x1f, 0x2, 0x1, 0x25, 0x4, [{0x0, 0xd8f, 0x5, '\x00', 0x86}, {0xcb3, 0x8, 0x6, '\x00', 0x4}, {0x0, 0x7ff, 0x9ff, '\x00', 0x802}, {0x5, 0x4f2b, 0x5, '\x00', 0x2801}]}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r2, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0x1ff}}, './file0\x00'}) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r4, 0xc028660f, &(0x7f0000000080)={0x0, r4}) r5 = openat(r4, &(0x7f0000000100)='./file0/../file0\x00', 0x183002, 0xcb) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r5, 0xc018937c, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r3, {0x4}}, './file1\x00'}) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r6, r5, 0x0, 0x100000001) [ 1157.712548] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 1157.730208] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:30:33 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0xfffffff0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:30:33 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x400000000000000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:30:33 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0xfffff000, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:30:33 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 70) 13:30:33 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 58) 13:30:33 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x0, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:30:33 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) r2 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r3, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r3, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r4 = fcntl$dupfd(r3, 0x406, r2) ioctl$FS_IOC_FIEMAP(r4, 0xc020660b, &(0x7f00000002c0)={0x1f, 0x2, 0x1, 0x25, 0x4, [{0x0, 0xd8f, 0x5, '\x00', 0x86}, {0xcb3, 0x8, 0x6, '\x00', 0x4}, {0x0, 0x7ff, 0x9ff, '\x00', 0x802}, {0x5, 0x4f2b, 0x5, '\x00', 0x2801}]}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r4, 0xc018937d, &(0x7f00000000c0)=ANY=[@ANYBLOB="0100000001c145d026c03be4", @ANYRES32=r2, @ANYBLOB="ff010000000000002e2f66696c653000"]) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x1000020, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@uname={'uname', 0x3d, '/]\'}'}}], [{@subj_user}]}}) syz_io_uring_complete(0x0) sendfile(r1, r0, 0x0, 0x100000001) [ 1171.952167] netlink: 'syz-executor.2': attribute type 16 has an invalid length. 13:30:33 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r3 = syz_io_uring_complete(r1) io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r3, 0xc020f509, &(0x7f0000000100)={r3, 0x6, 0x3f, 0x9}) r5 = syz_io_uring_setup(0x3682, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x3, 0x0, 0x0, r4}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r6, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r6, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r7 = fcntl$dupfd(r6, 0x406, r5) ioctl$FS_IOC_FIEMAP(r7, 0xc020660b, &(0x7f00000002c0)=ANY=[@ANYBLOB="1f00000000000000020000000000000001000000250000000400000000000000000000fdffffff008f0d00000000000005000000000000000000000000000000000000000000000086000000000000000000000000000000b30c0000000000000800000000000000060000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000ff07000000000000ff09000000000000000000000000000000000000000000000208000000000000000000000000000005000000000000002b4f000200000000050000000000000000000000000000000000000000000000012800"/256]) r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r7, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x1ff}}, './file0\x00'}) io_uring_enter(r7, 0x36ae, 0x80be, 0x3, &(0x7f0000000000)={[0x1000]}, 0x8) syz_io_uring_submit(r8, r2, &(0x7f0000000240), 0x3) [ 1171.973616] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 1171.995023] FAULT_INJECTION: forcing a failure. [ 1171.995023] name failslab, interval 1, probability 0, space 0, times 0 [ 1171.997644] CPU: 1 PID: 8328 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1171.999110] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1172.000864] Call Trace: [ 1172.001446] dump_stack+0x107/0x167 [ 1172.002219] should_fail.cold+0x5/0xa [ 1172.003027] ? xas_alloc+0x336/0x440 [ 1172.003822] should_failslab+0x5/0x20 [ 1172.004635] kmem_cache_alloc+0x5b/0x310 [ 1172.005520] xas_alloc+0x336/0x440 [ 1172.006277] xas_create+0x34a/0x10d0 [ 1172.007076] ? kernel_text_address+0xf2/0x120 [ 1172.008034] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1172.009154] xas_store+0x8c/0x1c40 [ 1172.009929] __xa_store+0x164/0x2d0 [ 1172.010703] ? xa_delete_node+0x280/0x280 [ 1172.011601] ? trace_hardirqs_on+0x5b/0x180 [ 1172.012525] xa_store+0x31/0x50 [ 1172.013227] __io_uring_add_tctx_node+0x1cf/0x520 [ 1172.014256] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1172.015370] ? alloc_fd+0x2e7/0x670 [ 1172.016156] io_uring_setup+0x1fbb/0x2980 [ 1172.017045] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1172.018128] ? wait_for_completion_io+0x270/0x270 [ 1172.019171] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1172.020290] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1172.021393] do_syscall_64+0x33/0x40 [ 1172.022182] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1172.023273] RIP: 0033:0x7f55e908fb19 [ 1172.024069] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1172.027977] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1172.029596] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 1172.031113] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1172.032618] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1172.034138] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1172.035639] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:30:33 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) r1 = syz_mount_image$msdos(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, 0x6, &(0x7f0000000500)=[{&(0x7f00000000c0)="4fdc3cd0d8c9524fdd536a7b509dc6aa8b4adffb254baae351013dcb5afe3316faad2d7bcd0c75f44c5d661f9b495fc3e9f2838de5008531f05e71ed07343d64ab0a995ed38de331bff428d4b8c3adfec59f6426f0dcc18532615010a91a9c94c2f1200095a80d5594f7916dfcf0709592501ff44ec6a3c57416ff380a4ca12da0522bc0ae65637590dab623724efb6c3e203150d9ae3408a3f3ef81010e4af2f531dc42ec1c8a31c7afb5e1c49343f4059e2c6f1d025cbf8769fa770c7164adcee7c26d411a261312c537f004677f86d253445c034949981b13781299c51dea72a386fa7b997000a55adeceedf0e789a9bdb4de7a04", 0xf6, 0x7}, {&(0x7f00000001c0)="8985e78643cbf6be57f243ffe4008972eb15e7bb", 0x14, 0x7f}, {&(0x7f00000002c0)="6a47caedd7565a38aa2c6742fa64f0f9c26e8f0f62cbd7e77654da80f5ddfdbcdab08bb3392083c5ef49ccd3fe6d69275186afa8e73be0193aaa4a044a81bdb20a80279145dbfdbf256e94e2b58f250cc0c11d1d20e2a08140ae4e3e0b9bb2028d993c3f95e0e8c08488670decb56d177d2739331688dc0e890e70c6ec2505d6c657a5c22a84008e0a1bbb1ab8c7da01d6b6fdf18dbc4a81164b675567cedb4acff2309161ca13012ebb8dda23da1ad249ef78a3711431352530ad77e27c89545f826f50e41b1ad2d3161b9295b2", 0xce, 0x8}, {&(0x7f00000003c0)="deb95f3c5a601af0374c56845e77bb0165ec91c746ba68418f5d0d8bee3641306b9f12af774e16cb1240c711a19ad81ea27269ccf4c4ea74d942a073b1492e2d7537ec632cedac1221242cdd1fa177455f6cb5f58df399144dad3d3359dcef53f5054e02740b6cdf6a673be4f2efa79e37171dea13749c5328d4272e5b1ded3bd126ddbb4bb93fc6069063d71ac050331b8fcdfc0ebac432", 0x98, 0xffc}, {&(0x7f0000000200)="4e6a89ec3edd14de04855c7697c293766c5d9c53f7ab1a2daa7e1a53c0ef2365b5faf87ca0eb282a1280d09a8550ae6b82acf375aafbc56cb8cce2a127f41a33f67c81309f97f0190b543c19d012675cf6d49511ec72574078d2d16abd233b4c22adc54f9a39a54806d49c", 0x6b}, {&(0x7f0000000480)="eb4cb7e7023848f2bbb007041801e5481727c9f95785985f9aeeff53627ff192742aded778b71609195ff1f6b6c6d03e0e838fecbbb30d7767199f19bde6dfc55eadb87c02facb0f8900ee1c20946f91cb287c8d415e48e261d6d938d144c0cbfdb0de4e67c556dd048f5a8e13c552c78e1c36f63f6ff8", 0x77, 0x8}], 0x201000, &(0x7f00000005c0)={[{@fat=@nfs_nostale_ro}, {@dots}, {@nodots}, {@dots}, {@dots}, {@nodots}], [{@obj_role={'obj_role', 0x3d, '#-$)'}}]}) openat(r1, &(0x7f0000000600)='./file0\x00', 0x200000, 0x90) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r2, r0, 0x0, 0x100000001) 13:30:33 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0xffffff7f, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1172.084527] FAULT_INJECTION: forcing a failure. [ 1172.084527] name failslab, interval 1, probability 0, space 0, times 0 [ 1172.087061] CPU: 0 PID: 8330 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1172.088561] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1172.090428] Call Trace: [ 1172.091015] dump_stack+0x107/0x167 [ 1172.091827] should_fail.cold+0x5/0xa [ 1172.092675] ? xas_alloc+0x336/0x440 [ 1172.093522] should_failslab+0x5/0x20 [ 1172.094352] kmem_cache_alloc+0x5b/0x310 [ 1172.095271] xas_alloc+0x336/0x440 [ 1172.096050] xas_create+0x34a/0x10d0 [ 1172.096895] ? kernel_text_address+0xf2/0x120 [ 1172.097887] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1172.099063] xas_store+0x8c/0x1c40 [ 1172.099857] __xa_store+0x164/0x2d0 [ 1172.100676] ? xa_delete_node+0x280/0x280 [ 1172.101619] ? trace_hardirqs_on+0x5b/0x180 [ 1172.102588] xa_store+0x31/0x50 [ 1172.103316] __io_uring_add_tctx_node+0x1cf/0x520 [ 1172.104389] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1172.105552] ? alloc_fd+0x2e7/0x670 [ 1172.106385] io_uring_setup+0x1fbb/0x2980 [ 1172.107311] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1172.108415] ? wait_for_completion_io+0x270/0x270 [ 1172.109525] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1172.110694] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1172.111854] do_syscall_64+0x33/0x40 [ 1172.112687] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1172.113823] RIP: 0033:0x7f943fb71b19 [ 1172.114653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 13:30:33 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0xffffffff, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1172.118800] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1172.120683] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 1172.121601] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 1172.122282] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1172.122300] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1172.122312] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1172.122324] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:30:33 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_setup(0x1d2a, &(0x7f0000000000)={0x0, 0xf893, 0x20, 0x2, 0x11f, 0x0, r0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x10c, &(0x7f0000000100)=0x1f, 0x0, 0x4) [ 1172.146427] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 1172.169787] loop3: detected capacity change from 0 to 7680 13:30:33 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x500000000000000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:30:46 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x0, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:30:46 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r1, r0, 0x0, 0x100000001) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000080)={0x0, r2}) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@dfltgid={'dfltgid', 0x3d, 0xee01}}, {@debug={'debug', 0x3d, 0x7fffffff}}, {@version_u}, {@afid={'afid', 0x3d, 0x80}}, {@version_u}], [{@hash}]}}) 13:30:46 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 59) 13:30:46 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0xffffff9e, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:30:46 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) ioctl$FIOCLEX(r0, 0x5451) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x3000003, 0x30, r0, 0x8000000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000080)={0x0, r2}) syz_io_uring_setup(0x798f, &(0x7f0000000280)={0x0, 0x426e, 0x20, 0x1, 0x24f, 0x0, r2}, &(0x7f0000ff5000/0xb000)=nil, &(0x7f0000ff6000/0x3000)=nil, &(0x7f0000000300), &(0x7f0000000340)) syz_io_uring_setup(0x3ee2, &(0x7f0000000000)={0x0, 0xa2f1, 0x10, 0x0, 0x2b8, 0x0, r0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r3, r1, &(0x7f0000000240)=@IORING_OP_LINK_TIMEOUT={0xf, 0x5, 0x0, 0x0, 0x0, &(0x7f0000000100), 0x1, 0x0, 0x1, {0x0, r4}}, 0x8001) 13:30:46 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x600000000000000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:30:46 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0xf, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:30:46 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 71) [ 1185.360207] FAULT_INJECTION: forcing a failure. [ 1185.360207] name failslab, interval 1, probability 0, space 0, times 0 [ 1185.362632] CPU: 1 PID: 8371 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1185.364072] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1185.365833] Call Trace: [ 1185.366393] dump_stack+0x107/0x167 [ 1185.367151] should_fail.cold+0x5/0xa [ 1185.367935] ? ___slab_alloc+0x155/0x700 [ 1185.368771] ? create_object.isra.0+0x3a/0xa30 [ 1185.369719] should_failslab+0x5/0x20 [ 1185.370509] kmem_cache_alloc+0x5b/0x310 [ 1185.371355] create_object.isra.0+0x3a/0xa30 [ 1185.372278] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1185.373334] kmem_cache_alloc+0x159/0x310 [ 1185.374205] xas_alloc+0x336/0x440 [ 1185.374949] xas_create+0x34a/0x10d0 [ 1185.375731] ? kernel_text_address+0xf2/0x120 [ 1185.376653] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1185.377749] xas_store+0x8c/0x1c40 [ 1185.378503] __xa_store+0x164/0x2d0 [ 1185.379265] ? xa_delete_node+0x280/0x280 [ 1185.380124] ? trace_hardirqs_on+0x5b/0x180 [ 1185.381020] xa_store+0x31/0x50 [ 1185.381719] __io_uring_add_tctx_node+0x1cf/0x520 [ 1185.382705] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1185.383790] ? alloc_fd+0x2e7/0x670 [ 1185.384552] io_uring_setup+0x1fbb/0x2980 [ 1185.385420] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1185.386465] ? wait_for_completion_io+0x270/0x270 [ 1185.387490] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1185.388577] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1185.389661] do_syscall_64+0x33/0x40 [ 1185.390435] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1185.391498] RIP: 0033:0x7f943fb71b19 [ 1185.392281] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1185.396094] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1185.397683] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 1185.399176] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1185.400660] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1185.402149] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1185.403626] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:30:46 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x700000000000000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:30:46 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x10, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1185.417986] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 1185.428245] FAULT_INJECTION: forcing a failure. [ 1185.428245] name failslab, interval 1, probability 0, space 0, times 0 [ 1185.430598] CPU: 1 PID: 8382 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1185.432008] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1185.433725] Call Trace: [ 1185.434276] dump_stack+0x107/0x167 [ 1185.435030] should_fail.cold+0x5/0xa [ 1185.435811] ? create_object.isra.0+0x3a/0xa30 [ 1185.436749] should_failslab+0x5/0x20 [ 1185.437544] kmem_cache_alloc+0x5b/0x310 [ 1185.438368] ? mark_held_locks+0x9e/0xe0 [ 1185.439195] create_object.isra.0+0x3a/0xa30 [ 1185.440080] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1185.441119] kmem_cache_alloc+0x159/0x310 [ 1185.441971] xas_alloc+0x336/0x440 [ 1185.442695] xas_create+0x34a/0x10d0 [ 1185.443459] ? kernel_text_address+0xf2/0x120 [ 1185.444369] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1185.445417] xas_store+0x8c/0x1c40 [ 1185.446164] __xa_store+0x164/0x2d0 [ 1185.446919] ? xa_delete_node+0x280/0x280 [ 1185.447765] ? trace_hardirqs_on+0x5b/0x180 [ 1185.448648] xa_store+0x31/0x50 [ 1185.449319] __io_uring_add_tctx_node+0x1cf/0x520 [ 1185.450312] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1185.451358] ? alloc_fd+0x2e7/0x670 [ 1185.452107] io_uring_setup+0x1fbb/0x2980 13:30:46 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x1b, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1185.452931] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1185.454140] ? wait_for_completion_io+0x270/0x270 [ 1185.455130] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1185.456187] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1185.457247] do_syscall_64+0x33/0x40 [ 1185.458014] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1185.459052] RIP: 0033:0x7f55e908fb19 13:30:46 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x4000000000000000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) [ 1185.459808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1185.463621] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1185.465164] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 1185.466609] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1185.468034] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1185.469477] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1185.470906] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:30:46 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x2, 0x0, @fd_index=0x1, 0x0, 0x0}, 0x0) r3 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000000, 0x10010, r0, 0x8000000) r4 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xc, 0x4010, r0, 0x10000000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, 0x0) syz_io_uring_submit(r5, 0x0, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) r6 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) syz_io_uring_submit(r5, 0x0, &(0x7f00000000c0)=@IORING_OP_OPENAT={0x12, 0x1, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x402, 0x23456, {0x0, r7}}, 0x80000000) syz_io_uring_submit(r3, r4, &(0x7f00000012c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x2, 0x0, 0x101, 0x0, &(0x7f0000001240)="35c10c86bcadcb0895bbdcd42339da5bd1099cfc387bc7cd16e7b152a73d3a3d607671dc781d962698c5363ee61536bf774d0d79eba5c5a634bfe2be862062be77668288a628e781649bd5b95201ef7269f150099efc0c9587ba15eaafe33f64589d2e", 0x8, 0x0, 0x0, {0x2, r7}}, 0x5) syz_io_uring_setup(0x5ca3, &(0x7f0000000000)={0x0, 0xdb58, 0x8, 0x0, 0x33c}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)=0x0) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, 0x0) syz_io_uring_submit(r9, 0x0, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) r10 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r11 = io_uring_register$IORING_REGISTER_PERSONALITY(r10, 0x9, 0x0, 0x0) syz_io_uring_submit(r9, 0x0, &(0x7f00000000c0)=@IORING_OP_OPENAT={0x12, 0x1, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x402, 0x23456, {0x0, r11}}, 0x80000000) syz_io_uring_submit(r1, r8, &(0x7f0000000100)=@IORING_OP_WRITE={0x17, 0x0, 0x4004, @fd_index=0x2, 0x9, &(0x7f0000000240)="c1a89da6bce7f55b7f58b5d49ee972973f8a4a6519cb60ab0d46021e9ffed84b17bdc1543ac04bfdcbd0e76008ecb5104f94b1bff8483f2af437140f11d77d097670df503838dbca8905c9da8bfe47e97cac60c68d7750108b00ed7f9e5341787366dd3709a90b9360efad89cd201455335c031b1136915d03e4f3d9691421684801f247aa3d3a7332251b03e0992c85766d41a963fad8a096f5a236725f2326f94c6d3f4413c8d1e1ad30651287f33198068c33016eee75dd797ce18a0ac49d976227989cd9178d873c834d5fb30da99c0b3a038e52709c55769451f679f014b8553b43bd04784f1fc38f8982548a12b17fd73347b810fcf477f824f505e65a0dc4ca20db2338df8eb3f37d7780813d16b52653689430f90c62b9cfb44b216355c85780413a42fb9f7e27de0b8092bebc2232a6fad9c69d6fe46d4292994a7251f39c41340f028f5593df7885c38f034461a8714395cbca92624d2e74b7b01d0b7ca79a9b561a6ea88ebeaede7929bcb30919dd3e9c86c664059f6fcba2270da307c4540030791175fa8445802475d893ccdbaba3bfbfb4120e7bc9d58202a9ceae7897d2fcff79b65c4e79c4830be19f8f318eb9b98e96eab42341b8ed8a17e08804650033d2008ffef35b4de944277034b151d6d990352b508ad45f735b2a2271fd2457478589b61d5097e991a7e0bf84c5e0ed450dd2b52146e7cc6ade73635847c8bbc3c0a81530135993d719214644881c9ce29e927f809cdcd6acd1dbe6a480cd63fd5c6f57384b26eee32001fc2cbdb533b534ef3b4c755619196cc0538112a2d16904d7db41bcfab9653e22a807a84ba796494209596b501ca3f051ace107645838f04a234736ec17e74fefa855e2c065fc0228b5aaac5dadb7c54079755d539e8a9a52974c66a75b80b276a255c6bc9d405b6e498a0a951dfd2eeb49721d13e37f8949b9dbe906c71c6b7e552f75060e230c8b7aa4dbeccc06fb7e487dc63a38c44cef85973ef062cc42bd74e4a4159b9290d5e583d85c706e528c29637c5c8e114dc25a46546b6d8bf9d298641b601e2fe81c7f5853c2f70db7a02c2cc309f3b517ef80e586586fc09c767aef8b4837aa399e2291129d635775b0836ddc24f6b36f26cf03cefb90e4566ee721a70e20d499b1e6ec8941a0def7d856376f7abaac0453b3cbd5f8aba32c1e402bb4595be266f84fd365b1009fbf4be77227836edf75d7f6fdd6e2d09ee10706d23470f88832fdacdd17eb37394aa4b7ffd623fba8f7a1a7dd89b8dd3f768263ab1b582c64280936048ef841a5f2046a3e96fbcb9fcfb00129028f59ac01724df1e361a8ae491bac06095ebe783a76fbfdca105c2992b4193853ba66f5c2af88615b05d7be8ab1f4250609928adae6c53838a44515a406d069c85980e547e559050e1f1b4ec55fd1d6102aed6f35c78110fbed5c1ea99f78cdd1184502ee572f5dbb7cc2824c01a3a3273e45f9d77dff7e558c7c09abc99c15ed6087a87fe5e535beb3fe86e99a765ad82d6fec0e79e0e445ff56a55e4fcf368373d247beb75d1b185dc0c77fba74f9b3a2638917907687f4701d1c8a7b29622cf88919c106906f8fc4650d72f55792d9ad8fa179c8ab879f986d55f88a35f70405cf583a46d175b409d92f9833ee1d33a2d24a00c903764eedc2313c034bf3fe475d7fc89b0b138a3e9114e2d9096c791e334afead5354563b9a99f86d63e3f221450d68e2cbddbd300c5e51475fc69600712b363c24e6b4f990711021fe5bcd618945017c3c8bf4d6e4a083ed90daffe656aed190577718f19ea5987f3bbbdcd84759ee8bf7f616091169a9244354ba9d1f418137d5f698f3410f71d199e1938a0b88b64b61a393f11f0cdf904c75715dced934a94961914dc44c4944e1cbc545b968bea6ddfb45642f3ec2dda823f97b808ae7ebe321250b13d8b7ff9ffb52226200ff918002d02b1a57baac0d3c00904ffeca45736d948578d53341f9268e6a91e61060e95396bf6d0707de76bf38a4e4c730917e41f06eb6de824bfec315df45fe6840f5b8d0a9cf29298cd7b1a5ffe71dcaaf0d3396f91e07ecd8d6e04f49bc1551047f88c54fc4cd96a54a7ace2a5a90b220e1a101b9d804fff825e97e7440e8ad9ae73f3fe15db87b47258c530e077c496bbbd286c076b3518516926a589357201e823bd8c19fe8c0448645199b5181cfe988c2077232a31ec25d970e2093e2f0099831fc70b2ccc166f79feb2614e66f7b849a48d906c312affa15cef24315be8eae5781ad9b8aab1a1af1f5b2b5ee2f3fb6d8e9a282d9dd3aab793c3e7d6fe217499e9ee88e5fd95aa2c73a981b397dff10d58f4c34c62057c2fb9c8738cfe4af7a3220930c616faa9cd154fd56a05ff1452f53ec65cb57d714fa330beba37e8eac969eb0363598f745b16579685c8edfc8e928edc65aa553ef04aa2e19a9235a1f9df7fc0690fd446bb08ddeeb36ddfd8c1f2132a4bc57cc9c4e809e8295d7839596abdae87137ed16598b50bf40b2b110362c01139abcc73a24d4b18dcf18547e451018d5598c5bf28fb19ea291057473d876735a9855232779665ea8b9649bc646f213d084eb7e88f397804cca1e15f04d2a8ce2c2edbfc1c501756b1562ab0779712c7a8ab0a38af9fb24a014a61605c6492052330ae7d6f7c93c0ba3792736cde2fa0c2bfd218f65175b80fea7b80ee292dff8ff31733c36514620d285dfa2a4c6ae5913566ccc33586a606d782d100c7fe5df55a5507661170d6514463cec8a93822a27a9fffa0d75b496d38e61afd2a2b288ed3437f398d3c77968ee0ee2981443448006b28fef95fa2de3ee97c7b4226fd13ad2f66af91a1fc4fb96c65122de8e3aac9acd8bd5f36465b32655c4850561b96bbc35b12c38d14f2881a769e0e0fc2a3c269479df24bccf587f2688153e2e20c232633b41d86eb3f49684fd38273b40f13da09ef6a3c1ef5bda463cc8ffcb18d07d10670767d868fa6406542f2f88455e0a134c15d309f2b4811e7e8e39e7e0cb0fc636f4518e7cc1322851de87e9081278902cef921abedb8d01e93d40159d2aee5ab89d86aa3d71083fe90a5244abb9662913285d652c904e0979ea7ecd716cc350819a259b801ffb268592b91b708b70bf426b14ccfc9454fd15d52d155b08625479364cf32378ead8004dba30126248d7ff2e30ee01f767ffe471e5480965d7c8ae2b76cdc9129369c9e8472fd141e56ec7bef671bf24eddbf6a40e435a9283afc8bee1de08e341d3ec63363b97516302e717a5a02edd074a9191cea656cf901599230e3d65f3b39fc3801245bf1d069d13c920c3a490f122a41e6bccf797bddaef1e942557c6de6fdce8a2e73c4fbe936af35726191bab743d813042220225443821c761d80a0900638fa60f406d270256e793f31f8236a600c851e2825e369f09934e3bd422765348dc51119989a8774d501ed3755c86f88d14973407997928ee149dc87a8f3c5582eb17f857210f4d4a7cbfc6b0263500eccfb20b4f7a7246b60ca8207075bc8bcbf7d03940592af1b99091cdf2cb31f8ba922cb23043d5850e507551c086d609a3ab1f3e5c60d1a4fc0696d63b413fa37549cd268476925bd0decc5b860660d9668927396b03917dbc3d7277b19644f0a58f15bf29cc89579bbadf1f081cece9e2a5d513275d821f042e1d3b21548b7b53e6efe47f921471962ee8e5bf3b57434482ada578926548b0e283f9d87d1ca3f5e14a5c53f98570bfa2c4a64e9ac215551d7e5b7f49969e235ddd97ba58309216a2bec7d172d162432e5646e7b50734de280391d3bfffd595ad553d96ae68b31b47a769e116990f7eb52887ced962db27bd9ddd9211adc53ec21d8f7dfcadbae3bcd2f8c467e845429b0b3c88e34f87df74b8bb1ec70b9f36492666fbfe77a6c80b0c6d642fb3e38e403bcf3efa0a1b030cd6d86c976ce9ae6bb5a1e10e9050f4217890ab1fb1533f22a217f53667c5362f643eb2f536d4c7e4abc8f0da0476af949e8342cd570ab4093196f09c6e443e60c0282172a38885cba9e0166f1bd15ac8eedf78fe26304b7afce74db4bd55649a15c1256501db308c9fa709ac164de852c60837fc412d0791c08bdc1a5109062b1de1adb6fb6c876442f28456e454a724c4d42b0f5e2fc2329b428b6ef7f31228e87ee4d80fe42b64f2fbd7d9d7ab5349f4fb29909aeef429d3ac03751e449bbe2fe3b9a0a90302d5dc41a27a4e9f5d58ffc0dfb855e6e60624f69a87fc11498acc1366eb693e2dd58e2abebe894f5030573a19556715338484fb887251c082191ca6f60ca60133ad13b02bc4f3982f9a41dd71e5c05bfd4b3430311d64133b0c1ad0b2bb6cfbd0fee8533e2b375494e83ab4b8243cede06f041c3eac66cf6e7fcddfdc6cbe119b45d62361229529d66b12f16bf7f8b1d8fa1d6a67ed79bf7c7a074b3f4aa32237e25137288d58339e32c19a37b8c0d1bafce725ad6a867dd60f8b310bc979fd6b79097222200bf7981ceb47ad360d962766834b0f7140c7f97c37eb31ae2f635edf6dbc9616ea4ada020c6810f949a513144ab2362f1d1b2d00ef6d8d8ed94ad17822ab2a20181326e61a82dd3e1069a6c77c2adc658fa4bddbb47f0976577943c49ede4fca1912b408519d86374ead6d841c76e0c5f3677754c12afa192afdc288c21aa9f0256d072983febc901c24b75c34e28a8ea01b55cc77d4ef1fabfe1d1bdbb12dded847cf0e05de389a00af96db3b71368db316c84da3597bc3c4723607d5ff1ab6522eda7bed320e8f4f4d51d615141e6c3d9835ad437f88d8e0a61c8e9cfe79f73e6ee1f50ab26af09de244daf9476e90528e620370738f6d8c88b566c5d700b1e136117592cdff62d42d079c10f90f9165495758440cba51bf9362d0479abb2b429b8fe85bafea57df7bde5ac6bb71546b4ee5efc332cd11d47932b2bb535f4d7c056ef4082669cebbe0db9203ffc67c291f3f43c7c839d8ab98cde9ba0080c1b936c881afdf8f68a619abde06294d46be2b3a9c863676951c7a12607ff34fb77046b06c4febbb94081e269535c58fc735c12c370d3c9e66941ffa939ed65cd92efd74558c578d440592054211753929f022d29c216bcaa1d92e842506fa30bfdd03471f88bdaee3d9f7f7ba025e716c76d548f721e43fb49183fa658741d912056c32778bb5644834def250bfcd1cdd0b7a7bfbc5bc6dd7eb6ee12d2d3773a6e4e7779db72898cc5a6df7b982038466814fb6df546f3abd746f73ddbf711ca4ba3cb46a49b004b202978e7f3bae8835eabf1597339bfa8d7a175d2f91ef48c9870a80a689faea8ee28f7619d869bee6ca5315fa2614f0e3cc275ae404261fd173c13b2a8a75ff466fd2fe5134c972c189b3b2ff6de18ebfcb04f9199a9d403791982e4704962fbf3b2f8e5c12b6226cd39e46a0d9dd7994ded996494160e6a8db5ba747baea7aafd03ae676bd7b3beb7debd828d495cde4be4856a321603f523ba42a233aa7a2184f46b3a19be6c023265457094a83d6d8e09b7fb9d5ac4f97da7effcbf5de755bd948e02f4811d0792d5a39aa4c7ad4104751f9cd02ecacf525da8880dafd576e8682491d9e64c526bdad351af633ec5c3f9074cdb99dbad7955ccaa41163ff890ac64689f2dede593cf0e9f8e9d289e5591f262a7eb4a6c6a4cbb41f499e8b9770bff2577700809b58e90df0191968771697f53bf1d91b9f1cdcc8a8c82577c511d3c36ade13b7851aca1a803744c6bedad2a345ecf0f4b55c18", 0x1000, 0x2, 0x1, {0x0, r11}}, 0x5870) 13:30:46 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0xfffffff0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:30:46 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0xc0, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:30:46 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x4) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) r2 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r3, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r3, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r4 = fcntl$dupfd(r3, 0x406, r2) ioctl$FS_IOC_FIEMAP(r4, 0xc020660b, &(0x7f00000002c0)={0x1f, 0x2, 0x1, 0x25, 0x4, [{0x0, 0xd8f, 0x5, '\x00', 0x86}, {0xcb3, 0x8, 0x6, '\x00', 0x4}, {0x0, 0x7ff, 0x9ff, '\x00', 0x802}, {0x5, 0x4f2b, 0x5, '\x00', 0x2801}]}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r4, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r2, {0x1ff}}, './file0\x00'}) write$P9_RREAD(r4, &(0x7f0000000040)=ANY=[@ANYBLOB="220000007501001700000091b4a7144eb233e689377946f7586f05b89e152c0a0f72"], 0x22) sendfile(r1, r0, 0x0, 0x100000001) r5 = syz_open_dev$vcsn(&(0x7f0000000100), 0x5, 0x501200) getsockopt$inet6_tcp_buf(r5, 0x6, 0x11, &(0x7f00000003c0)=""/94, &(0x7f0000000240)=0x5e) [ 1185.548779] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 1185.555094] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=373 sclass=netlink_route_socket pid=8398 comm=syz-executor.3 [ 1185.570079] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=373 sclass=netlink_route_socket pid=8402 comm=syz-executor.3 13:31:00 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x80, 0x10, 0x0, 0x17e}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r1 = syz_open_dev$vcsu(&(0x7f0000000000), 0x200, 0x40201) mmap$IORING_OFF_SQ_RING(&(0x7f0000ff9000/0x7000)=nil, 0x7000, 0x200000c, 0x4000010, r1, 0x0) 13:31:00 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x0, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:31:00 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0xffffffff, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:31:00 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xfbffffffffff0f00) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:31:00 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0xec0, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1199.152846] netlink: 'syz-executor.2': attribute type 16 has an invalid length. 13:31:00 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 72) 13:31:00 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r1, r0, 0x0, 0x100000001) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x64000, 0x0) creat(&(0x7f0000000080)='./file0/file0\x00', 0x11) stat(&(0x7f0000001cc0)='.\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, r2, 0x0) stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000180)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xee01, r3}}, './file1\x00'}) syz_mount_image$tmpfs(&(0x7f0000000280), &(0x7f00000002c0)='./file0/file0\x00', 0x7, 0x1, &(0x7f0000001300)=[{&(0x7f0000000300)="5ba181f478efd0864d0f40aa300b7f311bdd82db77dd007159f68aeee1f216e87b5e15251bbde644a173f429560d25a8751c4d1e7751a096548b709218f6f4229f4ba7dcb3b8019028cbbb5034dfe17cef752de01864d67acc9bbf86313d0f29c2af5a659daed7087eaa9dbd03cf127a2f6e51c4a8d89483221b43d916ee0b2f9ee5bdadcf5cfa9193d69852312c2243253e0cce7c692473a38afaf394169ba1cc2275965a58b47ca86a7323a3782c56d1a83e0d0010d9f5cf3840141525ea584e2be50258f6d72cb33d83b9c106b1e56b0b389c3b25efa6eb63f608a4e7f094d78a740b54e0a80bb759497fa858937ae91da1c065a45ebbe6da1ed86b5ac3e29f3974ffc8846db166d29d0c14a4d210130c3e8e92f0c1f941d7cbe2b8847e035f5081e7ba5100707a7f1ca1dcefa735714035581b143cbb12b67872c2dd19947898fcbec627886805a70edc459ecf811a9e4dcd5832149c3da775c33745d63d5be67817e61426ae57c49f9ed4fcc76d7c2a18f2a5d4cb6a4d2ac87b1fa1592d907d68192b577ddd324c1f88f142dd22792f748b023ca0764ea74167b0ed29abd61aa8e21e71acf76ce7b4b53c5e3aa27f4f1f31b1f71e5a6d49fc191dfe4fec18adc135a5605ed3666e55b28f641e4f440160ed7c7e0b1a082515e9c0332d2d6e472e3c74a998adcbcd56f1d99b7577501e54789ffea1ead4bc2dd227a21d694f1d310bcfce685c7bf61ae3f7c353340414702619807c6c85c90c7730444f13f713d80ec3cd589843bfd55816dff0bf241a32194ab357dc1799a818f9f04d57673c97f5dd575da6955c79210a244259292fe8d779f0e1e2ad74687ed825962a239c93c6bc28b862ac7d51a6ceb677f21bdec2eff4e78580a4e2b28090ebe442cc925033af8c196cde42541e88444ace4add9ce06acceed169a3df387ee5647d6d210c284303cdc84109f87647926a182003fac047f4ec79922b6de5f34c87fd51d9b4bcdf88ff9c050a0700e830797e5b6a716a0d39e481efaa476ca19a94bd3401af2f4976109ef1a0784715e276536c7b16aaa6981d3b38c6c0eb07743c4299c5b4afd0537b495548e0d04a53f8ef128d2a321ca8c33894bb0a3009e21ba15fea17c91df1ac30aa0883ce7de129bb1f30b01334b37344fc39c87a3f0774c74a982686faf3bf0e35601851708c6b377509fdfc9a3b124481b435e47bce06e2929e2fb05ce7a147b44a817c22ab36aa36612a25b67e22f9397760092a4db9d6429cc57c40f5580000c1838f6f3820568302eb6b48ec482c2356b416fba2d9c367479c6207f335f378788024d74e667f1bbbef645a589f0a6fb6cd2fbc1dcfc5ff991ae1d56da2443e31c942e1bbba03276acb5a90abf34cc7cd8626a1415d09fcc3839dc28a1716ce0f3239ae7ebc0eeca98db16ceaec5e46330828343e8e4c6d145e341c52908923ec7cfd494117bb91b8f765a6efaee9935161fdcf9940119cd3c3cf927a7c2aa6ea6e999428325fa3c0d89348280bb455bff14401ab0f98024d6c25bdcd613e11522aa215b57ec4e69e11c5859bde93cb62323ff38ef6ba54a614cdca03988e3a9b972da8ce020bf603c44831d9532611c1c2b2c172be2ebd0f70eef30f1665b90fd077e81b0ddef174b5103098d16f99a8da7d7fbd8f88921af7c8c2a693de889c77bf3b3efb02f24f1e1652e8d5e268e1f6584a6d78891bae81ac8d13bb4c88c15c9be6330feaa4c1880fc95aee4726f0b25a2dc6fd8796779d7be7aa18d18f1bec0f6bec10a7e798a3ee69b05c80baad47b11e12fc2a30f8d1d1b53ab32e683ea94fba9e57af5068d5a52809cc22b591d16f4ad03e68944575d7eea58bb3f49b514a2d48189b7b0e3ed00976fc6cd4ee560f3329e5666153ef210a58c7fd55ce07072777fe7b1418f813bdda099905d23e321751f718899a4de21900e533dbab337c93ec7e08487fd930758e3b2c4a45cba110c37062f60ecce139de09fd2e958f4093ea2ddd5e6e22a4a26654129e818a0f7f5de2577717fbaf04efa706cfb1fa4a0aeaf4049190169204d5ea1492be81f38d42208ea121007afdf3308a2cea5d18038017afeb46d3382aaf0df4c3e8ca87e9a00952876a3ec904225bee09aa8021934e1c808981e3e6672fd63b284332e8b145af77ee84faaae19fa4d5f83ad21e00859117e51f5d2c29544523e4356e656d8a6456486a4aaa13cb4d0a547ed3b32a04d466d260a00682e1f253817ac1f38b8b51145fffab005b208dcb7b0727048ef037d110ee045c0cf7b60d305ef63b45b5c46b90724d15664d642c8581d087732e0d89d18100f4d1c7ea79843ca90216d4fd1bdc0b4e6babf2b9e116b8df60ca42221422cea1140a45935fbd20d990eba3832f2bcb93e07203a56665c924a0c5fe21c9f688dd804be383736902f1eed900a549aba65de1959c6325b02aec29c1904d1791656a3253511a424bee9c1e8bc2aed5be5b34c7484115c704935fb3a2f67efbc73d7b6f62d691f497e328ffdf22d6af9b8149a58cfb0d5fd8a0026d27ad48a1c70d9a4d93b7810db6ef921c8c790eadc567cbea40e5a0cde441d154997d750918d17a1305011374fb07d9017a288c6bdd70db87b09ab3816f6d8a2ddf9c3239ad03ed15b1b8a14778c3b945168a1a67cae2bfba97bf251e4cd9adb1da9d6414d36518761e327019bd57f11a58b296a1cf4658ef995d7bde14d686d74a2f6f79291adb58e2a85f8ed06dc81289afa9846712f0ac6cd142e82ec4270108e91e974823df51bb7b9daa38a3fb3bf1bd16ab64446af68131165e1e9c7f85da5708edc884d6d370d0c9ad6b7bccfced32f244255e46a3105d4e49d7da2f3009b8a00d44e100d72d9d53b3498ea3df10854ef512c2ed805f09dd61a6912e32ead327683fb1134e7a770fa01d5a938faf483be9c3c7889841c341aef81408969da428faf3999ff69a4dda64b6aec8baf4a3cffd73569b7f3560f01c1f7b286c4f96a915ecc15743b686d6dbc4a1563b728f1321bda8aeceb4568d9a814be1b9caa8a2ff87270ee90edce20953ba3f1a3c3ff4ad7f1d102b416c3cc598910b1c1f2d1869026f4cdad08bb0fc58d6ca12629c43cf78d41b37787073db96f8715703c181b9726c6ffca323df724624006db6cc55af0a9539459f20a7232c092b6e69ff46e72c64383bbe6baa9b9bc89f9559d772e5f817f082c529b2df664adc963f10461413c77251e8a3bd0c69b16b1ad48de8cbd9d8c272dbd303b97c6d2e69dd324e457ef0433963e27c4663987f07328f1dd30f9c92a8eade9dbfca0a845520fd60cc4e2dfadce95b058c9d943393594c7ae7552860e837af14def816626ab1739e963beec6fd55c75487ff477a088f264644973666e43ec4e5af7bc70f7de8ba31db2e58f541853563448a14676e32d956676753124fceafa9c64a250fd898b2480c7efa31152d54e037cc72928544ab98f6daddf6fc75840d1f6ae303a9af95d6f1d265eaccf01ab7ec9e4f3e88e21d294b9b322606bbc8412c4cf4d6da0a1be12914220c57770f39657a1d23842100a0152e8453d2993a4abe72229feac4c9509b00d46fd22a25b7834d2f5d6645e894ad270373df222b8cebd090b27303f22530efb82a7eee787d3c5d78a82027f3ddb289e8e6c46a79409be3e21d595e3b7ce558e56f0379b38c083b970771871242862a95d10a3938a5dd67ccc53d4bf959bec956ff8e858b635d6d9cf572ef0068b159286e25063229fb192d7965dbb78f86f5aa84e15b4e64030a0f57bfc523a3f4a3b6f03605c7e45b5992ab05125bd34a010749ac9ca814607513df037b67b0bb631a7967761d71ffb3f5dfe21ceec185b73221ad834c60d2c1c01e7639c3b6949981339e227db5393780090931851db073aa1b35e39ed295e68b0e1319fec86046254d4dc3b4d5d2f6863a42b23a6aa3857b5f245e4936a2953c3502870898c8701b0be8429d014e7bbe876027c7a2061a96ff1702029dd210d0fe694059a22fc628fdc99e959baa4589e7111f6ddb0a17c124a5301415db6383787631d12074fc4868352c2b93f352182d4681cd27554d9de6b9aef7440e8fd2e699ca33c433978bc9da618844e0ca9c05d2a53e45e7a19c61d20782798d939935abf4f88b9e2288536ec0f90e2f0d8e6477bc25f0f2229d93da920b5481f08c2504518c43297262ef805bb1870c76d77d917619feebaa2917cf2fcaa470462dfd6e09623258bb1e16607268fcdb99d13d07316a9ee5ed8fc2b9d486c23f4e9fee3ce287ed840485f9eae48d651dbaf663a6c5610b475a783a7ba2a4eca144890b7fee4b3045817c77d5a96b69a18698e6e4975dfa6b2e5be8fb02fa8a9f9db9476a7d50133e39409cbbe0442ee9c7e6ab08842182b652d28075d8d8fa16c8680e0811c0830a8f6b94bddf7ad387fe036d3d40826d20496c1b925be4aee023b07e732f167b4e58c17d09e53ae3159f4145ea8cf064b4ebc10ab753dfc5a25873bd2cc683f0cecf8861cc4b481e5d70b1f293e771dee384928bcc224c0249c61400eb8afeab1b87f3a7cc1237e8bb4db6ca71fdab4b0c8072f0740bbe0ef4a86b4a6d91dfcb5814194f1d0158c6be9ec093d92699e92803400072afd76c06eaf190032bd45e419cdec6c881b8e21bd1faa40198b6d1ee8b4d319693f9edda309af9df0e751d6f62d4dfb09813a39f97236c276db0d1e877a229fb21093d2b61a40f1fa74ef294ed62fa0b79b834c120a7c278ef9a0186e855757f5ab3d91574d6fac5074d82c9dc9f20432aaeabf19c02abc1427c630985ee90f207161d68c33306f545d84bde3c54545e305c32299fab10a53ad11d96e458d97f0c820df3e59dab86432e1f2bdce98aa94dee890a2c3f84dd9aa18d0890f42d92e0612481e0e828246407e6da2cecc8b8f8b5405562f45b82b9b253f9b86ead55c45646778e334f95a5c2dee3984a4d51fd509fd991ae3df0abd7c66cf575eb57a07be55a57d36c87d2b2370cb057afc06cbd067a954f694d291cc780de2fb859d3d539d2a7f7fff68edbe044507ace8d471a0563b2ae2b70f90d60c89879a30f7b3c84eacd9592758a9f098d068e039b641ee4d7fc9fac40894633df23b01bce913bf783600ee4a500dc1e060ce23f5a0cbfd1930bd87dbf271395dd41161ac2e81650ef7aa7819a0d73c1e585fdc3395d71b7a301a9179d533f44793924505759bbfcd0e3e6158df64d0f56d68114b9c33a6cd4da91a52fa7c5e571fd5d5f6382480551733a47969e1eab1c7424b20d0db4e822854e2568a7d2282f46477f239ca6966305e0678a983500acbb35789290a76be5b9d41edc850976caa4a302a031c2f2f74d4edb03739ca596f45642379fbed8550b4a6753f8b095bc9e3c24d10d6e07cd8e953af34cd4374f7486fcca90bc9087887168fca1d9e861b741efd94c560faecefd1bbd50c46574e1e897a56742fa22ab606eb90e74c80dcd0700b272d024cfc98da3d815e787cfbdea789c877356c87d05107c5bd2cbaa543e78d254f99a022d05b78b354482f7b121c7b3d68cb6e713e6cfee4ade5b3887aff8e5429b9c194810c8bfec45d431db3330ca0f8d7c1c78a55f0528f8d4f8ab4c016e6c9c50e1aad456ad7d2a8ec1111ea189122d39a1541ffb8a130128300b0416b9232a1cab558b436b41f2b065849ba6b080cfd0350f1585a15bb5cbe50494b584159d9a5182645a610aa43453b42f4c4f8fbbcd1e36d12b75a501a4368a22e92298c340b93e336ecc5bde8bc2", 0x1000}], 0x1000, &(0x7f0000001340)=ANY=[@ANYBLOB="73697a653d2d322c687567653d6164766973652c6d70fe0f6f6c3d7072656665723a332f33392c687567653d6e65c9843a4afe959dbe", @ANYRESHEX=r3, @ANYBLOB="2c6d706f6c3d64656661756c743d72656c61746976652c687567653d6e657665722c666f776e65723d6d0a5bd59fe0a904f315271257e098b6a62a7c", @ANYRESDEC, @ANYBLOB=',\x00']) 13:31:00 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 60) [ 1199.189593] FAULT_INJECTION: forcing a failure. [ 1199.189593] name failslab, interval 1, probability 0, space 0, times 0 [ 1199.192156] CPU: 1 PID: 8422 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1199.193675] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1199.193682] Call Trace: [ 1199.193706] dump_stack+0x107/0x167 [ 1199.193727] should_fail.cold+0x5/0xa [ 1199.193748] ? xas_alloc+0x336/0x440 [ 1199.193766] should_failslab+0x5/0x20 [ 1199.193785] kmem_cache_alloc+0x5b/0x310 [ 1199.193809] xas_alloc+0x336/0x440 [ 1199.193830] xas_create+0x34a/0x10d0 [ 1199.193858] ? kernel_text_address+0xf2/0x120 [ 1199.193879] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1199.193901] xas_store+0x8c/0x1c40 [ 1199.193934] __xa_store+0x164/0x2d0 [ 1199.193959] ? xa_delete_node+0x280/0x280 [ 1199.195940] FAULT_INJECTION: forcing a failure. [ 1199.195940] name failslab, interval 1, probability 0, space 0, times 0 [ 1199.196307] ? trace_hardirqs_on+0x5b/0x180 [ 1199.209312] xa_store+0x31/0x50 [ 1199.210027] __io_uring_add_tctx_node+0x1cf/0x520 [ 1199.211053] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1199.212165] ? alloc_fd+0x2e7/0x670 [ 1199.212941] io_uring_setup+0x1fbb/0x2980 [ 1199.213848] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1199.214927] ? wait_for_completion_io+0x270/0x270 [ 1199.215982] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1199.217092] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1199.218208] do_syscall_64+0x33/0x40 [ 1199.218995] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1199.220073] RIP: 0033:0x7f55e908fb19 [ 1199.220863] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1199.224752] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1199.226369] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 1199.227884] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1199.229387] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1199.230891] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1199.232395] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1199.233946] CPU: 0 PID: 8427 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1199.235418] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1199.237204] Call Trace: [ 1199.237762] dump_stack+0x107/0x167 [ 1199.238540] should_fail.cold+0x5/0xa [ 1199.239346] ? xas_alloc+0x336/0x440 [ 1199.240129] should_failslab+0x5/0x20 [ 1199.240929] kmem_cache_alloc+0x5b/0x310 [ 1199.241806] xas_alloc+0x336/0x440 [ 1199.242566] xas_create+0x34a/0x10d0 [ 1199.243360] ? kernel_text_address+0xf2/0x120 [ 1199.244300] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1199.245414] xas_store+0x8c/0x1c40 [ 1199.246178] __xa_store+0x164/0x2d0 [ 1199.246942] ? xa_delete_node+0x280/0x280 [ 1199.247823] ? trace_hardirqs_on+0x5b/0x180 [ 1199.248719] xa_store+0x31/0x50 [ 1199.249426] __io_uring_add_tctx_node+0x1cf/0x520 [ 1199.250439] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1199.251534] ? alloc_fd+0x2e7/0x670 [ 1199.252315] io_uring_setup+0x1fbb/0x2980 [ 1199.253202] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1199.254276] ? wait_for_completion_io+0x270/0x270 [ 1199.255318] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1199.256433] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1199.257547] do_syscall_64+0x33/0x40 [ 1199.258363] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1199.259449] RIP: 0033:0x7f943fb71b19 [ 1199.260232] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1199.264092] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1199.265693] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 1199.267204] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1199.268701] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1199.270223] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1199.271733] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:31:00 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0xf, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:31:00 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x3df8a5de2178433c, 0x1a4) sendfile(0xffffffffffffffff, r0, 0x0, 0x100000001) 13:31:00 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x33fe0, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:31:00 executing program 1: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x200000}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000080)=0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x100010, r2, 0x0) r3 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r4, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) fcntl$dupfd(r4, 0x406, r3) syz_io_uring_submit(r0, r1, &(0x7f00000000c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x1, 0x0, r4, 0x0, &(0x7f0000000240)="18bbb4eeec4ff78567c7e5ddf2292a4e4995230697d6361e431bd9ace952f9a822d51b3c36408db5d84d3bc6c92e57481af348ccb76ff341f55685f5e3b7c417f8cf1c9502b06d18b5f44e70518ada781aef19482b1bd3314e7ef2b87d11673a20a02f6ebdae6feb9a571053aae24c3749d20cd54f836179e6a2ad99148fe628aaf6ae819b1ec4e5b3e5708750b03f8c45b0625832b73a79a12407e9a652b1d726e0ab64d5ada411b64a45c454bb7d3c1eed7204d1825a03984fcf63c466d6ab5bc29086773732e0050b7f64761fc6a687f051a3b98fbae70fb467e4d7e62bf2a9506092075b732d1ddb42baea62d73a4e20e25e3f6b40ddce38afccb5cf1d7b833b823e166326143a93a9d2a951c4c018bcd0ea54da045a91743fe03dd3de3fa33c0ea8cbbbbdb794fde7588e9166415aa13610b66369b35bd231aa9f49485360aa951a612eb66a20f2eb35d31339818b58c7f132f0a45a0d01ab9f7a51ef78b9836919a059fa610fb7f1998bd45a14dd2193fcd9e37724a583faf666adc980db2b0a4c346c67e3bc29fd8dc0ee653e6a13a50300fbca137e6df74db2aa706e4c122318b7357495e087fac38e8b983ee77fe2398459bd297a58d2b993a654304da37a07bd1d342c912e2024bea26c240103aec131205197386cf4bbedf5ef39c543b07d75a676ee83ebddc934bfb788260eb4f7d9e07306f2d7a5c10d877d48680bccae4cf7d55089f3a3d69a826fc58f68aab96d55330b4640f150b82901c239761b6d541826b980851bc20e419082d8c7056373c98891e81ed35df44c5820662652df0a89c2b52b041d2c077c1ef5e71ecc4b74fd75567dc67a6c6e2d21513d3f47b3412a760b21f2de9dc9a59f380edd8900f0d7783e7de863daec847d7de9f95ec93c67984f72e14ac424bdf5e47423f7c2bb28ad5d39411fe04585055d0d86a9a7b36e137f07ccde48d88d238a5e665a4f348b67c314d23f78d5f6c5b8df16eea0e7f44558818aac7d9ce0de9d025978c98b1e971bce3ec734b3a4cb171bb08449e0f606057ca8f4446c2d8135e9279be335b02017128bd5831ce597dd68d2738aa57df12950379cfa7c8ac39b36db0f9e30a7fa6ea05857673d712dca8820ef22f1a0353916c6a568707fd089b38b19d5fc0e00366de76af2a83a343ad338590cbfe7f7a56c2bd8bebfcb87a6414885914b4b6691eddad0d2fb25f8a230695ce2ae9a12b0ea269924be33ee3a0e0d299b8e4584077f61d21b71a7e442741c8554bcad8e0d3b6441f26c53c5d71e200a142da51bf322a38bea0d6d11568f093e59f07192cd502577f2f47e0791b6d578dc9758c92180b36c5899c706dd0dc77ffaa92eed777a056ccb4c2f0aa3d97212c8835f18ebdb7b81132a6560bac90ca5ad35f3025345cccc882318e3352bc0b38544aa0a847374f6a6efdc9cce470d405319aa45009f0d4e640fb4247e5d4b0bf7e463a76c8223f12fa0d0ba113fb0e2cdbb65d38c9cc07d160aa9952ece36e1214342376ea60b81935d5fb995cc63088e7c72fd83224bb19eb260c25a49883033ed32edea7d12ece5453c14efb20df7d288219bef8591b16b556bea880adb22ca38e1a659f0dc76514ebff528b12a7a7eb4b5ff058d9b23e15d0129bc097980f91e453f772b0fc2363ec4732bfe7000159def5a46f83fd093662c62f8745b54b35765c80f93ca91e62016d044d0fd89b9060e63ea145f5136fe390014ba97c86fd1216d6a5fdedf594fc9acf49c383b4f301baf8bcc263fa5d0204ad4dec1ce61d5e3513c9464ac110d2976f1bcd56767f3582a115151bcce341367fb34a25c74de806d5ad3de85235ad46c04954bebf3eb29bb28f62fa18d107f6ebd6bb77a6eec5280a2ca63f530bbd5c1b1df5380c2174948b4179a50eec0df95a2bd68473e3f9c8a0f0ef7cfcd84493e2b2dbc12d5b0de5c3e21190c697009d84acac2ab2879828f3c48ddf9eedc833672a8f9fd146a6e1bbd1f9544e6d11e49a8b3caff778cb5ec6dedf78ecc1c913cfdf563863fe016ebaca304ce8101c66ab57484014b6004814821c912ccb85fce9362d13e024e6a15b2362cef50190e51de51fa9918ff8b15e34ce77bc2dde27c743140eb851d602ea9cfa1d04cac15a1ca15a64c69f44b0fd12e58104d12e176d9de1c1bbfd367b0a1610b57a09014ba2cc634b1ffbfbc7aabc5bea956963bf075c2b49d05a3cbf7e85f40aad25265774676a8136f52041597a37842ccf3713938ca1164b061efa5c66e97eb18499e0bec7192d8c56d21cebb280d413fcb5caeddb0febb60e8859d291d5d5bde81a9c89b7738b4f638574ade621349ad3a2b1a17fbad8f678d4d0e2bfcc5f3039872b204a98a1a4056a2dcc2c8a129a2468bb4160cbb597cea89380eb89e96402ddeec858525967372ce0068be8fe913be16b61dc26c56896dfcf406d9d2356737a3e7d96e859c77e4f4c3068eac7e3d100f360208cc784ecdfe91a37f70c8d8c4079f85eeb2390aca5dd75ab891d70f1020419f3b15bbea584f920810ffec767a75daeb3433cf73249b77446cf3f177b760588a2a50eeb80d23a78e0a16f4a78f9650ab0c8b246f26103557c73f99f99cff59137fb2f7438a018fe1bde31e12ec3d4517fa99723993b22b3a2a1ba8f941c090c8c1d9f9cb1e9733200ce4dc76533258e37f0c7299e156df7108a280b6b3eeae5ee6622b9f1ff47f410e03a0592da8e885cf751b7cb90eefd98ff2f6aed9592391572a4c328a9f56f45c188fe981db2e727e54fa981975994705886c1b8a6b0a194197fb4752ce0c2282cbf95a1c966080df6e94d00cfc383de4d3c111ea6d168fd26c9907e500b2e29cd393505b59b8e9cd08430503b96b7e9b0d3de46a000595e975f21a20b5097b5e8612d9d57bd5b6243c611befda97b3d122cba5d648083cbc73361ddd3a4ead705b430b86083fa984c368ed442306f37586d8d28a0b0b81ecf81142cf55ba04f9978b450e3dca6fbacb1bec8f9ad2be3acd3131f463172434155845a143548c4681bc390dfbec56fd73d9b8889842f8deb63b73b144a71b981d111565d83f3fb1b275d31b2b352406fad27ea4348b23ba50cf94ca66e1b29633257d6c5fd45e717b0a404de546952330f0ba53585a7e029d585a4630b9de703ab4e31db69eb6a56167eec553068151f58d349f9dad6e35cb79338537ae5c2e6fd5221d1b283403d7d659849c72bf19edadf0a9c2c27a84c575d9db106fc5a526852e8f3cc8241d324d6ac356858abb80e964e8211ec80a489ad1ef8b9897227ac6ce17e3e17186068a0348bd2177c159ea1a12a040dd5aef98531bbd0a4876fc1236ecd5c685643e5e9dda2a91fa342502dc9fa7af7296d0a79c654fdd058475b6743b21a2e2bd2744aca6ce4e4c5703887ce11987c07f38f97399658616a6eb2ce6db2f274d0fd35eca0a01efb3a6bc8c38269b30067e4bac11d2753eb4d7fe3e5c7f33164907d863bbd2107edb4c096db82f979aff7a19744c01ddad076f1cfb0e5187786663df13ab8d9e1438eae2d49539fd27a75925171adc73b1ede47d95ad281edfbb72d625a6dc6ebc7dd14aeb8f300df5b826fa86b0b3a82dcaea6620388f00b61e9314aef7b50a82ee19a0bf9ea32884cead894dd8d5ce6fc721b7c83c33f544a09304a2b768500c7706b74ad2cb4f20c545471875705f4cf4e45a60cf1bc483dcb0ee40f4acd3a7d751b90115ef58546293a123c99ddfc07b7026402392a8220df9a8a97d173a050142e691a54fd3d5730588cc1af4af0a0bbf8d2166b630c7f81cc343807bd90f0ada0fd97009e2239cd3e7a6e8d61583dcabb8fe5b8ee19f299e0a90bb4f9de4f980f3eacdf751f251163909571ee935b2f0a44f0ffc8324e08136528148ed34aa7a48d583a79480571c9e52c5ef34b9ac56fcf8396e793cd95acef933451298b7e7b6fb3ae2b442990c416bf00cbd2053b1f7c757ee056c6633313bd395f93e51fada207490e97eb9bceb6ff5276ee8f328cd83dd5441df292f1478132bdc4fc1bdafeb67d9e0647a6c0c3727ee16ac3be7dbd968edf384249d1ca19c12e31f66e2924a0992dd3e08a125c71c041c994cfed6e79152b87c7294e00ce620236a7bfc598a2945b0712d55937a9908b0d2287c08b4a98930455b7a908c15d71626cc64a9a83306f70d22e7b4165f3d85218507ec45c546d06888da328581136810b702ae949e033d5336fa46a7f60b2da2696e366826ef9934af785be5af256c368cb6792130298444a4187aa9ece7ce04db96a62eb1b3cee18f2b7b695cc6dfe86068e2351fd49e80bb2407e0cca884c670b525137b6df9fd4a716ffd3d018b996d5c1eaff7ef8904e67fa87e3cb14301ad6ef6e872fb0950e198d097fc933ba7d3d5fd63bdda7ce9384e472f5486dcc9343f525d1486b89cd65092b21496aa937e85d36a0a75e3abab1e23cc54453fad09cd02cada0949fcd21c501c7d26870bb2ecbe748ab9d6862afce2b8e2b48fea8c32c495be1e89510431f84ae2ea1528d8dfc7da80f9aaf58aa29205fc74240b0b26c479c3f78ad3bd1028a9c333e45d723f0901351e9b32fb29fdfb2261d3e480dd42d12647254b4cdea4c3be31112ee44f00dcb7f9c40d3a384576da5e3078f51ad7dfd860f07c60675cfb24c5f7d9deea70173893d76bb577d1633f7249bc9418673ec30074c81fc6b5c230698d7d4764a0f30acd5f4a14837ac61b27363e8a11ab2eac7a1369851cd229c629e5ed7bf5437a90067b616d80ea9587304de8fdd0ce36d13617554407487a75671f94b0eb3b8c3fc9c951a817bc83bfd2b7fe44754c2b590fe249dfdd59f7624e8391a8e3ed765ac38802b8bd8b4544ec0e7a3480709bc8cc99ffb63f74f5e4be0451a73b1e2c6f9e8303be11692038f897500fb4b92fc8737dce92a6432f17e0938bed9d71ce0ca1369375e3d844ade0cc315b48279a54ed9b0ec7dc36e41b45cb4fe0da686b17d7b853a1e0593dcc6f0339aaed03a965e73e1f88cac45a4df185fcdc9fc30ae6cf6e1364157ebc38aae77ce1ca2f355e09fc5f46e7fc5377a88301be42ad06420154aac2656dabcd5d0cf6ec7eccc6e2a4020fc370692aec885ec3f40332dc5730beb78200c5bf11952dc1842224f42d5ee80a8ce8e9475b6718ad50e005ee0b70b6d27a4be81423f92e8f4ad6feb6fa38c713c31714fa844b6b245a6325431ae214c8c9875b95a8a54f31ff9ecc5f7264146a9a885587d97f94e25031e32d7645b6d14efd6ec97cc0873990fa9833b2273a595450c37db6e38c15d6e21fc3a5ac1f29ecb6729875578e9c58f0674bd7559d08afc5ff556a35eb7f1e19bcb2542a73c50aa9951899ab2f5781a56f268aa029bc84992b3b28e197dc1972c884a20fddc8c11bd0c1cf72fc9023a018870171a32c238cbe41ef1d0759bcebcc6454f93bf88943e31eb44a8c03df0014d44d674ca18966282cdcdf8bf145ed5a84bfa6b23d4708e643881d0053decbe30b3d48ac1f1fdffbea85086f0cabf43a5d8804c99d815e4c29baa523acc6b81fc9ef8038d5982f0d187eb07775f3eac909845a83dc963dde3021ba89f5350691d1be2e4c99e49cb122bf8e93cb2743185c66edc682ea851edcb8266792b21f67b5638d9bfad99678e3309b543724cc87d8fc7b79e37110d3834f6de2d18a220d78d287f5ff0646add5e6f8e836804667c20f605856c63a0b444279af1f008eb5857fed2929047f9f79d69dfdd7939fd1dfc50da4e7ceeeb96333bf32a690", 0x1000, 0x40000000}, 0x5) io_uring_enter(r2, 0x6fd5, 0xe28f, 0x1, &(0x7f0000000040)={[0x200001]}, 0x8) 13:31:00 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x10, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:31:00 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) read(r0, &(0x7f0000000100)=""/68, 0x44) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r1, r0, 0x0, 0x100000001) openat(r0, &(0x7f0000000040)='./file0\x00', 0xb00, 0x2) copy_file_range(r0, &(0x7f0000000080), r1, &(0x7f00000000c0)=0x6, 0x9e, 0x0) [ 1199.375718] audit: type=1400 audit(1761139860.490:25): avc: denied { map } for pid=8438 comm="syz-executor.1" path="pipe:[29795]" dev="pipefs" ino=29795 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=fifo_file permissive=1 [ 1199.381186] audit: type=1400 audit(1761139860.490:26): avc: denied { execute } for pid=8438 comm="syz-executor.1" path="pipe:[29795]" dev="pipefs" ino=29795 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=fifo_file permissive=1 13:31:00 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xff0f504b00000000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:31:00 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x20000a6c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:31:00 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r1 = syz_io_uring_setup(0x132, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x1, 0x0, 0x0, r0}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r2, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r3 = fcntl$dupfd(r2, 0x406, r1) ioctl$FS_IOC_FIEMAP(r3, 0xc020660b, &(0x7f00000002c0)={0x1f, 0x2, 0x1, 0x25, 0x4, [{0x0, 0xd8f, 0x5, '\x00', 0x86}, {0xcb3, 0x8, 0x6, '\x00', 0x4}, {0x0, 0x7ff, 0x9ff, '\x00', 0x802}, {0x5, 0x4f2b, 0x5, '\x00', 0x2801}]}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r3, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1, {0x1ff}}, './file0\x00'}) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) 13:31:15 executing program 3: openat(0xffffffffffffffff, &(0x7f0000000280)='./file0\x00', 0x240, 0x0) pipe2$9p(&(0x7f0000000000), 0x84800) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000080)={0x0, r0}) r1 = syz_io_uring_setup(0x132, &(0x7f00000003c0)={0x0, 0x0, 0x1, 0x2, 0x1, 0x0, r0}, &(0x7f0000ff4000/0x4000)=nil, &(0x7f0000fee000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r2, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r3 = fcntl$dupfd(r2, 0x406, r1) ioctl$FS_IOC_FIEMAP(r3, 0xc020660b, &(0x7f0000000440)=ANY=[@ANYBLOB="1f0000000007000000000000000000000100000025000000040000000000000000000000000000008f0d00000000000005000000000000000000000000e3ffffff000000000000008600b500000000000000000000000000b30c0000000000000800000000000000060000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000ff07000000000000ff09000000000000000000000000000000000000000000000208000000000000000000000000000005000000000000002b4f00000000000005000000000000000000000000000000000000004000000001280000000000000000000000000000809a7313351d04ec1228d5a577b8bb9fe3fbd870721943c7d28f43d6d0ad002b003ad308e4bce62baba0c074f6b4ccafc85474ddbf02d8c4697ea8bedca66d11936c19e53b404add5032c9af84b030d3603e0d649d8ac2d79ae44de012796124ac9a862eb4a778432bf851ca5895"]) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r3, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1, {0x1ff}}, './file0\x00'}) syz_io_uring_setup(0x31d1, &(0x7f00000000c0)={0x0, 0x83d7, 0x4, 0x2, 0x2eb, 0x0, r3}, &(0x7f0000fed000/0x13000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000140)) sendfile(r0, r0, 0x0, 0xfffffffffffffff8) 13:31:15 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x1b, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:31:15 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 73) 13:31:15 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:31:15 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x7ffff000, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:31:15 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xff3f504b00000000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:31:15 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = syz_open_procfs(0x0, &(0x7f0000000000)='attr\x00') getdents(r3, &(0x7f00000002c0)=""/4096, 0x200002d8) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r4, 0xc028660f, &(0x7f0000000080)={0x0, r4}) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r3, 0xc0189372, &(0x7f0000000040)={{0x1, 0x1, 0x18, r4, {0x6}}, './file0\x00'}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r5 = mq_open(&(0x7f00000000c0)='\x00', 0x1, 0x80, &(0x7f0000000100)={0x5, 0x3, 0x400, 0x1}) syz_io_uring_submit(r1, r2, &(0x7f0000001500)=@IORING_OP_WRITEV={0x2, 0x3, 0x4004, @fd=r5, 0x1, &(0x7f00000014c0)=[{&(0x7f0000000240)="9b80468186c864b3ce319d77f67ab4798dfd21cf2743c29e7f5c256b13f310c665c5fe8ea0177dd53dfbe4238024c13c6917e2ddeb19ec207dff23370f66552aec0b3e37d174", 0x46}, {&(0x7f00000012c0)="6e9d33ebc366baa7f7434cf68792c73a6408fdd70c02cd95fbbdf46246965dd534b2fb4d4f170ce3af70d75a37ca1def4b2d7ff5f4e82b4896aa00bb316333233ebb4857b9dcbb582cfeac17a6dd59e747a2629cc15b52fa7a5fb3f2d73652e791a54ec8915f8474f08f628a33a8fcdb368d217136d8075789d09b937329ab41f840e96d4780b5935d83c0157b975244d3a9f321ce0c082f80b22cd3bdb969dadc45818c67fcfd0ec2179592394a7a224591dbdc93652124edf208967cd109532bcce112376473829a30e99765ac95f2d1c814ebe8d4d4", 0xd7}, {&(0x7f00000013c0)="1a56959e933f462be434cbc97a1817f2a5cf58f59d207af41af4fc415d90a2bb044164e19468b0c698602aec2d72121df387d83c239f3ab63bbf148a80bbf22c8888e62dbba084afb039593fc304942a0c76b1022a0b37e42ebb31103d0b7bbc012786ff5f06c689d3dbe316ac54bbdc53855b5a07ff025e06c597fd47c813fa405068475c055444f86e325bad2d519bbd8769873fa2cd3b4526b1c1a77fe17d45021538b204f982f60df6c952", 0xad}, {&(0x7f0000001480)="53384e588963ba06ebe531dc8ee7d00507ca1e019d2b1fc8075759680b", 0x1d}], 0x4, 0x3, 0x1}, 0x2) 13:31:15 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 61) [ 1214.301375] FAULT_INJECTION: forcing a failure. [ 1214.301375] name failslab, interval 1, probability 0, space 0, times 0 [ 1214.304373] CPU: 0 PID: 8479 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1214.306127] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1214.308234] Call Trace: [ 1214.308911] dump_stack+0x107/0x167 [ 1214.309913] should_fail.cold+0x5/0xa [ 1214.310896] ? xas_alloc+0x336/0x440 [ 1214.311840] should_failslab+0x5/0x20 [ 1214.312818] kmem_cache_alloc+0x5b/0x310 [ 1214.313867] xas_alloc+0x336/0x440 [ 1214.314771] xas_create+0x34a/0x10d0 [ 1214.315730] ? kernel_text_address+0xf2/0x120 [ 1214.316884] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1214.318235] xas_store+0x8c/0x1c40 [ 1214.319159] __xa_store+0x164/0x2d0 [ 1214.320093] ? xa_delete_node+0x280/0x280 [ 1214.321161] ? trace_hardirqs_on+0x5b/0x180 [ 1214.322276] xa_store+0x31/0x50 [ 1214.323122] __io_uring_add_tctx_node+0x1cf/0x520 [ 1214.324352] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1214.325695] ? alloc_fd+0x2e7/0x670 [ 1214.326639] io_uring_setup+0x1fbb/0x2980 [ 1214.327704] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1214.328995] ? wait_for_completion_io+0x270/0x270 [ 1214.330268] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1214.331615] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1214.332930] do_syscall_64+0x33/0x40 [ 1214.333892] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1214.335189] RIP: 0033:0x7f55e908fb19 [ 1214.336143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1214.340871] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1214.342807] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 1214.344321] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1214.345843] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1214.347355] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1214.348860] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:31:15 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0xfffffdef, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:31:15 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_WRITE={0x17, 0x0, 0x2000, @fd_index, 0x3f, &(0x7f0000000000)="c1e818f29502d34f56425f0dae6d258877047187aeb894a4bcec8c0a543db2acb6748e177eddc254cb4a84ac17c5efc3a44920a5890322cb23f3864026f05b64537d6e7954ee59a71b14a77d5f29fd9939300d03b792f3aec8f8e231769d354aca2c52a53e0b5ff0c8e230", 0x6b, 0x1b, 0x1}, 0x101) keyctl$instantiate_iov(0x14, 0x0, &(0x7f0000000340)=[{&(0x7f00000000c0)="e9e5cd8264c8b2ac6386267552198caa7ca87dc41c463f9772016aa9c5b5bf9cce248fb06a344f5ad40785e9d058d74191bba455878e3b6fa573700e217183f0d54d7dd98159d55901935008cac9f5a780bd982fe6d7acfa23f5b94a89b94c377bc714fa13ff26093cdf880b6acb284bb2387b4f38c0dc78", 0x78}, {&(0x7f0000000240)="a22c0968817edb1d519d958a4928352bf718e969ddc4f343aa248e6ec438bd7ba8f1231991a7ba1a0a506094dafe1c0ff29a0cfca90f2d25c25ec4265d8016d5867a87041c826c2cd9f55f54ac0d976b94e8d6f59dd00671be8b7545350485d3f7bbaf0648d295578384baa57bc92013f1e05e7c2d3aee8705545b02a275cdc5a4cf34dea3827f2626c8f5a20ab547b526cd86f6047d3e29c6f197245fd9b421e3fcbba0cb4c49e3c2eacd07e716537eb0acdbed72a0c8a685be60fda1001d24d9221fb160a54bc1903bb96aca56767978d94073201bf5158530dbc1e120", 0xde}], 0x2, 0x0) io_uring_enter(r0, 0x76d6, 0x7c2e, 0x1, &(0x7f0000000380)={[0x3]}, 0x8) [ 1214.374453] FAULT_INJECTION: forcing a failure. [ 1214.374453] name failslab, interval 1, probability 0, space 0, times 0 [ 1214.376989] CPU: 1 PID: 8483 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1214.378444] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1214.380190] Call Trace: [ 1214.380752] dump_stack+0x107/0x167 [ 1214.381517] should_fail.cold+0x5/0xa [ 1214.382336] ? create_object.isra.0+0x3a/0xa30 [ 1214.383314] should_failslab+0x5/0x20 [ 1214.384119] kmem_cache_alloc+0x5b/0x310 [ 1214.384980] ? mark_held_locks+0x9e/0xe0 [ 1214.385852] create_object.isra.0+0x3a/0xa30 [ 1214.386776] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1214.387847] kmem_cache_alloc+0x159/0x310 [ 1214.388721] xas_alloc+0x336/0x440 [ 1214.389477] xas_create+0x34a/0x10d0 [ 1214.390276] ? kernel_text_address+0xf2/0x120 [ 1214.391222] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1214.392334] xas_store+0x8c/0x1c40 [ 1214.393096] __xa_store+0x164/0x2d0 [ 1214.393884] ? xa_delete_node+0x280/0x280 [ 1214.394764] ? trace_hardirqs_on+0x5b/0x180 [ 1214.395681] xa_store+0x31/0x50 [ 1214.396384] __io_uring_add_tctx_node+0x1cf/0x520 [ 1214.397397] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1214.398515] ? alloc_fd+0x2e7/0x670 [ 1214.399294] io_uring_setup+0x1fbb/0x2980 [ 1214.400175] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1214.401237] ? wait_for_completion_io+0x270/0x270 [ 1214.402294] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1214.403405] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1214.404499] do_syscall_64+0x33/0x40 [ 1214.405289] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1214.406379] RIP: 0033:0x7f943fb71b19 [ 1214.407178] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1214.411058] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1214.412651] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 1214.414166] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1214.415669] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1214.417175] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1214.418679] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:31:15 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x53, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:31:15 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0xf, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:31:15 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) r1 = syz_io_uring_setup(0x132, &(0x7f00000002c0)={0x0, 0xb0f0}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000200), &(0x7f0000000140)) sendfile(r1, r1, &(0x7f00000000c0)=0x4, 0x4) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r2, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) fcntl$dupfd(r2, 0x406, r1) ioctl$BTRFS_IOC_DEFRAG_RANGE(r2, 0x40309410, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r3, r0, 0x0, 0x100000001) 13:31:15 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0xc0, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1214.503526] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=15 sclass=netlink_route_socket pid=8494 comm=syz-executor.6 13:31:15 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xff3fa84b00000000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:31:15 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) io_uring_enter(r0, 0x332e, 0x58ae, 0x2, &(0x7f0000000000)={[0x7]}, 0x8) syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x2, 0x0, @fd_index=0x1, 0x0, 0x0}, 0x0) r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0xb, 0x10010, r0, 0x10000000) r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r4, 0xc028660f, &(0x7f0000000080)={0x0, r4}) syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_SPLICE={0x1e, 0x1, 0x0, @fd_index=0x7, 0x16fa9f0, {0x0, r4}, 0x80, 0x8, 0x1, {0x0, 0x0, r0}}, 0x101) 13:31:15 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 74) 13:31:15 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x10, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:31:15 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xffffffff00000000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) [ 1214.702193] FAULT_INJECTION: forcing a failure. [ 1214.702193] name failslab, interval 1, probability 0, space 0, times 0 [ 1214.704967] CPU: 0 PID: 8511 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1214.706589] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1214.708547] Call Trace: [ 1214.709172] dump_stack+0x107/0x167 [ 1214.710055] should_fail.cold+0x5/0xa [ 1214.710952] ? xas_alloc+0x336/0x440 [ 1214.711821] should_failslab+0x5/0x20 [ 1214.712719] kmem_cache_alloc+0x5b/0x310 [ 1214.713682] xas_alloc+0x336/0x440 [ 1214.714517] xas_create+0x34a/0x10d0 [ 1214.715399] ? queued_spin_lock_slowpath+0xcc/0x8c0 [ 1214.716568] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1214.717801] xas_store+0x8c/0x1c40 [ 1214.718646] __xa_store+0x164/0x2d0 [ 1214.719500] ? xa_delete_node+0x280/0x280 [ 1214.720481] ? trace_hardirqs_on+0x5b/0x180 [ 1214.721493] xa_store+0x31/0x50 [ 1214.722275] __io_uring_add_tctx_node+0x1cf/0x520 [ 1214.723398] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1214.724616] ? alloc_fd+0x2e7/0x670 [ 1214.725480] io_uring_setup+0x1fbb/0x2980 [ 1214.726461] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1214.727637] ? wait_for_completion_io+0x270/0x270 [ 1214.728785] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1214.730020] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1214.731219] do_syscall_64+0x33/0x40 [ 1214.732077] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1214.733258] RIP: 0033:0x7f55e908fb19 [ 1214.734127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1214.738391] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1214.740142] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 1214.741801] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1214.743439] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1214.745083] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1214.746730] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:31:28 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:31:28 executing program 7: perf_event_open(&(0x7f0000000300)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_ADD_TX_TS(r1, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000100)={&(0x7f0000000240)={0x68, r2, 0x4, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0x0, 0x41}}}}, [@NL80211_ATTR_TSID={0x5, 0xd2, 0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_USER_PRIO={0x5, 0xd3, 0x5}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_ADMITTED_TIME={0x6, 0xd4, 0xfffc}, @NL80211_ATTR_USER_PRIO={0x5, 0xd3, 0x2}, @NL80211_ATTR_ADMITTED_TIME={0x6, 0xd4, 0x5}]}, 0x68}, 0x1, 0x0, 0x0, 0x20040040}, 0x40000) 13:31:28 executing program 3: sendmsg$AUDIT_SET_FEATURE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, 0x3fa, 0x100, 0x70bd2a, 0x25dfdbff, {0x1, 0x1, 0x1}, ["", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x880) r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r1, r0, 0x0, 0x100000001) 13:31:28 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 62) 13:31:28 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x11, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:31:28 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0xec0, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:31:28 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r3 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x2, 0x0, @fd_index=0x1, 0x0, 0x0}, 0x0) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, 0x0) syz_io_uring_submit(r6, 0x0, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) r7 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0) syz_io_uring_submit(r6, 0x0, &(0x7f00000000c0)=@IORING_OP_OPENAT={0x12, 0x1, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x402, 0x23456, {0x0, r8}}, 0x80000000) syz_io_uring_submit(r4, r2, &(0x7f0000000000)=@IORING_OP_CLOSE={0x13, 0x3, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r8}}, 0x6) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r5, &(0x7f0000001900)=@IORING_OP_READV=@pass_iovec={0x1, 0x1, 0x2000, @fd=r7, 0x7, &(0x7f0000000800)=[{&(0x7f0000000400)=""/200, 0xc8}, {&(0x7f0000000240)=""/90, 0x5a}, {&(0x7f0000000500)=""/197, 0xc5}, {&(0x7f0000000600)=""/252, 0xfc}, {&(0x7f0000000700)=""/66, 0x42}, {&(0x7f0000000900)=""/4096, 0x1000}, {&(0x7f0000000780)=""/93, 0x5d}, {&(0x7f0000000040)=""/59, 0x3b}, {&(0x7f0000000100)=""/60, 0x3c}], 0x9, 0xc, 0x0, {0x0, r9}}, 0x64) 13:31:28 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 75) 13:31:28 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x12, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1227.230479] FAULT_INJECTION: forcing a failure. [ 1227.230479] name failslab, interval 1, probability 0, space 0, times 0 [ 1227.232943] CPU: 1 PID: 8538 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1227.234392] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1227.236179] Call Trace: [ 1227.236736] dump_stack+0x107/0x167 [ 1227.237500] should_fail.cold+0x5/0xa [ 1227.238311] ? xas_alloc+0x336/0x440 [ 1227.239083] should_failslab+0x5/0x20 [ 1227.239888] kmem_cache_alloc+0x5b/0x310 [ 1227.240731] xas_alloc+0x336/0x440 [ 1227.241474] xas_create+0x34a/0x10d0 [ 1227.242281] ? kernel_text_address+0xf2/0x120 [ 1227.243228] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1227.244346] xas_store+0x8c/0x1c40 [ 1227.245108] __xa_store+0x164/0x2d0 [ 1227.245899] ? xa_delete_node+0x280/0x280 [ 1227.246777] ? trace_hardirqs_on+0x5b/0x180 [ 1227.247699] xa_store+0x31/0x50 [ 1227.248392] __io_uring_add_tctx_node+0x1cf/0x520 [ 1227.249417] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1227.250519] ? alloc_fd+0x2e7/0x670 [ 1227.251293] io_uring_setup+0x1fbb/0x2980 [ 1227.252182] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1227.253244] ? wait_for_completion_io+0x270/0x270 13:31:28 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x13, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1227.254295] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1227.255577] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1227.256676] do_syscall_64+0x33/0x40 [ 1227.257463] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1227.258577] RIP: 0033:0x7f55e908fb19 [ 1227.259365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1227.263264] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1227.264882] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 1227.266410] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1227.266449] FAULT_INJECTION: forcing a failure. [ 1227.266449] name failslab, interval 1, probability 0, space 0, times 0 [ 1227.267926] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1227.267937] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1227.267954] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1227.273754] CPU: 0 PID: 8544 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1227.274565] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1227.275532] Call Trace: [ 1227.275846] dump_stack+0x107/0x167 [ 1227.276272] should_fail.cold+0x5/0xa [ 1227.276715] ? xas_alloc+0x336/0x440 [ 1227.277150] should_failslab+0x5/0x20 [ 1227.277594] kmem_cache_alloc+0x5b/0x310 [ 1227.278073] xas_alloc+0x336/0x440 [ 1227.278492] xas_create+0x34a/0x10d0 [ 1227.278926] ? kernel_text_address+0xf2/0x120 [ 1227.279443] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1227.280047] xas_store+0x8c/0x1c40 [ 1227.280462] __xa_store+0x164/0x2d0 [ 1227.280885] ? xa_delete_node+0x280/0x280 [ 1227.281366] ? trace_hardirqs_on+0x5b/0x180 [ 1227.281873] xa_store+0x31/0x50 [ 1227.282255] __io_uring_add_tctx_node+0x1cf/0x520 [ 1227.282817] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1227.283422] ? alloc_fd+0x2e7/0x670 [ 1227.283845] io_uring_setup+0x1fbb/0x2980 [ 1227.284321] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1227.284906] ? wait_for_completion_io+0x270/0x270 [ 1227.285481] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1227.286096] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1227.286691] do_syscall_64+0x33/0x40 [ 1227.287122] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1227.287715] RIP: 0033:0x7f943fb71b19 [ 1227.288143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1227.290257] RSP: 002b:00007f943d0c6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1227.291140] RAX: ffffffffffffffda RBX: 00007f943fc85020 RCX: 00007f943fb71b19 [ 1227.291957] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1227.292784] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1227.293616] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1227.294455] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:31:28 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x33fe0, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:31:28 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x4041, 0x0) sendfile(r3, r1, &(0x7f0000000080)=0x5, 0x2) [ 1240.928189] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.6'. 13:31:42 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x14, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:31:42 executing program 7: r0 = perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x10}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) io_submit(0x0, 0x2, &(0x7f0000000340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0}]) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000080)={0x0, r2}) r3 = syz_mount_image$vfat(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x1, 0x6, &(0x7f00000016c0)=[{&(0x7f0000000300)="2e91c57930b19d53d868c117467b5dec7261217b405eb8314b60222f1779479b06729386c2802bbca22037eb8fb38c6cbbf89bf8a7e221e01f24f35dd90ac6e4d54cc0f0aa16d0aaaa4d2d89df635a814e844410c6ff066ec289ea8e1897cd20fb5eb945a226397295e57a1e8137e49ebf03faf18cdb90d8bb3eaf2f07d8ad8ae79d15126d878896ab8a8f534257b8278c9f5172", 0x94, 0x80000000}, {&(0x7f00000003c0)="047ac349859e7dfc095582e6c9271abda1eb809b3cd7c7fc204b0381da962995b33d850b5b3390e7ded45ac183f9685b63d3d3d1e1180e1f5e1d9576f4cfa99115900267bd661fbc074c33980121c8fc4cc9225ff6df533bb10086f800e3c493fc4e9e070fa35433039d48e448ed9e84881c958b713a637bc3bde63d7f15641f232ee650bc2532edcf402a653c7a9d62bd9f316cd17504442d1d18899128364139ca698c16a8f880b9180a1036afa481026b775d3ce6b890c70021d40e153fe921d958200ec44983a311f533167a1a1ccecb80c3f6e3d1bb0f8dc112476a80bfc7c1c9d91404ddc4c7f68b02da812c7c5407b8ab2244795646", 0xf9, 0x1}, {&(0x7f00000004c0)="ae0eb705c487d8a63c8b99e80d2f95393c9d95ec8b0fab68244042282be2f7f30fc5d046f9cea7be5786a690c3578dbd868ad86c3b5a62e419e0290833dbe623c492cdb5ad87377e96a82dc80c1cfea8275d8a2587e7ab46cca0820bc7bc7f46e80c11c9db09a45ded0273eacf589654d70148ce6ab89edca64838d03783178eb62d39087263cd830115cead902108082dd3601fa6782aee946ab741ad4336cbf604f908d18ecdead0c5fda67f38fb453e5d4836b6b20798576ff135f16f3d10a097990822b616692e1ad88996265cba460d4cb9428904a83cd45c5655469293636ad2f2567da551e6cc2fe14933", 0xee, 0x6}, {&(0x7f00000005c0)="c0e6a715aff6385a374339dd056b13ee9027f01ee7d504162a48305c3b4ad54dd7adaa4e23d29c472d075c98f3a5d0b1d2a197d528a349642ed7ad84d340eb5b824e2f42e440f35e656b117176824dc8ea6cb08bb497861d3ddbec1f6c0720ffdb17e24ec60d83150223eaa710c305e4b49b4f864c33e279203168a74ea1a306c4a8f0834d80f9ee4a925c0ca402fa9f7cb1010abcc99fdf7b6189fe1b2081822ba1978bc27d3ab21d99303a", 0xac, 0x2400000000000000}, {&(0x7f0000000680)="62754082941863f0e824ca7feb57bdfe8943ccf893dd6557d90ae50b36a0533a228ff4c52d35220b438632da261458589ffa4580e92d5d09df7477d4e9663a98d0f2a84f3395d7a4685bc2d26fff56c00a807434feb5c0936a6d8d65d8f0b74b5f9aba5da2ba961aeb24a4b59048c52dfc15ed3703a0516b009458f0e9a3dd649eecb816f887208fd7768bc15f63aa1d9324082bf0a18698d81eaf2278d9321d666d70b26d24bc94bafba40e5e065806eb5e75cc4b92f2e3f3dfc73b67b1cb5cf6a3bd52a0b8d7321f6f6e08f4dd77b12f2ad688e502afa11c48615d4b4f8147a50eb675d56ac947ff65deb85cda093e98b0c3a40e2f3faca258ff19d4ce5f98df7be2da7b2455c205310c01d2bdd4ca75e2bb288fa5e23ffa8c82b7815f418c572098a3f9dcaccf0f78e78c536f708bbe3a1eaaf2673e956e100a34f0f5c1e879a70373544a4c048109630c3ea1a8e7dc06be9e532c9ea833354692976ca5d5f905c5b39146ec76467106e4d4ca25a9bb9cab5af43bc2b9d0028dd2d069d25b5359d03444505a93f4043d95c545f933aa30801c81cb7a770d7cc8728d8e45f3508d58545f6d62fca584de96ca8e892855c1a4b3ec4b2928a7a88ccbff7ded2d0b0289bdfda8ce3db841b774e5b5d49df83ed0c4ae38ac7d03d1410fa0ca051bfb9359ae366ad6ef8c77cbb08d8d33c23a0374228646e04b95c74f4b68e78fa1c5b5ee9e912d9b46cca13417fc22956d1cf57e05c5223419c8eae6a750590907acee03ed9136f384e301512ba805adc185456b2a000680aecaaff4988d5e2b3a2b9eb68034f1825e16f13cabcb7cb83f222cc59da38f68d2cab63b9ed4405a0a5d1d8952b7b71d86cdfdb431e9556b2f19c5fd5990f79ec5812c7c3d8528044839b061d9901647063f03ddb4e628c1725699dab961a25939086cd826fb00deca25537fb3b1596fe2d2cf4f3871e34f4f74c5c1560a1f01cd6a33e9b78782d9e8c30f1e466d8265154c4c5e1c14c4aaea43f9398d5e4e13ced11132a017c219728ab155c94bcfc883f48e93a1734ae7993f04bf4a50bc02ae0e3b9a448ac0ab9a2faab6e14643db9b473ad6ae52c0ee7a003a82393184118f2593dc9bc8c77f8b10d9471ebd9d55548936f3da85c80b38318377e9f040d710cd445f9c7a2a4c52cf3cba4095ca4d7f14a8675173979cc3eaee42c4af739e24b7160b107a2b1497bb050640c1f9526e04d7b70e5ca80ad0ed194618f89af618134fb536902be2c250b169f7353cc7ae3e68b9d0acf5b3c282575a5440ceacb6164a37cdaaa8103a195a0c2e03aea6db436b7816c8a4e8bbd1e3f2d3e05001a2181962e6a417b948553a78539df696483f7018be81ac2b95846f6a1282303b3618da1e2e85e720fd44132d7eddb9e208d30ea6f8e511f5c4a20bcdd795c646d5ffbc012030b93e382697591eb7b3b9a832edd264d213e8015bd35da22d706b8344d306d52b3feef97d89f87fe200c1c9d1dd08c1519d6577c9e19df6576a1a5826cb4593a48be306cc8b32ad53c630638898f5ec2aadec8755445e41877615e34763f4d03903396179d88dd4f24bb96bc6eb2e07331098308c390acc63f6131a58ea7e086765b0b7bef006d74fec1eda19647a5e3c3dec6708bcdc6afdb6eb915d3201462fd72fdf6038d88f46c22dc3a753f5034962e83366dff7b0bd6c8171917f094d5722ae45d85b36a98afed6cea0cd4a4c3c1047d20e5294094b3cbc1774bcae9de786f56545e648fa29c9367b39f58f0456475976961ecd8f2037f3ea75ac35a2f8c4db1b1722bf7f3005a919a54ef472047f08b2fde8ee633eb98023dc1ca459e6acfcab117a1acb249285b8cfa2ef1b9ad62a31f2b61657cef6cf92da037d20846b10f0291faae9c51fed0ee7b96cb9dd8c24230a8bd5826a56743f9f22dc7facd6471c320c25a58463115c1e1d124691277e399cfb12bf5803dbdfffa286f7cfb29ba90ad358c869b84a9c504bc504d1729ee13a36d9f71826fceb1f7801f4888990bca4c2fc71344a35ff3ac58475decb9b1acda3fd8802e5e7e4dab364702e5ef9a3386d1fb8aa10da8648498d65f661f39b5f1e732f448116ea1d5604db771ed297847749c94612eafa802d8d5a929b4877bda03b88c9d6804dc571c239ad678173d0a34cd03dc7123756eec2fd46e07facff09f5a0d031a7c2320735998abdc85ded763c8c5ad502bf94f4db25051241811b7b8c9dfb60c99e93edd07502bbd46e442035f410b0ffa3a180fb63317a2fb3fbf7f63fb00bf5edcbe8d99c721bc44bbb64aa8d3523fea72c7187af9395d7a3f090af5315f0e6552f24f33e867f21fbc3947af5bf19cdacbc0764d894342a658aa8c9af328311706896df6a8fb5796a6c6ce42cbd498a848414652ca27510e600030484e7492e7c632e95be78172d14f35a77efd4bb50adcf08ba9780c78f86dc433983aebd2a3370c751f5cba619b28c65f6c31b625b304e98b440196486da5460e2478032a3472d8274bc31c17aa9b0952f824bf69a28a0bb750c9b959ae752c7530a3dbf38a3b65f3b1a20f426570736b3809ea700488f7d5371aad190d6b0818087c816ec777c4291c2abfb7786686376b66732db029322f227bc5c316a8d11af562c049a744fd623f4270d9647d5bb77264459249a3cc05bde1c7bcec234a9c7e946b547dac4d0ca6e5b8f41e81d0b5bd4e59ba9b5f71f3f8e14b1b114b2d9eb48eb8faca7af3928e943a424548435928fcf1f92f829d44fbcf7b4d884f641ee4f82318829a761941202ea9243f226a888e7f9a64c9a767526e6f750c90f0519d0f2af9a4f5056ff894a1c709959340ba33cf95a7a7e36cc23686a8854e8655c0fe9174e7aa8508d3dc9a9212a9d51d11692b531dd0cb2f85388cddc474cad1d316732db74db042ba46a9438d2547280fd1a174581ed44c5327c139085767b65f701b5911e9e9458cb8f7c69144efa4bc69ab2116da5099c235df4723426a3ec3f8de77fa174555b9f8e3ed0020ed9e2ed1d3e3bf06312d469d5a6b99650cb5b4758ec1b56a2715ae59ce4d9bb38703622be4975dbcf9ff6d0809c105c63aaa85734ae393ca3c8954249e820f634e7cefcf9eb324d28ab9c59647257204b7b74429ac40d5ee10370c2d8bcff93e8a0ce237381d9b49b2e1027a7d98d82d3a17abe79cd4fd6718db4fba607f2145e8afbd9e9c05b5757b42e94be7481fb4123e43e274d69c2105da05bd8e2d5f5c0cd911a58749cd28f0d7c2fb3da8f212ea1d5b960c032950ca270716ab5e1cfa2c49cf1ecb7e0ab7c969cac6bf91a15158ef52fbb444ab6493e3991d895c51deb6c3e805a5de5dfb652d4722f1657bd743041cbf83dfa3eef19c5cee5d89d23ca55263736270f205cea62f635292623ca61e41fad56e2f1509f2cf45efbfec1cc044bf9ee5835abd3f6e304b72cbb893cb8f8fe38aac0f11d6062a2cbf82278c0da6010890fb1cd5e95ef529f7b53ad08e43dfa00946081234ca0c466faba2ddbc2a1b99cbe5f491e3ce28c3da67e333db08915d9ba5c9d85659c6bb7e8c1aa8d2e75605a228347f5b01bc8ad581ca4ee4ad3e76995680b917f9e7238e2c90630d4b2b35eb9469396601a9810b066cb36af1d144be19d4433231f7f19451e8248d62abdb2070dcc0b82c95668bb7ff1d5bc958fa1870730027c20e6c8dc93744a2131312816bfc9ec1561a2fb60e9ae82487b2898a9d88e3043909e1c5040f40f4647d3812a1b06f1e86d4d9bc120ead0e8878d6a119beb25888ecc8b6dfc7b954a5fff37f2d8cf3616d1a808ef80743d32fc4dae7f76d33f2cc1738121400a84887f92b14a1865fbba84c0973e2d491cac19eef709b02623b9357e906f7d6187ebd25b393c85c393f8b5756b20900bf8360af9a6b71502bb79227e711661b7a473d2475e4f962b3c7c361d07c84525543686a90f945f260f8bf365b1cd4e518cbc47ccd29be391b72dd902e590031481a5164d786b1727970722f2540f444f6c05d3909525963973444bc758a7c7f124c295a38b01dd7e5ac07d705e5acfde7bd0967f4ffddf5fe53110de5b4ad7d5982e5f587f92d8d0278d713a84d055aa7b1462d49c357b679cad734379ac726e95e4ffa794b4c028a96159d7037d90c2af6dda74454bbd1881c134f9c6a58311098a7a1b4482a8210e70a7a93ecd0c6ce17cb357aa945f2d26149ff189d8dfb53ac65378d0ab89087fc18869983561f79f42e45015072a0d1085af6aa7b69248c36b0b7fb11b2ed562c0ec137069e25d0f4330f851db63e9f99f7edaaa2da09e709c720bf21f41b38b9f1e02152a4105ffb5460fb9c061bdbbffdd92e0047a5735c9b64860321d07dd57f23ffd9fbeded7235eb30cd8b4366479945f99d2438200f61bad4bf1c21b9f10af02b01a5154209922efc60e49d32f76892bc87affbd284fb7ff15b80870de84a349c1245107a94be2bd12c5256f30412581eaeb9c8c5a9928aeb53a79af8bbc2c8c88972ebb45c0a2b2aea281cbaa72b8c193836e657f44fd7bfb4d7bbf94a1a8fdd6591acd333abca231034b95377012a30a277b8eb45da54b0082228f71b7b3bc41cacceefb829ad5a2ecb27af0ec0f242bb82032df26d04e62b1f24f959e513ad8a3312793236a427289eb64ec3369f402f1de208f0c90df78c8afa216bb12fffbeb372526ef2f23550b843c6e0f5fb54042745db119a33e196ae78477f17d6d025e6602420824f084e5f6b1ff92cd5d608eaab615e11c056a22db70b086f70676fa8ae7f5d33d7afce11cff97d52db7cbf540a68aa64332842534585e23db3af817cc8b7a6f1b8a9bf849c09eb78688d9c439d3acc0985b292aecbc77533479912f3b08922d29bdd34b73edf3d68385344f89537edb632db48c21db8c28e2171b6361ea3615c34d78dbac61f0a47f0448ad2fb2fb92933b3509d47223a8aa977360d2f7a2163142817beabe3de4fa2c68b43962d3fa2a2f8963155bdc49c313a1bc7bcfa0b99a15991fc97411ca9818e05bb53ab20d3eafc41babf9d493dda7c20e5dc09c42633b73d7f6d6b7b6ac9cd7dba172eb7a6800cedf1303fef779f8eba23a13a09669b9464378f809265b252494a62a6d4e88d50bb2bb5872eca53dc642ebbafa45d96ee1cd0bd40f2e60a2331699fa8468de30993d95a79eb6d742e20cfa3f5cd0b6fdf2e5e2f0583bb5bc3f736e025431b77cbdb9ff261890f7832898a310f60b73a433de6050360bb3cd4cd4b13bfeaeda75ae966713fda3d933a085a4a9eca1cb293bfd5f50521553ab921b208939ee14d805814b8be594ed412999b5d9fdde50a5005b7904b44829958310ec2c90cac5e67cfb2b757a6a7183c4976f7f2275add8d10a2fbfce950a57961022fa149e35966215df5d15bac86e72fb29e8756fb070b210b0e26ae736e7cf3e9c121d418e63be9567678d6a72ee66a4c99cf4864f0bec815904ef0d1ba4b00bd5193971e5cc6a39930e975b6134c955bc394dd890fa5ff617a78cdbe0a72fa5627bc68b2451379070228f222d5c8e6b3bbfeab38b343c1e7903b7fe6c1885566aac58000fcf67da6a59e1d6a9b71aa575b10a79213c62b36affb8e5ed5711d24eb8f11311dec60e4e10d72d1229c8d7bba70e3c29d657ca95ffe82a5aa428e02c2f4f30d34f4f7056bd732e4f4cc25ea69bf95579b0d14e41e9436c1dc706626d619996397acfed18f058e9c2bac4be187f59ba879932f0e81e4bfdefa5d34deaee5a86a26165f2e6bbe8b1ac26baf7fa58", 0x1000, 0x101}, {&(0x7f0000001680)="95", 0x1, 0x5}], 0x140040, &(0x7f0000001b40)=ANY=[@ANYBLOB="757466383d312c696f636861727365743d63703935302c73686f6f746e616d653d77696e39352c73686f72746e616d653d6d697865642c646f6e745f6d6561737572652c6170707261697365de09c42c7375726a5f747970653d002c7063723d30303030303030303030303030303030303030302c7365636c6162656c2c7375626a5f757365723d002c00"]) r4 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r5, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r5, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r6 = fcntl$dupfd(r5, 0x406, r4) ioctl$FS_IOC_FIEMAP(r6, 0xc020660b, &(0x7f00000002c0)={0x1f, 0x2, 0x1, 0x25, 0x4, [{0x0, 0xd8f, 0x5, '\x00', 0x86}, {0xcb3, 0x8, 0x6, '\x00', 0x4}, {0x0, 0x7ff, 0x9ff, '\x00', 0x802}, {0x5, 0x4f2b, 0x5, '\x00', 0x2801}]}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r4, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r6, 0xc018937d, &(0x7f0000001a40)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r4, @ANYBLOB="86e8ff010065300000000000000000000000935501151ed83b62e0d8cf59db6b700dd4dd22c7db1272a6b801b27b0df25c41ab4aedddcbb6a752daee89421e333dfa6d9424c8a69f8c60994200a7443fb66d213573a75016e7c718a7c936d74302c79dd4571791879a62ec938eaf57b12bd15b0bc7083e8cfddb0a7dd138ed63bc0c96fb97c98cc4da67b6f412ee58371ed874d07b3f83e72765532100bb347053fdc9f9c26d871628194c243dc982c9296c20f5cba75c47a6b4e4480c6c338fe35db2670581168edefa49fc1ee1"]) io_uring_enter(r4, 0x58ab, 0x0, 0x0, 0x0, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f0000001980)='./file0\x00', 0x10000, 0x110) io_submit(0x0, 0x3, &(0x7f0000001a00)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x3, 0x3ff, r0, &(0x7f00000000c0)="79a58c26da7f60b4663b7276e1f8b05914437f18000a1b90b1b309c5aa22691394f92bfe41749d2246d796518d31e9ea212c7ece99e89321bd694760f769be49870a3acda711e54700262c52b0fc48bf858cdc9c92d864652ce64fd6afde6f1fda8ffc8f0158c685bd233ef57c", 0x6d, 0x4, 0x0, 0x6, r2}, &(0x7f00000018c0)={0x0, 0x0, 0x0, 0x6, 0x20, r3, &(0x7f0000001840)="d3d3867eeb33ada4d82f7442907e906f478c8755150af0ec3b6982a3b68c65febe2ac697292e6627d83cbe05372fdd273a53b45a134f2178fa30f657bbbf690b42c2b95513dfd274803dfbcd4cc1cfe2ff924f2cef1e0cddeb5d22b499fd8d49fecb82f2acd2e35d3e38cf464061d2400fed6dc314ec", 0x76, 0x80000000, 0x0, 0x1}, &(0x7f00000019c0)={0x0, 0x0, 0x0, 0x7, 0x0, r4, &(0x7f0000001900)="34d79059d00f0beb64ccd6ee1181186cb741c2d29e4f1e9fe2ff29d9ea4953e309da32a0f5aa2fa50ed983faae00254bf374e229e48e09b84c341bffa151d51e81730b1e0f1f4cde64eabe8afed4", 0x4e, 0x51, 0x0, 0x2, r7}]) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) ioctl$FIGETBSZ(r0, 0x2, &(0x7f0000000000)) 13:31:42 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:31:42 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) r2 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r3, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r3, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) dup2(r2, 0xffffffffffffffff) r4 = fcntl$dupfd(r3, 0x406, r2) [ 1240.959773] FAULT_INJECTION: forcing a failure. [ 1240.959773] name failslab, interval 1, probability 0, space 0, times 0 [ 1240.961116] CPU: 0 PID: 8578 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1240.961907] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1240.962847] Call Trace: [ 1240.963157] dump_stack+0x107/0x167 [ 1240.963571] should_fail.cold+0x5/0xa [ 1240.964017] ? xas_alloc+0x336/0x440 [ 1240.964440] should_failslab+0x5/0x20 [ 1240.964872] kmem_cache_alloc+0x5b/0x310 [ 1240.965342] xas_alloc+0x336/0x440 [ 1240.965747] xas_create+0x34a/0x10d0 [ 1240.966191] ? kernel_text_address+0xf2/0x120 [ 1240.966699] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1240.967295] xas_store+0x8c/0x1c40 [ 1240.967707] __xa_store+0x164/0x2d0 [ 1240.968129] ? xa_delete_node+0x280/0x280 [ 1240.968608] ? trace_hardirqs_on+0x5b/0x180 [ 1240.969104] xa_store+0x31/0x50 [ 1240.969480] __io_uring_add_tctx_node+0x1cf/0x520 [ 1240.970039] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1240.970631] ? alloc_fd+0x2e7/0x670 [ 1240.971057] io_uring_setup+0x1fbb/0x2980 [ 1240.971532] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1240.972107] ? wait_for_completion_io+0x270/0x270 [ 1240.972663] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1240.973260] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1240.973851] do_syscall_64+0x33/0x40 [ 1240.974277] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1240.974857] RIP: 0033:0x7f55e908fb19 [ 1240.975283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1240.977365] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1240.978242] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 1240.979049] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1240.979861] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1240.980673] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1240.981484] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 ioctl$FS_IOC_FIEMAP(r4, 0xc020660b, &(0x7f00000002c0)={0x1f, 0x2, 0x1, 0x25, 0x4, [{0x0, 0xd8f, 0x5, '\x00', 0x86}, {0xcb3, 0x8, 0x6, '\x00', 0x4}, {0x0, 0x7ff, 0x9ff, '\x00', 0x802}, {0x5, 0x4f2b, 0x5, '\x00', 0x2801}]}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r4, 0xc018937d, &(0x7f00000003c0)=ANY=[@ANYBLOB="0100b8b834e2009dcf1770d61bdf86269bee981346dbe5c54c184ef82631631c406f03a988958fe0d6e90dff9904fd01829cef1070f27113037d8c6f2c05e17b8e07273cb84bba31ebd88f388f47e25efe6924a7c8077b35287171f1566622c3169e4766641d397a85bea674910ac399cbd74ed2ecd3fd0d6864d5a88a47ce4bb3d26cc035bc21aad70c", @ANYRES32=r2, @ANYBLOB="ff010000000000002e2f66696c653000"]) lseek(r4, 0x8001, 0x2) sendfile(r1, r0, 0x0, 0x100000001) 13:31:42 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 63) 13:31:42 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x20000a6c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:31:42 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 76) 13:31:42 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_setup(0x6bba, &(0x7f0000000040)={0x0, 0x8c5f, 0x0, 0x0, 0x346}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) io_uring_enter(r0, 0x4443, 0x1f86, 0x1, &(0x7f0000000000)={[0xba31]}, 0x8) 13:31:42 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x15, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1241.005787] loop7: detected capacity change from 0 to 135266304 [ 1241.007409] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.6'. 13:31:42 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) syz_io_uring_setup(0x350f, &(0x7f0000000000)={0x0, 0xda51, 0x0, 0x1, 0x3bc, 0x0, r0}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_WRITE_FIXED={0x5, 0x0, 0x2000, @fd_index=0x7, 0x3, 0x4, 0x400, 0x0, 0x0, {0x3}}, 0x80000001) syz_io_uring_setup(0x5b84, &(0x7f0000000240)={0x0, 0x7c11, 0x8, 0x0, 0x1f4, 0x0, r0}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f00000002c0), &(0x7f0000000300)=0x0) syz_io_uring_submit(r1, r3, &(0x7f0000000600)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000005c0)={&(0x7f0000000340)=@qipcrtr={0x2a, 0x3, 0x4000}, 0x80, &(0x7f0000000480)=[{&(0x7f00000003c0)="7bad673fba5c70c9a6ca4e68e710586e1d681c5d5349ef201e7db4ffb3a97024a068992e3ad32caeed6d59c3e794277982f8047b8dfc44de4393f218a075dc3a2f3a57ebcc2cab7b780b82b8754beb88b41a61698efb081fd4965517bc375c59741e3e9205163da6806dca98c861f626c9a7dabf3cbdaa8e14ca8c1d89a46bcdf437f3d7947ad7f1a1871d4d50603658b80e0086861dce87d0c385355f2365", 0x9f}], 0x1, &(0x7f00000004c0)=[{0x68, 0x10c, 0x9, "51dccc830d88ab47043d19200b5ac931ee937b4bdae6d4127eaca5cdca05f31b4c347fab789cfdd857f57e491280b7563af2122df4d7f69ac19a258fc6bd9d2dbb3c3b7af101ad7e7bbd5ba862dbdf17d89e44255e23b9fb"}, {0x88, 0x107, 0x8, "1bdb9e6c6cd27fb0718dfc336c1e1125876978c9f5b8861ac320eb5c1c9d60b8108c8c6d3fda692369ae8bfd8381d37f1bd92aee141f2cecea71e6c225b45e7b584b85f031ebf62f89e03110c842e63c0d8bfcc25129714584afde650afa66e3f3b549a2488188f87d2beb4e9c85c009ce"}], 0xf0}, 0x0, 0x20004010}, 0x7fffffff) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 13:31:42 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 77) 13:31:42 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x10400, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r1, r0, 0x0, 0x100000001) 13:31:42 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x7ffff000, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1241.094809] FAULT_INJECTION: forcing a failure. [ 1241.094809] name failslab, interval 1, probability 0, space 0, times 0 [ 1241.096294] CPU: 0 PID: 8581 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1241.097137] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1241.098145] Call Trace: [ 1241.098462] dump_stack+0x107/0x167 [ 1241.098912] should_fail.cold+0x5/0xa [ 1241.099391] ? create_object.isra.0+0x3a/0xa30 [ 1241.099941] should_failslab+0x5/0x20 [ 1241.100411] kmem_cache_alloc+0x5b/0x310 [ 1241.100902] ? mark_held_locks+0x9e/0xe0 [ 1241.101414] create_object.isra.0+0x3a/0xa30 [ 1241.101955] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1241.102569] kmem_cache_alloc+0x159/0x310 [ 1241.103079] xas_alloc+0x336/0x440 [ 1241.103509] xas_create+0x34a/0x10d0 [ 1241.103958] ? kernel_text_address+0xf2/0x120 [ 1241.104507] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1241.105116] xas_store+0x8c/0x1c40 [ 1241.105559] __xa_store+0x164/0x2d0 [ 1241.105996] ? xa_delete_node+0x280/0x280 [ 1241.106499] ? trace_hardirqs_on+0x5b/0x180 [ 1241.107027] xa_store+0x31/0x50 [ 1241.107424] __io_uring_add_tctx_node+0x1cf/0x520 [ 1241.108012] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1241.108612] ? alloc_fd+0x2e7/0x670 [ 1241.109050] io_uring_setup+0x1fbb/0x2980 [ 1241.109554] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1241.110159] ? wait_for_completion_io+0x270/0x270 [ 1241.110751] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1241.111383] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1241.112006] do_syscall_64+0x33/0x40 [ 1241.112467] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1241.113078] RIP: 0033:0x7f943fb71b19 [ 1241.113530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1241.115763] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1241.116635] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 1241.117479] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1241.118309] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1241.119173] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1241.120035] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:31:42 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x16, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:31:42 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x800) sendfile(0xffffffffffffffff, r0, 0x0, 0x100000001) ioctl$AUTOFS_DEV_IOCTL_VERSION(r0, 0xc0189371, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r1, 0xc0189372, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0x4}}, './file0/file0\x00'}) openat$cgroup_type(r2, &(0x7f0000000000), 0x2, 0x0) [ 1241.141938] FAULT_INJECTION: forcing a failure. [ 1241.141938] name failslab, interval 1, probability 0, space 0, times 0 [ 1241.143530] CPU: 0 PID: 8601 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1241.144352] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1241.145345] Call Trace: [ 1241.145653] dump_stack+0x107/0x167 [ 1241.146101] should_fail.cold+0x5/0xa [ 1241.146537] ? create_object.isra.0+0x3a/0xa30 [ 1241.147093] should_failslab+0x5/0x20 [ 1241.147528] kmem_cache_alloc+0x5b/0x310 [ 1241.148015] ? mark_held_locks+0x9e/0xe0 [ 1241.148505] create_object.isra.0+0x3a/0xa30 [ 1241.149029] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1241.149636] kmem_cache_alloc+0x159/0x310 [ 1241.150144] xas_alloc+0x336/0x440 [ 1241.150581] xas_create+0x34a/0x10d0 [ 1241.151013] ? kernel_text_address+0xf2/0x120 [ 1241.151553] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1241.152155] xas_store+0x8c/0x1c40 [ 1241.152581] __xa_store+0x164/0x2d0 [ 1241.153012] ? xa_delete_node+0x280/0x280 [ 1241.153501] ? trace_hardirqs_on+0x5b/0x180 [ 1241.154029] xa_store+0x31/0x50 [ 1241.154428] __io_uring_add_tctx_node+0x1cf/0x520 [ 1241.154998] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1241.155622] ? alloc_fd+0x2e7/0x670 [ 1241.156071] io_uring_setup+0x1fbb/0x2980 [ 1241.156564] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1241.157170] ? wait_for_completion_io+0x270/0x270 [ 1241.157750] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1241.158387] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1241.159003] do_syscall_64+0x33/0x40 [ 1241.159443] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1241.160055] RIP: 0033:0x7f55e908fb19 [ 1241.160493] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1241.162687] RSP: 002b:00007f55e6605108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1241.163596] RAX: ffffffffffffffda RBX: 00007f55e91a2f60 RCX: 00007f55e908fb19 [ 1241.164458] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1241.165312] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1241.166172] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1241.167024] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:31:42 executing program 7: r0 = perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) perf_event_open(&(0x7f00000000c0)={0x3, 0x80, 0x0, 0x20, 0x4, 0x81, 0x0, 0x101, 0x9146, 0x4, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, @perf_config_ext={0x7f, 0x50ca}, 0x48, 0x1f, 0x7f, 0x5, 0x3, 0xfff, 0x8, 0x0, 0x200, 0x0, 0xffffffff00000000}, 0x0, 0x1, r0, 0x8) r2 = syz_open_dev$vcsu(&(0x7f0000000000), 0x6, 0x50000) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x6, 0x30, r2, 0x8000000) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:31:42 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r1, r0, 0x0, 0x100000001) 13:31:42 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000000)) r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000a, 0x810, r0, 0x10000000) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r2, &(0x7f0000000140)=@IORING_OP_LINK_TIMEOUT={0xf, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x989680}, 0x1, 0x1, 0x1, {0x0, r3}}, 0x5) syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_NOP={0x0, 0x2}, 0x200) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:31:57 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 78) 13:31:57 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:31:57 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0xfffffdef, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:31:57 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_setup(0x2daa, &(0x7f0000000000)={0x0, 0xf69e, 0x20, 0x3, 0x2cd, 0x0, r0}, &(0x7f0000fec000/0x14000)=nil, &(0x7f0000ff1000/0x1000)=nil, &(0x7f0000000080)=0x0, &(0x7f00000000c0)) r3 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r4, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r5 = fcntl$dupfd(r4, 0x406, r3) ioctl$FS_IOC_FIEMAP(r5, 0xc020660b, &(0x7f00000002c0)={0x1f, 0x2, 0x1, 0x25, 0x4, [{0x0, 0xd8f, 0x5, '\x00', 0x86}, {0xcb3, 0x8, 0x6, '\x00', 0x4}, {0x0, 0x7ff, 0x9ff, '\x00', 0x802}, {0x5, 0x4f2b, 0x5, '\x00', 0x2801}]}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r3, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r5, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r3, {0x1ff}}, './file0\x00'}) io_uring_enter(r3, 0x58ab, 0x0, 0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r5, 0xc0189379, &(0x7f00000003c0)={{0x1, 0x1, 0x18, r5}, './file0\x00'}) syz_io_uring_submit(r2, r1, &(0x7f0000000240)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000100)={0x4}, r3, 0x1, 0x0, 0x1}, 0x6) 13:31:57 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1256.507289] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 1256.540689] FAULT_INJECTION: forcing a failure. [ 1256.540689] name failslab, interval 1, probability 0, space 0, times 0 [ 1256.543294] CPU: 1 PID: 8628 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1256.544748] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1256.546522] Call Trace: [ 1256.547086] dump_stack+0x107/0x167 [ 1256.547867] should_fail.cold+0x5/0xa [ 1256.548682] ? vm_area_dup+0x78/0x290 [ 1256.549499] should_failslab+0x5/0x20 [ 1256.550324] kmem_cache_alloc+0x5b/0x310 [ 1256.551195] vm_area_dup+0x78/0x290 [ 1256.551986] ? lock_release+0x680/0x680 [ 1256.552842] ? mark_lock+0xf5/0x2df0 [ 1256.553648] ? lock_chain_count+0x20/0x20 [ 1256.554538] ? mark_lock+0xf5/0x2df0 [ 1256.555346] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1256.556476] ? lock_chain_count+0x20/0x20 [ 1256.557373] ? mark_lock+0xf5/0x2df0 [ 1256.558186] ? vm_area_alloc+0x110/0x110 [ 1256.559064] ? __lock_acquire+0x1657/0x5b00 [ 1256.560005] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1256.561137] ? vmacache_find+0x55/0x2a0 [ 1256.561999] __split_vma+0xa8/0x4e0 [ 1256.562778] __do_munmap+0x365/0x1260 [ 1256.563598] ? arch_get_unmapped_area+0x450/0x450 [ 1256.564634] ? lock_release+0x680/0x680 [ 1256.565491] mmap_region+0x7cc/0x1500 [ 1256.566339] do_mmap+0x868/0x1370 [ 1256.567087] vm_mmap_pgoff+0x198/0x1f0 [ 1256.567926] ? randomize_page+0xb0/0xb0 [ 1256.568794] ksys_mmap_pgoff+0x41c/0x560 [ 1256.569666] ? find_mergeable_anon_vma+0x250/0x250 [ 1256.570724] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1256.571849] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1256.572961] do_syscall_64+0x33/0x40 [ 1256.573770] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1256.574882] RIP: 0033:0x7f55e908fb62 [ 1256.575677] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1256.579606] RSP: 002b:00007f55e66050f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1256.581266] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f55e908fb62 [ 1256.582812] RDX: 0000000000000003 RSI: 0000000000048140 RDI: 0000000020ffe000 [ 1256.584321] RBP: 0000000020ffe000 R08: 0000000000000004 R09: 0000000000000000 [ 1256.585856] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1256.587605] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:31:57 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 64) 13:31:57 executing program 3: ioctl$BTRFS_IOC_DEFRAG(0xffffffffffffffff, 0x50009402, 0x0) r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$FIGETBSZ(r1, 0x2, &(0x7f0000000000)) sendfile(0xffffffffffffffff, r0, 0x0, 0x100000001) 13:31:57 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:31:57 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x400182, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff}, 0x84800) r2 = syz_io_uring_setup(0x132, &(0x7f0000000180)={0x0, 0x441a, 0x0, 0x0, 0xfffffffc}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) fallocate(0xffffffffffffffff, 0x4, 0x5, 0x7ff) connect(r4, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) syz_io_uring_setup(0x1b1, &(0x7f00000000c0)={0x0, 0x9b92, 0x0, 0x2, 0xbf, 0x0, r0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000240)=0x0, &(0x7f00000004c0)) syz_io_uring_submit(r5, r3, &(0x7f0000000580)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r0, 0x80, &(0x7f0000000500)=@rxrpc=@in4={0x21, 0x2, 0x2, 0x10, {0x2, 0x4e20, @broadcast}}, 0x0, 0x0, 0x1}, 0x3f) fcntl$dupfd(r4, 0x406, r2) r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r6, 0xc028660f, &(0x7f0000000080)={0x0, r6}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f00000002c0)) connect(0xffffffffffffffff, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r7 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff) ioctl$FS_IOC_FIEMAP(r7, 0xc020660b, &(0x7f00000005c0)=ANY=[@ANYBLOB="1f0000000000000002000000000000000100000025000000040000000000000000000000000000008f0d00000000000005000000000000000000000000000000000000000000000086000000000000000000000000000000b30c0000000000000800000000000000060000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000ff07000000000000ff09000000000000000000000000000000000000000000000208000000000000000000000000000005000000000000002b4f00000000000005000000000000000000000000000000000000000000000001280000000000000000000000000000f091742fb41decb9feaea99da6841c01f7c85c746e01371cfd81bcfe98b348678f46252fd6aceaec7ce009165639d7d1a2dac4db5ffeb75878c537bafc3afe58274a1b6abf8216eff24decc78806d391940d6f80d9ae51057ada191aa42428f4c6e3fb37d252f53c844ad03d21cf5c17f0147bf215a2d43f48544abba580a8c9d8198303cc3183207e6f205ff4c1cdc8c940a110826aa96657d816e702ca06c72449209414c73120332e8994b7472744d38c90059aaa0879d11702a9342747af4aa338d281e1698505b11c304a6a771a56d4d4a2ddd2773e1bd03f7695cc0a1a2fb1"]) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r7, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x1ff}}, './file0\x00'}) ioctl$AUTOFS_IOC_READY(r7, 0x9360, 0x1) sendfile(r4, r6, &(0x7f0000000040)=0xffffffff, 0x5) 13:31:57 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0xf, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:31:57 executing program 7: r0 = perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x2080, 0x10) r1 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) write$binfmt_script(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="2321202e2f66696c653020200020df232e20000a6bd8c2b75fdfc3f85cbdaed94f6912e81b2506bcf6f853f82d13b2ab434421eaf71553124cf5404ba6386159742753740de29cdd26b57fa0d9848673903bcf710e8a2cc69e1814f202ae550e9c8a3402a9b517451c89283c80576890f71ed6cc91233ae5df80ff70480bb892dbe4a9987444094b3801461ea5cda549d848fc216641b196090dade857a6713fc97a0089aa5d9e79c9a1fb128fc51492a00260106eb0c3fe6b5d177819cbdf3041e1632ec7e2521a5c2121fd80cbaa2608113f40700622d29f71ac5c7ed3bcbd2676361eb635377ab4a3ff4ee73a4f831ad1a5ee752edfa9fa2ddd630ba5ef81dbc71e63d33739a0a99d01ccfc6b58a5284f447f76f69c9a8e1bd2cd30e3291f63fea49fc382f459932d16d37167810aeede632480ac2eaa19ea57f831769309f5e42cd6397edb4dc96e0242d7ed348ee7b5aba8d15cdc787e0db527ad19e1d1400e8f543c6ee990cb8368f39717fccfd332bb7d59e93ccf02b192a42b943dc3a6869e7f43cb30166ae19672af7cd2b8925ca05b4fe6625475b123050baaf7fe9c73d48425cd9b9be1a4b4d746730eff4f65d638830ffdb9459ad739a53e36073f989368b05575f360bd41ef86ad3c26005d4669c4b9fc0e0cffcf9b2798cf42ad98b7df096df0964786ee96899be0a73d5d0ecf8fee70c06b727ec105f1ab667b18b929c312ee9e281a1f5932de73bbf55b6500a1c427858b7ecd65b2f4fc56cb3b264dc1625de90d628f0618135e1ac8d4a870a85740c5d5b708ba177a55a2196b73dd4da61c329973fd97453708249e53e44a38becf886ee4e3319b1ffc7037ae576211453bc1e1832448cb440001503285fa2cff26496f8f7bc5b146f04b39e51ad6a35fa633c856aac0b7dd408107c871969496de7d0c552d3daa11d546dfe6d1ae3eecc4880af551fd8a921d883a6ce4e20f529339b3f697b6869b81aa8a83677fee9a551a426dd658900dce2e251665258ceb3a55745f2e89fa3e40170aaaf5bbaecd053410531d7469cde2a78ba9ba1e20ba03f9a4f56f453dfbdaaa223ee7b92c2d67396267850d871a834c68db2928d986115afb40933925120eb49d588a2de3f4de84a6ad7b4e305c1a05680b7c9653e334fc5ab9be0edad5d18590fff35fa5dfd1f568d506eff566fe7073be59e80c2c50175f76d7093d35b8e3ecbcb6b781725e782670b1df9cf4c425bf7c2ece58aedfcadcb351542bf4646300f4d2497d2059b9768663ed2c3251df2a9c099b83d20ac01e1f4fdb364be63665339eab1470e3a7eb0f98042adf9fbdfb8a8ea30a1a654396c01cfe166b645d96cac02151f9e25fbd1cea2fcd836b55dc4500c1682a6957ccd51202edced175b4c495a8f0bd01a5370bd1de05ccf6d274ab0545a110227be53359291e60cc7f1a5f2edfebbc55e59e58ccb5b94bfb290ff8776bc82ae6acd43aa02a4bbd21c3e5fc44da7d4f7a71173c3019e761390f11e3c14ee7df03eb837548a3e7ff9fc89d20ea8504437a7c83485048a9ba7c0fe29fce824d16a03d67e7970be0a0cd79892de81cfbfbca79327fd00ae8b0f1ad3f51bd587ba9f7eaf7f3d663d3994a9060e6caef30b697ed2c6cba69688a0e2d38a9657aa1bee62f717f417a6882d56a4a9d7a5642a004a3331cb695123f6f84894a7ed769e3f9528bce403324274fd76b53eda0e846db46c6ba08e743166db4901cc4ed21774252ee39e19c76becfa53af71ba4200f5e32ad7695cae02d4fd83d265a2a3fce3a0efa64487befdb13d6b94659433166992c703730e3bc3ce806ebff423d327ff609dc360e53513bf585ac777765051d45291aab9330381aeb47d94b21d0c5b8a5eed146c62b58277943b9079e701cec14143ea1e9b171c9a72a71573e0b40073d1e71f28e8d4484659f4dca58fbb0b55003a4ecf51e2664ed3555b356c1a30c55c6bac5b9f61df7658e05ca7fa14d5a2d9e98734106c0ee9eb39cdc7d1dd365b3f1a6eb7a943e390f9f2c2b080b5a73b34e04776e36e166f24829a485878392b764190a25f4cacb235c413f02ff4ac75c1fc23caddd27e94c0f539921464fc810b8f9170f34dba7796ea96365420e7a31b9d852260ecfc79ef94244939e762acf7c51fd51cc15c763b50cdcd16f9a2275251d9369725b8e980e6048e9645e96a930ed8d35474f209a7ed0ac20933614dfb325c665dcd7bd90d2caad38e0906f7411fe2cad81fe0990a00c6ff3118ec75ddcf9a224cbf74efaeeefbf4c40803e68fa4797cb08113d48c28a9f372ac796ecdc763ea847d83fae7497c53520269762243d451741dc4727d231998dd4111d7e6d03eadea05756067772c71966815045b114e01628065fb63cd3866281614de2363af633234fbb48f23efaad5621fbb01b359b834fd7aee07b7611c180824d0ce9e3ea140ea5bc7863aeff987ea842b2531398a081767279acf51d8852fde6b53c24b48177bfead4b1170ede0700f4aaa2381acc8e91a432e996bd9ad63e7bce03980892640b854bedff8ab43b52947400f35dc68e9aaa6503624ee8d2aa3adc6febf674785dbdd52a9b959a410b7967ceec0762dc9ba662cbcae65159f0efa1228893f68dae4de1cdc7679932dfc8d55841411e14a60b24b43448027da71a6bd831787b8845fa4434c1ccdd6aaabd9fc8128592f983cec55bec0f2a3b3d6bc07ccfd1754f5bc78f011d536a528cb60b4fb3c91537c8d09ac07e1037355396648452fe9287f2ae8a28931291a2889f6b5328c98478a8b45a96bc96f65e0b71fe55082bbaa9b4c4e3352fccd3648dd714c6ae9ce031060a4a7e2d2da1e5d8d6e04ac7559f606f14251573723b5bb8b0d85c289e49c0b1ce8a01dc1f19387ab443ae1aa750adf583ed5c8d1c441e69f6dfe80ebefc5d2f2fe18d2d0189ff03afb3373da03aed77e6bab99d8394379bbaf2d687fa2b5020d62b7f8d01d7a8bc3c324020131631a33a9fa50f5d85c884bf6bf320da5f0c541202edaa99d6345554edf2ecabb479a23e1a85fc1ead6114504a596567bfcaa8df7914e0e25f137f8a71c48f786269b713a18f0925efbbaab27dbfa97d527458ec689b701164f81aea9305f2d7940d85c3bf897fca51b874bb90ac1c1e07a4c53a7014c8cb3d5938757be292d1115cb75629f25bf2b71cf56e953c9a1f6c96f1dc9715cfbca0e5810b4417b08d3d38880d81bc46479422361e88f52add7ea6c02650f99cebf49da99be613535cc2987bfac1c8fc8a763b332bcf794a9df7285bd6ff636e4e9dc66c75dfc3d222cda119a8928f8dc57f3241b503c7d0de21b15ff192afd725d6911e50f7178a0872ea3bf588428e6b08d89d66df6a5aeda2a7d6d5233662aa34c44352c304fbb23e6b91a0ff02775fd429c8ca55e050b2394e2408427cd3e5f0579bf0c0354fdae01d877e0914aa7b246a8ce6585ecbf254fd0f1ade6b765b7edfaa4cd50553a00a01c13aba2f020a4443c0ef43d54610eb3b18aa77f3d28248f8d2e093c22598a64c9e096e32e0a535e817d73e8e6724cb942b7cb21601862df588b6eb650d106ec85e80ddb469390f2c9b8d5bf8e0c6c4050922cdffcd7e7de7b89ba3dbf3bd6570544a4fe40c2e8e7c3c14ee0fdcd7d46a4dd6907e5ff2e882ac3180d7a40546abed3f0b2f2f41b22a9d803b8e60b354d3ac6426c0bd2fab580921ffca1d6f3f91c585071c2213818f41f6ad1fb6d3c824b9c5f66462a8a4828ce015f912ab9a972bc332b052a6c89dba233ad1c2f8106e9a722e2c04015ed7d87c0293818ba0b034dec2df00681d8b118ec747307a2b01f3b2fd97158124e0a7bf267971e124f737afbfeec9fb23029f163ff5e0b3ac5f13c42864c8d93f9a98ade22f80fb8a8e7a323073127fe35c491d39f92ae5624f2b171d4f1440b9b472899ccd06c98d82a8cc0cbb3bf141d8a7057694e25f84c7b4c61c4ec6cd3229172e924dd074d34ac9c8864dca1f36f1a24947bff9fa612aabc45e17b04988c6f2b8f681e0ee338bc177c8ec70170edef0426d1bf6109b38878455dbebcf263436e297ec1b9eebdce02d216c075151e17691172aa89b16ffb8167ea30717b02a2a280a007b786c441e7b8ef2efd8e3d7ad5c5a5f9609d3f66e2b26a0ffef6c341299e70df38f9a2a162c02bcf284349f8cdc44d271a23c00a2c78e9a05d7f93bdc09a65250a26566f67bf58c031e5ac147862a81661389facd5be62198fdbf6755621a3ba81e1e3eff13c7a0c49d020864ee8e33e2b949ae97bcae045802d67f4d095288d30a02eacd352cc7cb38aa469bcbe768c05ac79d9c87388216bad1ec247d0bc934ed6046026ef61f590a11f3195b04d85ebbb0ecf540bc7dcf121809d2350c6d589f4700341af73ebde5329f9e30465ea5ac825f08738dca729e0c9795dba87b2b65d9f9b86539be14fafcc2c191da77b3dfa4f5feae2defea85380a7c1a6c0ae70d0c6a4907fa8bd29594ed3f1938e6d74fe3ba1baff9ede4d85a90092e33fe64ddb5c035795a55e2b11a0ab44e2747c04862468e3cedbfeb9ddc3dc18ca66142b0340285a9e3b1ad87663b3289285c2619c71f2cece05734a7a0e7a25c7f3c2c01abb4bd000b39c7619a798b8f33dc33b88cb9b02e40cca22275da8566810fbe826a7e8d5a9caf6c768ee80e15518203fe0cf69dcbcc4249ef195205c245584ae452ff4c5b75027e39bd71026472eb7de14c740b2b50d3bef898a4aaa1fb8a84d4e94a2a1f25b3cefdb26f61260b2e3652baee7218526a0b7e769aa5283afe4c27332e2b2b152ec9bcb477b49c0b6f8adaaf2d8dc0d5b4ff8c472414f153dfaaec872a6dbdaafbf70e2177da54c4da66054938b82fa71eaa5c86a5359a19d40bdba531e49b6a04f3b64ad377492a0f00153d458b54452509e650ec4c3b43e5ac254373b0a9f5103d7e53ced9b64efd58b0ec18044cebc85eb290633d89a4d4925ee59abadfd02f177f4e43fcbc164600f719dfe4a00a283395ad13729c276ccde2a3e6b3ea3350d6c202b6c938f3b2fb820c461bf4a28665b26bf1b467a225686502729257d060a4b060d82f43ab6bd3de205a327d0eff3da112d31d9f1b0a9c1f4c88d2cb975cfaa009982f2e6c3e1d98e2e7ce290cd1d332bd6b7994024155a5bca7441a354429bc36710fa3bea7efd0cbb2639845838da09c31a7d5a4783bf530fbb6f40d0a9e3a3d6ff52c3e669c731fad7927ca0a272a4910603132054c496cd226e6db9007f9bfaf0d09118a4c267bf27490e8faceb5e240302603fb35cbaea37e4a694022cba7e2c7c3ee2389a123f1a19f937a4948fb6d3be39e5c0ac2f9f3138f1f805c4bf1aa9c2361f4b84c799493a8c3a88aa8897d76fb21f3fcc02d93393a82bc433e4afb3ab95d70cf1371dfd373d5d02d13848e5d2b7aa4e6fe08b629cca229eca0e4f51a108dbcec8791ee52ea8b77018b53bd586c6fac16889c20666b446f9ab62ca107f9d2d39655d07ac99e6dbad1d5266f193eedefa99c253c837d958360bc40d2bdfc97014d4b4287738663255e7cc2f8b668eda2faef1d272865167f40fea300a4935286c4b0005bcf75eca6ae48db39fa790027b1c692456148247d7a8851543f9784ecf4be61bf3d3265522bac2235b538bc74f48295fa47886bc280c527579606cd24bd76baa3577ed6b16436bdfac171b0754df65fcdec99aeb5f1249cbf47a1e9e795c2f1a112be6479dce2f12745b5f86ccf5d7e5e2ffeadb75fd57b01c6a10b21093a06b8e87f5f8ba2932a96367e9f0a9512872288c884134f81e20000a0bf9deea61139d22666d1e747b7e00b"], 0x1014) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) lseek(r1, 0xfffffffffffffffc, 0x1) mmap$IORING_OFF_CQ_RING(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x110, r1, 0x8000000) 13:31:57 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x19, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1256.688065] FAULT_INJECTION: forcing a failure. [ 1256.688065] name failslab, interval 1, probability 0, space 0, times 0 [ 1256.690535] CPU: 0 PID: 8633 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1256.692021] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1256.693813] Call Trace: [ 1256.694405] dump_stack+0x107/0x167 [ 1256.695200] should_fail.cold+0x5/0xa [ 1256.696032] ? xas_alloc+0x336/0x440 [ 1256.696836] should_failslab+0x5/0x20 [ 1256.697653] kmem_cache_alloc+0x5b/0x310 [ 1256.698549] xas_alloc+0x336/0x440 [ 1256.699336] xas_create+0x34a/0x10d0 [ 1256.700149] ? kernel_text_address+0xf2/0x120 [ 1256.701119] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1256.702269] xas_store+0x8c/0x1c40 [ 1256.703066] __xa_store+0x164/0x2d0 [ 1256.703867] ? xa_delete_node+0x280/0x280 [ 1256.704770] ? trace_hardirqs_on+0x5b/0x180 [ 1256.705714] xa_store+0x31/0x50 [ 1256.706455] __io_uring_add_tctx_node+0x1cf/0x520 [ 1256.707504] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1256.708639] ? alloc_fd+0x2e7/0x670 [ 1256.709447] io_uring_setup+0x1fbb/0x2980 [ 1256.710358] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1256.711447] ? wait_for_completion_io+0x270/0x270 [ 1256.712505] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1256.713639] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1256.714773] do_syscall_64+0x33/0x40 [ 1256.715582] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1256.716684] RIP: 0033:0x7f943fb71b19 [ 1256.717489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1256.721425] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1256.723075] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 1256.724603] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1256.726143] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1256.727680] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1256.729218] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:31:57 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 79) [ 1256.786603] FAULT_INJECTION: forcing a failure. [ 1256.786603] name failslab, interval 1, probability 0, space 0, times 0 [ 1256.789078] CPU: 0 PID: 8655 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1256.790580] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1256.792360] Call Trace: [ 1256.792927] dump_stack+0x107/0x167 [ 1256.793706] should_fail.cold+0x5/0xa [ 1256.794534] ? vm_area_dup+0x78/0x290 [ 1256.795344] should_failslab+0x5/0x20 [ 1256.796151] kmem_cache_alloc+0x5b/0x310 [ 1256.797019] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1256.798149] vm_area_dup+0x78/0x290 [ 1256.798934] ? mark_lock+0xf5/0x2df0 [ 1256.799726] ? lock_chain_count+0x20/0x20 [ 1256.800608] ? mark_lock+0xf5/0x2df0 [ 1256.801408] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1256.802534] ? lock_chain_count+0x20/0x20 [ 1256.803416] ? _raw_spin_unlock_irq+0x1f/0x30 [ 1256.804363] ? trace_hardirqs_on+0x5b/0x180 [ 1256.805276] ? mark_lock+0xf5/0x2df0 [ 1256.806078] ? vm_area_alloc+0x110/0x110 [ 1256.806945] ? __lock_acquire+0x1657/0x5b00 [ 1256.807881] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1256.808988] ? vmacache_find+0x55/0x2a0 [ 1256.809842] __split_vma+0xa8/0x4e0 [ 1256.810622] __do_munmap+0x365/0x1260 [ 1256.811440] ? arch_get_unmapped_area+0x450/0x450 [ 1256.812475] ? lock_release+0x680/0x680 [ 1256.813323] mmap_region+0x7cc/0x1500 [ 1256.814161] do_mmap+0x868/0x1370 [ 1256.814907] vm_mmap_pgoff+0x198/0x1f0 [ 1256.815727] ? randomize_page+0xb0/0xb0 [ 1256.816594] ksys_mmap_pgoff+0x41c/0x560 [ 1256.817461] ? find_mergeable_anon_vma+0x250/0x250 [ 1256.818520] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1256.819635] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1256.820733] do_syscall_64+0x33/0x40 [ 1256.821528] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1256.822633] RIP: 0033:0x7f55e908fb62 [ 1256.823424] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1256.827336] RSP: 002b:00007f55e66050f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1256.828940] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f55e908fb62 [ 1256.830462] RDX: 0000000000000003 RSI: 0000000000048140 RDI: 0000000020ffe000 [ 1256.831974] RBP: 0000000020ffe000 R08: 0000000000000004 R09: 0000000000000000 [ 1256.833492] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1256.835032] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1256.839305] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=15 sclass=netlink_route_socket pid=8654 comm=syz-executor.2 13:31:57 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0x1, {0x0, r3}}, 0x40) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x7, 0x12, r0, 0x0) r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x1, 0x10010, r0, 0x10000000) r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080), 0x111400, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r7, 0xc028660f, &(0x7f0000000080)={0x0, r7}) r8 = accept4(0xffffffffffffffff, &(0x7f00000000c0)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @private}}}, &(0x7f0000000240)=0x80, 0x0) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x1, 0x0, 0x0, 0x9, &(0x7f0000000280)=[r0, r0, r6, r0, r0, r7, r0, r8], 0x8}, 0x1) syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_MADVISE={0x19, 0x2, 0x0, 0x0, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x9, 0x0, {0x0, r3}}, 0x4) r9 = socket$inet_icmp(0x2, 0x2, 0x1) ioctl$EXT4_IOC_SWAP_BOOT(r9, 0x6611) r10 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r10, 0xc028660f, &(0x7f0000000080)={0x0, r10}) syz_io_uring_setup(0xa1, &(0x7f0000000300)={0x0, 0xc059, 0x4, 0x2, 0x199, 0x0, r10}, &(0x7f0000fec000/0x14000)=nil, &(0x7f0000ff6000/0x2000)=nil, &(0x7f0000000380), &(0x7f00000003c0)) [ 1256.845525] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:31:58 executing program 3: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0xffffffff00000000) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:32:13 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) read(r0, &(0x7f0000000100)=""/68, 0x44) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r1, r0, 0x0, 0x100000001) openat(r0, &(0x7f0000000040)='./file0\x00', 0xb00, 0x2) copy_file_range(r0, &(0x7f0000000080), r1, &(0x7f00000000c0)=0x6, 0x9e, 0x0) 13:32:13 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x73, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:32:13 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) r2 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) syz_io_uring_submit(0x0, r1, &(0x7f00000000c0)=@IORING_OP_CLOSE={0x13, 0x3, 0x0, r2}, 0x2) 13:32:13 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 65) 13:32:13 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x90}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f00000000c0)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) io_uring_enter(r0, 0x20b, 0x3fe9, 0x2, &(0x7f0000000040)={[0x4]}, 0x8) r1 = syz_io_uring_setup(0x132, &(0x7f0000000180)={0x0, 0x90eb, 0x1, 0x3, 0x4}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r2, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r3 = fcntl$dupfd(r2, 0x406, r1) ioctl$FS_IOC_FIEMAP(r3, 0xc020660b, &(0x7f0000000400)=ANY=[@ANYBLOB="1f00000073b3e2b048e9673b877e8e450d753a0000000002000000000000000100000025000000040000080000000000000500000000000000000086000000000000000000000000000000b30c0000000000000800000000000000060000000000000000000000000000000000000000000000040000000000000000010000000000000000000000000000ff07000000000000ff09000000000000000000000000000000000000070000000208000000000000000000000000000005000000000000002b4f0000000000000500000000000000000000000000000000000000000000000128000000000000000000000007000000db6651bfb1fb38d4d830f5e255f1fa3030c89d8eef936e86f79285dbfb461579f564f54866ae68a502d15c8f1f3e9562cb90b8c6"]) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r3, 0xc018937d, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000001000097cc000000", @ANYRES32=r1, @ANYBLOB="ff010000000000002e2f66696c650e3046"]) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0) r4 = syz_io_uring_setup(0x5c0f, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000140)) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r5, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r5, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r6 = fcntl$dupfd(r5, 0x406, r4) ioctl$FS_IOC_FIEMAP(r6, 0xc020660b, &(0x7f00000002c0)=ANY=[@ANYBLOB="1f000000000000000200000000000000010000002500f300040000000000000000000000000000008f0d00000000000005000000000000008000000000000000000000000000000086000000000000000000000000000000b30c0000000000000800000000000000060000000000000000000000000000000800000000000000040000000000000000000000000000000000000000000000ff07000000000000ff09000000000000000000000000000000000000000000000208000000000000000000000000000005000000000000002b4f000000000000050000000000000000000000000000000000000000000000012800"/256]) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x6, 0x810, r4, 0x8000000) io_uring_enter(r0, 0x7da6, 0xafa9, 0x2, &(0x7f00000003c0)={[0xb2]}, 0x7) 13:32:13 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 80) 13:32:13 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x10, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:32:13 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) [ 1272.534717] FAULT_INJECTION: forcing a failure. [ 1272.534717] name failslab, interval 1, probability 0, space 0, times 0 [ 1272.537135] CPU: 1 PID: 8677 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1272.538606] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1272.540359] Call Trace: [ 1272.540921] dump_stack+0x107/0x167 [ 1272.541693] should_fail.cold+0x5/0xa [ 1272.542514] ? create_object.isra.0+0x3a/0xa30 [ 1272.543480] should_failslab+0x5/0x20 [ 1272.544286] kmem_cache_alloc+0x5b/0x310 [ 1272.545150] ? mark_held_locks+0x9e/0xe0 [ 1272.546025] create_object.isra.0+0x3a/0xa30 [ 1272.546961] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1272.548040] kmem_cache_alloc+0x159/0x310 [ 1272.548924] xas_alloc+0x336/0x440 [ 1272.549674] xas_create+0x34a/0x10d0 [ 1272.550475] ? kernel_text_address+0xf2/0x120 [ 1272.551418] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1272.552069] FAULT_INJECTION: forcing a failure. [ 1272.552069] name failslab, interval 1, probability 0, space 0, times 0 [ 1272.552524] xas_store+0x8c/0x1c40 [ 1272.555620] __xa_store+0x164/0x2d0 [ 1272.556389] ? xa_delete_node+0x280/0x280 [ 1272.557275] ? trace_hardirqs_on+0x5b/0x180 [ 1272.558206] xa_store+0x31/0x50 [ 1272.558908] __io_uring_add_tctx_node+0x1cf/0x520 [ 1272.559928] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1272.561032] ? alloc_fd+0x2e7/0x670 [ 1272.561807] io_uring_setup+0x1fbb/0x2980 [ 1272.562704] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1272.563771] ? wait_for_completion_io+0x270/0x270 [ 1272.564810] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1272.565913] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1272.567011] do_syscall_64+0x33/0x40 [ 1272.567797] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1272.568873] RIP: 0033:0x7f943fb71b19 [ 1272.569666] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1272.573555] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1272.575184] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 1272.576686] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1272.578203] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1272.579708] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1272.581221] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1272.582763] CPU: 0 PID: 8691 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1272.584227] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1272.584946] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=115 sclass=netlink_route_socket pid=8676 comm=syz-executor.6 [ 1272.585990] Call Trace: [ 1272.586011] dump_stack+0x107/0x167 [ 1272.586045] should_fail.cold+0x5/0xa [ 1272.590635] ? anon_vma_clone+0xdc/0x590 [ 1272.591494] should_failslab+0x5/0x20 [ 1272.592304] kmem_cache_alloc+0x5b/0x310 [ 1272.593175] anon_vma_clone+0xdc/0x590 [ 1272.594004] __split_vma+0x17c/0x4e0 [ 1272.594806] __do_munmap+0x365/0x1260 [ 1272.595612] ? arch_get_unmapped_area+0x450/0x450 [ 1272.596630] ? lock_release+0x680/0x680 [ 1272.597468] mmap_region+0x7cc/0x1500 [ 1272.598294] do_mmap+0x868/0x1370 [ 1272.599035] vm_mmap_pgoff+0x198/0x1f0 [ 1272.599857] ? randomize_page+0xb0/0xb0 [ 1272.600707] ksys_mmap_pgoff+0x41c/0x560 [ 1272.601565] ? find_mergeable_anon_vma+0x250/0x250 [ 1272.602610] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1272.603712] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1272.604798] do_syscall_64+0x33/0x40 [ 1272.605584] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1272.606676] RIP: 0033:0x7f55e908fb62 [ 1272.607458] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1272.611348] RSP: 002b:00007f55e66050f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1272.612958] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f55e908fb62 [ 1272.614474] RDX: 0000000000000003 RSI: 0000000000048140 RDI: 0000000020ffe000 [ 1272.615981] RBP: 0000000020ffe000 R08: 0000000000000004 R09: 0000000000000000 [ 1272.617492] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1272.619008] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:32:13 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x11, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:32:13 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) read(r0, &(0x7f0000000100)=""/68, 0x44) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r1, r0, 0x0, 0x100000001) openat(r0, &(0x7f0000000040)='./file0\x00', 0xb00, 0x2) copy_file_range(r0, &(0x7f0000000080), r1, &(0x7f00000000c0)=0x6, 0x9e, 0x0) 13:32:13 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:32:13 executing program 7: r0 = perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) fcntl$lock(r0, 0x25, &(0x7f0000000000)={0x1, 0x1, 0x5, 0x9}) r1 = syz_io_uring_setup(0x1b3e, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x408}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f00000000c0)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:32:13 executing program 1: ioctl$SNAPSHOT_ATOMIC_RESTORE(0xffffffffffffffff, 0x3304) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) [ 1272.761302] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:32:13 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 66) 13:32:13 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x12, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:32:13 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) read(r0, &(0x7f0000000100)=""/68, 0x44) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r1, r0, 0x0, 0x100000001) openat(r0, &(0x7f0000000040)='./file0\x00', 0xb00, 0x2) copy_file_range(r0, &(0x7f0000000080), r1, &(0x7f00000000c0)=0x6, 0x9e, 0x0) [ 1272.857344] FAULT_INJECTION: forcing a failure. 13:32:13 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x2, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1272.857344] name failslab, interval 1, probability 0, space 0, times 0 [ 1272.860162] CPU: 0 PID: 8712 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1272.861596] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1272.863359] Call Trace: [ 1272.863914] dump_stack+0x107/0x167 [ 1272.864676] should_fail.cold+0x5/0xa [ 1272.865472] ? xas_alloc+0x336/0x440 [ 1272.866263] should_failslab+0x5/0x20 [ 1272.867065] kmem_cache_alloc+0x5b/0x310 [ 1272.867934] xas_alloc+0x336/0x440 [ 1272.868690] xas_create+0x34a/0x10d0 [ 1272.869483] ? kernel_text_address+0xf2/0x120 [ 1272.870431] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1272.871535] xas_store+0x8c/0x1c40 [ 1272.872295] __xa_store+0x164/0x2d0 [ 1272.873070] ? xa_delete_node+0x280/0x280 [ 1272.873961] ? trace_hardirqs_on+0x5b/0x180 [ 1272.874885] xa_store+0x31/0x50 [ 1272.875582] __io_uring_add_tctx_node+0x1cf/0x520 [ 1272.876602] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1272.877712] ? alloc_fd+0x2e7/0x670 [ 1272.878503] io_uring_setup+0x1fbb/0x2980 [ 1272.879385] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1272.880450] ? wait_for_completion_io+0x270/0x270 [ 1272.881510] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1272.882621] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1272.883723] do_syscall_64+0x33/0x40 [ 1272.884513] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1272.885585] RIP: 0033:0x7f943fb71b19 [ 1272.886375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1272.890268] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1272.891874] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 1272.893375] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1272.894888] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1272.896391] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1272.897900] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1272.920727] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 1285.773231] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:32:26 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:32:26 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x0, 0xfffffffd, 0x1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000000)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 13:32:26 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x3, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:32:26 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) read(r0, &(0x7f0000000100)=""/68, 0x44) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r1, r0, 0x0, 0x100000001) openat(r0, &(0x7f0000000040)='./file0\x00', 0xb00, 0x2) 13:32:26 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 81) 13:32:26 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x13, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:32:26 executing program 7: r0 = perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_io_uring_setup(0x129a, &(0x7f00000002c0)={0x0, 0x200c210, 0x2, 0x1, 0x355}, &(0x7f000092d000/0x3000)=nil, &(0x7f00005bd000/0x3000)=nil, &(0x7f0000000340), &(0x7f0000000380)) r2 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000000)=ANY=[@ANYBLOB='-\x00', @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file0\x00']) r5 = mmap$IORING_OFF_SQES(&(0x7f000072f000/0x4000)=nil, 0x4000, 0x1000008, 0x10010, r1, 0x10000000) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, 0x0) syz_io_uring_submit(r6, 0x0, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0) r7 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0) syz_io_uring_submit(r6, 0x0, &(0x7f00000000c0)=@IORING_OP_OPENAT={0x12, 0x1, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x402, 0x23456, {0x0, r8}}, 0x80000000) syz_io_uring_submit(r3, r5, &(0x7f00000003c0)=@IORING_OP_POLL_ADD={0x6, 0x3, 0x0, @fd=r2, 0x0, 0x0, 0x0, {0x8001}, 0x1, {0x0, r8}}, 0x10000) syz_io_uring_setup(0x67b2, &(0x7f00000000c0)={0x0, 0xd8b1, 0x0, 0x0, 0x285, 0x0, r4}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000400000/0xc00000)=nil, &(0x7f0000000240), &(0x7f0000000280)) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) 13:32:26 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 67) [ 1285.793432] FAULT_INJECTION: forcing a failure. [ 1285.793432] name failslab, interval 1, probability 0, space 0, times 0 [ 1285.796372] CPU: 0 PID: 8731 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1285.798139] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1285.800263] Call Trace: [ 1285.800938] dump_stack+0x107/0x167 [ 1285.801867] should_fail.cold+0x5/0xa [ 1285.802855] ? create_object.isra.0+0x3a/0xa30 [ 1285.804011] should_failslab+0x5/0x20 [ 1285.804976] kmem_cache_alloc+0x5b/0x310 [ 1285.806009] create_object.isra.0+0x3a/0xa30 [ 1285.807138] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1285.808445] kmem_cache_alloc+0x159/0x310 [ 1285.809502] anon_vma_clone+0xdc/0x590 [ 1285.810507] __split_vma+0x17c/0x4e0 [ 1285.811445] __do_munmap+0x365/0x1260 [ 1285.812410] ? arch_get_unmapped_area+0x450/0x450 [ 1285.813637] ? lock_release+0x680/0x680 [ 1285.814657] mmap_region+0x7cc/0x1500 [ 1285.815641] do_mmap+0x868/0x1370 [ 1285.816533] vm_mmap_pgoff+0x198/0x1f0 [ 1285.817526] ? randomize_page+0xb0/0xb0 [ 1285.818542] ksys_mmap_pgoff+0x41c/0x560 [ 1285.819407] ? find_mergeable_anon_vma+0x250/0x250 [ 1285.820445] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1285.821554] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1285.822661] do_syscall_64+0x33/0x40 [ 1285.823439] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1285.824517] RIP: 0033:0x7f55e908fb62 [ 1285.825299] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1285.829190] RSP: 002b:00007f55e66050f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1285.830804] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f55e908fb62 [ 1285.832289] RDX: 0000000000000003 RSI: 0000000000048140 RDI: 0000000020ffe000 [ 1285.833801] RBP: 0000000020ffe000 R08: 0000000000000004 R09: 0000000000000000 [ 1285.835304] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1285.836796] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:32:26 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x4, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:32:26 executing program 1: fcntl$setlease(0xffffffffffffffff, 0x400, 0x2) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) [ 1285.872128] FAULT_INJECTION: forcing a failure. [ 1285.872128] name failslab, interval 1, probability 0, space 0, times 0 [ 1285.874607] CPU: 0 PID: 8740 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1285.876050] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1285.877797] Call Trace: [ 1285.878360] dump_stack+0x107/0x167 [ 1285.879125] should_fail.cold+0x5/0xa [ 1285.879921] ? xas_alloc+0x336/0x440 [ 1285.880713] should_failslab+0x5/0x20 [ 1285.881513] kmem_cache_alloc+0x5b/0x310 [ 1285.882387] xas_alloc+0x336/0x440 [ 1285.883127] xas_create+0x34a/0x10d0 [ 1285.883913] ? kernel_text_address+0xf2/0x120 [ 1285.884856] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1285.885963] xas_store+0x8c/0x1c40 [ 1285.886735] __xa_store+0x164/0x2d0 [ 1285.887507] ? xa_delete_node+0x280/0x280 [ 1285.888383] ? trace_hardirqs_on+0x5b/0x180 [ 1285.889297] xa_store+0x31/0x50 [ 1285.889995] __io_uring_add_tctx_node+0x1cf/0x520 [ 1285.891028] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1285.892143] ? alloc_fd+0x2e7/0x670 [ 1285.892923] io_uring_setup+0x1fbb/0x2980 [ 1285.893813] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1285.894886] ? wait_for_completion_io+0x270/0x270 [ 1285.895921] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1285.897024] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1285.898119] do_syscall_64+0x33/0x40 [ 1285.898910] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1285.899996] RIP: 0033:0x7f943fb71b19 [ 1285.900777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1285.904665] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1285.906281] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 1285.907789] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1285.909288] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1285.910800] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1285.912263] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 1285.912295] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:32:27 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) read(r0, &(0x7f0000000100)=""/68, 0x44) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r1, r0, 0x0, 0x100000001) 13:32:27 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x14, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:32:27 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) read(r0, &(0x7f0000000100)=""/68, 0x44) sendfile(0xffffffffffffffff, r0, 0x0, 0x100000001) 13:32:27 executing program 1: r0 = syz_io_uring_setup(0x1b3a, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) [ 1286.039269] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. 13:32:27 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x5, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:32:27 executing program 7: r0 = perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000080)={0x0, r1}) perf_event_open(&(0x7f00000000c0)={0x5, 0x9c, 0x5, 0x40, 0x2, 0x2, 0x0, 0x0, 0x10508, 0xa, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xffffffea, 0x4, @perf_bp={&(0x7f0000000000), 0xf}, 0x298, 0x800, 0x4, 0x9, 0x7, 0x9, 0x8001, 0x0, 0x4, 0x0, 0x4}, 0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x4) r2 = dup3(r0, r0, 0x0) r3 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r3, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) [ 1286.088196] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:32:42 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x15, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1301.033826] FAULT_INJECTION: forcing a failure. [ 1301.033826] name failslab, interval 1, probability 0, space 0, times 0 13:32:42 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, 0x0, 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:32:42 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 68) 13:32:42 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_setup(0x59c3, &(0x7f0000000000)={0x0, 0x743f, 0x4, 0x0, 0x74, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) 13:32:42 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 82) 13:32:42 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) read(r0, &(0x7f0000000100)=""/68, 0x44) sendfile(0xffffffffffffffff, r0, 0x0, 0x100000001) 13:32:42 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x100010, r0, 0x10000000) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READ=@pass_buffer={0x16, 0x1, 0x6000, @fd_index, 0x2, &(0x7f0000000240)=""/4096, 0x1000, 0x8, 0x1, {0x0, r3}}, 0x3) [ 1301.036531] CPU: 0 PID: 8772 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1301.038255] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1301.040104] Call Trace: [ 1301.040694] dump_stack+0x107/0x167 [ 1301.041513] should_fail.cold+0x5/0xa [ 1301.042374] ? vm_area_alloc+0x1c/0x110 [ 1301.043270] should_failslab+0x5/0x20 [ 1301.044125] kmem_cache_alloc+0x5b/0x310 [ 1301.045043] vm_area_alloc+0x1c/0x110 [ 1301.045891] mmap_region+0x982/0x1500 [ 1301.046780] do_mmap+0x868/0x1370 [ 1301.047563] vm_mmap_pgoff+0x198/0x1f0 [ 1301.048444] ? randomize_page+0xb0/0xb0 [ 1301.049355] ksys_mmap_pgoff+0x41c/0x560 [ 1301.050287] ? find_mergeable_anon_vma+0x250/0x250 [ 1301.051394] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1301.052575] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1301.053737] do_syscall_64+0x33/0x40 [ 1301.054586] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1301.055739] RIP: 0033:0x7f55e908fb62 [ 1301.056575] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1301.060730] RSP: 002b:00007f55e66050f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1301.062458] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f55e908fb62 [ 1301.064069] RDX: 0000000000000003 RSI: 0000000000048140 RDI: 0000000020ffe000 [ 1301.065677] RBP: 0000000020ffe000 R08: 0000000000000004 R09: 0000000000000000 [ 1301.067296] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1301.068905] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1301.118679] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 1301.119596] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'. 13:32:42 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x6, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:32:42 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) read(r0, &(0x7f0000000100)=""/68, 0x44) sendfile(0xffffffffffffffff, r0, 0x0, 0x100000001) [ 1301.159939] FAULT_INJECTION: forcing a failure. [ 1301.159939] name failslab, interval 1, probability 0, space 0, times 0 [ 1301.162514] CPU: 0 PID: 8790 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1301.164060] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1301.165935] Call Trace: [ 1301.166553] dump_stack+0x107/0x167 [ 1301.167380] should_fail.cold+0x5/0xa [ 1301.168244] ? xas_alloc+0x336/0x440 [ 1301.169095] should_failslab+0x5/0x20 [ 1301.169960] kmem_cache_alloc+0x5b/0x310 [ 1301.170891] xas_alloc+0x336/0x440 [ 1301.171698] xas_create+0x34a/0x10d0 [ 1301.172546] ? kernel_text_address+0xf2/0x120 [ 1301.173571] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1301.174780] xas_store+0x8c/0x1c40 [ 1301.175600] __xa_store+0x164/0x2d0 [ 1301.176429] ? xa_delete_node+0x280/0x280 [ 1301.177377] ? trace_hardirqs_on+0x5b/0x180 [ 1301.178369] xa_store+0x31/0x50 [ 1301.179119] __io_uring_add_tctx_node+0x1cf/0x520 [ 1301.180207] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1301.181388] ? alloc_fd+0x2e7/0x670 [ 1301.182236] io_uring_setup+0x1fbb/0x2980 [ 1301.183188] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1301.184337] ? wait_for_completion_io+0x270/0x270 [ 1301.185450] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1301.186641] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1301.187812] do_syscall_64+0x33/0x40 [ 1301.188660] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1301.189808] RIP: 0033:0x7f943fb71b19 [ 1301.190663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1301.194833] RSP: 002b:00007f943d0c6108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1301.196546] RAX: ffffffffffffffda RBX: 00007f943fc85020 RCX: 00007f943fb71b19 [ 1301.198167] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1301.199779] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1301.201366] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1301.202978] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 13:32:42 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x16, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:32:42 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) r1 = fork() r2 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r3, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r3, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) r4 = fcntl$dupfd(r3, 0x406, r2) ioctl$FS_IOC_FIEMAP(r4, 0xc020660b, &(0x7f00000002c0)={0x1f, 0x2, 0x1, 0x25, 0x4, [{0x0, 0xd8f, 0x5, '\x00', 0x86}, {0xcb3, 0x8, 0x6, '\x00', 0x4}, {0x0, 0x7ff, 0x9ff, '\x00', 0x802}, {0x5, 0x4f2b, 0x5, '\x00', 0x2801}]}) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r4, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r2, {0x1ff}}, './file0\x00'}) perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x3, 0xf7, 0x8, 0x1, 0x0, 0x4, 0xd3b2af5c2fffce0c, 0x2, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x45437fe4, 0x1, @perf_config_ext={0xfffffffffffffffb, 0x7fff}, 0x4640a, 0x8, 0x9, 0x3, 0x20, 0x0, 0x3, 0x0, 0x2}, r1, 0x3, r4, 0x8) 13:32:42 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x7, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:32:42 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 83) [ 1301.307532] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:32:42 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r1, r0, 0x0, 0x100000001) 13:32:42 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1301.345452] FAULT_INJECTION: forcing a failure. [ 1301.345452] name failslab, interval 1, probability 0, space 0, times 0 [ 1301.347978] CPU: 1 PID: 8804 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1301.349427] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1301.351180] Call Trace: [ 1301.351739] dump_stack+0x107/0x167 [ 1301.352508] should_fail.cold+0x5/0xa [ 1301.353321] ? create_object.isra.0+0x3a/0xa30 [ 1301.354286] should_failslab+0x5/0x20 [ 1301.355090] kmem_cache_alloc+0x5b/0x310 [ 1301.355956] create_object.isra.0+0x3a/0xa30 [ 1301.356883] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1301.357916] kmem_cache_alloc+0x159/0x310 [ 1301.358775] vm_area_alloc+0x1c/0x110 [ 1301.359550] mmap_region+0x982/0x1500 [ 1301.360337] do_mmap+0x868/0x1370 [ 1301.361056] vm_mmap_pgoff+0x198/0x1f0 [ 1301.361850] ? randomize_page+0xb0/0xb0 [ 1301.362679] ksys_mmap_pgoff+0x41c/0x560 [ 1301.363502] ? find_mergeable_anon_vma+0x250/0x250 [ 1301.364503] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1301.365571] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1301.366637] do_syscall_64+0x33/0x40 [ 1301.367392] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1301.368443] RIP: 0033:0x7f55e908fb62 [ 1301.369195] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1301.372939] RSP: 002b:00007f55e66050f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1301.374503] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f55e908fb62 [ 1301.375969] RDX: 0000000000000003 RSI: 0000000000048140 RDI: 0000000020ffe000 [ 1301.377422] RBP: 0000000020ffe000 R08: 0000000000000004 R09: 0000000000000000 [ 1301.378885] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1301.380329] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1301.424740] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 1314.328242] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 13:32:55 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r1, r0, 0x0, 0x100000001) 13:32:55 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x8, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:32:55 executing program 5: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5ec64d1f, 0x0, @perf_config_ext, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) r0 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x349cc2, 0x0) fallocate(r0, 0x0, 0x0, 0x1000002) openat(0xffffffffffffff9c, 0x0, 0x121042, 0xa3) bind(r0, 0x0, 0xffffffffffffff28) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000180)='./file1\x00', 0x1) r3 = dup(r1) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000080)={@local, 0x78, r5}) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8916, &(0x7f0000000000)={@remote, 0x0, r5}) setsockopt$bt_hci_HCI_DATA_DIR(r3, 0x0, 0x1, &(0x7f00000000c0)=0x9, 0x4) sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, 0x0, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r2, r6, 0x0, 0xfffffffd) openat(0xffffffffffffffff, &(0x7f0000000040)='./file1/file0\x00', 0x0, 0x4b) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000001, 0x1f012, r0, 0xd2415000) 13:32:55 executing program 1: r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000000), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000380)=0x0) r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x200000d, 0x2010, r0, 0x8000000) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x110, &(0x7f0000000080)=0x7, 0x0, 0x4) r3 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x2, 0x0, @fd_index=0x1, 0x0, 0x0}, 0x0) r6 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r9 = socket$netlink(0x10, 0x3, 0x0) syz_io_uring_setup(0x863, &(0x7f00000002c0)={0x0, 0xeb92, 0x2, 0x3, 0x2c, 0x0, r3}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f00003fe000/0xc00000)=nil, &(0x7f0000000240), &(0x7f0000000340)) sendmsg$nl_generic(r9, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r9, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) fcntl$dupfd(r9, 0x406, r6) syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x2, 0x0, @fd_index=0x1, 0x0, 0x0}, 0x0) r10 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x5, 0x13, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r10, r1, &(0x7f0000000100)=@IORING_OP_OPENAT={0x12, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000003c0)='./file0\x00', 0x66, 0x180, 0x23456}, 0x8001) syz_io_uring_submit(r4, r8, &(0x7f0000000180)=@IORING_OP_CONNECT={0x10, 0x3, 0x0, 0xffffffffffffffff, 0x80, &(0x7f00000000c0)=@alg={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}}, 0x8) r11 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r12 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r12, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r12, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3000004, 0x13, r11, 0x0) 13:32:55 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x19, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:32:55 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 69) 13:32:55 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 84) 13:32:55 executing program 7: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x80010, r0, 0x10000000) r3 = syz_open_dev$tty20(0xc, 0x4, 0x0) r4 = syz_io_uring_setup(0x132, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r5, &(0x7f0000000280)={&(0x7f00000001c0), 0xc, 0x0}, 0x0) connect(r5, &(0x7f0000000040)=@isdn={0x22, 0x4, 0x4, 0x0, 0x7c}, 0x80) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x2, 0x0, @fd_index=0x1, 0x0, 0x0}, 0x0) syz_io_uring_setup(0x3004, &(0x7f00000003c0)={0x0, 0x6000, 0x20, 0x2, 0x2d9, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000100), &(0x7f0000000240)=0x0) syz_io_uring_submit(0x0, r6, &(0x7f0000000440)=@IORING_OP_NOP={0x0, 0x4}, 0x3542) r7 = fcntl$dupfd(r5, 0x406, r4) ioctl$FS_IOC_FIEMAP(r7, 0xc020660b, &(0x7f00000002c0)={0x1f, 0x2, 0x1, 0x25, 0x4, [{0x0, 0xd8f, 0x5, '\x00', 0x86}, {0xcb3, 0x8, 0x6, '\x00', 0x4}, {0x0, 0x7ff, 0x9ff, '\x00', 0x802}, {0x5, 0x4f2b, 0x5, '\x00', 0x2801}]}) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r4, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r7, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r4, {0x1ff}}, './file0\x00'}) io_uring_enter(r4, 0x58ab, 0x0, 0x0, 0x0, 0x0) dup2(r3, r4) syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_TIMEOUT={0xb, 0x3, 0x0, 0x0, 0x8, &(0x7f0000000000)={0x0, 0x3938700}}, 0x8) [ 1314.359193] netlink: 'syz-executor.2': attribute type 16 has an invalid length. [ 1314.367713] FAULT_INJECTION: forcing a failure. [ 1314.367713] name failslab, interval 1, probability 0, space 0, times 0 [ 1314.370202] CPU: 1 PID: 8829 Comm: syz-executor.4 Not tainted 5.10.245 #1 [ 1314.371651] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1314.373415] Call Trace: [ 1314.373974] dump_stack+0x107/0x167 [ 1314.374752] should_fail.cold+0x5/0xa [ 1314.375548] ? xas_alloc+0x336/0x440 [ 1314.376327] should_failslab+0x5/0x20 [ 1314.377118] kmem_cache_alloc+0x5b/0x310 [ 1314.377966] xas_alloc+0x336/0x440 [ 1314.378722] xas_create+0x34a/0x10d0 [ 1314.379510] ? kernel_text_address+0xf2/0x120 [ 1314.380448] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1314.381542] xas_store+0x8c/0x1c40 [ 1314.382295] __xa_store+0x164/0x2d0 [ 1314.383066] ? xa_delete_node+0x280/0x280 [ 1314.383940] ? trace_hardirqs_on+0x5b/0x180 [ 1314.384857] xa_store+0x31/0x50 [ 1314.384879] __io_uring_add_tctx_node+0x1cf/0x520 [ 1314.384899] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1314.384916] ? alloc_fd+0x2e7/0x670 [ 1314.384946] io_uring_setup+0x1fbb/0x2980 [ 1314.384974] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1314.384990] ? wait_for_completion_io+0x270/0x270 [ 1314.385031] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1314.385051] ? syscall_enter_from_user_mode+0x1d/0x50 13:32:55 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0x9, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:32:55 executing program 3: r0 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r1, r0, 0x0, 0x100000001) 13:32:55 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x53, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) [ 1314.385073] do_syscall_64+0x33/0x40 [ 1314.385092] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1314.385105] RIP: 0033:0x7f943fb71b19 [ 1314.385122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 13:32:55 executing program 0: syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x4, 0x3a5}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 85) [ 1314.385132] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1314.385153] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 1314.385164] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1314.385174] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1314.385185] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1314.385196] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1314.387402] FAULT_INJECTION: forcing a failure. [ 1314.387402] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1314.387421] CPU: 1 PID: 8832 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1314.387431] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1314.387437] Call Trace: [ 1314.387457] dump_stack+0x107/0x167 [ 1314.387477] should_fail.cold+0x5/0xa [ 1314.387500] __alloc_pages_nodemask+0x182/0x600 [ 1314.387525] ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310 [ 1314.387551] ? walk_mem_res+0x170/0x170 [ 1314.387577] alloc_pages_current+0x187/0x280 [ 1314.387600] pte_alloc_one+0x16/0x1a0 [ 1314.387619] __pte_alloc+0x1d/0x330 [ 1314.387643] remap_pfn_range_internal+0x9a3/0xf60 [ 1314.387670] ? lookup_memtype+0x5b/0x200 [ 1314.387703] ? apply_to_existing_page_range+0x40/0x40 [ 1314.387734] remap_pfn_range+0xcd/0x160 [ 1314.387755] ? remap_pfn_range_notrack+0x70/0x70 [ 1314.387778] ? memcg_slab_post_alloc_hook+0x17a/0x430 [ 1314.387802] io_uring_mmap+0x398/0x530 [ 1314.387825] mmap_file+0x5e/0xe0 [ 1314.387851] mmap_region+0xc4d/0x1500 [ 1314.387883] do_mmap+0x868/0x1370 [ 1314.387910] vm_mmap_pgoff+0x198/0x1f0 [ 1314.387933] ? randomize_page+0xb0/0xb0 [ 1314.387965] ksys_mmap_pgoff+0x41c/0x560 [ 1314.387985] ? find_mergeable_anon_vma+0x250/0x250 [ 1314.388009] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1314.388028] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1314.388050] do_syscall_64+0x33/0x40 [ 1314.388069] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1314.388080] RIP: 0033:0x7f55e908fb62 [ 1314.388097] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1314.388108] RSP: 002b:00007f55e66050f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1314.388127] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f55e908fb62 [ 1314.388138] RDX: 0000000000000003 RSI: 0000000000048140 RDI: 0000000020ffe000 [ 1314.388149] RBP: 0000000020ffe000 R08: 0000000000000004 R09: 0000000000000000 [ 1314.388159] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1314.388170] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1314.389521] ------------[ cut here ]------------ [ 1314.389550] WARNING: CPU: 1 PID: 8832 at arch/x86/mm/pat/memtype.c:1019 get_pat_info+0x216/0x270 [ 1314.389557] Modules linked in: 13:32:55 executing program 4: perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x1b3d, &(0x7f0000000180)={0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140)) (fail_nth: 70) [ 1314.389579] CPU: 1 PID: 8832 Comm: syz-executor.0 Not tainted 5.10.245 #1 [ 1314.389588] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1314.389608] RIP: 0010:get_pat_info+0x216/0x270 [ 1314.389625] Code: c1 ea 03 80 3c 02 00 75 71 49 89 1e eb 8e e8 d1 8e 2e 00 0f 0b e9 97 fe ff ff 41 bc ea ff ff ff e9 77 ff ff ff e8 ba 8e 2e 00 <0f> 0b 41 bc ea ff ff ff e9 65 ff ff ff 4c 89 ff e8 f5 a5 5a 00 e9 [ 1314.389636] RSP: 0018:ffff888046e27890 EFLAGS: 00010216 [ 1314.389652] RAX: 000000000000addc RBX: ffff88800915ed00 RCX: ffffc900007db000 [ 1314.389664] RDX: 0000000000040000 RSI: ffffffff811243f6 RDI: 0000000000000007 [ 1314.389676] RBP: ffff888046e27948 R08: 0000000000000000 R09: ffff888046e27818 [ 1314.389687] R10: 0000000000000020 R11: 0000000000000001 R12: 0000000000000028 [ 1314.389698] R13: 1ffff11008dc4f12 R14: 0000000000000000 R15: ffff88800915ed50 [ 1314.389716] FS: 00007f55e6605700(0000) GS:ffff88806cf00000(0000) knlGS:0000000000000000 [ 1314.389732] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1314.389743] CR2: 00007f55e6604f78 CR3: 000000004b402000 CR4: 0000000000350ee0 [ 1314.389750] Call Trace: [ 1314.389773] ? pgprot_writethrough+0xc0/0xc0 [ 1314.389790] ? finish_task_switch+0x126/0x5d0 [ 1314.389805] ? finish_task_switch+0xef/0x5d0 [ 1314.389836] untrack_pfn+0xdc/0x240 [ 1314.389913] ? track_pfn_insert+0x150/0x150 [ 1314.389935] ? lock_downgrade+0x6d0/0x6d0 [ 1314.389954] ? uprobe_munmap+0x1c/0x560 [ 1314.389979] unmap_single_vma+0x1bc/0x300 [ 1314.390007] zap_page_range_single+0x2ce/0x450 [ 1314.390028] ? unmap_single_vma+0x300/0x300 [ 1314.390047] ? remap_pfn_range_internal+0xc56/0xf60 [ 1314.390074] ? lookup_memtype+0x5b/0x200 [ 1314.390107] ? apply_to_existing_page_range+0x40/0x40 [ 1314.390139] remap_pfn_range+0x139/0x160 [ 1314.390161] ? remap_pfn_range_notrack+0x70/0x70 [ 1314.390184] ? memcg_slab_post_alloc_hook+0x17a/0x430 [ 1314.390209] io_uring_mmap+0x398/0x530 [ 1314.390231] mmap_file+0x5e/0xe0 [ 1314.390249] mmap_region+0xc4d/0x1500 [ 1314.390282] do_mmap+0x868/0x1370 [ 1314.390309] vm_mmap_pgoff+0x198/0x1f0 [ 1314.390354] ? randomize_page+0xb0/0xb0 [ 1314.390387] ksys_mmap_pgoff+0x41c/0x560 13:32:55 executing program 1: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000080)={0x0, r0}) [ 1314.390408] ? find_mergeable_anon_vma+0x250/0x250 [ 1314.390432] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1314.390452] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1314.390516] do_syscall_64+0x33/0x40 [ 1314.390535] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1314.390548] RIP: 0033:0x7f55e908fb62 [ 1314.390566] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1314.390577] RSP: 002b:00007f55e66050f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1314.390596] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f55e908fb62 [ 1314.390607] RDX: 0000000000000003 RSI: 0000000000048140 RDI: 0000000020ffe000 [ 1314.390619] RBP: 0000000020ffe000 R08: 0000000000000004 R09: 0000000000000000 [ 1314.390630] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 sendmmsg$inet6(r0, &(0x7f00000032c0)=[{{&(0x7f0000000040)={0xa, 0x4e23, 0x3f, @mcast1, 0x7fff}, 0x1c, &(0x7f0000001540)=[{&(0x7f0000000240)="8d86ace2ba6dc0b5245815834048174b53ff8e4ee7c69efe972bf0e5302a1ec99b75200e678fabe7a617013cda7b124ef21ec873327e5131077c1e6996330f4f01fd739bd82becdc960b9fdc86f1683af4e9e312c97193425b42e7bc2e0ca325dd451132486429ea131edc7190c3f04866fcf1f914d5ba25637e8c89cf8ca78f99c86f286d87d46434bf3e54a39f2a777d892d84059409257c0d5d3ce301797213afeeab42426efbf4bbfa9f6a4b376cf04ed0d5fa3f0c60dabae4c493f7cdbce92f14f3f78be77272720a65187947026d21e0c25c59d20cf8559821083730cf6d728314364e2651aa", 0xe9}, {&(0x7f0000000080)="5b3f688766a3b5f8db871d11c893a7445e794f1b6342acf56a59772a5d43795d522b01900a16233cc504c8b84b99423b30364a93d8b1d3bb518188de5a82870e9ecaab750bddb5c743235c1520ad32cc6b449ed2daab13e6e7ccb42425aa34f18055e8a45447a641e5434b03e2b4290f782f36469b23cec58a5d5c626308c4249e18", 0x82}, {&(0x7f0000000340)="eda1f5cb8b46d6e4e5b283c7c5047a08e31b7ba9100f5c418617e949bb9209e09c27d5a794ce743f4fa6c003463e5be5e13e2cad32cf834a3ebe5f45ecc821fb6b", 0x41}, {&(0x7f00000003c0)="a49ab0b55682e5136737bbeb6943f52d9b84afe408db5c973f8f75011d30ab5ca5586d5479392a39cdc0cf15b9ea72eef081eff9500b33972e49cb30454dad20048350d05e496e029b1649dac8ec74d7", 0x50}, {&(0x7f0000000440)="eff480739bab2a4e3772b4f037dae14164ac827e77ca08165eaba86f5c4b121bd1453cfc038f45dd1054f93aad5c8c733422d650d267920244898871caa5ed00a9658ed7bd09b3a117649f8497cdbedb9b8da479fa203f752a002a61aea5f8705bf7376a58907a89462a72b68c285cf48e54eef44ebde1725362fc08847673edeee5218cfed913f698d1564dfafb4116d860f0ae1c590b94075337ff009470657fdf2c2cb26b813344c9f4079e41742ac631fbed6be912a5660c9edbca798faece92c813a903af9db7dd6257cbe7c1e82d7092abe83fcf283d71459d3331098c2c93cdddca63453d58433eef07f815fdfc578cee3410a15d7b1ff090f08e00780bcbfdb4ba3a070797ab9ee6b3e41fc5ecd3b8136a6868137d4b66ac7b1f4d54b46f129af7becc75373e6e05c92f580a7169674433345fb34f93693089d4ad37c375a532903beff9a5f98164f8e7b7b59350aaec510c2417e4c45a0ade0ff81c1f15ebf7a4fbb0498b4d3def66775d44099e3367a0a324533a19e5c4381507b77716628cbffa32ed50092a3f2ce18b939a20b28dd19dabeea1acb83e1aae1f67c00c51700304fd5fdcae941c434c975319a9eea55be8b21c57128e7f65fba4d8338b56990543c75393080269671050749381158fd9ad7eb880d3580b67da44026f4559db677a48afc46546ed3102a549dcd353d12308bf2b1f966fec22d77c603cbab6d1dbfc319dc90d8441358a3fb5ce8eb1111bf1f5f371daa1cc81389303cec82f5053fadd6931adf7c351d48ca2cded994c67b88ee22f22b15df54b1e515a7c9cfe737dff90f89d4189350d257e950ce4a8cea784c9c2916e5923e31aa6a914c345977b5a5c8a98b591e5bf515dc8a19362c1ac120ff534bd9a3b78922e8a459a37f7e68035a734549220c4883bda4e6734f451fc7777d97af4e519e135f929f86f96853ec35241314f0bd98abbf465864c9043792760060f43c13cbcf34b50134736d671f846c9c91ba7c1ef322c227fa557e7b61bb68f1087e0dafd3e5ab50d1468eda4178ad6205306a8f11d635ff37634730f5003fb654682a267242808ff053da53b03f4139e0e2d9702439137a822bbeda298a967e94fbac5390d4897a25a15ca8eadd0d3326cb44220c1746073178f22231bdb774a2bf45a60b9359bcb63b0adf6e6266e12b9560b481aa9e66bd10e15da7bafe92e31183585314a93c19fe2d5af1c756177213d43a8067a62272eaeff8fd8a8f14430b0321405ccda3b8b218d224a4e643986c993830498f18ace6b5699d0c91164dd67cefb4cb17f81f76fe34ba171f83d73dc9ccf7586a315497cbb9c2387ac4c0f5f03f5a9d0e05c2b48418d05759ef675ba1f81c5927eb8b4ea5a2aac112c8d0130af7967498eae3ea089d50625e0cf3c696c6e985f0c42dfb114db46c342153b022610b22ab4cff77a31d2ebfe9818a8921af580cd17ad5beeefc2921682920409d26f36cee8d1ad65834135a0acd0505f0b39cc8e5d267b0793830f8028df9947f8449006ce3bdb92d8d2e78021657c2d99a43d8c896cef6c6fd8157d965a3490d36b85d55fb846ce40b2a389342a64bc57eb53c0fba4dc90d7c820f7162df859d14776cfaab27b288b69c186a0b495053dd4e1f36627a343af70526dffc12fd1e7e5de8134f0fe4c6be6916e0a9a99ea8c4c915895274f9ff4ad0d33df526156f643798949e8adc5d71826bb3c3e31cfb060be4a63431dd85a508339323831ee4d4e0c0b2db5af9a6a8fd1e165bfadc6b9ea53b6b0c3a3909c014cdfa0d4b4554ba167c1587cd964f0d72d88f49120158ce10417b001603af45933f20ddbdae54e0d40d1e15ee33260e7095bdf9e3ac6f9049b584e8e28951c9ef7c5b134b12a5d4a94829c728e68acab0de6a17ce6423815a8eff944704ea128d6e3e568e71f94becc458c8eaa94a772cc281ca488cb9316fdbd7d82733370d95c0b7283e52af56533ea6255baa71f8598f42982e13b7a92bcd742c2419e4ba64438d0cba9f066f60a7dbec9d750399696c07fb8183a1a018ec4ec06fe1326e6957b9c3bb3cf6fbd97241a3409244e10226fab008fa4fffdbedbb17896ad55afc117006def64e3b52d9986ee64abfaa59ee773b801c47151e7fe95fb2006333a58e34543267bc2059bd337a83386db3e72451d13b05125c0270ad7a1f89500135fdad404f1240b36b1e574dc49a1c7faced2e88395f96714a0bf8996483e5c0cf935e9e0cfe93f604e2a078c2eb26a22c4d794ed9d1d99f6a9a1c57b24a343f26e4ffbdc7e0d52ea405dbff0bfa2218d266efb8efa0214148ce3f3e87d99563a884fbb20ad5a3bc9e5e58e2be8f674a67909dcc2e3f164c1f39111de5d4d2b2e05c1d4c2c9da800a998a121e541a703327669d4df84394a38393eaad3546294e142c1ab449eba59fd7ed7d32d43fc6ca70caa601f70bbac37d92c8f6c5e1ed6f07389ca45961ec76cc688e2da12217163561cc96722c39c5a893c02931141b4d129ea9a28ae9a94fd21cee93488cecc5a8627ddf2eb3c8535e31fa86482733e97251977e6aa7949e4a71f38567d0ad27cf9c1906d3a185c980142891b4a3f24a34010a1971e348731fcd743930b2cd2eed5ff497a789d49216ffedaa1dcbb3b70264ab4943e8be00b7011d9ee0147a717a63e11bf20bee5702f05e1f2bb3fc5580344ad674491055e66d41d61add81609568eef6e6a65fd6213373b7c104956c6b2a3d8ded403bf8449003a0460af83814a73eba0402f028f993ce836cf64246170dce856c8d0161e80f229442ddb9f57731d0a380dc01a25d5470f165441822d6e24d8c2bec71eeaee0e8829ee567866330bb7edfd4f3a84d0f2acfcbedc95c4e062c7586d8234342675d97796babb10d9257c1dda4ea3714bf22eda76e738241459e31ae9e715f77796604ab973855581d5227236aa4527afce98a33bc806e3fcf09086ab756b26206038c3daf499132a7ba0cdee3342f71b4c8943f64ec261133a21b12698f6f654ea82131f80925fc1f785c9a68a9e60b8fa31634e128da4c4f68d23ffd41a03c76cca7c1f2aeca2769b7dfd0db5db0146f03891477e97a957f49bde02507ae0129c0a2692b265a430018daaa8736e599090c28438afd67880f84bcc756ed3085b9848d268d8469b5139bc98781a18e44dcf79f2e9817414533517dfdbba5e788ec8058e8daea922bb2a5307d8fae657fc0be46d0c9136c4837f384585fde8d32602d7fea3c20f0c2ec5425b91b7ca6d72d1493dea2bac0dd2746a0ac8344c22592f1f62c6e39e34ce747963d6862eff2406f2ce699063f8ef5c1ab880fe071bb082a8aad4ad2b5d00c657c35a47cff46233035a158fc5c2fdb4a44f58733074b5f4811212c2a95898f12d1cedbbceea160d4f04865e27b77939de2042f07f457ff140ae6e108f87665553c73c5c6c2b56408814bb43de2cc318329c2184e7d7d89a8343ce2a5d7da8916f046b4b81eadefd3dd6d1de329beef4a5bc36887eee7b7a8ec3dbefc77cb692b76c7b6aeef21e3d9af4122e2049effe9101297d787fb86b2127caff8ada9332938245d92c71afca3415c7e4656bd693f9371b888f2f583600550c901281486f2f7874887d82001e499762d8338fd9172c0b2ba7c64b5f9c15670979832f1aecbc67dae25a2179583573b44900fc69a737283ae5611cfdac30e114d1f6a704973a0807cb72e81e6d8f57776a721bcfd81ec5558e8bf66a3bbaaa04d0a09ee879c27e9e0bf47c66d4cf07f94ae6bdb27c1c16f3f3a34670765808881bb3b98c9bbc04da88281f1408948c7665048c7806ec0f3ca7729c9b8f1463094456f8a863e610cf748bf31461ee8982908b70b7da52959d5231d6c551004d67643df48364ce4c46d4e937e8acddccd659849c7333c6b730956ea66ee8a9ba1efed096e56dfb9eb7048ecf7ff10c789662a8e2cf3f00a5d2b0b93f0db9e0d6d82d88a56d544e91aa89e21fc01aba3904d318a379842ba4e74780c92a48e0a27fa96384b995af9425448c141ad98f0ef88d9dd66432bc8812395ae8e97ed6b3226d7bcc16ccbf1023214d6d18e2194d724ba68a263cecb005f09ea8eae65c23198676a0e10223b07d1febfec7b37994d5a0de831352848ab2ea2e5dab864795eb977fb5222befe2ad12e2d75d6344b198ec049305a7543d02d1a3d891bcb3693991c20542dfda46470cabd4cf9ed939e2df1754ad4ca33e93fff941f7a573f14c2be92461e4e730416c3c57e41465969b9f2ba73e6195014cc61a6929395b4bed65e0faf1c6fb0303acb0b4e6f6fd54fdfd2b93bf17fa2d23aedc575a0344ca92e3e041843e337be1649b982c4b80b2a50ab9679a1310752a29785d9a4eee8618cc5fcf3630e0a71fc6499ef6b53d02c09ff353835a96c9119dc4447f3bf15a0e8358311907b502614eaafaa31d94aea797c942601ff3caa8a2509593193725dd94dceee955b5514873829eb7248dcefb4d165fb80d1d5f58436b4b8aed1a831e58dff96fcfba5f6d0d0b97a5e109fbeefc93e96c69441ad81e2fe0738e5459939f93193a4fbf5c0885b9b24621043ad3abbd91dd61952fc4c2f316108a38de0a936e0fce7fcb414a887c6026c6bd7d3c32e9ab908dfbdb33f4b2acde3c1ceda24f48b842ea766f9964d53e71cdb5c1b0e1f258f1ddc637ba76494c340b5a06a954e5c3f7a528c991af91f0c9388cd75b2e64982bd6c3d0de234b50f92c98f826d2ff4cdc685f675a1361510a680bb4efad58d302fce8213c7e6cb877a06f5c01a136d8b17ee95ddda05d34458bb487bca766276019ad87b31a7db8b493e46cdc203d36a6aea1ae548ac210b05d523bf8f638567314faaca8c94cace7a7d6fd786ed1cff567a13293e467761519fc0300bc3f342c2c57dc98c7f5f5168c942c595ac8baa61b79773c157b48c29ccbc6a54a19b95616ffb54ca72ea498a2442dc14a5c9ea40112124fb0b1cac98a2f1e8ee916815242fa7e3b78d617e66e5ca914bbf81bc78060a8fe26cc001012fda5d9b6e25e5f972779413d4d76eb2536ef6372f73528cc141d34565b08db1d354cd5b0b98310aae3bcc99ae199a63d29d9034442d67d0307053d1a7b2f655eb33487528a2dae7169ac2d747c8a8a55b3e91ac0984a9a0e0febcded3353bf74f56d492d34f5f0bb9c0cfca9f7b7478a46577b9cf8fa5593958efc4ea2a9f4355699779597d749b723dbc7dcd85c5f9ee36b0858c56e8763cc1a62e268435224aa979d7bb2552a9c30b2d05838e6b20663fa9668ed583bd12eb92b43c2a902ab2b4bb4229d28ca99e612298cbb1e5209b2a95b7228f30f0b784828cf45e5d926614f7ad7aa149bb1507a55aafc4cb7d41d3d776ed276511ca2678b37108bf8f06a3ba5a89554751b9b48b72e073f9e746c81356cc01c9e0ef32fff0aef9397ff600a9b2114d4a6cdfbe8d0376c7b9313eb3fd033b077f2dbfc2e4535fb085053aa660becefe35478ee4af9ffb7496b724c6583c00acd1814e0f31102a2ee58402764db0d298a286035ba621739775f197b9ec23ef13c9b19753dbc9e9ab0efd461a175d03514c1197463a237af9bd69d3d7d7c66d2643fa91e7def292dd2c45b43c318612bc86b6f850888df9aefe3c170ac48d45473c403ea0e532d9c8e62668e10a20c804d71d968d1d3a8fc773cf717f76bf15943c77c384aacfb9d6b7ba445bb9f83c8ac1809a81111757c2d8da023d9be4ca79f7c3cf3f46ecd210156b3e71de9a6930e92a8f93b3f812c271", 0x1000}, {&(0x7f0000001440)="3866e533b7ffe82d76e3266d9dc5a3b01cb4f2616239dc44fd72daf8835ec2d3154e7bfb8d5c8d03b9982023605b2227a28f6c512cafd5a27972b5de176acfcbf1203f8b763c511ec61b5ffd75c5928261c662e6a643f9e32306e799e139f3f9ae7c24242564c7d6a00cd1014848456414f7bc201d77ed63ec89e2830fe19ad64f5c8a6b227d81eb17e1d5714fa99c1b4d0069480e599453be25bb3b83878446e93a0bbc5c67b5b52e5cc334a54e93ec9d97dca452f6010d6a85ae4e418b8be09bd9af6d5e1075855208642f", 0xcc}], 0x6, &(0x7f00000015c0)=[@dstopts_2292={{0x20, 0x29, 0x4, {0x2e, 0x0, '\x00', [@jumbo={0xc2, 0x4, 0x80000}]}}}], 0x20}}, {{&(0x7f0000001600)={0xa, 0x4e24, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, 0xfff}, 0x1c, &(0x7f0000002b00)=[{&(0x7f0000001640)="ededfc162148ef22a3ed243e8d0e623972dd56610bc541950c8e38f039683f4423521abd5fd1f1d0388be973b9808fefc5b7a363335e685deba1a12ef99d8fb6d162f7d64d56ea7a756d1d0e8a267b7587dc30f0dd90a68f58e5bc8ea6d82dc72bc79576f9d3d2ff2119d7399cabbf", 0x6f}, {&(0x7f00000016c0)="052255da17d48b3287fc436850ff3b4edd39d1b74b3a68894988fb941e5abfb2b061318a13566c29746ff4584dac3bca5d69c664e954a1c085fdd1f7bbd3ae425fc25cd6a2f338253d077f0f8caaa555e949dcd65431bd4b87a5a33d9e2bfb7ff656b0a9cc022198dea110cf66f67f85c1969273945581c485e2227bf302d6dbf84dcaceaae69ac9fc2d48085a9e475d", 0x90}, {&(0x7f0000001780)="2f1e926064995db4089f72460a8489345bd7b696735fa3b44c24f676e9a0da0bda7f184cc6d293aa32a4c906a3ec9cce7628b3a8138d270e9e4b09e78986e2aa1f31797257e0120d9407bfa0fbf28b894569adecff3fe947f10cae2d86c55d66c0b7142c1e886dab5bca8f2a64a3d9736baecb8280dbaa4feb26ba57ca1e09dbedfa3a34e655af9ed3d4a12ceb237fb3446d2951d359157a1bd4a9d1fb04ce274ce911cc31bbf6d0baba34537fc3408ccc4b8235da", 0xb5}, {&(0x7f0000001840)="4d1ce0f9120a366269a8a33c816ba11c76cbacc81c434d3566b9d7409fe55ef5ffc8094e7901e16e927e3d52cb35f9ee1039ae04d9191554b82ecfd90948cccb5c87af5e3d91ae7c2792df8ce85de8cae0e4fef03d5e6ec43bdd6dd4ecf079f88eb70dd0578009db3cc007c15fac689c8388af26259d21db8330fee8f2b8c873f082c9c903e52e4c0612b597cb97083d65a9682ba158832774996faaee01c8ea7a04f4ad9c1214d378680c9b103dccf8a92a7e8b83e8d023a856c3a2640ec1d5eaa0ede1452102aa643be6566cf3952bdfdbec72fa2e5168444ae6dbd5144f4d2e89a50423c271d59ebfe3976fe1e33cf5905b8501ece15fcedc42f688c061cefe82e5fbe9f5bc135ecb6d9c0d1450296b178b71fe345f107a3d33d6c47eaf096d7607faa556140581a022608a27e1f2135a88bcffdb326b81e8eb66c63a29523cbd74786142e0793e0cd0905e071ac3873035f2be00ee841e1bcb04c9f0dcf8578a8a54da873b45186c9ab85b9193b797bab38cc6ae30b2a83fe2a09f00bd3703790834e7bb2f946fd9b2c36dd4da4467f258a4c251b0fdf6edac7f93f9e0119703f0c58cfb0eb24607fad3444bb5d08aec4bfe3126466fab2ffe80fbb4f2181da0a1672c5df3aba3c0a28a75f8b8f379b4a691cee1f079d318e4f9e394013477e8c275f9dcd87099bebd3dbbe822e454ee2aa1f7af4bb73e4cabe3d65828d448a4bee24b5f53a217e308607ef56bbd998dad4a9fc26928c1294dee77b8633b50266e568f07104d0bb572192c731c82de0fa2f31e24095972abf2f5baa0a1fcc7bc2b84c0ce027f5593b51c22bc0ae40c7011f43ca1ceacc5c142aa43ddb367e0672947fcf563582cc2574c706b0d53c40453a69728bda2fef0ad399eba87937fa1082c8da81cc231e691add599efce71b27ee14efc10e7c33fb2bb0c39a037cb1651963670cdd88fd57995dc7cc4c0f696f42e24fac0498fb3dce7c4be44448797bda27f3b018330b2f05e2c635075a1cdc6c6054e3977dca2a894433d6ba975437ea977fd2df68b88b0b091ecd166dddf1463ce7c044d0a0868ab3e84d39ce8489bc6b30b82c41f4be7bb21a251d2ffc63041ca1c82fbf8da866d6f40cb565d876ff26ba16dce63a87fb9e10de443173d986985e16f5498f191482e7bc04b0c8313c5b58ffaa818554261d79ddc978d22422d70a22dd15b97893ddd848b0867f26cfae9f9b52d77325d4fbe94071e7f6bd9287c5c06dd9660981ccb20747ac9ccfef9fdac2d3e43215138617fac9aed085d0707c0139eab1c4c57e7ffeb2b8ce62ae0242e754ff493cf11c326fd27680109109724f5ecf35ada4385b9751b4b80eaceb6603fd9b62a6b37795776dbfe3b248450afedaac21253905fe99b54efaa01ae8234e3a8508e6516691d82d39bcee841fb28fa24e3370844a971fd6869cea5a05fdd2e4a5505dcadf6f4545d893447cdecfa7a2ef31ecbe26f13bb6f72a02e5d9fbec825bc9b65fb652834450a03193ed45b1a41e648a2634de3415b2bd9b291455e520913552f4d31505f143a36250a75004639f4c33918baff72243b4b048e8cc44444b564f8083348412596143c0bbd53217757c520d50722d05845edc2682f8ca911920879c48fe8a253896bbf1d1e0705a0ea35160bd8027b7457198c1ed50a3f683160396e14f1e3f89b9dda6782f3da3a10363e13ee778edd8f91480605fa7d22af4ba64bae920d3a209e2782f773023ec964630af100ebf57d0768b22c6d721f9054bf282a4eb80c066d8b50aa931ca6e8024a724f09554deaec651eb1c90089fa5dcde5c06e32f4ff5efcca9a1f26befd31eca16b3b38dcf546d6c608ee7eabe1e37df846c0885c3d396733abd835a4c7652fa839d1d1aa8889ad903b0152a6c997f9334f1e4a1f3b3f3d810e4aab5c127c016dd104ed485dd6fdd915f8c46685dc7f5abb0cd271eb6b8dcfaa0fbf3d1f3bd26749fe9e9ead0507a8ad2a22851fd77f02e2ec66e795de57474a9fe142032450a8404f33afd69d3174ac18af1df62c97eda8b59a09969a47fdc003dc9bffbb9e16f3a0fa4aea0797c4603720526d6d86fda7f6960d4968b9c5620cd813824867726b230dd6061f98242e25b2465f1a9cc48a9e9ad9feda0f6f723f0b1e3cddaca627167a44f2314daf7e20e2113ab8130d994d31be4ef3fdfd43a7b5f3e3d5a0539e368a7d74e92db32adaf8dde8696966f8e11737171acb2776f69941bd3474dce2e11478073ee7e9688e8186322d7b99c6bba46c7970caa8b8352635ded2dba2a54d87b3ede0e09c5e3d940162ef29f8622561767ca5a3e9d39026b88551bfef6d767c451119c82c8d72357cd88437378f7e44a9a1c644db03c76c09cdc23acce5244792c1486f9ca59ca9f497327181f8a0646de5fca8a675f352a3e12f4551ed1bd9d6549b28d4c1054891fff7c3d15f34c6905f2713541781af78188e428e20774edbfb0cd1e9510c1e6b1bfc0df65a0e769742c53cb62b34c59d7b762675c70513f2f38af8e57ab2a83d7f764cc1980b0e15e1cd98d0a2595bf24778cb0284272bc15097fa02f7c0c9653e8a204ee5ab70aa1c9c6c24272d18c2414c745b66e4d7943f7fccf794e91629957c5d9e2b9aee1be5928f927c843469887ca0cba31c098f59df8f7c71b9be2092abb79b11d8418612eaaa7abc85fb92324f9095339b0257bd536bacd8523b079c024905aff6d3b97e784d7404c216fde1082d71096128cc334e577fdd566e36a0c6f58aeb2f4382d2feca7ee751f9bb7199a04286e6e8c243e2d5be9e3a5ad77f6089005dbf8cc441e16ad2e3814367cdd15f0dd0fdd2739666cfc07f3a06cf4f9790257a865ee4b952531b89334e228f6ca44d468dbd4d34743ae9cedb51bbc91263cf2a620eaa8c3a87b9e8574da7f81d8d3f619355f91d7991f807c3acc860cd7672f81a3574290a5c5c0fcfd34cada6fc8c72f38276c9b4c19b49da7378dcde10fefa01bdd66e4eef3f37a0075306422384b4a5dfe04c33420eb25f966f219c8a3918d4da588256dcd32427aca2f533fe55d29b56b6703f9dd555b463e3fb9bb588774ad21a71887ae2a37193f93c10df2ce6c46edaf86662b5028648492a5ca1f32daecea23dfdf710b5038c4c087b699bd873e33063b29b28bb7b525baa9a910267e85c6467e7cca94ec5f2df283f4ff676d9049ede0a0ef74518fd1bec0409ee8b14a77439da42d388eb43d49189647649c118202c29eff9b73228e65400ee9dedabfba349dc1bb0dc207e33ea0f6451ea03386345b40e48bf31e84d9fbcefec732724b52031cda97ab63bc456a25c96ea47f63181fbf3ae692d3aef48ba9c569be98ac53c056bedcf0e77efee0354d8030df3b06067336af1e0dd86c95303bc8fc3bbc0aee403e5670d51dde8ed9f0f6043952af07c59d393ed8ceb2c1682e40142457353dc63c4036d76a53070f71c6c4fde129a3e800fccb99b297699af0ac7d4e0536d87f8df3a37efd1c6cb284410363d2881cc7a68c974241ff7bf177a731afaf51a0d2c57aeb60d84ab3a30c49d6a3f19b7d393a5fb8acc8ee27244ffec4a9283172b7e13ba5c15de231a751350b3e1dac2905a1f29f621e39a87144fa68c44ea1ef6a7d64ab0ed997ff5427483d66e3f861e9ab9ea37f8fe94740fc11076c87a45b087f2c90299b61efec9c0ea469abb1ceff14de380858a5be7c7d61c492baf83d4177de2b84fc95bed08e3e45936bf3977ee39c821ca410251d27e3a12b77feae8211cc13f87d5a456926450e5bcd9393fdd0ba914d6b1ab5e60982a96b8bf344dd969a367393a9129a2f4d784b90e281477ad9e76e65383406ef11d2a254d60897db8b0d40ca26b991d63b0a6b52c87af95ab3ed0a6116e51044019ea8fc07e5d9f9e9075161a52f515e916c9d06a35b8e3820c119a092061c3a70f7084b1a232b636178f84099fc19f2bc45b248bea79e1819902a5403bc50da2c11e551ed8baa01023b542295f0422ecc38abda79cba1f62529d0c983410f7aa5ce03bd52653c8e97fdd17203de46b869b1514a78453a8cc0bc61e85ba28ed54d591bad4955ec2793927551714bf5e1198356958d873cecfaf0b9ea4ca4a8bf68fe0fc809b5427cb5a4754b55066a3bd827276fd34f930e14daa8c27919343058c749bdc0a07e858c2e4d82d5407f44adf20c739bb28fc4396de5782f42e7f3dde624af614930247bc1666d456d71972fe10da85b593f46f988e5bd6f56e56ad266c6763118b95fdb990ae8ffe0d606484af147f3dd831338c1c614230d5da172c5b3c2447997de6ef82b6ca7a177d30f6ee821eef224282f0b2b8faa24ecc6600a4af9212e2591bb989d36c0b630a1dd9ff46d7eb5322698448d43ae9767f9606bd80d7b5c912ce196022b8d264d595149cfaf3a9baf8c3744c6cf99382e357d02e992bd30366622820a5429f2f3c3d08b66c7d64f07eec705a0bef9e280f049ddc20884f804919809da51e990cbe0fccfd1f839e360e11025246e8295f28b4334becbbadbbecfae4e660ab265b532e4c272fb7ccfb55ccd9486f34141cde11940acf4a0ed3a5defbe6a8b36ffd1164961421836d02ccca688657682629565385b590c56dd7afb6ae2063ff2d87d3a693e345a0a3ef963e118f4259ed5fa58afb3c6f49cc1741d59bc656f26bd3c9b19ce56a6539bf461c5dd5d63a0be8099b5a1c3be3a86cdbf256fc542393c0b27d0cb6d03641a78e97ec5f9b42bd0fa3240868bfc5358af1b2df9a622730ff609560d728b590994b1edfb46a431a960ce406994d9c255ff00f52f8550bbb32ada7b3f5b983a5b485ff65ce61e007add2fe5c5ed544370500a2a2b3846af4c115d38e5a84bc436ee39cb68c36d92f91b71bef08d245d667208eee197383cc94e5c3ca48f2710e5687f7c1026c1bd313af28bf06fbc5168f758ef32e5f84f4722d7646fd63a8bedca255ea9a8b72fdfbf3a1449394bdd894ce2712bc3ba7cec9e6d8c6fbb3c4bf9eb8fc613a47f593708d5f1a2ebf4fa88c475923eabc9761e1a984aac2762a71c85ad8b3f2484b20eb11a714e6dc7ff83b060332c3aa2c12245a07ac35a2f1769cdb7380b1d34a91ea6ed9e97319e2c2d7a547289aee9a4f1d7428d31de7fc9e66bd7ecf40dd92fc0a168cf19dfb704e0d7f3ba0967fe45a98c603d389b73cbf68e1e1c20bf2f75a8798ad4c6287cb66fed03e89393a6d4312cbabfda235c0975a6f84ea77ed6ee173571b900e323a86553dfdfcd945083e0427cbb7e9fb7bffcf2a94da5a130706b0ecb6f16374c57475b8b01866440b4a1051b8df2b8360b6947be6e8fe1efead0477cb536686b22908f622f38fb9247fbb0ac09e631633f3e7a6d17958a56506f67d1a23b2b6607fab999ce3c1e56e50e79ed9874ae68c4bfd5820a1921fd1b33ff33e8f7a0d84fe17a756bf5ca5b848324fa7bc35694982c4056e89892cd0566878dfbd3cfa0fc826538994e4b100d1659001bc2e14bdd15815b6d76bf3dcf9f5a870644366b413e03c584426334966c6bcb2725c02342f952add1176d08acc6333211f0e6c60a99b5b38de172e86b70d04a5631d99c973f496bc9e247bf87de736d314bd686a4a890c4f1f4d9e1d6d4108b7f2b9c4c3d3d2731cb1661c5f9e4be92d64058621dbf0de7d8c2f66ce39b3589fababe71a7afa751d7f7a474cb91d0ead16b470bb66b6371e996d6912bfc2d70526d823c9210ca4adaf2969e8b636d7fac871a9ed9a147594ebeddc72f9ecba47621623c5", 0x1000}, {&(0x7f0000002840)="5b9f4fdcb981000f5ee0820ffc1bc18b4c4e01171344e1b53a3bf223cb61a06d91f04acea2b33cd3933b51f342de50ec172bc530fa9a3c403eda7001b9ae8023b4c4dcda44715fc4ab307c7ebd4918b238a1930255bea37a5332da6dd87d6eb8f04b8d715434776ed0984fdbfa7036985ca0bba3e2af266bdf56c100e3fc840fdce9b161c07026e6ee197dff5ba0183cbf568dbeca16f20f09f1fcb906d10807dc90fc", 0xa3}, {&(0x7f0000002900)="84cef955ee2912d1530d14b2304a77f7654ebcb71c424689bcd1a1887f27c156d261a40133764d", 0x27}, {&(0x7f0000002940)="fe57bae78b5e85c80b504b740715d53b219586db4a8516dd67145812aa1e5e09a086f432a7ecdd028fe4c3eda8bcc5a850effef4e223e5a3", 0x38}, {&(0x7f0000002980)="db983b6fb8bbc2e45a27c9d3b8ef8a63e3c59097a8744a6cffc417bbac09a1c2a54cd357c26021a96f4e5ebefd72f75284e72a84216570d12a37f1175664f191d18065481d0676a94a2b2b0f394cf61609cabaa23954cbc065b694b1e109ce3f5f6cef24c4784cf045ba86841f2b0602985dbf76a522e6cc8cfa4a2806291c50d1c809500ea3c19ab133250127a31c2e3bd0b4b6cf132a4a69b7c0be62744c57b0cde60d614c02c3454662e3364155572258a8fb301f8b82bb17db2a866ecb247cebe1e5f5afb8b705dfce5b78c5c19afcea42af07d623", 0xd7}, {&(0x7f0000002a80)="729559dcc8b8b6bf9022245b6e34a3498c8dcecf20d81ce57c917abb07a253d1f3d60a67946ae5c8999b42357f56cd2e967b844e5792f15693b08d383509301445d781cea3fa1f4a7cc7b541e2b37ebf86efc0d2e1c58bc6597704718a8a92258435b8c5e3", 0x65}], 0x9}}, {{&(0x7f0000002bc0)={0xa, 0x4e23, 0x1f, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x8}, 0x1c, &(0x7f0000002fc0)=[{&(0x7f0000002c00)="6e19cf0512258c46ee8855e2d4a9974aec1cfcf10ac00c5db6b5c31b92f9f75a185a7cf94576aeab8ed1e816c726368b66e19a1d0a80492d04d37f", 0x3b}, {&(0x7f0000002c40)="92eaad58209beb84e966ef70a72da0275a3a11944fba302d3b9ffdacd974177abdd0", 0x22}, {&(0x7f0000002c80)="3051938e4057d0db2e656b3e460add30cb077970f0c1de6119787605b5499143c0f69d027e6f5e63e19dc857829e4ad982be87c798feb5574ecfcbcd5a8624bd49ebed398aa52dec521a4a364193c283d6b06e856b3ccbb4a7182300f71f8682cee00aa1cbaee4f21d948f990de2d11a1801341fb8e94bc7bdfe03d56356d52bf36faa2462188b66bc327f0287c49c89", 0x90}, {&(0x7f0000002d40)="e4a3ef090b472e6709c7580a9156ad92f841c466a1b07a2c9fe42af87db2cba3bc34bb39f555a6ec6443538ddfa13ede18cfbdd75f3269f0b7f4cc0fad00e06ffacf11fea2124eb93e8df057736b9e70c967337a7ccac70a32cc36a36f2965a52623baba310ce334d93c44e0d4ae26205200174a9c1e2f9efedcfbbbd2298e110934633d9d6729b0934470272e029411c97e938279124d9e782d5866c07e91aa53d1929aa9cd995d87b9f6eba1894fa59528e400789d9531af049cdc7be0a294e869a930b0a869f575bdb05ee600c192537a1bf483ba86e67f78bde1217eb822baa8a2d2b7a5820724f2eaab8ad0d792564413587f6b068a91a433", 0xfb}, {&(0x7f0000002e40)="d9eb3b9f1e202eb98d25550dee58076e98e29727d96f5fd875c4e38e16af9c82ac41438679f96fd2c4bf0321b3cef29cfc486b72759ded73142ddb251534526a6897551d414761", 0x47}, {&(0x7f0000002ec0)="266fbaafafec20dc0f13dc644ae73772659d476a6ccaf426796c2488cddf96f345a0e606a9814ef1ec15ab109d05b67a7fc55940d1de6f337d08b5da652f1727f9163777b417a03cbc97054b54658e5f3cf9250a443982de3ece51131e5835df8826867901ab037b10424239c749f4f497994e46a6d1b78b4493d5bd759017520264d32d0dcd7431d4403a845f1613a83c809ae02aed79318215597c0efb318c9cc80a01a2171cbba1290606b3556dd989c33cc32d48589f2a54f96ba74f37d4e517c8f1c19a351275e1cd0a734804c467e8cf722fb8dd1e4ed3f38e1677fc76bc0215987d7d8d4d0cf26b6b17", 0xed}], 0x6, &(0x7f0000003040)=[@pktinfo={{0x24, 0x29, 0x32, {@private2={0xfc, 0x2, '\x00', 0x1}}}}, @hopopts={{0x28, 0x29, 0x36, {0x87, 0x1, '\x00', [@jumbo={0xc2, 0x4, 0xff}, @jumbo={0xc2, 0x4, 0x800}]}}}, @hopopts_2292={{0xd8, 0x29, 0x36, {0x3a, 0x17, '\x00', [@generic={0x5, 0xbd, "a7d8c11a5ded673dd3c538480c36d86f9963b975240b26a74ea06644f21abed25238e210bc87023ae0140dce20cf1bc626e47895879a0cce95a85ea21fcced2c519976e2a94b457248cedde66268acbfcaf5a267512a9ecbfd7346ab7ece30db7922f4cdf1098b5bdd71dba42f152efd1fa6579bde7d65377ed8ec89c6a6ecaca7c8e2beff43b01698d28f5b99a9b9f52eca7f33c26f8d34c4afd34db2f59380afde4d7dededc80e5572083c80e6d882f444d2642e1d7c1f127db2dd3d"}]}}}, @hoplimit={{0x14, 0x29, 0x34, 0x4}}, @dontfrag={{0x14, 0x29, 0x3e, 0x7f}}, @dstopts={{0x48, 0x29, 0x37, {0x89, 0x5, '\x00', [@jumbo={0xc2, 0x4, 0x7f}, @hao={0xc9, 0x10, @private0={0xfc, 0x0, '\x00', 0x1}}, @hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}}, @enc_lim={0x4, 0x1, 0x4}]}}}, @rthdrdstopts={{0x90, 0x29, 0x37, {0x6, 0xe, '\x00', [@pad1, @pad1, @pad1, @hao={0xc9, 0x10, @private0}, @jumbo={0xc2, 0x4, 0xfff}, @padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @enc_lim={0x4, 0x1, 0x1}, @ra={0x5, 0x2, 0x3ff}, @calipso={0x7, 0x40, {0x0, 0xe, 0x4, 0x9, [0x5, 0x4, 0x3, 0x2, 0x1, 0x8, 0x7]}}]}}}, @hoplimit={{0x14, 0x29, 0x34, 0x1}}, @dstopts_2292={{0x30, 0x29, 0x4, {0x2f, 0x2, '\x00', [@hao={0xc9, 0x10, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}]}}}], 0x278}}], 0x3, 0x200008d1) r1 = syz_io_uring_setup(0x1b3d, &(0x7f0000000180), &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READ_FIXED={0x4, 0x1, 0x2007, @fd=r1, 0x800, 0x4, 0x7fffffff, 0x12, 0x0, {0x1}}, 0xfc) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) [ 1314.390641] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1314.390669] irq event stamp: 819 [ 1314.390691] hardirqs last enabled at (825): [] vprintk_emit+0x490/0x4e0 [ 1314.390712] hardirqs last disabled at (830): [] vprintk_emit+0x422/0x4e0 [ 1314.390734] softirqs last enabled at (618): [] asm_call_irq_on_stack+0x12/0x20 [ 1314.390755] softirqs last disabled at (609): [] asm_call_irq_on_stack+0x12/0x20 [ 1314.390764] ---[ end trace b4cc0e1c5fba8ccb ]--- [ 1314.516546] netlink: 'syz-executor.6': attribute type 16 has an invalid length. [ 1314.527263] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=83 sclass=netlink_route_socket pid=8846 comm=syz-executor.2 [ 1314.672066] FAULT_INJECTION: forcing a failure. [ 1314.672066] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1314.674759] CPU: 1 PID: 8853 Comm: syz-executor.0 Tainted: G W 5.10.245 #1 [ 1314.676539] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1314.678366] Call Trace: [ 1314.678946] dump_stack+0x107/0x167 [ 1314.679744] should_fail.cold+0x5/0xa [ 1314.680580] __alloc_pages_nodemask+0x182/0x600 [ 1314.681597] ? __alloc_pages_slowpath.constprop.0+0x2310/0x2310 [ 1314.682927] ? walk_mem_res+0x170/0x170 [ 1314.683803] alloc_pages_current+0x187/0x280 [ 1314.684766] pte_alloc_one+0x16/0x1a0 [ 1314.685594] __pte_alloc+0x1d/0x330 [ 1314.686401] remap_pfn_range_internal+0x9a3/0xf60 [ 1314.687472] ? lookup_memtype+0x5b/0x200 [ 1314.687505] ? apply_to_existing_page_range+0x40/0x40 [ 1314.687536] remap_pfn_range+0xcd/0x160 [ 1314.687558] ? remap_pfn_range_notrack+0x70/0x70 [ 1314.687580] ? memcg_slab_post_alloc_hook+0x17a/0x430 [ 1314.687606] io_uring_mmap+0x398/0x530 [ 1314.687628] mmap_file+0x5e/0xe0 [ 1314.687646] mmap_region+0xc4d/0x1500 13:32:55 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a40)={0x2c, 0x1a, 0xc21, 0xf, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}, @nested={0x10, 0x10, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}]}]}, 0x2c}}, 0x0) 13:32:55 executing program 3: read(0xffffffffffffffff, &(0x7f0000000100)=""/68, 0x44) pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) sendfile(r0, 0xffffffffffffffff, 0x0, 0x100000001) [ 1314.687677] do_mmap+0x868/0x1370 [ 1314.687704] vm_mmap_pgoff+0x198/0x1f0 [ 1314.687727] ? randomize_page+0xb0/0xb0 [ 1314.687759] ksys_mmap_pgoff+0x41c/0x560 [ 1314.687780] ? find_mergeable_anon_vma+0x250/0x250 [ 1314.687804] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1314.687825] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1314.687847] do_syscall_64+0x33/0x40 [ 1314.687866] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1314.687878] RIP: 0033:0x7f55e908fb62 [ 1314.687895] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1314.687905] RSP: 002b:00007f55e66050f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1314.687925] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f55e908fb62 [ 1314.687936] RDX: 0000000000000003 RSI: 0000000000048140 RDI: 0000000020ffe000 [ 1314.687947] RBP: 0000000020ffe000 R08: 0000000000000004 R09: 0000000000000000 [ 1314.687958] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000140 [ 1314.687969] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1314.700438] FAULT_INJECTION: forcing a failure. [ 1314.700438] name failslab, interval 1, probability 0, space 0, times 0 [ 1314.700460] CPU: 1 PID: 8857 Comm: syz-executor.4 Tainted: G W 5.10.245 #1 [ 1314.700470] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1314.700475] Call Trace: [ 1314.700495] dump_stack+0x107/0x167 [ 1314.700516] should_fail.cold+0x5/0xa [ 1314.700536] ? xas_alloc+0x336/0x440 [ 1314.700553] should_failslab+0x5/0x20 [ 1314.700571] kmem_cache_alloc+0x5b/0x310 [ 1314.700595] xas_alloc+0x336/0x440 [ 1314.700616] xas_create+0x34a/0x10d0 [ 1314.700643] ? kernel_text_address+0xf2/0x120 [ 1314.700663] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1314.700684] xas_store+0x8c/0x1c40 [ 1314.700717] __xa_store+0x164/0x2d0 [ 1314.700737] ? xa_delete_node+0x280/0x280 [ 1314.700763] ? trace_hardirqs_on+0x5b/0x180 [ 1314.700789] xa_store+0x31/0x50 [ 1314.700809] __io_uring_add_tctx_node+0x1cf/0x520 [ 1314.700828] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1314.700853] ? alloc_fd+0x2e7/0x670 [ 1314.700883] io_uring_setup+0x1fbb/0x2980 [ 1314.700910] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1314.700925] ? wait_for_completion_io+0x270/0x270 [ 1314.700966] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1314.700985] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1314.701006] do_syscall_64+0x33/0x40 [ 1314.701025] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1314.701037] RIP: 0033:0x7f943fb71b19 [ 1314.701053] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1314.701063] RSP: 002b:00007f943d0e7108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1314.701083] RAX: ffffffffffffffda RBX: 00007f943fc84f60 RCX: 00007f943fb71b19 [ 1314.701094] RDX: 0000000020ffc000 RSI: 0000000020000180 RDI: 0000000000001b3d [ 1314.701105] RBP: 0000000020000180 R08: 0000000020000140 R09: 0000000020000140 [ 1314.701116] R10: 0000000020000200 R11: 0000000000000202 R12: 0000000020000140 [ 1314.701127] R13: 0000000020ffc000 R14: 0000000020000200 R15: 0000000020ffe000 [ 1314.801144] netlink: 'syz-executor.6': attribute type 16 has an invalid length. VM DIAGNOSIS: 13:32:55 Registers: info registers vcpu 0 RAX=0000000000530076 RBX=00000000c0010200 RCX=00000000c0010200 RDX=0000000000000000 RSI=ffffffff8100c08c RDI=ffff888047289168 RBP=0000000000000000 RSP=ffff88806ce09c08 R8 =0000000000000000 R9 =ffff88806ce219e7 R10=0000000000000000 R11=0000000000000001 R12=dffffc0000000000 R13=ffff88806ce217e0 R14=ffff88806ce219e0 R15=0000000000530076 RIP=ffffffff8100c0ea RFL=00000056 [---ZAP-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f5cb8e8d700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000561603fbc0e8 CR3=0000000016d72000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=ffffffffffffffffffffffffffffffff XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822e4091 RDI=ffffffff879f8240 RBP=ffffffff879f8200 RSP=ffff88800f7b7518 R8 =0000000000000001 R9 =0000000000000003 R10=0000000000000000 R11=0000000000000001 R12=0000000000000020 R13=0000000000000020 R14=ffffffff879f8200 R15=dffffc0000000000 RIP=ffffffff822e40e8 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f38b5ac4700 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000020000280 CR3=0000000043098000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00007f38b86357c000007f38b86357c8 XMM02=00007f38b86357e000007f38b86357c0 XMM03=00007f38b86357c800007f38b86357c0 XMM04=ffffffffffffffffffffffff00000000 XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000