r [ 1383.327971] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1383.329855] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1383.331170] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1383.332572] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1383.333269] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1383.334575] blk_update_request: I/O error, dev loop4, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1383.335886] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1383.337173] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1383.337867] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1383.339501] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1383.340157] blk_update_request: I/O error, dev sr0, sector 2096901 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1383.341782] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1383.342790] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1383.345021] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1383.345992] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1383.346945] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1383.347897] Buffer I/O error on dev loop4, logical block 2096903, async page read [ 1383.367904] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1383.368717] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1383.370268] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1383.370953] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1383.372344] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1383.373110] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1383.374135] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1383.375156] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1383.376172] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1383.377245] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1383.401197] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1383.402017] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1383.402768] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1383.403509] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1383.404249] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1383.404973] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1383.405718] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1383.406462] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 00:09:26 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 3) 00:09:26 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:09:26 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @u32=0x4}]}, 0x1c}}, 0x0) 00:09:26 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) r1 = signalfd(r0, &(0x7f0000000240)={[0x10001]}, 0x8) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r4, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) stat(&(0x7f0000000040)='./mnt\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0xffffffffffffffff, r5, 0x0) stat(&(0x7f0000000040)='./mnt\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0xffffffffffffffff, r6, 0x0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000200), 0x1110000, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@access_uid={'access', 0x3d, r5}}, {@posixacl}, {@msize={'msize', 0x3d, 0x7}}, {@privport}], [{@smackfshat={'smackfshat', 0x3d, '[,,\xb9'}}, {@dont_measure}, {@euid_lt={'euid<', r6}}, {@subj_user={'subj_user', 0x3d, '/dev/usbmon#\x00'}}, {@obj_type={'obj_type', 0x3d, '/dev/usbmon#\x00'}}, {@context={'context', 0x3d, 'unconfined_u'}}, {@context={'context', 0x3d, 'sysadm_u'}}]}}) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000440)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_MESH_CONFIG(r2, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x70, r3, 0x0, 0x70bd2d, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x4c}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r4}, @NL80211_ATTR_IFINDEX={0x8}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x49}, @NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_AWAKE_WINDOW={0x6, 0x1b, 0x800}, @NL80211_MESHCONF_HWMP_ROOT_INTERVAL={0x6, 0x18, 0x218}]}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x9, 0x5b}}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x20, 0x6}}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r7}]}, 0x70}, 0x1, 0x0, 0x0, 0x40000c0}, 0x10) r8 = memfd_create(&(0x7f0000000000)='/dev/usbmon#\x00', 0x2) ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r0, 0x8008f513, &(0x7f0000000040)) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r8, 0xc0c89425, &(0x7f0000000100)={"bd8ffc24ea260c2688cbb0fef36ab170", 0x0, 0x0, {0x44c6, 0x5}, {0x9, 0xe81}, 0x1, [0x10000, 0x4, 0x7, 0x4000000000000000, 0x800, 0x94, 0x5, 0xd57, 0x80, 0x6, 0x0, 0x200, 0x9, 0x9, 0x1ff, 0x9f]}) 00:09:26 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="240000001804210c000000000000000002000000080000000400000008000500025b45eea02972ea0be6d3d629813c", @ANYRES32=0xee01, @ANYBLOB], 0x24}}, 0x0) ioctl$MON_IOCX_MFETCH(r2, 0xc0109207, &(0x7f0000000040)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8, 0x1}) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x8a37a) 00:09:26 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x4}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:09:26 executing program 5: socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r0 = syz_open_dev$usbmon(&(0x7f0000000040), 0x5, 0x40400) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r3, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x6611) sendmsg$NL80211_CMD_SET_PMKSA(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x60, 0x0, 0x200, 0x70bd2b, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x7f, 0x15}}}}, [@NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0x1ff}, @NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0x401}, @NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0x7fff}, @NL80211_ATTR_PMKID={0x14, 0x55, "ff5ab374f654490b04c15c29de5e156f"}, @NL80211_ATTR_PMKID={0x14, 0x55, "2102ea2b410c896f48df4b8bb45b1776"}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000010) 00:09:26 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0x6, 0x3, 0x21, 0xc2, 0x0, 0x80, 0x40, 0xd, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x3, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3ff, 0x0, @perf_bp={&(0x7f0000000080), 0x8}, 0x140, 0x1, 0x5, 0x9, 0xffffffff, 0x0, 0x2, 0x0, 0x1f}, 0xffffffffffffffff, 0x9, r1, 0x8) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) pivot_root(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040)='./file0\x00') [ 1396.485987] __nla_validate_parse: 4 callbacks suppressed [ 1396.485995] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1396.496166] FAULT_INJECTION: forcing a failure. [ 1396.496166] name failslab, interval 1, probability 0, space 0, times 0 [ 1396.498301] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1396.498903] CPU: 0 PID: 15723 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1396.501429] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1396.503286] Call Trace: [ 1396.503874] dump_stack+0x107/0x167 [ 1396.504694] should_fail.cold+0x5/0xa [ 1396.505561] ? create_object.isra.0+0x3a/0xa20 [ 1396.506583] should_failslab+0x5/0x20 [ 1396.507438] kmem_cache_alloc+0x5b/0x310 [ 1396.508356] create_object.isra.0+0x3a/0xa20 [ 1396.509360] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1396.510499] kmem_cache_alloc_trace+0x151/0x320 [ 1396.511554] io_uring_setup+0x258/0x2980 [ 1396.512050] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1048 sclass=netlink_route_socket pid=15731 comm=syz-executor.6 [ 1396.512471] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1396.512496] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1396.516365] ? wait_for_completion_io+0x270/0x270 [ 1396.517472] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1396.518645] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1396.519799] do_syscall_64+0x33/0x40 [ 1396.520640] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1396.521802] RIP: 0033:0x7f347623eb19 [ 1396.522308] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1048 sclass=netlink_route_socket pid=15732 comm=syz-executor.6 [ 1396.522639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1396.528448] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1396.530174] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1396.531782] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1396.533402] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1396.535001] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1396.536595] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 [ 1396.545733] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1396.563071] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1396.766356] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.767021] print_req_error: 38 callbacks suppressed [ 1396.767032] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1396.768867] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.769504] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1396.770736] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.771358] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1396.772583] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.773196] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1396.774447] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.775049] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1396.776274] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.776875] blk_update_request: I/O error, dev sr0, sector 2096901 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1396.778109] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1396.779313] buffer_io_error: 14 callbacks suppressed [ 1396.779320] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1396.780761] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1396.781968] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1396.782846] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1396.784035] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1396.784903] blk_update_request: I/O error, dev loop4, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1396.786111] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1396.786983] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1396.787850] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1396.788783] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.789468] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1396.796234] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1396.797119] Buffer I/O error on dev loop4, logical block 2096903, async page read 00:09:39 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:09:39 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e23, 0x3, @mcast1}, 0x1c) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCX_MFETCH(r0, 0xc0109207, &(0x7f0000000080)={&(0x7f0000000040)=[0x0, 0x0, 0x0], 0x3, 0x2}) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, &(0x7f0000000100)=0x80, &(0x7f0000000140)=@l2tp={0x2, 0x0, @local}, 0x0, 0x800}, 0x9) accept(0xffffffffffffffff, &(0x7f0000000200)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @loopback}}}, &(0x7f0000000280)=0x80) 00:09:39 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x93, 0x4, 0x0, 0x4, 0x0, 0x3, 0x4400, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x1) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r4, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) sendmsg$nl_generic(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0x1, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0) r7 = socket$netlink(0x10, 0x3, 0x0) r8 = fcntl$dupfd(r7, 0x0, r7) sendmsg$nl_generic(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) socket$netlink(0x10, 0x3, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_EPOLL_CTL=@mod={0x1d, 0x3, 0x0, 0xffffffffffffffff, &(0x7f00000001c0)={0xe}, 0xffffffffffffffff, 0x3, 0x0, 0x1}, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') 00:09:39 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x300}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:09:39 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @u32=0x4}]}, 0x1c}}, 0x0) 00:09:39 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) r1 = dup(r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r4, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) dup(r2) io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x44c, 0x0, &(0x7f0000000000)=[r0, r0, 0xffffffffffffffff, r0, r0, r0, r1, 0xffffffffffffffff]}, 0x8) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) ioctl$MON_IOCX_MFETCH(r1, 0xc0109207, &(0x7f0000000100)={&(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8}) 00:09:39 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 4) 00:09:39 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) ioctl$MON_IOCG_STATS(0xffffffffffffffff, 0x80089203, &(0x7f0000000000)) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) [ 1410.344133] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. [ 1410.349884] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1410.374313] FAULT_INJECTION: forcing a failure. [ 1410.374313] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1410.376495] CPU: 0 PID: 15858 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1410.377657] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1410.379010] Call Trace: [ 1410.379448] dump_stack+0x107/0x167 [ 1410.380045] should_fail.cold+0x5/0xa [ 1410.380684] __alloc_pages_nodemask+0x182/0x600 [ 1410.381460] ? lock_release+0x680/0x680 [ 1410.382111] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 1410.383097] ? lock_downgrade+0x6d0/0x6d0 [ 1410.383783] alloc_pages_current+0x187/0x280 [ 1410.384504] kmalloc_order+0x35/0x160 [ 1410.385143] kmalloc_order_trace+0x14/0xa0 [ 1410.385861] io_uring_setup+0x33c/0x2980 [ 1410.386556] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1410.387401] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1410.388279] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1410.389130] do_syscall_64+0x33/0x40 [ 1410.389764] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1410.390614] RIP: 0033:0x7f347623eb19 [ 1410.391225] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1410.394292] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1410.395540] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1410.396727] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1410.397913] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1410.399082] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1410.400262] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:09:40 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x4000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1410.401981] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1410.416126] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. 00:09:40 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:09:40 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 5) 00:09:40 executing program 4: r0 = accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x0, @fixed}, &(0x7f00000000c0)=0xe, 0x0) r1 = syz_mount_image$tmpfs(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x51, 0x2, &(0x7f0000000380)=[{&(0x7f00000001c0)="7c191d5cad1b38c304dd652b5622d2068f9925f2f6ef87925163f21c0381fd745d20ccebc4f478daf21542c491fa18235963b6d32af4897dc2020ce53a45a82b027ff47f765fddf2973f355f47c65fde368a1ebe5e17b2d5ec9d1abdd2cfedc97f3099ff1c283d52cbdf592bc61115b2d7da2b8f1c2d8036c621a85f58bdd7713f8f3fcc6bbb289a083ba7f8f70fad335d1c0ba9a7bbb1ca109bd229", 0x9c, 0x1f}, {&(0x7f0000000280)="fff2696e31a23da983fd82e8f585add903e50ad419499869ebb89896ea8eed8adf00e3aa6c54aaf83a2e47276a657f5d40bd4a63458b93a9c72cfe3c8fac2b048b861905582f9e944ab667f5f80fb895cacbdf440584e02b703d64835455aae91e18ea81f506cadfbf3b6845935f41aeef83efe9bc9c60e5074344143f5f620b75a634a7d08ef38f46a12703dbd1ac21f227d23592cd97fd00b4a53e6428a86476a41fa138417a0b856d7d7e81ada38145a39fd793170d4ab2ddf42177fc63419f330c", 0xc3, 0xa000000}], 0x218048, &(0x7f00000003c0)=ANY=[@ANYBLOB='lugC=nefer,appraise,smacransmute=,fowner<', @ANYRESDEC=0xee00, @ANYBLOB="1e3e00344c07", @ANYRESDEC=0xee00, @ANYBLOB="2c66756e633d504f4c4943595f434845434b2c6673636f6e746578743d73746166665f752c6f626a5f757365723d5e20ab2c00"]) r2 = dup2(r0, r1) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r5, @ANYBLOB="14000400766574ec255f746f5f626f7e640000000800050009"], 0x40}}, 0x0) fallocate(r3, 0x40, 0x3b29ff73, 0x8) r6 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_SET_PATH_EMPTY(r2, 0x4, &(0x7f0000000480)='.\x00', &(0x7f00000004c0)='./file1\x00', r6) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') 00:09:40 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) fadvise64(r0, 0x0, 0x3, 0x2) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x1}}, './file0\x00'}) ioctl$MON_IOCG_STATS(r1, 0x80089203, &(0x7f0000000040)) [ 1410.487687] FAULT_INJECTION: forcing a failure. [ 1410.487687] name failslab, interval 1, probability 0, space 0, times 0 [ 1410.489964] CPU: 1 PID: 15866 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1410.491364] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1410.493060] Call Trace: [ 1410.493614] dump_stack+0x107/0x167 [ 1410.494357] should_fail.cold+0x5/0xa [ 1410.495137] ? create_object.isra.0+0x3a/0xa20 [ 1410.496062] should_failslab+0x5/0x20 [ 1410.496833] kmem_cache_alloc+0x5b/0x310 [ 1410.497670] create_object.isra.0+0x3a/0xa20 [ 1410.498558] ? kasan_unpoison_shadow+0x33/0x50 [ 1410.499489] kmalloc_order+0xfe/0x160 [ 1410.500269] kmalloc_order_trace+0x14/0xa0 [ 1410.501124] io_uring_setup+0x33c/0x2980 [ 1410.501965] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1410.502940] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1410.503966] ? wait_for_completion_io+0x270/0x270 [ 1410.504962] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1410.506031] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1410.507067] do_syscall_64+0x33/0x40 [ 1410.507816] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1410.508855] RIP: 0033:0x7f347623eb19 [ 1410.509621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1410.513349] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1410.514897] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1410.516341] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1410.517794] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1410.519233] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1410.520684] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:09:40 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x2000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:09:40 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_open_dev$vcsu(&(0x7f0000000000), 0xff, 0x8080) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x80000aaac9) [ 1410.585994] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. 00:09:40 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x3000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1410.636291] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1410.964283] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1410.965411] print_req_error: 6 callbacks suppressed [ 1410.965429] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1410.968637] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1410.969780] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1410.971966] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1410.971989] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1410.974792] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1410.975827] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1410.979926] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1410.979952] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1410.979971] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1410.982098] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1410.982761] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1410.988991] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1410.991163] blk_update_request: I/O error, dev loop4, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1410.991231] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1410.993935] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1410.994979] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1410.999057] blk_update_request: I/O error, dev loop4, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1410.999113] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1411.001861] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1411.002993] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1411.005005] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1411.006017] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1411.008022] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1411.011042] Buffer I/O error on dev loop4, logical block 2096903, async page read [ 1411.040491] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1411.041711] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1411.041748] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1411.044874] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1411.044883] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1411.044990] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1411.049034] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1411.050234] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1411.051386] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1411.052630] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1411.089112] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1411.090722] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1411.091908] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1411.093064] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1411.094269] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1411.095427] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1411.096589] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1411.097764] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1411.142630] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1411.143844] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1411.146060] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1411.147252] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1411.148425] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1411.149600] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1411.150765] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1411.151934] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1411.170788] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. [ 1424.849903] FAULT_INJECTION: forcing a failure. [ 1424.849903] name failslab, interval 1, probability 0, space 0, times 0 [ 1424.851227] CPU: 1 PID: 15999 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1424.852005] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1424.852941] Call Trace: [ 1424.853264] dump_stack+0x107/0x167 [ 1424.853691] should_fail.cold+0x5/0xa [ 1424.854143] ? io_uring_setup+0x40b/0x2980 [ 1424.854635] ? io_uring_setup+0x40b/0x2980 [ 1424.855138] should_failslab+0x5/0x20 [ 1424.855573] kmem_cache_alloc_trace+0x55/0x320 [ 1424.856112] io_uring_setup+0x40b/0x2980 [ 1424.856585] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1424.857151] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1424.857743] ? wait_for_completion_io+0x270/0x270 [ 1424.858326] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1424.858941] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1424.859549] do_syscall_64+0x33/0x40 [ 1424.859986] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1424.860586] RIP: 0033:0x7f347623eb19 [ 1424.861017] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1424.863186] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1424.864051] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1424.864883] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1424.865692] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1424.866537] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1424.867376] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 [ 1424.881435] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. 00:09:54 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x7f, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x8ece3000) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x6c2a2) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1000000, 0x8010, 0xffffffffffffffff, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x4, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0xac063a83893305af}, 0x95) 00:09:54 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) r1 = syz_open_dev$vcsu(&(0x7f0000000000), 0x6, 0x8000) ioctl$MON_IOCQ_RING_SIZE(r1, 0x9205) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x4000010, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:09:54 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x1f, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000000)='./file0\x00', 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10831, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:09:54 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:09:54 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:09:54 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x4000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:09:54 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r3, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) close_range(r1, r0, 0x2) syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') 00:09:54 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 6) [ 1424.896124] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1424.910183] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. 00:09:54 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 7) 00:09:54 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0xc1f9a000) socket$netlink(0x10, 0x3, 0x0) openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="b800000013000100000000000000000010ffffff00000000000000000c000000ff02002f0e000000000000000000000100000000000000000a00403c00000000083844aad0b9e05a374cb3850c099ea670b3b99ad764fdd18a7c9da8ef4ae8a5683f0000002e7fdc1aa6037d85246febea8d96263fe921e056512b50b8896d8b7aaffe0f", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000"/112], 0xb8}}, 0x0) r2 = pidfd_open(0xffffffffffffffff, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000180)={r2, 0x0, 0x800, 0x2}) r3 = perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x7, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/packet\x00') dup3(r4, r3, 0x0) syz_io_uring_setup(0x5606, &(0x7f0000000040)={0x0, 0xef33, 0x0, 0x3, 0x256, 0x0, r4}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=0x0, 0x0) pipe2(&(0x7f00000014c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0xc000) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0) syz_io_uring_submit(r5, 0x0, &(0x7f0000000280)=@IORING_OP_WRITE={0x17, 0x5, 0x0, @fd, 0x11aa7d53, 0x0, 0x0, 0x12, 0x1, {0x0, r7}}, 0x6) syz_io_uring_submit(0x0, 0x0, &(0x7f0000001480)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000480)="a86b250a0b673d58e647d59aa3ed1ce829f488df1b605168be3b4565051bc04aa6713448cf73a670e9ec210605032f05ca6acb0da7fec68dd53250af6a048bc360359cd1cb2de0b474278c0bf7939208fe49442fae2a4c67f092053db682aef034c592981849e226a8d3163f0eb99952a89e3fcb3cb3fc809626a09380ec9683b29838473ac8f631fc9779557e75851df910a6a77858c1f68629a16c76fc077223f2cfe70758efb50f7c1a05d2723db625a4ecabada70e5ccc83a4f41149b5edb74e09e265e299511435baa459e0aa5cd752f1fa8d6e8fc69748e8fee543011540e4c64164964080d5b8939783516aa486afe3440d4219eb52e204a9b5a2683f76686c2262a5aa76081304305b713b08d6fb8f9d60102888f12cce73bd619d0f9db59daab98bfce53bce107a48c7008511663cfca06af0898fcc2c1e045f1bdcd608c52fa12f52737810a4bdcef4b12e9a0eba82b22f7fcc2f328c03b00f796f2a7af07292cce2ff2bd6c0ea18298aa5551c0e3f52e2785fca169338d6be171506ddfb25970d435da36a51ee54c2158c6dfa67896601f4c389a431bae999b429641b8f47143e339940169699b8f9345d2df361ca4e0bf20c8c01d5c9610fb34e16ea9aa531fb785f62cccec66537a9d1411f6be290b998aa618077483eea143dcd00e9ae4be179834eed71a6710a0314f4dfb4dc1a4652dbcfd613b56adceeaddc76bdd4b53f6a3cac0acfd03fc6a3120fc2bcd37b20a221cd63712021b95d6c5c0d1bca39a556a0ffddbd4c5801b6e5a9b401bcdade9a5eaf48e09b966c3eb58e2ded8106a28c9204f394c01928c556acd0c6aae81e4e3856c622214132cc5a9abf18c5eaef88661405cc30f0cdf8a264b2590cd2e335a13a703bc506d97430168a64deb2f852624cec1d993c05c3e17fd2eba3235d9b188ff419bbf2e08676c109cc33b747b668ea16af294e7ca2b373a94a3e7160a6232c46544c1b67e96822c08c7a1431329be0a341e483fb615ced56b5d6592d7b0f8502604eb2fcba5c6a7a66a5ab86ea9542dbd6f5bec4070e4d73a762070dd800adef5ae8a2797c2607c4c7bc350afb6257e9dce527a8931451c8216b7bc39c36c051fee01af5b45b6019a421b51472b6578707ca00cb1635bf4e08a938c96ceee8e8dca38f5a16f7c96ff565521b5f6f1742df63ec0011c5647272fac4208dde74089c496281683bbf18f3284f9395574b5bf77d937c3ba3562a5d79d613787992e3798a918ddd9558015c1398cfc970704aeb848d065e869753870448a381e22e780b22f857e29aea44018dd276d1132934b1e8b0a30e20847c8b7e633614e59a77196039c7eccc2d641cdc0b545fd2faed306d76a60c3f8431ffde5d8c90fdb273dc17a29a106839e87b4de39c8b1f79d7f0b511c8882757d203cda79f4a733a7395c08f72ed6c29ddbbbca13aa71817448812e1d6d6aa1a698f16c7281788632db33df5daf6a9ffec6d5367f422fe038e176417c3c7f57acbfc35db4ebed337ced045b51509e335a9fc538bb24dbadc5a8e4dad926e0bd77d4c10aba5f72e452bf74940dbaeed3b2247273a2e5d3ae944d9dc10069377fe7cec6e49f2b463babd7b1837f0e997b172f4971e2db378575030d28b4872864a59be37f2332e79b951e681f0cbbbedb385d48da7d53586d5c239244abeae8e6ab1efeaab21af28d94b55f21a7dfda8e09d42756eec9c28ea67a7092e316a507f8770efc040f5994335b23646ebd722c9e810b2d6afeedce9cf0d181d667c903a258b9faa7eb51a149293e295983e4a302305bb145d08348aea9ce33c31266016731b2c1d475ed35e6b91a47acb3ff86aa6e3a348f9c3f72ba51136395737e3ffb5c2c680e303a80063ddc960d2203170e171a7bbc5e401ae0ec48e09bd235757dd0b036064b2faaa364230c62ab976d09f39821aa7074f1822101ff1d3f0ffb55d8ec3ebd6651d8ce724f3d2c462f490a39da182bba80bebc2877ce44d25a8e5ba1b2c608b1b9b6033f3c02ca23f3cf63fbe105251a246bc98b4d28202912060258099ae35b4aa8e720c9ca6b2fa6ea75dda3f7d4178fb83d0c9e86f552153d33e161889e7652f0c64f139970bc7c252db9b09bf8ab166e42eba3f3ca5716e7651ed585658921c55f4f20570ff0067d43cb25e157c91df4fc57b4386a4b9c3c6bca269f12842a2aba34bd5ab28fe54c4335026807c1a59c08fd8084a860bc32a6a85402fd8f6766b07bcb4d149bf70cc7b02a6630b037c7ff118ef92e9fa770373ae184606391f7444ce5301f7294c341299ad3d077dc93f334924079dd4d4df5fb501aa312f6b7dcc5f06fae87defeb23b0f6b70dd468aca34b3cb799badcbf8cd879f0418fe0d9bb083c92ed315b51e10da7dead45f8f6ee81a1539bae17b9434f6ab54a80e871b3e2f5ae30efcd42a84dbac70c6f9dee684e1ca33a2af8ea93cc233131a433b8ffe901d958edd2c5c7d535453c5fbd7f3d367d810a91111c10128d3ced036bb7cab0aa0bf89325f44bdf942e8bde68df8f193cc41e8e6b18c4265e7fc5a46b2ba4b896c0844d9960093211558e512d0a53ad790716797ddb3522106776165d8e73c51ef321a9d4ac3a1d5bf01db5e045781fda1a4ddafa96581aad251926170f12d3ad87d0342b9b092fc2754e3ac30911280b84285740c0503fb6f59cdbdc34d0d7c4ef46953f7bc203fdfb6e285a108e03995d31cc7da4aeea31d9bab5d5cb896dac0fd7ca2abd3033943ed5423def9d4a12fab54489385de56e0b91a8f02e381f48cc0c117fb6f3c56a11bc99980a82d3d4c99f30a52bd16b38902d29fb84125b20e0052eba9b88354edfda3d8ff6407bcd4efe01d38ce1f336c061d8bff072fd6220c1468850db2065dfdf33bf036c9d33ad9d18f34a74e48dc9e2356ddaeb2bbfefbe8c36c8f203a39ff8c0273bf48d28ebe1d820d87721bbf8bbbd5e91fc8c4584ced9cb58773fe19a19dcfb8b48b302c3659020269a9373b4823a0bd5377e8fda1bb4ae3649b73029b6f875dd8a5659514093fbe83e7220ebb8f1e66755e6d334837c1c731077c0330ff59c6b0dd8224bfa0ac0a9000332d6f2e49361cd43d4e31da299f8a6544d3ddd3635c6e378ff960a4ecd9e6c497a9a78f4b781bdf04c092402799cd10a2276895ae723785c26e5a0e1f0de6cf5709c402816646a88cdbc468e1cc8dbc722466595d59fd04f12ba9be2ee47730125906ebb164bfe7d0eba805a53b59a88d2e40659ceae721450fdcfd800cba045d6af5fc8a473e6614c649d6a5b9c982fab9a397f23d62907cff91ab676c9941635d5442c792624f56681d9b49de7aeac67f758783c9bc87a0e4f16e0f5dc6b047ccf9d8494c53cf3befb568a856b052fc1ff93eb199aee7442ae6986cc735ca737f6cd22231a962017dd9edaf4041a4fc8af3de6fc3915ceede9ad0058529620de374a6c8410312bcc44f4cfb7fac75cf3508cd22a0c81a75e21bd1738f11353796764f446489a91ffd0ca35ead7cd2fbec8d43cfec8aac975746164c3cadb8800bf51658fb8fb3c4c6d7be05cb3e16af0dfc59b38a56803e6fe88c432cbb20da1dcfc3a605f0c7c5fe984c5a01e7b073ffad3acaab4961077c4ff0a92b19a0894648df78806cdbae05d0f4e8ff3910b579348f8d32646ba2beb9542962c07d0bfd9c3350436314ae8d428d552ffffe3f50f12d422b9a2f1446582ac417fdbe56dc8cf1768af982b9bcf969e30d0fdd1e35b035d8800636fa15c134ad4f94f92f9a43401c505c5ad64003b9f4ebf77ff472fb6f45d18a7be0cf9b5beb26b26d648836c9b78f8c65a53bcc27959cf9178bbf71445f8cdc334ef31d414f5518e3a10768a97a7628a118279d66b4d81a9447d3060d9d2d09ef4e34063c51d284aee1a77babba353ae7dfdf8f07dd7d3419bbb0fb5eed19c911d8747773b8a5cb71441e2c459fc05e83ce603a021bdd91f004a7e13310144d70c13693852640c67f5a2b8ef8a2e67a5e21a9bc679a664bcbd7f1dbe751a0063f49f803eff2dfbe801a798bb5f5c3eaf14767179b10b71f42a16256e99d5d586440484b6161cc600247464ca29202036b0acc5bfd662dc08adc974219dc6dac3e9286aa8966ad116d3814324a8d06e62afd33ec76ee66d29fb2d332458d7ee0d94a77eb7b269e3d6acd48c5c2f1b820e0d40e6ae53a561188dcda0fba9364073d4aa699cb856c5d30d47587ba80b34c1822f45bb597ffa814f39a462a33195d7ccbfecffa3dfaa29e03a4a5384f469f1b6d2821a57ca3877129d575db6f5b9219c67abf949d06ef41fd3057b39fe02c85d627c162e3651b8ab64cdb5ee657ead475ea41ad913d02d9968af7359799bd6d7dcdd9e2229313b26be77f4ed53d8301b567bff8a4381ecbc7cd1834e2d163db0611b619bb30f66d9e16c34f304c4429512ff36ac7cbe7f9507135fcff8e252e52d8949573498ce3f1f471075ddb631ad74accf5187fce49d11576ba9a49395a34637b8388afbdc6e66ca3bf8cf17288d9a68805d9bee3de9d4f169298f0939f569cf5309b168c7cbbce7607ee9bd745372c393efd3804686559db86458cf6b0ea44008cd895396b7694ab603a96ea462de428f9053cf8d7af46ea627a9f7433cccfb8b4e6256a97010f13fb09c9b28fdaf8840cdc3f00ec0960af2d6afbb1374592a24521861e6af17e74b7307c237b78f36910c80c48cc922ee655d51ef8f2fc03410685bbc15aacac888452a188fb91740a3bc4b731f569e7932984102552e1447f9d75d841da8cb32bf54ebbf33c5f7d856ebf76b23a7bca5c630f9ed012998b321f3869cbfca131a446014d0ee654e66dbad639c8e70f80fd23edd83984b493b2675b644b964bad0cc86aa088735248537e63472fd8407212997367e2b9fff141a8ccf8f18540e428a3efe154d3d7a20e570cfb18d3b2f8710809f1f6e21183299f5cbdc2e0ffa773b7e3f1cb894784dd6739f9f2617fa8ef386720b1e78a0a6b176fd7dcabaae18c77d16b68ceaba83adf53238027efc6c215a33aba968e35ddce62edc7ddc6092b329162290bddef6e27a18ec6f2d08938f56a8c84466fc4b9011070114c56d849297f328bc4f1bc0d7ef12849c4ff51d4c7cae1bce613b32986ef4c386bdaefc2f2751629fbdd90d90c94652a4f0ae476cbe57b31d96420d078c3caf16877472942bafa6345fcdb38d34c4b33527798674befceaa8cb43ec8905df9fc34ce7ecfd26160d9eeec749c569f7a30036353d1ffa9ce8b8e9508520ebf59a4cdef13b152d5c78133e9f35c0974a4e251f676e12832150fa7ac6c3771a099df1ad833ffcee36d1cde2cde88321f1b07940666621e012d5bfffcc3185606e7b0e8de13586c29e9b99b8e121034d643b669eab174156864facf6b90e8d5f5ef904be655deb0a17a7fe1c2b764daf677462d37918f70cf8823034fde7c36cceaea3d878be9738c54c2a23a98cdce4e0947c083413ab3b8f3664884aa70e3a45bcf4ad4134cee918d7197ee97cff5b5e02831cc7a1d2dfe365d7f8e7fe60a82b2c01bbd7fabb73808e6aacccd31a8751c8793876dacfe51b3ed6f593dd1ce8f1d95e00f002cc9fd78ba4bf0be7a9d478fff662c619853e286c3cb235c02123ee154bcc68f4920ab9d0adafc1a770185618410984b76c0e1b5ea1acf2c02946330918383aaccf26540fb649e1a271dbb7970de9bc567ed971ce1c161ef35d3966ab14331133eccce89a0ae4850417b9d36c0015af0bcdbc40ca3a98ccfbadd2dd", 0x1000, 0x40000002, 0x3, {0x0, r7}}, 0x8) openat(r4, &(0x7f0000000000)='./file1/file0\x00', 0x141e40, 0x182) syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) 00:09:54 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x7211, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x80, 0x0) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') futimesat(0xffffffffffffffff, &(0x7f00000000c0)='./file0/../file0\x00', &(0x7f0000000140)={{}, {0x77359400}}) open$dir(&(0x7f0000000080)='./file0/../file0\x00', 0x8000, 0x0) [ 1424.989983] FAULT_INJECTION: forcing a failure. [ 1424.989983] name failslab, interval 1, probability 0, space 0, times 0 [ 1424.992858] CPU: 0 PID: 16020 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1424.994561] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1424.996592] Call Trace: [ 1424.997238] dump_stack+0x107/0x167 [ 1424.998140] should_fail.cold+0x5/0xa [ 1424.999074] ? create_object.isra.0+0x3a/0xa20 [ 1425.000192] should_failslab+0x5/0x20 [ 1425.001125] kmem_cache_alloc+0x5b/0x310 [ 1425.002130] create_object.isra.0+0x3a/0xa20 [ 1425.003202] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1425.004443] kmem_cache_alloc_trace+0x151/0x320 [ 1425.005584] io_uring_setup+0x40b/0x2980 [ 1425.006596] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1425.007772] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1425.009007] ? wait_for_completion_io+0x270/0x270 [ 1425.010212] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1425.011489] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1425.012746] do_syscall_64+0x33/0x40 [ 1425.013656] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1425.014909] RIP: 0033:0x7f347623eb19 [ 1425.015815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1425.020313] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1425.022175] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1425.023915] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1425.025653] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1425.027399] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1425.029136] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:09:54 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x40000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:09:54 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) ioctl$AUTOFS_IOC_EXPIRE(0xffffffffffffffff, 0x810c9365, &(0x7f0000000100)={{0x793, 0x8}, 0x100, './file0\x00'}) 00:09:54 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:09:54 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0xffffffffffffffff, r0, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') [ 1425.139323] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. 00:09:54 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x4, 0x146) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:09:54 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x1000000000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:09:54 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r5, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r8, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) sendmsg$NL80211_CMD_SET_CQM(r3, &(0x7f0000001240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x307d021470573941}, 0xc, &(0x7f0000001200)={&(0x7f0000001140)={0xb8, r7, 0x2, 0x70bd26, 0x25dfdbfd, {{}, {@val={0x8}, @val={0xc, 0x99, {0xffff, 0x4f}}}}, [@NL80211_ATTR_CQM={0xc, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x7f}]}, @NL80211_ATTR_CQM={0x34, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x3d}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x8}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x3d5}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x2c2}, @NL80211_ATTR_CQM_RSSI_THOLD={0x10, 0x1, [0x1f, 0xff, 0xd7]}]}, @NL80211_ATTR_CQM={0x1c, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x7}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x10000}, @NL80211_ATTR_CQM_TXE_RATE={0x8}]}, @NL80211_ATTR_CQM={0xc, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x1}]}, @NL80211_ATTR_CQM={0x1c, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x1af}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x75}, @NL80211_ATTR_CQM_TXE_RATE={0x8, 0x5, 0x5b}]}, @NL80211_ATTR_CQM={0xc, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x47aa}]}]}, 0xb8}, 0x1, 0x0, 0x0, 0x14}, 0x20000044) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="75d5e3e70aefc9f67383240000211800210c28bd700000000000020000000800", @ANYRES32=0xee01, @ANYBLOB], 0x24}}, 0x0) ioctl$MON_IOCX_GET(r2, 0x40189206, &(0x7f0000001100)={&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000100)=""/4094, 0xfffffffffffffff8}) 00:09:54 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 8) [ 1425.180553] FAULT_INJECTION: forcing a failure. [ 1425.180553] name failslab, interval 1, probability 0, space 0, times 0 [ 1425.181928] CPU: 1 PID: 16044 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1425.182732] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1425.183699] Call Trace: [ 1425.184012] dump_stack+0x107/0x167 [ 1425.184439] should_fail.cold+0x5/0xa [ 1425.184880] ? create_object.isra.0+0x3a/0xa20 [ 1425.185417] should_failslab+0x5/0x20 [ 1425.185874] kmem_cache_alloc+0x5b/0x310 [ 1425.186358] create_object.isra.0+0x3a/0xa20 [ 1425.186877] kmemleak_alloc_percpu+0xa0/0x100 [ 1425.187405] pcpu_alloc+0x4e2/0x1240 [ 1425.187844] ? io_tctx_exit_cb+0xf0/0xf0 [ 1425.188321] percpu_ref_init+0x31/0x3d0 [ 1425.188791] io_uring_setup+0x47a/0x2980 [ 1425.189276] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1425.189857] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1425.190454] ? wait_for_completion_io+0x270/0x270 [ 1425.191031] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1425.191642] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1425.192248] do_syscall_64+0x33/0x40 [ 1425.192681] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1425.193285] RIP: 0033:0x7f347623eb19 [ 1425.193719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1425.195891] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1425.196783] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1425.197620] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1425.198466] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1425.199298] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1425.200137] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:09:54 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCADD6RD(0xffffffffffffffff, 0x89f9, &(0x7f0000001200)={'ip6_vti0\x00', &(0x7f0000001180)={'syztnl1\x00', 0x0, 0x2f, 0x3, 0x4, 0x800, 0x9, @mcast1, @dev={0xfe, 0x80, '\x00', 0x15}, 0x8, 0x1, 0x6, 0x800}}) r2 = socket$inet(0x2, 0x3, 0xff) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) dup(r0) sendmsg$inet(r2, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000000)="b683ae40f3fdac402b01fa055e4299bd37dddcc878d124b8", 0x18}], 0x1, &(0x7f0000000200)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r4, @broadcast}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev, @multicast1}}}], 0x40}, 0x0) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000001940)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x400, @remote, 0x8001}, 0x1c, &(0x7f0000000080)=[{&(0x7f0000000100)="32525434629d420a00d8bee67f0d56641af97a4ce338d179c4bc28e4f37948c209eaa47720be76f1236c12945751ebcf12c0d9564185d951546db1a874f8f779b503566eb98e23f3a1dc3b1a476b5e14192907c2d82f1e0dae014ad9ead1e52961f247c8a61d392db30436aed6a560f7799ee07d01efbefb6a3df25fe1a55ec047fdc9421cba393be47c20aaa497063220ba58f2e5aef0ce08c133fd431e61c7b68ac432b18a3cb0acfd74a95fa764dbf79a23b73332e81c9a690e478bcc9ef1e5b48023185b1f81", 0xc8}, {&(0x7f0000000040)="5e0f373c57c6e2578135735b723216c5579343241cba997cc02b3cba20e490962786c01e81ff9b01303e6d9f21d55ac922704057834ad70970746ddb276a47", 0x3f}], 0x2, &(0x7f0000000200)=[@pktinfo={{0x24, 0x29, 0x32, {@ipv4={'\x00', '\xff\xff', @loopback}}}}, @rthdr={{0x38, 0x29, 0x39, {0x29, 0x4, 0x1, 0x4, 0x0, [@remote, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x15}}]}}}, @flowinfo={{0x14, 0x29, 0xb, 0x8}}, @dstopts_2292={{0x20, 0x29, 0x4, {0x4, 0x0, '\x00', [@enc_lim={0x4, 0x1, 0x5}, @enc_lim={0x4, 0x1, 0x20}]}}}, @hopopts={{0x120, 0x29, 0x36, {0x3c, 0x20, '\x00', [@calipso={0x7, 0x28, {0x1, 0x8, 0x4, 0xfff8, [0x2a96cd06, 0x3ff, 0x0, 0x4]}}, @jumbo={0xc2, 0x4, 0x8}, @ra, @generic={0x4, 0x9a, "0aae7948f334d0995e68e8922d3cade8ba56dcbc9c3d3bc0fb00651ba4506b18afa5e58e18d7786bd125efb2b6e70bb7bb5c107ee327b17c7d029a5e1f13f59a033ef802cdcaeeeaba00bb658e251ad9ecafbd3f98f8608de4a8be67f89eb29044a2f9699cb43ea8345255e8ec902ae85c5aa957ec3a6c1788d17a43645adbdbd276fe14736fe168af5c934aff190352fc3334f6ea0688a36a25"}, @enc_lim={0x4, 0x1, 0xce}, @hao={0xc9, 0x10, @dev={0xfe, 0x80, '\x00', 0x30}}, @padn={0x1, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @hao={0xc9, 0x10, @remote}]}}}, @rthdr={{0x28, 0x29, 0x39, {0x67, 0x2, 0x2, 0x9, 0x0, [@dev={0xfe, 0x80, '\x00', 0xf}]}}}, @hoplimit={{0x14, 0x29, 0x34, 0x5}}, @flowinfo={{0x14, 0x29, 0xb, 0xb64}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x14a}}], 0x228}}, {{&(0x7f0000000440)={0xa, 0x4e20, 0x204000, @private0={0xfc, 0x0, '\x00', 0x1}, 0x20}, 0x1c, &(0x7f0000000c00)=[{&(0x7f0000000480)="7a0261beff64c2fc3e3d2482011848b6344e282ea11b242f4e1705bc7c01bb35ff8517d9648bbee7172691e029c70eeb191236e9d299934e854e11311c685096650da779577bbbd6879221dbc3e25ce85612543c7adc7fee749281c032db1fe6170088dc7dc601cbf5a3ac457075f1bdd0641a8152a567115d9d4f992e4c8310485e1a447743c0fa82f8e326c260f7e47df436f1f7b730b2ce", 0x99}, {&(0x7f0000000540)="b4592c579a39c558a6670daf5d1ce78e41f1bb3d6bfa1e7b771502434c491d0bd9d2831f8ba5ee9110307d8ebac5679ef32f2a7bfc448f870b5728a7108468a2633788db754d7fcfbe609fb898bb1a3ae060b10e95f3e2e42fde74db79b30f0c9bc2816e03623e2b35adcc053017327a0f4ae8aaef89b2360deffb96faaeadf20fa5c141f24efc82d56f7aa24d5bc4e65d279759cb6b61cb61ec1cb724c77247df02486293f5db124c3ad28264c7aa3066dc8c12724bbab6cea3128401111b842123a8f08260c0ce856d104f87d2fa69526018cdced25665991a033c8cf1a4116114c55dd5800a00106b7c", 0xeb}, {&(0x7f0000000640)="c33e4ce5348ec703ba2bc35b6b727600fb7e85e174ed7e80332ef4c5811e9c88f25b51427e473187e883973f5f6d", 0x2e}, {&(0x7f0000000680)="a6f53a8f6ecdb09c17e513ca40eb809c72f4c663ae08e70097e8fc6aeaa54296e1e157890656cfbb8d9c7ec6090fbfe1fbec63508c2d7180b4c5a967285c02e1525ca10b7ff056491356dc033839660ce2f4ba1de8eff550994ff944212c778717ce80d6b8cb9b6d9f1648ee9d883f53e5f4f09e9f9dcbabb6dd56fabf9f79bfd6e3f64d7adb9aa9b643a59e92a5dac08106c97f42d6f94795121bb39fc9cbf5d5635c760614d40aba1a91a050c125941d9c6adadc3fab8f62eaa99d5f668c8f766b0e95", 0xc4}, {&(0x7f0000000780)="acbbf157021a631ed1ced96f00df6f0c6adc99a3ba022e8d60dfa79c7c9a9b6e7d12a77f32f20498dcbe61e1cacaffd3bdad0b73b3f6b11d48243670299647b9636649990b5511e987351be7f760d3e831efbd4c2427de3b1acbbf77d6ab0d222c78dba8f6ede389695842d83c07fb8cc0b245cc3094fbafab955419bbebc6f3ca271bd358c4444390234318de77790fd2c028591f50825671e5b578d9a88ede8661c9cc87fee693157b46f9fbd2fd5b2279f63eeffe22f0e1b71c7ccb13ec1c9b6a177d0f937bbab39f369405e36dbd7ed995b7811746b5e65b43883783a415247d43de20e3", 0xe6}, {&(0x7f0000000880)="041f4b066590c60a18aa16279aff6e18a4c35eaccc2b3c2e65d1644ceaba2a73ed9e03686082b3b10ea80e0f26e2d565b1d022d293d44b1eb6176b261ec9d8bec6bc33afefe6", 0x46}, {&(0x7f0000000900)="b5b9033404201dfde209d24d2abfa2421b1bc33ac8ac879b844e3df8699e1ffd814dd69746b6fbe949e145cde1dde9425a3a2ca156a17a66b0f4069eafc74eefd4461a6dedde07ee3ab6c5ba", 0x4c}, {&(0x7f0000000980)="b577c7ebcd1ced0afcd8d360ec73af7662667b41950609e9865dd287ac271627b7d4f2990bd11ec965ac1827e18f8f766e5d33b72d417c74f6d3d00052a1b8e9bff7bc48febe03eccd1b6d09f8846dd060137ea56b955c0c10404213f53ab6d0d5b598f0bb7d5298db1660712779f5ae737687ff4c5b3f131485f504d201fd65216098b4b0d952540c9461fe4998d6f20bbbcc23ec63790156e3ec7d43fa2c6af4b346a1b500a2566c7b5064a98c1ce030d1ca0befeabfae212333", 0xbb}, {&(0x7f0000000a40)="f01040dd560ac55a983db968bce611f8ba218cecb87a29c75823f3a91a6690de16591055836839b51884d4594ac0b5d94bba82e5153c5b2fb78121032c8fa10d2cdaf56f06391f05c99d68cf0480c48e45ddc6292abd9deb6512416d016aa8a5d715c0fb71d0537e8e3e046e55335a955905e404f91a7846ebe989dc82c33404bc07521754219ab6aad5b7cf0fd7fbdf626b2e8c285044ad6a9941e6d659cfeb4f94ec346b42eaae26804f281fb98d040c76f92ed4e97211ee384d54f009ff06ff5677", 0xc3}, {&(0x7f0000000b40)="e6e070ba590d81c8022d24765c604f96d6a0ba0a71895f74eb6633400988ca5f9ea6171838eae9cfeb017905ffac355de76ae7fe9af4b3d408beb199230ef2aec2eb30c3cd6d2999ca8ace08ba5604f00934723d00181489114d261ff3f038a334543a45c1f6127ae8449024011e64aa4a0e1aca55f72bdd9400f801d1ee0c340534ee7e3e54", 0x86}], 0xa, &(0x7f0000000cc0)=[@pktinfo={{0x24, 0x29, 0x32, {@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}, @hoplimit={{0x14}}, @rthdrdstopts={{0x28, 0x29, 0x37, {0x0, 0x1, '\x00', [@padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @ra={0x5, 0x2, 0xff14}, @pad1]}}}, @rthdr={{0x18, 0x29, 0x39, {0xc, 0x0, 0x2, 0x9}}}, @pktinfo={{0x24, 0x29, 0x32, {@ipv4={'\x00', '\xff\xff', @private=0xa010101}}}}, @hopopts_2292={{0xc8, 0x29, 0x36, {0x1, 0x15, '\x00', [@padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @ra={0x5, 0x2, 0xff28}, @calipso={0x7, 0x40, {0x1, 0xe, 0x4, 0x3, [0x10001, 0x20, 0x8, 0x0, 0x1, 0xffff, 0x8]}}, @generic={0x0, 0x58, "369453872e35f5fbb327597afede09a1d14fba989df0da3a03c314fb65da4dfd6c2410ab0e3f0901fe4549c372fc9ac8f0ef68530ab4c95c887fd161175e21e73f32dabf142406ae559129ad73557514ae85d747bf19abec"}]}}}, @rthdrdstopts={{0x188, 0x29, 0x37, {0x3c, 0x2d, '\x00', [@generic={0x35, 0xa1, "718e76de65087356e6b93794d67ddc303b58b34a65a6bc73b15c162dde6c65aab1f63ad8eaa0d5291b750abe308d4ed0d2a569fd5ff20181755b8cca289be355c60d842ea0d6481be1d252c8d816276714ed5a59a40861410eb215e1d244f9d4737fef68a39522ac6d38c87fd7329c1b33560a603ba910c844064026a67b65306729b0d65596cf8608cc92e271380c369e0109b2cc26456f9769edfcbf73ce6ffb"}, @generic={0x7f, 0xca, "18e41b7c035078348ce31618cb7d8f810f02c8725017040465e14d54e4640f32f42079bc5852ca8c7429bf3e4c4fb8eae0558466f90830d602c4552849bba51fb2cb1ec78e7c127d5f56ee1aae310da5a78493ebff7bf87964921b4a0537c64abce74f88b07dcb0a5900ad6ec3c95bd6c26b06137ef545c46a0171849aadab54916a67242e5bbc2cdf7f680ea2f48ec5c019d9fae245fbb03a69f561c3ef8ea961c0b8a6d93707e1837d611866f88d1b0f92eba09699096699de892b00432e73385e53d3dc8a7e6d5336"}]}}}], 0x2f8}}, {{&(0x7f0000000fc0)={0xa, 0x4e22, 0x2, @mcast1, 0x6}, 0x1c, &(0x7f0000001080)=[{&(0x7f0000001000)="5ae8f815e313889cac2a017168b9cbdb0ba00a4879cc6961344de40a3ae78dd61fb426e5e3b6be05e2a5f9e98a3ec0130b7bc85a260044162f0fda63b6466f3ca1dd1c57b593d79df45ebc088f5c3bfa5775e14a82609df62f40a2ad64f8073fbae30c8bd99c88cf5bfbea7cd0e9db14ae7e4620087af1", 0x77}], 0x1, &(0x7f0000001240)=[@dontfrag={{0x14, 0x29, 0x3e, 0x8}}, @pktinfo={{0x24, 0x29, 0x32, {@mcast2}}}, @pktinfo={{0x24, 0x29, 0x32, {@private1, r1}}}], 0x68}}, {{&(0x7f00000012c0)={0xa, 0x4e20, 0x8, @remote}, 0x1c, &(0x7f00000013c0)=[{&(0x7f0000001300)="2618edfc6ea864aefa5863a626a977c8a656c2073feb3d18e48e7c0aa552d820a3a7bd8695e21c424dbedf43aef38a2d42115cee1d6c908118e8846950c256851244cde503ff2eb17b8612ffcc18491db33b9a01bf2f2a8197993d07d49e19f3bb63c8deff4854d76e04ff46b414b6e3a469e33b26cd7a3de79cff63f164603dec8f00b5652384ee8f16b60f673c7a895e0478749b79074e75605a2f69900edc1ff38f5b2c03977fdb3801066236", 0xae}], 0x1, &(0x7f0000001400)=[@hoplimit={{0x14, 0x29, 0x34, 0x7f}}, @dstopts_2292={{0x70, 0x29, 0x4, {0x32, 0xa, '\x00', [@pad1, @hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}}, @padn={0x1, 0x1, [0x0]}, @enc_lim={0x4, 0x1, 0x20}, @ra={0x5, 0x2, 0x3}, @generic={0x3, 0x30, "0c66a20e7a428c1c3d61a2492cf8d0e729ec466145ce0355bd74151855e96baa6e4a9e7e54b9617bc300044b313df255"}]}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0xfffffff8}}], 0xa0}}, {{&(0x7f00000014c0)={0xa, 0x4e24, 0x0, @dev={0xfe, 0x80, '\x00', 0x3e}, 0x3}, 0x1c, &(0x7f00000017c0)=[{&(0x7f0000001500)="7edb322661477bf0d8f4fc95fbdc37fabe76d9fbe452e59e9da761c0f9d2a405b8251395324517e1721232a8f2fcae0d3bf884a797dd5336e3787daa01d20580dd65ab8d02db9d3b13d1bf7300a5dd939baec4c0473af69331070da2e5964070483010c72b9f866a6227f75a47df8c2219c02857f051e12f91cee322eef10e3db45a977abd0bc96961768f019b02fd6456ac80c634d9fb416f0a2e6073d9c292263ddf6fcab97eafffc6e278b41a61726f0288d6e54c5c54669b3263abd87d13226ebaca2eec574ced676158ba71f112e9298d19cad27d5e9becc4361c701e30", 0xe0}, {&(0x7f0000001600)="8b533974ff8a91d0f092992d3c277bf9ceb9320bf4b457c4eb9eae0192387f5b84c1ec39b1", 0x25}, {&(0x7f0000001640)="62da242fd4d649280e17fafdb8734b114ed00770eb1d86e836620a14ebdb4bcd79adf6404c6967206cf8d96bc1593ab8886afa3b9a4a53dc1223a182a60f041c24688868e79d20b2696c458990c54013d0cfefc349231dc6ad44b18ab8eab7195270cb9a3f9efaab97d92a6b9eb380db33f5499ebc4d9b57c194f7268049858a46ebcd", 0x83}, {&(0x7f0000001700)="8bc99b7a03c0de20451af9e4d728cade94931dc698cb5fa1adf6be61283fe61714ccf626da21bb2a8925e7f128b6db7abe77e93114b6ec6342ba25f2060481aaa14af3cc344e8e813dbc5d0260e209c03c6f9f6fea51eab5e58a8e5890a2d52b3e043b23b0f79782a9841bf6c549367821903488196bb9402d4ff4f705500f0d7a0c77c1238e82dd79356a8bc76b9119a5", 0x91}], 0x4, &(0x7f0000001800)=[@hopopts_2292={{0x48, 0x29, 0x36, {0x3b, 0x5, '\x00', [@calipso={0x7, 0x28, {0x3, 0x8, 0x40, 0x0, [0x40, 0xfa, 0x1, 0x8001]}}]}}}, @dontfrag={{0x14, 0x29, 0x3e, 0x8}}, @hoplimit={{0x14}}, @pktinfo={{0x24, 0x29, 0x32, {@ipv4={'\x00', '\xff\xff', @local}, r4}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x1f}}, @hopopts={{0x58, 0x29, 0x36, {0x5e, 0x7, '\x00', [@pad1, @ra={0x5, 0x2, 0x7b6}, @enc_lim={0x4, 0x1, 0xc2}, @calipso={0x7, 0x18, {0x1, 0x4, 0x80, 0x3, [0x3, 0x3ff]}}, @calipso={0x7, 0x18, {0xc3265fb1704340ab, 0x4, 0x6, 0x4, [0x6, 0x4]}}]}}}], 0x110}}], 0x5, 0x20000000) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) [ 1425.233728] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1425.252397] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1425.280858] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1425.293109] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1425.447461] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1425.448128] print_req_error: 54 callbacks suppressed [ 1425.448139] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1425.450048] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1425.451285] buffer_io_error: 22 callbacks suppressed [ 1425.451292] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1425.459290] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1425.459914] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1425.461159] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1425.462388] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1425.466241] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1425.466866] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1425.468107] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1425.469338] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1425.470365] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1425.470988] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1425.472235] blk_update_request: I/O error, dev loop4, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1425.473454] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1425.474491] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1425.475112] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1425.476362] blk_update_request: I/O error, dev loop4, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1425.477589] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1425.478628] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1425.480284] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1425.480922] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1425.481822] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1425.482879] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1425.487221] Buffer I/O error on dev loop4, logical block 2096903, async page read [ 1425.606478] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1425.607247] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1425.611101] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1425.611779] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1425.615445] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1425.616156] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1425.621390] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1425.622112] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1425.623167] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1425.624141] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1425.639452] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1425.640179] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1425.641160] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1425.642161] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1425.643145] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1425.644122] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1425.645101] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1425.646099] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 00:10:09 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x200000000000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:10:09 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x4, 0x40) socket$netlink(0x10, 0x3, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r3, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="240000001800210c00000000000000000200f7ff070008000400000008000500", @ANYRES32, @ANYRES32=r1], 0x24}}, 0x0) ioctl$MON_IOCX_GET(0xffffffffffffffff, 0x40189206, &(0x7f0000000040)={&(0x7f0000000000), &(0x7f0000000100)=""/154, 0x9a}) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) fcntl$setstatus(r0, 0x4, 0x40000) 00:10:09 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:10:09 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 9) 00:10:09 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000000040), 0x0, 0x109000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r3, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000005, 0x1010, r1, 0xfffff000) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:10:09 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:10:09 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040), 0x42040, 0x0) ioctl$MON_IOCG_STATS(r0, 0x80089203, &(0x7f0000000100)) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r1, 0xc0189373, &(0x7f0000000080)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="02070800000000000000882bc4cd71ee"]) openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:10:09 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x6, 0x7f, 0x40, 0x10, 0x0, 0x0, 0x2200, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x1, @perf_bp={&(0x7f00000001c0), 0x2}, 0x80, 0x6, 0x5, 0x0, 0xa7, 0xfff, 0x0, 0x0, 0x7, 0x0, 0x100}, 0x0, 0xc, r0, 0x1) mkdirat(r1, &(0x7f00000000c0)='./file0\x00', 0x36) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000180)=ANY=[@ANYBLOB="0100000001016f0200000018000000", @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file0\x00']) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) unlinkat(r4, &(0x7f0000000280)='./file0\x00', 0x0) symlinkat(&(0x7f0000000080)='./file0/../file0\x00', r2, &(0x7f0000000140)='./file0/../file0\x00') rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') [ 1439.429237] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1439.433087] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. 00:10:09 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000000), 0x2, 0x501140) ioctl$HIDIOCINITREPORT(r1, 0x4805, 0x0) mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1000000, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) [ 1439.462813] FAULT_INJECTION: forcing a failure. [ 1439.462813] name failslab, interval 1, probability 0, space 0, times 0 [ 1439.464377] CPU: 0 PID: 16174 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1439.465281] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1439.466382] Call Trace: [ 1439.466740] dump_stack+0x107/0x167 [ 1439.467221] should_fail.cold+0x5/0xa [ 1439.467722] ? create_object.isra.0+0x3a/0xa20 [ 1439.468328] should_failslab+0x5/0x20 [ 1439.468825] kmem_cache_alloc+0x5b/0x310 [ 1439.469373] create_object.isra.0+0x3a/0xa20 [ 1439.469965] kmemleak_alloc_percpu+0xa0/0x100 [ 1439.470546] pcpu_alloc+0x4e2/0x1240 [ 1439.471025] ? io_tctx_exit_cb+0xf0/0xf0 [ 1439.471562] percpu_ref_init+0x31/0x3d0 [ 1439.472078] io_uring_setup+0x47a/0x2980 [ 1439.472617] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1439.473259] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1439.473901] ? wait_for_completion_io+0x270/0x270 [ 1439.474565] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1439.475234] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1439.475925] do_syscall_64+0x33/0x40 [ 1439.476400] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1439.477061] RIP: 0033:0x7f347623eb19 [ 1439.477543] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1439.479933] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1439.480900] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1439.481848] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1439.482791] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1439.483698] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1439.484606] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:10:09 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x300000000000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1439.503431] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. [ 1439.513938] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. 00:10:09 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x400000000000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:10:09 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x14, 0x18, 0xc21, 0x0, 0x0, {0x2}}, 0x14}}, 0x0) ioctl$MON_IOCX_MFETCH(r2, 0xc0109207, &(0x7f0000000040)={&(0x7f0000000000)=[0x0, 0x0, 0x0], 0x3, 0x94}) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:10:09 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x84000, 0x0) ioctl$MON_IOCX_MFETCH(r1, 0xc0109207, &(0x7f0000000100)={&(0x7f0000000080)=[0x0], 0x1, 0x3}) ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000280)={0x0, 0x0, 0x3, 0x0, '\x00', [{0x3, 0x7, 0x0, 0x1000000000000000, 0x4, 0x4c00}, {0x271b, 0x6c, 0x3, 0x80000001, 0x8000, 0x1}], ['\x00', '\x00', '\x00']}) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x10200, 0x222) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:10:09 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:10:09 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x4108c0, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000200), 0x8800, 0x0) ioctl$MON_IOCX_GETX(r1, 0x4018920a, &(0x7f0000000080)={&(0x7f0000000040), &(0x7f0000000240)=""/234, 0x91e0a075b8dd41a6}) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) [ 1439.836316] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1439.837004] print_req_error: 38 callbacks suppressed [ 1439.837014] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1439.838918] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1439.839562] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1439.840829] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1439.841463] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1439.842703] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1439.843372] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1439.844651] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1439.845314] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1439.846618] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1439.847290] blk_update_request: I/O error, dev sr0, sector 2096901 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1439.848591] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1439.849850] buffer_io_error: 14 callbacks suppressed [ 1439.849857] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1439.851367] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1439.852571] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1439.853469] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1439.854714] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1439.855601] blk_update_request: I/O error, dev loop4, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1439.856806] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1439.857709] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1439.858626] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1439.859605] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1439.860308] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1439.860951] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1439.861845] Buffer I/O error on dev loop4, logical block 2096903, async page read 00:10:23 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x4000000000000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:10:23 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) r1 = signalfd4(r0, &(0x7f0000000100)={[0x5]}, 0x8, 0x800) sendmsg$nl_netfilter(r1, &(0x7f0000001440)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000001400)={&(0x7f0000000180)={0x1250, 0x9, 0x1, 0x101, 0x70bd2c, 0x25dfdbfd, {0x1, 0x0, 0x5}, [@generic="0f8fbb6d583c17faacd040582199f69c1137f151e96ed6a51852bf956777dad351a1c4ba8a7dff16db2a0827666da675e22d8446af5666244c03ac069de419438c4a6b356556a77f58389ba7740f1c4c4782b9c94a492ad05540788e86e9d78f603dd67787f0733174d5a7e7916de32b5c6f63c647c25f90a0629488f4400cb682c4b78d45c22ac90c8fdfd3a0da64bdc8d1fe1d0e7c69c622704833d6f69a7d44e64598e31ae35b5720a89acbd5bf2b691949cbc854cb97be5feb4432faf79defa200ebae94e4a85d4d6fe704b0186b2e86b8b4a10ac04364a6b806e7700486740e74cd3ad6b7e9604dc630163b", @typed={0x11, 0x4a, 0x0, 0x0, @str='/dev/usbmon#\x00'}, @generic="a4d165e8ac5deb3aa5ad765ac22761d374d1737773ee5a7d4302e47d5e819c106ff52af74523fa8bd84a7d4329a7098063f22a820dcef395a092549915281c63915aac94ab8f867034eb4470774a8e8164eee64499a27f7cf9b7edcf57c412b8d43bf6133222fba745afc92d14ccd19aef52f23c2952410ed1ff9b9922f8ad26a2a885022850f03f96c4f8d949b9eda4d72151a692a1ff78e6993887b8b1dfa9feec4a7bcddb30eb26d89210ba8234efd3e5efef07ec9c21e54e8abf3a79e39f97aa9e0f9f0793ea851a92e0e615bb2754390e5cde9738f97f96a6f08baa5b29fef54efff69960a8935750c50a1cab09f761860d2b681b749598ee4c2855c99cc932b30453921935a2e79f0b4c597b80ca809883096c518a9eb9f6a0cee7b6c4d72654d31a26d3d310b4c7f972a227fd471ae985f8eff4ca2dc1b3982bee3d9903f16b4a793880c4bd6450c9b7c8e0d2f9ebaf11c16f1acf654d2c43c8c0399e101f5b3f80b09c2c4d39100e694d6124f0c68ce08109c814f9044530a4eea0223bb40d7cb929691d38da270206c86e905427ee35598e743d4343ca95be63fc79ee4257b6fc392157b18141ac97d5fd272cb8b694c5f8ac852c9e6618fa9112952caa5c77df7b1e11f78c361b2d1ea53f0ffb71e6d1ff98344c19a38620f2cc3dec0cc6531e086044895e6946cbef6724fafc135c7b60608318db8b26bca599f0ef3dfa6a280ec373943d32b921e78033b613fd7c581e2ad7948e2bd20643f76a23cb6b4618ee14afd80ea1fa51e653e44b8fdbf5dddb6a3879c9baae6a77289c0bbce7235bb0d85518f4f2cad445a0f41b7efed5a9363dfbd55479087b633f84a45fd35b6eacaabf7cdba8ef6a2994ae6f8497cf2eda2ddf2e32b76e90065ed0191abdd2037b95a15e76486ed7ad6f041565361b4bacbe09b08d743d2b232cffeb00bb9ac4dfffa92888b342e04ce56068d587f0597bb61a0e9e519871a98dd26223cbe8b7c09ff135f5cb7be5cb2c01e81fe686c92189ef1192255814db4548e894fd9a36c23f2ff945f3ed3f0e96a45e3eb259f51e8146dec1e621f7aa9966104577e038ac4c865baaec45a8f1946dd5df2c0256c52fa8c21efd6d33048718de54229c84ec09aff2276e11e8c16a4ba4312749dd50e793457ffe2ca5ad1051da9a8ed18f3e83fd90c98ec5ca158120fd92ca128b77256eed06401a209de26a26ce835268c26cdfe2755fc661f7e30a043de2ddc7bf364878737c76d621ee6bd4c457b1f502ad3e94f62b2a10b703a6ea029fb6c1f846c263120f735d154773f580b0af53cb717c6e00572c050bf625ea9a127c0adeae65f655cb7b031aebf580c31407a1f5a803541fadbae6d2cd7e98ee044cf17fd498f67a25706a86ee67b5f69b9faf323fc2ca38942c21826b996fd7c95729abff8272c3dbb2513b8785e6b6f5ae93167532c8206d7df6f5d1c61ec6d93dd8e4317825c2c3e6d7bb87c11731560c7d74d72734f93a2b8bd84496144f3af39c1c2156c996ad8f04b4fe57576b8546513e9570f1afc5ca1c0dd10b4dedf60a31f0c29bd81bef4a6a6405705ef8fcf2204eebb9ac1fc06202a0d1987d234bdb709299016e0e486609596206d56f84facbdc6e0f57196dce5d29063afbb0ba358c603a27074fa495a239530f62d225fb669a4d5fb655dce3b9fd0962f2f35659e691c747d0e809d38f45909b84bef68029b49d2b419e4436a497c85b79179343e2cfd4d7350c8d3dc144a2e79956c008c88620330f3ee9fd1ed98a03cdec11e64c6e3bef503e75bf504d82569a2b718e362854280a2505bcff369bef5b6da74e2a4a3184d119b9df2784c733e9e9af90fd78d6666df13da9b103bc6fe0fdb81f2e0764e8b95a524f06d1212d2b12ea71b5db4c1a9cbd83ed9d9b585d9509c47a64d3847432d8d1bd74b573e251c5ce2fb67d761d46c561983cffd1db4f8bfa53b850f6aed8aa8df36689b9afed9fc0cfc779428c28dc20302774a40637fdb9624bb36fb48e5546137b6e7ae0d48a814a73105ecbf096146fab235951a12ce5b1738c093a65f76ffc819b6830317545be1b5271a9bd30ae6bca724f94d8679cbe4060fc169ebe151b5793029d1fd0c989458f0e69cd61369df5c4ea8dea380c82000f4983451eb14612654d7f847d9c65b2beeba9f0a86a7acb46736df1aca87b6ce58e4b7dd6a108d7ea2c1cb370754943d24d85a37ed49fb1f4036021ee36a110d211cce19362a82f9f6b72657c9d68516dca2e204e8773d2716a9004f569131db45dbedd786fd52825213f148ab75891d9054c94a055c7b2457b92a92a02a614e8f69ce00aab3953c3c1e80da69778c78f772ba713d518ccab20cdff28935dece8d00c22d66c24e526cbfb71bd430aa0e1246163542062204d7ac8cecb94b33a36ac37e7e0e17fd3b194b84a9d1f06ff5e45b55a2559719d5234e5547c50b650b554dfb70596b7c42c7824045c62679aaf6f53300c8c72445ecdfd4dda0555e980b716b871f7d8d749d44d600f34731c4e6e00d922016b441cc83f73dad782f67906bc91f97bfac05be1f82ce72cd12f0a10cfe9c20c469f9f45a53347b3571918a9839130bb95e354dc9cb6e2f6ff283106200bcb918081b9a3395f7763ead78d5d1a6d960ed7c154c704bc75839f3c71dd68e4e3346f0bc4157cadbbd8e2a2c25ed7664d7f7c4c7a79657b58ba001feb4f638d1db35d3c1033a2e5c5c5c67f2c783186f963dbe9edd94bdfe999483838026cc9a6c309bf3d8461053637a7dd2555563934119418932fcb8d9cfa4b31b153f2fc48791d7fa48ce44344f0d757f50c1e5fe719c0fb57022185154b173093417cbcd735be2b6832b021bdbfae1a0a63fea9761f08e1be3fa187cf257966474ba7adcce0a3fc309b757945c0a7ff2588d4f7481f8206ad4df9b4b898f3d56823c3ec4064456c0ff0ba60c8a66d312c21af8efedd64d9a23d6576fcd0f8e7278176e5c8ceb15acee2c6d5c364f60f72b54c3fbd12a4e6cf3827b7fbdd16a8c2374ec2d810d91d35c1b9b064f1f085cabc5a3f85ec0c5937e0c9ec22041cb4f04701553aed307150da9b53b2facbd330b730f7efc6e2fda883991f832d16344a5b98800d6d354d547ddd4048fcb6fd95f6e0e4397beb2ee17d98ecbd8ec881e371eaf68efcc4da9325d8f590430f33274e34fca781cde0418c998adbbcb867ce21b4323500e56c1b24014918723700009f645228fc1be5f764a46d65c85f8f3f6bc752cad93f555c860d6c1c8360af127e32888e4cb35490e9e513984cc00645dbe2fa50babdd53a93a175056fe9a82947dac883f72972e534f417c22f401ca18051bb1a7121c3a6a08b407c52b9789e3e39e7dda1a5fa2e1b42d6093781457d728e6e402856c1ae0eab018e7ed390ae7ec8473ed2d034ff2deda0dd3521fb959aa61d4bcb8cac9fdd1410a07a1d345d73d93111d0d1854dec917d4ab222fcd951c3fb8870479ba0e2e210836d04a49264c92e8fe52f8915583a53c4e83928dafedbc419a886b0435d2b54c59f308adfbad838750b493e53f9a131b09062fa838bdc52af04bede13e4725e4fa13ce5df00a7ad9611ead2456704ebe361aa70036c690a1532bc586a5869daa50da685e595a4fc645ef1d3852714aa6767b41203047b7b02abcc58e0742c2a0470a3b613643bca1311b614d75b18b6c11d9f7deaa604b2fe422391a49656b2d6704a4b809f2ac8db2253e00248275b65f6b801c446eb06c8809dd695a4958897b136a6cd526ad78ec32e040ea8c3649a82533cb3726b08ac833fe025b98db5464a674e1c4528a5fab0a52ee9055410e0996145b6d358a200c32a9f6713c155e240c194b12590800d2d5617d3c799dded9916c7dbe027a13f6803644bce089e45b46d03e5353d60b02502be910d4a4d58e15321d2e1101225a67d9919ee4d542b7c6493b1b382cc1892026761ac03f58c66d586407880b51bcb5e3e5023a74de89a5f4066e351a38501609dd6034526696e8e89f6d08c33f8283885f95e1da4ed769bdb60380122fdcf8c0de47aff07e7bdd871d7c79770caf87dd139d9a53129f91d9f1d4ef82cae19281af64904bb7b360089b647f2f4a11b78af6710b444dec6a6ca80f6ce79537cd42ebf7bb72ed457b87c82b04cbb914b996997b01dc8d3842b7d838d3aef00d5f5241419d050e5876609ce6d0143171c744bce7545d16399120083efbb3543a5bd59bbaae9cb8c63863f074094d1a864ee05257fc9285bc129c545a4286574109d0291386ee6d466af039d8b52892c3dd1a29ca51deac87516b194ac1322e2f72cca85ab6c97064e783ee475af0b3c602da24943bd8663910a68eb09a70f9a4a5573968a766c3521c23a3f41a86b4b0cb1a4fa01570ac69af96e44cf08013f42678c7f9a8fce3550701e663c8ab127bcae9ff157d94ea923a2b7727f752d81b4cbc2383ec48893d369200c86590e5e6a7293735f23a9c821bbe51f5b43575393eefdd77cba1cac93d8aacffb72d1251fd4b5a3eba5bb9e770dcbe1bd7b5fcc476071c5af67dfe5720115238840393123679abb6acca7c130d3e6a9f936dc666afd7693f6d1abc81c9bd6466ff684b6e17c53fd5032817dc30a549171172395d768fcade9e363aaaffddc37b1acd5e9b3f0c2bc1feeb5303bb5cc48c6314d3ad16cbba7f1b6fd842abacc85ed4e13e50d9694de47004ed8c8e22a6475f5bd389377016ae321ab207959e64813abe7789daea0419f28bc21a325a8707ca258914ecb42b1454fb0eb19bbcb4f55e12ea8bcdb817bccefbb4a9ae322d2e909a2432a230f4cf54c66b57eaae230f23590f8e0f21ce5e08bad23f314cf045e29de0fbf074896b8868d1857abb2b6ab8f3c7f8c18e75bf420a792476f39e2d11e6fa1b12db92fa2f38c7876e9e593782e455849199a4a6ae190d803121e641bb4ee525a3e5de4bf2547ddc1b9892e9beed7f8de1a6586483aaf726ee61bcd15e849008b0f3bceb57e06d835408c04dd2ca86e2e4000accbb1b6e8d52c816a72a0adaadfd805dc8c70d33d9745833a4a09486aae1d3b31edc31996962a3ebc402391b9a367523ec8138db25e07ea6af8469e2226999c80330b7d6c4a3f9f8a70791ff716a040d9b086fd22d0a6c333c306cf9662f068e8ce2f172601ca4f786277c425d586612de863f609c2d8c89782f5450271cc6d53097cb0f7c0e696ecd702cfda4e5389a65c4dc1cee62d5311acc975eac064024aeec24c2711c5f081beadce7ee7199782ebc356f80366d6766c82452b4f511f1009f19cb01a2e5b6508a5aff9240c52d80ff3746441241fa5bd291359c5edb1bd0869ee6998a7d9e471f2416be6dcf1e14064e6434a19b6173fe70d68d540b22773701d7de60121497f3df9f0cf9f06af13aa9729eaeb500aababd2d0127a936fa9333104107eee7d702770b36724b13102998b35326d71adb2c5d97235f665a270499051bcb2985b811bdb758b2347866397b62d6a277650374563d3e8d95c60c766b739d79def89651140a0021e97599eccb442e1ce4f3dc6765dd2bc6965a92e363cbeeced3c3d8d402dd97972375075b49c2950a62faa97be7b6d89ee9529cf186e64f38e9ecfb4055ac4b6031647999eae65e2dd154563ed558a5a69946472a60df0dc2539bf7f0fc66f4f5f9d145d6fa71b5bfd5e4e9a999e8fec40f23364bc16677811297dcf9c39d3610d846a43958145154b5d8474ae72ce83ce37e601e8f72eb284fb8735af88bf968e70551a00", @nested={0x84, 0x3a, 0x0, 0x1, [@typed={0x8, 0x2c, 0x0, 0x0, @str='[+]\x00'}, @typed={0x14, 0x2a, 0x0, 0x0, @ipv6=@private1={0xfc, 0x1, '\x00', 0x1}}, @generic="8271c51a207721c69149b776882a8a0ab68bd012371a808c59ec91e9f0e4f043acedb6e9d09ba44e7e5bd73a93ad7beebe3d4f851db8634a6d1f8a9061582f00390fa72dbcbbe99ac6d65734842b63547216f26b5bf221e668ef30a024b7b6910dcac846"]}, @generic="c261d6839bbdb41eece577b1c5b030325577bd27132b11bb967cc868b0d0c8a5bdbcb5c511373cbcb3a7910d666702f1e936506a74ede375e74f80258bfd95cb22d5474487fa376458732c8fbc920b05cc1c31422c5ae71b5123a958e1fa9588fa680a7bdbd710b59e7947b6b004c2c2319d3f27beba505d41fa640508c4bf5bae0e96d2f3c319c02d67bc835aaa9b967f1f7cadb3062abfadec5f53f55613d3657a6ea4659ba53598388b3df507c8b29237b3811b59"]}, 0x1250}, 0x1, 0x0, 0x0, 0x40000}, 0x4000040) 00:10:23 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:10:23 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) r1 = signalfd4(r0, &(0x7f0000000100)={[0x5]}, 0x8, 0x1800) ioctl$FIONCLEX(r1, 0x5450) r2 = socket$nl_generic(0x10, 0x3, 0x10) io_uring_enter(0xffffffffffffffff, 0x4c33, 0x20ba, 0x0, &(0x7f0000000140), 0x8) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010200000000000004000700000008000300", @ANYRES32=r4, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) ioctl(r2, 0x1ff, &(0x7f0000000000)="0a7f8c3cb8780e00d6555beab98366cfa133e384b5f74abab9b2d879eaea926e58a8a6926df8e8ad7df38dffe40831c8b324e809db51a76a14e749b6314c3e1974f34ce5fdb0bd97619172") 00:10:23 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:10:23 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000080)='./file0/../file0\x00') 00:10:23 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r4, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r7, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r10, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) r11 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYRESHEX=r5, @ANYRES64=r11, @ANYRESHEX=r1, @ANYRESDEC=r11, @ANYRES64], 0x40}}, 0x40000) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r1, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:10:23 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 10) [ 1453.807496] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1453.810715] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1453.813371] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1453.830888] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1453.834990] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1453.835911] FAULT_INJECTION: forcing a failure. [ 1453.835911] name failslab, interval 1, probability 0, space 0, times 0 [ 1453.838623] CPU: 0 PID: 16320 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1453.840203] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1453.842087] Call Trace: [ 1453.842690] dump_stack+0x107/0x167 [ 1453.843511] should_fail.cold+0x5/0xa [ 1453.844384] ? percpu_ref_init+0xd8/0x3d0 [ 1453.845329] should_failslab+0x5/0x20 [ 1453.846215] kmem_cache_alloc_trace+0x55/0x320 [ 1453.847280] ? io_tctx_exit_cb+0xf0/0xf0 [ 1453.848217] percpu_ref_init+0xd8/0x3d0 [ 1453.849141] io_uring_setup+0x47a/0x2980 [ 1453.850073] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1453.851193] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1453.852336] ? wait_for_completion_io+0x270/0x270 [ 1453.853462] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1453.854647] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1453.855832] do_syscall_64+0x33/0x40 [ 1453.856676] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1453.857828] RIP: 0033:0x7f347623eb19 [ 1453.858662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1453.862827] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1453.864550] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1453.866156] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1453.867777] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1453.869392] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1453.871010] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 [ 1453.879938] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. 00:10:23 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0xffffffff00000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1453.897747] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. 00:10:23 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$SNAPSHOT_GET_IMAGE_SIZE(r0, 0x541b, 0x0) getdents(0xffffffffffffffff, &(0x7f0000000080)=""/123, 0x7b) write$snapshot(r0, &(0x7f0000000140)="d93c5ef18a081220e87e0a40177f91cf6f46c1fe98e93d316a1669f4e567d9885435e6f75e146b7d85d4d8c8eb2be6d1ea34e5c9d0496cbe700e1a7912bba17a5b18459360edcf584dea028a8322c9c62f99a52a56596c2dcdf21714bd9da5fe104ca926a7b4b98c54d5dee1a6e79aae8b072d0a696f1d09d4df8e3aad83c1dd60d38355891546b133d28326890b5ace86160ea0704e86", 0x97) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') 00:10:23 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000007, 0x11, r0, 0x9fecf000) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) r1 = syz_open_dev$loop(&(0x7f0000000000), 0x40, 0x8082) sendfile(0xffffffffffffffff, r1, &(0x7f0000000040)=0x2, 0x9) 00:10:23 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0x2, 0x100) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x8010, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:10:23 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:10:23 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:10:23 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000000, 0x40010, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:10:23 executing program 6: ioctl$IOC_PR_PREEMPT(0xffffffffffffffff, 0x401870cb, &(0x7f0000000000)={0x80, 0x4, 0x14, 0x2}) r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:10:23 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1454.248323] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1454.248965] print_req_error: 6 callbacks suppressed [ 1454.248976] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1454.250700] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1454.251295] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1454.252465] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1454.253041] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1454.254224] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1454.254799] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1454.255957] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1454.256542] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1454.257728] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1454.258314] blk_update_request: I/O error, dev sr0, sector 2096901 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1454.259532] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1454.260102] blk_update_request: I/O error, dev sr0, sector 2096902 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1454.261298] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1454.262497] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1454.263378] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1454.264561] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1454.265430] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1454.266617] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1454.267475] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1454.268336] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1454.269199] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1454.270035] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1454.270963] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1454.275210] Buffer I/O error on dev loop4, logical block 2096903, async page read [ 1454.300596] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1454.301317] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1454.302280] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1454.302903] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1454.303814] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1454.304524] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1454.305224] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1454.305904] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1454.306606] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1454.307334] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1454.397599] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1454.398399] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1454.399088] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1454.406738] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1454.407464] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1454.408153] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1454.408920] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1454.409685] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 00:10:36 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r3, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) ioctl$EXT4_IOC_MIGRATE(r1, 0x6609) r4 = syz_open_dev$ptys(0xc, 0x3, 0x0) ioctl$BTRFS_IOC_SNAP_CREATE(0xffffffffffffffff, 0x50009401, &(0x7f0000000100)={{r4}, "cf487977d1eb2a37adc9fce8eed10b022110cc36deb7abfb4291a6b67b6d81d5e8d97daacfa554d19e2a70fc3ec96ff5f91bf3cdef7b37d562a5afd45782a7da0e5a9a29f763fb29158bb23974d15cd35d4c0afc4ac425c3942dcc8840698073c815b5d793eec3731c93f2502ef55d507af6458f81512eafbf6adc0329a20be3f26663391ba04dd6bcb9d29097149eee04d5ba03db6a587a48cdd470839e79799fc8304cd6ca378b2153fa2c51b5846fb335d3d4ed05e2dc2bd19544147661c60911d1731d1b33df3ca3217f9d9eed7415396776603711a29cdf681b7d149fa73ed1c038ab5de6c7a4bf4e84a42e96364d95715a775fbd5cea3423a3d78b26d1c49808571db2df4259f8482c7a871162dd8bfe3f890928e6ea545a094f56d3fdeb576036abcb9b21e39212cb4278034cf7be20c232c9ddb829115700b8d0d475c2164c36fa4a635226854e07b5511830d476651504ce73b0c88fd269e979941e05fa8c32bb051483058e92d2910428dc22d6ab88ca560884a0845076aad890f4cf9973f342877ced5dabca30f87fb6de486dd5089fb745826ef54410859fdc51813b893b1e341415b52c8aa3b5ee16236fdc5df301d98877e88070fccc0682f048fa97d735d019534c7def3d33aa2e409347670c3e8312d291541a6e8d43eb4ca6ee8ac7174eafcb3ff2e27a3b0a227fe7a6b747c349c950f2356bb48bb70a91767408887e153c09d475e54e977d0aa741e0862351ee4656a71eac4c53184516452888e0dd14b39cf312b18840066405996d4c2c0fa8a714c09bfa0156c20337e8ce99c2cb6fc72c641b2332f65740f5c0f220d403800dded2ea4f05507372e7794eee36012f05217ac477c03bf57bb52ed1316aea66005714ab450e3f12d911b5a0817b2d1f28a6ae10808e3f1ace8a0fc367636e795cde920d7f21b3a059c439e396cc6b9ae05b0e212eb9e2e173399e8c38d30044f8a94382b5ca0d3662de3925b4f1e2c54ca50adad19ff22957fde78e8918296380d8bd298118e03e8d21a6f78183ac8c59ce8b64e4b1832b31f02260f1653170c9f89814636618b583c24817f28e12fad4eaa3ec61bd690f27bdc74a49f68d61f267db69b9fac5f94314b91253a43f85cd83fac89e49eb418c5a4fad9ee918efb74f7c5b2e2e9de0ada3d75aa5f78af5704cd30e1f9e2fecf851cc5a28102289ccb26087bffabe1d28058dc9493e86e2c367d71b16ca8d61d64f73778d773f2915ef76d4cec6170ff3670c8f08dc358588e4ea26778886425fd1cfd662b3450bd851b70511395e148f90a05cf961add1cc8364e1143572cbd12e3b9ef99b9bdf4aa9eae08a1832760078342abff3d815c7fd37d55446cf361284b5e5ad7e48ea49ed295a517c78821e26975b81cca0a550dd8387597a98961dd68e7cff203af20fc8c3cf746a515f7db32bab9c109a46857f2423b719552ed9f39fa60af4689b71bd6b14e92dc4ec006fb85f217fc7a6b43ee5cba7eda4f339d75b201e922751575fd714372b8cd78e3348da74b637c8bbf7425fd66a38c06094498ea16941534662813fc3aa563a7e6ec6d5e2a7265e93a02746d65777c8c469e514ed9a2ccd386a8584676ae2d2771c78fc586b8cf2c60902275d0fcd7b148cd459bc1785dd9a487fe427cd4a8a79479f68992e230c373d6ddb3808909f0a5083c130fce2bbb09f6db3e665a9e5b34b7d2ad5facaa001c46e62a1c60dae2b2e496594a95ad96ddba97de39358a847c8243660db9e7091f8feaae89196460d2ee9febef045fd84e3ea03a90d1af15b57b925496bba1b4d1de9f289574cc5991b40637e9d5492efc801daeec44fb70d12185397ecb9b5417c973cb3db571be9e8fe42784ae2477e726766e4882b3214e0cedca4cb1e8120e3c3bcc6ba56bec7b0933a3fa62601c0530ba6c5ef1fbb82a8ac3c1db463153eea4fe2fc2dba7df746b90fcb6f0818c66e0ae1409c50bbdc7e7b39b92c1ffa50323223ce53ab6f2dc7c916e5715b434242653156fbef7b1eebe67a50460df6296d579f8357b942dc46a1c879bbb7efbf98c52cd5f625b9a49819ccffb7dfa52388ba847d74c7803427c30ba11423e09077993d29b8d5001538be5241ca2fe2bd570220056ad6b87a169e87eaa6e776c149fe0fe347a626d7ad8be3606cc21180e8c4ff391bd8ec2097f6b2c0e44a04c538fd740abbcd4c3dcd46ff5757b31b90269d5520bdfb613bc2f8c6d2dfd703a26bd7e9b92b5e764181437f0e19ef332502fac1e07c1f4908a25ccefddebd2d49e4b33827171ad472f35c304adaecab80e477c3bf1a1ef8ae214eb7308550d5d2aafe380fc119bbedb0a5da8e9216bc57ab39b2cee58f8992389e9acbe07d775928466a4e5b2a3aa276a23ecc1d39163b85a13b9b8fbb4f10687a88e3919a5358aaad1b4ad99137b1a21b836fa01a4a90e6de9b834dbeea2289ac06672c851810a80d21ee60463f9cac241b762d07e9e9939ef74cf633e98dea917a69c6a7ca2b3c3c2aed4ff550ff197f37b50eb21fb42e24361873e6b0765a6ebce0422773b1ee9cab65e2018c389dc1cbac8b854cc9339b9e3b176af97b8732daa9b13020f739a481e97966422960f959a2704f69fba015c07a4f726ba42b7f016f531674171005a3cefb6e7ba0c1c7a539b7fa0b4b33d63c8f73dcb3f0b257dace9e6ddb7381be65880ed22b0bc774e5a4ea3b92526ae7b21367dc03a3ebf21e2471da952ebf111e3afa18a46960144266ea619e5a1de50d24a51af1ea36b0e2e4f31ef96a462b672abb4b3ef7bda5983d47a7d93da88ca9480457897e6ab2e7f377b9e0b99ac81f37d4089b689ec366338727d64b42ccdb749acf730766c3098cd2714a2c4ec5f5f23b7252d57465e2c176bcd13783dbbf81a791d197a1e2f9f36dfd71b7795bfa2c3d2c8b4890276e73bfe84afb6b721a1f2c6235b3fba863e0d06b16c36271c45710187f3239d974a5d994ed77f95aa9ecc031e059c8e7e4ff89e711b2f9b0f907217649192f0fdf6d3165975cdb0f3ebfa7e78e139674888a84bcbf4448a8e0f85dbf1a8136b2ae3181bafe0211d7df2383700dee038d46c57cedddfd2a54a0dd72dd1e84e66b003714a5ff972881f19a5a442047c62e12212418ab820d550c243f798ce54667fbbcd09e9fdee109ea8248b3f95f4674d51e8e1d7a843be19c6b62bf45392444407a0a34118cf34d9704c75d9bd307398e46b1ff80fe92ad1b379fd472e9a9a49027c6e8accfcd8a6084ae8b82bb4ffc48745cc9157be49e259913de4373b22451990db78e589614df47eb284f15f5978e9af8d8f8f3098c607a656bffe2d7171f91e7ba55aa6259bdbb8bf9a56ac3b3433b4da3bf2ab32447f8e11031fad9009df2b2a89b3fd630c86deed1eca488ebef2295a51685f9877521c0331f2cd56220130fd086f3dfe7e3f862573ba2b3105b6061a1b237a693c05989c59a6de85c2fb714e5e97e13eacff04fdd814a04e8da544e88bc0f9dcb4fec09d6e5e20f6c68ca1c3063de584ae47f01f36a3f3c21359a2aab12209d4692f95474bfc1d42c19c0592070e56beef504476562302c4269b2549f63d09d1187921d6cc7fce84a9f78a84f599ee49fd1c05191bfa89a8b898346bf52f3fb34b41ccfec833f60e83a901b3507be088ee72af19c5dad259a18c953ee702821b54cb3508691edd85bca16c1ce233bbfe501fb4ad97366a6e1a4f10232e6a36f574cf92dddcf19cfa675b9f71eda420573a5ee8ab3a7d2dcd2f30af02460149bd15c069a7a197dcbf65faf0adfa082f813a6a183f5e71ad53842f17f2694e864a43ef310e289747b28b634f44f19ac924f7f808a6a1e6255cc5cb99e2597e32e0df2f06699f6b159e3550cbae5e5981fdb8af7d498e97c5797f6ed86dc74ab873842423f1b74a0f1ea53b65428ae24f87c6915696162c24f1bf195ae371e9a390ccb67e166ea489b2c797e5853378b518fabe2d63eb38e2bfa6cc39154d167f3f0c3113add76060f95485922e59d33fde6b6fdcfc94cc9b43606c8ae95b9439fa5fa49e936d681f2661422fe647a6475b9ba1411eb59982766a17b1542cdb5e8da1ca0cfbcc31c0b36096adaaf02b42dd0dbfb84af991f16181ad1830d9abfe12b0db8cdcd265af72e6c01c27e7cf6297a18482ee98f0e145a91588702d2aa0f598e0c0d83d8bf31f5c92aacd4d0f642225fc9edb64c4d28bf6303d8b379cdd0d9486091bc64f762f2be0e6239656e13f77ae0c1533e7e9d4905eab1d16bde1f94fc4a2af4c4bede78ab06bd0dd054936a31a4997bbe28b14d4ab558076054b7b8d5f3da04cf4a1f7fd2067b97b5318408fc1b4463b0ee307681c8071563d557a17cb4b8bc21c3fa93c488f3f4332ab1d870c504a41db227442f720535063a7a8fdf0a718e8a21f6cdf65fe81e7a253194a941af4c6602c35b1968c261351875fd4bd781d9e841e3c6df4acb6fe0b154ba9b6d328e655da894ba4f292ca3fde8e2ecaae708eff90751a835068acba24ec855fe552a7b4cf40ff8bfef33a69eab762e69cebfd76769df715327aa3e928f1054d9e680e97fa0d5e7cc5c92773f4e8f1b8ca7bcd01cf39d785b22b3f67f4176c8d313388e41ca56fcae32c24e003f6ffd145adbd00a75fcf810ca525364f2c6368040120f9af721692a2c51f634f8d15e418722f0395067823f0471b3f2a43739605df96624177b38712b127ae43f76f862b53b140ad186833badecad82b0e298504ca238785bf1804b64689fba63f31ab0e178440e9d7bfb849bb359feb7e4a4496cd451da3ce763a49706b8b431fcfc8aa79995022f3dd971bcfaed86a820e022153467133c4f8a709f9cd6d4a218cbd64ba89474f2f0eddd35c760a0e39fdfbb7433d2a3300d1957cbc0cd6b4848123f342cab6db30832f6246a971c57658a40542858fece0b5a8696f460266dabb12395a99df4b6a940c17b5e46a50f298aa03c41dbe6340d6efc68bc72d8aa4e2e95a13a93856f3757be2dafb8777b58b72cfeeae9e565065580129dfc62bd80d2430419d1418fc04b15fefc483957589b4cf7d36f18f8b36b5af37e3f83cced98ca1cc2f1c916d68a9aab91818ddcb957b9b6f4b9b253d771350c19cbcd17ad2dc345116016f006f73e5834bd33259498b32b9fa1f65ce830538bfb0811b78dd87f4d3b1f71590fedde3c4d383dbc2d1840ee5887c679b005e0871fcf452824d598de36f861a700d77d65d2c788ac12ddd07b685bbcb92263f2123b02db30c3a9514afe55c871266d027546e6fe00f18ac18b9b2f6fc9cd70f55859830c1aa23d0b193c693bc5ae5625f577a6b4e10918e3b2fa06458970f969ee1f5c2f87fbd472a82c3ae338dd437586345fc1a1004c84c01d87879567f747f1d44d64edaac186ecd65153c4d65a7c2b502f8c731259b9c4ee987217768da8a8763b96c872e54308c7f063b6710e8d0deafd80f994c1ac03ab03bc1f1284bc5cf991c0fdd9ceb29486fe2faf4ce73c87607dbe934d2e6ed654ab58375931248f4e69b50484d61fd61bd9f15dde2835c53feeac49f1ee3679b46036ec918119f1b63177b3b590ce7c0362594cfdebb3cd35a27f27c175213a16af5352274c3ce6058d2a7cc6c2be49c076f937b4a6fea66c3ab9c0d50c16259cd891afd4cb04092efa17fbfc7c325a219e5eaca33f2def45e02b2cfac453408050a68a4f1ff5c2cb4b48ccacdf638c466ff936764d2e314ec040ce67b748a67acf6af051340e3654a0a70a"}) 00:10:36 executing program 4: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r2, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000140)={r0, 0x5, 0x3ff, 0x800}) r3 = open_tree(0xffffffffffffff9c, &(0x7f00000000c0)='./file0/../file0\x00', 0x84000) r4 = pidfd_getfd(0xffffffffffffffff, r3, 0x0) fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, &(0x7f0000000080)) perf_event_open(&(0x7f0000000340)={0x3, 0x80, 0xfb, 0x3, 0x0, 0x0, 0x0, 0x0, 0x30401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfff}, 0x6, 0x0, 0x9, 0x0, 0xfffffffffffffffd, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fsmount(r4, 0x0, 0x7) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r7, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000001c0)={'wlan1\x00'}) sendmsg$TIPC_NL_NAME_TABLE_GET(r3, &(0x7f0000000440)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x1324805}, 0xc, &(0x7f0000000400)={&(0x7f00000006c0)={0x378, 0x0, 0x100, 0x70bd25, 0x25dfdbfe, {}, [@TIPC_NLA_LINK={0x50, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1ff}]}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x800}]}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8b50}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xe38}]}]}, @TIPC_NLA_BEARER={0x3c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0x7ff, @private1, 0x9}}, {0x14, 0x2, @in={0x2, 0x4e20, @empty}}}}]}, @TIPC_NLA_SOCK={0x6c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x80}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x3}, @TIPC_NLA_CON_FLAG={0x8}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x4}, @TIPC_NLA_SOCK_CON={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x81}, @TIPC_NLA_CON_NODE={0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x47}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x2}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7f}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x81}]}, @TIPC_NLA_NODE={0x200, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ID={0x4a, 0x3, "758cd97a8ee00252f1566a1a97c45789313cbf2d1f8083a5bd189d72bd11e31bda106c4d939be498e1b37d7f9b8f2881c5d59cbec59198443503265572323455047c4aad6e8b"}, @TIPC_NLA_NODE_ID={0x9a, 0x3, "8e3990f88d42757ff3223ec12f696b4733d60bb14b0ca6bd8423a4a4ac2a06eb993d531bcdc6c27e1c2474764adc8209ef561181d72041124f7869b430d5f78366245244f738597710b0de5020f2b1782a4092ba1bedb3ada16dcb83cab3d039a7ba286f6ef8c5098e8bc83a08d49d28c466a1bc8c01b422a869dc58155b8e82821fc6b08280d8147f77e075327c3d15601111ed8217"}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_NODE_ID={0xb6, 0x3, "f2d6503df798d29150cc994d66d90cee69d7312fe98fadbce106427a1bc5ee0e7f6b03a6423bc598fc0ba6f166ef1d50b5b66ec10e5f93a28189d58cc9707842fbb6bd047e95471d1f342b2a99d3dee8c50bde420b1420f16bd90e9027d9aeffb3d44b8f9126f1b2c453c0d1762eb705817836ceb91ad0b8e0df8f10155793451f49465078750b193057cffb727a7b17406578ebc1d31e8b2d1ca2318b0e10da0cab2ccc4b778111d7d782fa1ecfc6074936"}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x47, 0x4, {'gcm(aes)\x00', 0x1f, "f330c7022ad67ee5e3b6483e55afedac8282d7e44d7f832762b5a808f64ec8"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7}]}, @TIPC_NLA_SOCK={0x10, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x5}]}, @TIPC_NLA_NET={0x5c, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x1}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x80000001}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x9d1}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x4}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x3}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x3}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x7}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xffffffff}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1}]}]}, 0x378}, 0x1, 0x0, 0x0, 0x1ea3acea14de514b}, 0x890) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') 00:10:36 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000a, 0x4000010, r0, 0x42e89000) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r3, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_CLOSE={0x13, 0x2, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xff) 00:10:36 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:10:36 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:10:36 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:10:36 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x4}}, './file0\x00'}) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:10:36 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 11) [ 1466.546703] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. 00:10:36 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) ioctl$MON_IOCX_GET(r0, 0x40189206, &(0x7f0000000040)={&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000100)=""/193, 0xc1}) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) [ 1466.557953] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1466.563040] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. [ 1466.572458] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1466.583417] FAULT_INJECTION: forcing a failure. [ 1466.583417] name failslab, interval 1, probability 0, space 0, times 0 [ 1466.584783] CPU: 0 PID: 16475 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1466.585619] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1466.585838] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1466.586622] Call Trace: [ 1466.586639] dump_stack+0x107/0x167 [ 1466.586651] should_fail.cold+0x5/0xa [ 1466.586665] ? create_object.isra.0+0x3a/0xa20 [ 1466.586679] should_failslab+0x5/0x20 [ 1466.586691] kmem_cache_alloc+0x5b/0x310 [ 1466.586709] create_object.isra.0+0x3a/0xa20 [ 1466.591774] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1466.592394] kmem_cache_alloc_trace+0x151/0x320 [ 1466.592958] ? io_tctx_exit_cb+0xf0/0xf0 [ 1466.593461] percpu_ref_init+0xd8/0x3d0 [ 1466.593950] io_uring_setup+0x47a/0x2980 [ 1466.594449] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1466.595047] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1466.595664] ? wait_for_completion_io+0x270/0x270 [ 1466.596264] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1466.596914] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1466.597541] do_syscall_64+0x33/0x40 [ 1466.597997] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1466.598625] RIP: 0033:0x7f347623eb19 [ 1466.599090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1466.601330] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1466.602257] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1466.603123] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1466.603990] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1466.604857] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1466.605732] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 [ 1466.615929] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. 00:10:36 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x300}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:10:36 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 1466.623017] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. 00:10:36 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000600)={0xa, 0x0, 0xffffffff, @loopback, 0x3}, 0x1c) setsockopt$inet6_udp_int(r0, 0x11, 0x1, &(0x7f0000000000)=0x8, 0x4) sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000080)='K', 0x1}], 0x1}}], 0x7ffff000, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000140), 0x0) pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x80800) connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0xfffffffa, @private1, 0x100}, 0x1c) openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r2, 0x0) ioctl$MON_IOCT_RING_SIZE(r2, 0x9204, 0x2a6b4) 00:10:36 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:10:36 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0) ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r0, 0x80089419, &(0x7f0000000040)) 00:10:36 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') socket$inet6_tcp(0xa, 0x1, 0x0) 00:10:36 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 12) [ 1466.798279] FAULT_INJECTION: forcing a failure. [ 1466.798279] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1466.799774] CPU: 0 PID: 16604 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1466.800604] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1466.801592] Call Trace: [ 1466.801913] dump_stack+0x107/0x167 [ 1466.802358] should_fail.cold+0x5/0xa [ 1466.802817] __alloc_pages_nodemask+0x182/0x600 [ 1466.803394] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 1466.804126] ? cap_capable+0x1cd/0x230 [ 1466.804602] alloc_pages_current+0x187/0x280 [ 1466.805136] __get_free_pages+0xc/0xa0 [ 1466.805613] io_uring_setup+0xe27/0x2980 [ 1466.806103] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1466.806731] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1466.807369] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1466.807985] do_syscall_64+0x33/0x40 [ 1466.808438] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1466.809059] RIP: 0033:0x7f347623eb19 [ 1466.809506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1466.811723] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1466.812636] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1466.813495] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1466.814356] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1466.815219] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1466.816073] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 [ 1467.050117] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1467.050966] print_req_error: 38 callbacks suppressed [ 1467.050982] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1467.053309] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1467.054826] buffer_io_error: 14 callbacks suppressed [ 1467.054834] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1467.057147] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1467.057992] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1467.059907] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1467.062281] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1467.068523] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1467.069946] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1467.072378] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1467.072453] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1467.073690] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1467.076600] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1467.078982] blk_update_request: I/O error, dev loop4, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1467.079062] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1467.080308] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1467.083279] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1467.085663] blk_update_request: I/O error, dev loop4, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1467.085970] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1467.086977] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1467.090310] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1467.090385] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1467.092877] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1467.092948] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1467.095092] Buffer I/O error on dev loop4, logical block 2096903, async page read [ 1467.105297] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1467.106606] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1467.106674] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1467.108843] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1467.108914] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1467.111127] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1467.112455] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1467.113781] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1467.115120] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1467.116487] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 00:10:50 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) ioctl$MON_IOCT_RING_SIZE(r2, 0x9204, 0x6dcdc) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x8800, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000000100)={{0x1, 0x1, 0x18, r4, {0x1}}, './file0\x00'}) 00:10:50 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:10:50 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 13) 00:10:50 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) ioctl$EXT4_IOC_CHECKPOINT(r0, 0x4004662b, &(0x7f0000000080)=0x2) ioctl$MON_IOCX_MFETCH(r0, 0xc0109207, &(0x7f0000000040)={&(0x7f0000000000)=[0x0], 0x1, 0x400}) 00:10:50 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x2000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:10:50 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:10:50 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ff6000/0x8000)=nil, 0x8000, 0x2, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:10:50 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x1, 0x4, 0x2, 0x3, 0x0, 0x80000000, 0x16309, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1ff, 0x0, @perf_bp={&(0x7f0000000080)}, 0x2200, 0x297ef70a, 0x0, 0x9, 0x80, 0xfff, 0x3, 0x0, 0xffff, 0x0, 0xfffffffffffffff9}, 0xffffffffffffffff, 0xe, r0, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') 00:10:50 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x3000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:10:50 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) ioctl$BTRFS_IOC_DEFRAG_RANGE(r0, 0x40309410, &(0x7f0000000000)={0x7, 0x1, 0x3, 0x7ff, 0x1, [0x1000, 0xd9f4, 0xffff20b4, 0x2]}) [ 1481.309558] FAULT_INJECTION: forcing a failure. [ 1481.309558] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1481.311168] CPU: 0 PID: 16627 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1481.312079] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1481.313109] Call Trace: [ 1481.313458] dump_stack+0x107/0x167 [ 1481.313937] should_fail.cold+0x5/0xa [ 1481.314436] __alloc_pages_nodemask+0x182/0x600 [ 1481.315041] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 1481.315837] ? cap_capable+0x1cd/0x230 [ 1481.316352] alloc_pages_current+0x187/0x280 [ 1481.316924] __get_free_pages+0xc/0xa0 [ 1481.317429] io_uring_setup+0xf9a/0x2980 [ 1481.317960] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1481.318625] ? wait_for_completion_io+0x270/0x270 [ 1481.319231] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1481.319930] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1481.320606] do_syscall_64+0x33/0x40 [ 1481.321091] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1481.321770] RIP: 0033:0x7f347623eb19 [ 1481.322237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1481.324633] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1481.325588] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1481.326532] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1481.327469] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1481.328422] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1481.329305] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:10:50 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 1481.383805] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. 00:10:51 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x1000000000c202) [ 1481.595568] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1481.596842] print_req_error: 22 callbacks suppressed [ 1481.596861] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1481.600456] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1481.602765] buffer_io_error: 6 callbacks suppressed [ 1481.602779] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1481.606268] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1481.607487] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1481.609827] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1481.612124] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1481.615344] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1481.616552] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1481.618853] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1481.618906] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1481.620202] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1481.621384] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1481.624531] blk_update_request: I/O error, dev loop4, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1481.624599] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1481.625834] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1481.628644] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1481.630938] blk_update_request: I/O error, dev loop4, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1481.631038] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1481.632244] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1481.635214] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1481.635288] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1481.637343] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1481.637414] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1481.639511] Buffer I/O error on dev loop4, logical block 2096903, async page read 00:11:06 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 14) 00:11:06 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:11:06 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x88080) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:11:06 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:11:06 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x3, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="240000001800210c000000000000080002000000080000000400000008000500", @ANYRES32=0xee01, @ANYBLOB], 0x24}}, 0x0) openat(r1, &(0x7f0000000140)='./file0/../file0\x00', 0x101000, 0x8) chroot(&(0x7f0000000000)='./file0\x00') perf_event_open(&(0x7f0000000080)={0x4, 0x80, 0x40, 0xfa, 0x1, 0xcd, 0x0, 0x0, 0x1802, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0xd, 0x1, @perf_config_ext={0x3, 0xb918}, 0x2800, 0x101, 0x33f, 0x5, 0x8, 0x6, 0x2, 0x0, 0x7, 0x0, 0x84}, 0x0, 0x2, r1, 0x8) 00:11:06 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x4000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:11:06 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:11:06 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$null(0xffffffffffffff9c, &(0x7f00000002c0), 0x400001, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000380)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_RADAR_DETECT(r1, &(0x7f0000000480)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x58, r2, 0x400, 0x70bd28, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x9, 0x6e}}}}, [@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x3}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x39a}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x3}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x7fff}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x1f}]}, 0x58}, 0x1, 0x0, 0x0, 0x10}, 0x80) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r4, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) pwrite64(r0, &(0x7f0000000240)="8be6a5f86d2b7765a098dc645757dd23d919d6392c4543221e3ab6729e0b7bd6d973fd7b6a39fa6b20997dc2eb612c8c69bdbda24d98cccf132105a1130845ca64", 0x41, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000500)={'wlan1\x00'}) r5 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x18, r6, @out_args}, './file0\x00'}) sendmsg$NL80211_CMD_NEW_INTERFACE(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000180)=ANY=[@ANYBLOB="400000a177ac5505a67be4d90ce080164bfe3f377ae801ec684c000a474a", @ANYRES16=r7, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r8, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}, 0x1, 0x0, 0x0, 0x4}, 0x0) r10 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$FS_IOC_FSGETXATTR(r10, 0x801c581f, &(0x7f0000000140)={0x10001, 0x8b1, 0x80000001, 0x1, 0x8001}) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x2000) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x11, r5, 0xac0d7000) ioctl$MON_IOCT_RING_SIZE(r5, 0x9204, 0x2a6b4) [ 1497.057379] FAULT_INJECTION: forcing a failure. [ 1497.057379] name failslab, interval 1, probability 0, space 0, times 0 [ 1497.060220] CPU: 0 PID: 16764 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1497.061960] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1497.064098] Call Trace: [ 1497.064730] dump_stack+0x107/0x167 [ 1497.065676] should_fail.cold+0x5/0xa [ 1497.066590] ? io_rsrc_node_switch_start.part.0+0x43/0x250 [ 1497.067965] should_failslab+0x5/0x20 [ 1497.068888] kmem_cache_alloc_trace+0x55/0x320 [ 1497.069984] io_rsrc_node_switch_start.part.0+0x43/0x250 [ 1497.071278] io_uring_setup+0x14f6/0x2980 [ 1497.072317] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1497.073528] ? wait_for_completion_io+0x270/0x270 [ 1497.074699] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1497.075994] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1497.077231] do_syscall_64+0x33/0x40 [ 1497.078127] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1497.079360] RIP: 0033:0x7f347623eb19 [ 1497.080275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1497.084768] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1497.086578] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1497.088310] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1497.090020] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1497.091741] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1497.093476] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:11:06 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:11:06 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x3, 0x10de81) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x11, r0, 0xb7eb2000) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r0, 0x4018f50b, &(0x7f0000000000)={0x1, 0x1, 0x9}) [ 1497.118597] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. 00:11:06 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x40000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:11:06 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) ioctl$MON_IOCX_GET(r0, 0x40189206, &(0x7f0000000300)={&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000100)=""/215, 0xd7}) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCX_MFETCH(r0, 0xc0109207, &(0x7f0000000200)={&(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6, 0x3}) r1 = syz_open_dev$vcsu(&(0x7f0000000240), 0x7f, 0x4400) mmap$usbmon(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x2, 0x1010, r1, 0x7fffffff) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) ioctl$MON_IOCX_MFETCH(r1, 0xc0109207, &(0x7f00000002c0)={&(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8, 0x81}) 00:11:06 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x1, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000100)) 00:11:06 executing program 4: ioctl$sock_SIOCSIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000080)={0x3, 'team_slave_1\x00', {0x7}, 0x200}) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f00000000c0)={@remote, @remote}, &(0x7f0000000140)=0xc) 00:11:06 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 15) 00:11:06 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r3, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) mmap(&(0x7f0000cfc000/0x4000)=nil, 0x4000, 0x4, 0x30, r1, 0x98edf000) mmap(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x9, 0x1010, r0, 0xf7d7a000) 00:11:06 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 1497.335449] FAULT_INJECTION: forcing a failure. [ 1497.335449] name failslab, interval 1, probability 0, space 0, times 0 [ 1497.338215] CPU: 0 PID: 16846 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1497.339658] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1497.341416] Call Trace: [ 1497.341968] dump_stack+0x107/0x167 [ 1497.342731] should_fail.cold+0x5/0xa [ 1497.343531] ? create_object.isra.0+0x3a/0xa20 [ 1497.344512] should_failslab+0x5/0x20 [ 1497.345310] kmem_cache_alloc+0x5b/0x310 [ 1497.346155] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 1497.347408] create_object.isra.0+0x3a/0xa20 [ 1497.348387] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1497.349461] kmem_cache_alloc_trace+0x151/0x320 [ 1497.350438] io_rsrc_node_switch_start.part.0+0x43/0x250 [ 1497.351572] io_uring_setup+0x14f6/0x2980 [ 1497.352482] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1497.353544] ? wait_for_completion_io+0x270/0x270 [ 1497.354574] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1497.355674] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1497.356771] do_syscall_64+0x33/0x40 [ 1497.357549] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1497.358619] RIP: 0033:0x7f347623eb19 [ 1497.359398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1497.363252] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1497.364867] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1497.366354] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1497.367855] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1497.369351] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1497.370839] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:11:06 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x1000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:11:07 executing program 1: prctl$PR_MPX_ENABLE_MANAGEMENT(0x2b) r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x0) prctl$PR_MPX_ENABLE_MANAGEMENT(0x2b) prctl$PR_MPX_ENABLE_MANAGEMENT(0x2b) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) prctl$PR_MPX_ENABLE_MANAGEMENT(0x2b) prctl$PR_MPX_ENABLE_MANAGEMENT(0x2b) [ 1497.390428] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1497.408773] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1497.802781] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1497.804108] print_req_error: 6 callbacks suppressed [ 1497.804128] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1497.807652] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1497.807708] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1497.809662] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1497.810856] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1497.814949] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1497.815054] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1497.816905] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1497.820218] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1497.822587] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1497.822653] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1497.824540] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1497.825742] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1497.829443] blk_update_request: I/O error, dev loop4, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1497.829541] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1497.831385] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1497.834722] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1497.837130] blk_update_request: I/O error, dev loop4, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1497.837222] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1497.839058] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1497.840358] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1497.841710] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1497.842973] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1497.844234] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1497.847260] Buffer I/O error on dev loop4, logical block 2096903, async page read [ 1497.891951] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1497.893443] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1497.896243] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1497.897545] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1497.900130] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1497.902370] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1497.904416] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1497.905874] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1497.907927] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1497.909974] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 00:11:23 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 16) 00:11:23 executing program 5: fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff) r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x3ffffffffffd, 0x28400) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:11:23 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x4, 0x1f, 0x4, 0xff, 0x0, 0x8, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x6, 0x2, @perf_bp={&(0x7f0000000340), 0x3}, 0x48103, 0x5, 0x1, 0x9, 0x1, 0x4, 0x8, 0x0, 0xfff, 0x0, 0x80000001}, 0xffffffffffffffff, 0xb, r0, 0x8) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') r2 = socket$netlink(0x10, 0x3, 0x0) mount$9p_fd(0x0, &(0x7f0000000540)='./file0\x00', &(0x7f0000000580), 0x2000080, &(0x7f00000005c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@mmap}, {@dfltuid={'dfltuid', 0x3d, 0xffffffffffffffff}}, {@access_client}, {@cache_none}, {@cache_fscache}], [{@fscontext={'fscontext', 0x3d, 'sysadm_u'}}, {@smackfsroot={'smackfsroot', 0x3d, 'batadv\x00'}}, {@uid_gt={'uid>', 0xee01}}]}}) r3 = fcntl$dupfd(r2, 0x0, r2) sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000001800210c000000000000000002000000080000000400000008000500", @ANYRES32=0xee01, @ANYBLOB="f378281bcd522e1931dfc80b92ccd61cca4cdfe4d0ca5d2ba612eae2f4552537d37992a8afefe792371dd754ffc9e4b43b52195e5ef1974cb609f3d8074379def4f7cdcc3c776bfb70a1388713b45b92409416fc63b9de55c447ad4a91b008c6b13f296aa334883660736daa1f4687b871eaa3eabcdd25478602a98168dd09e0c523aa80e0cf5876ce23da7bf9f7a8f36120f52dcfca705a19506395459273c37cdfa5d9efa39e298bb4dce7eeb81fd49d78b021920000008000000000030aafb3e5056751c3003e"], 0x24}}, 0x0) r4 = syz_io_uring_complete(0x0) r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000440), r2) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r4, &(0x7f0000000500)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x2c, r5, 0x100, 0x70bd2d, 0x25dfdbfb, {}, [@BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x400}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2400c010}, 0x0) fcntl$F_GET_RW_HINT(r3, 0x40b, &(0x7f00000000c0)) getsockname(r2, &(0x7f00000002c0)=@xdp, &(0x7f0000000240)=0x80) 00:11:23 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:11:23 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0xd0442, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14) setsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f0000000480)={@ipv4={'\x00', '\xff\xff', @multicast2}, r1}, 0x14) r2 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r2, 0x0) ioctl$MON_IOCT_RING_SIZE(r2, 0x9204, 0x2a6b4) [ 1514.157900] FAULT_INJECTION: forcing a failure. 00:11:23 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:11:23 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCX_GETX(r0, 0x4018920a, &(0x7f0000000100)={&(0x7f0000000000), &(0x7f0000000040)=""/76, 0x4c}) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2400000018000d0c000000000057f5e4b1c98a7280c4ef92a4000400", @ANYRES32=0xee01, @ANYBLOB], 0x24}}, 0x0) ioctl$MON_IOCX_MFETCH(r2, 0xc0109207, &(0x7f0000000180)={&(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7, 0x8}) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:11:23 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x200000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1514.157900] name failslab, interval 1, probability 0, space 0, times 0 [ 1514.159750] CPU: 1 PID: 16913 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1514.160736] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1514.161912] Call Trace: [ 1514.162294] dump_stack+0x107/0x167 [ 1514.162810] should_fail.cold+0x5/0xa [ 1514.163359] ? create_object.isra.0+0x3a/0xa20 [ 1514.164016] should_failslab+0x5/0x20 [ 1514.164540] kmem_cache_alloc+0x5b/0x310 [ 1514.165012] create_object.isra.0+0x3a/0xa20 [ 1514.165522] kmemleak_alloc_percpu+0xa0/0x100 [ 1514.166039] pcpu_alloc+0x4e2/0x1240 [ 1514.166471] ? io_async_queue_proc+0x80/0x80 [ 1514.166973] percpu_ref_init+0x31/0x3d0 [ 1514.167429] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 1514.168050] io_uring_setup+0x14f6/0x2980 [ 1514.168534] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1514.169119] ? wait_for_completion_io+0x270/0x270 [ 1514.169695] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1514.170302] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1514.170893] do_syscall_64+0x33/0x40 [ 1514.171325] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1514.171905] RIP: 0033:0x7f347623eb19 [ 1514.172347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1514.174465] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1514.175339] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1514.176154] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1514.176987] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1514.177800] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1514.178605] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 [ 1514.207220] 9pnet: Insufficient options for proto=fd 00:11:23 executing program 2: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:11:23 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x300000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1514.224673] 9pnet: Insufficient options for proto=fd 00:11:23 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000440)=ANY=[@ANYBLOB="01040000842f28eb3ad6770ddc9b2256129a97f206f9b67a0bd17167fcf273673617cef7c1f1b7cefa762ee277eb17efdb5854649383b512ff1ec38a5fa8dd6818e7f7cc6566262ed72c691deb606fdbd2fbbdae98f3849a5793d5b28b00000000121f5bcf387e0764566f0997ff130c2d5a56e030d99466ec67ab352982596da4d30194adefb61256ca2a6f0a4c04e5b6c7fecb4813463905be9207029fec20ff03d34b9b20a0b72a1ae7b02413294b6be322cbc26535f97c3d0ed5eba93652ba679946f9ee129c3ee2c9493090d6", @ANYRES16=r2, @ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x40) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r1, 0x81f8943c, &(0x7f0000000240)) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x1184c, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@msize={'msize', 0x3d, 0x7}}, {@nodevmap}, {@debug={'debug', 0x3d, 0x7}}], [{@pcr={'pcr', 0x3d, 0x9}}, {@fowner_gt={'fowner>', 0xffffffffffffffff}}, {@dont_hash}, {@uid_gt}, {@measure}, {@mask={'mask', 0x3d, '^MAY_APPEND'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '/dev/usbmon#\x00'}}]}}) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x10, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:11:23 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone3(&(0x7f0000000300)={0x135100c00, &(0x7f0000000080), &(0x7f00000000c0)=0x0, &(0x7f0000000140), {0x1b}, &(0x7f0000000180)=""/161, 0xa1, &(0x7f0000000240)=""/117, &(0x7f00000002c0)=[0xffffffffffffffff], 0x1}, 0x58) syz_open_procfs(r1, &(0x7f0000000380)='net/ip_mr_cache\x00') ioctl$F2FS_IOC_WRITE_CHECKPOINT(r0, 0xf507, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') 00:11:23 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 17) [ 1514.279592] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1514.304814] FAULT_INJECTION: forcing a failure. [ 1514.304814] name failslab, interval 1, probability 0, space 0, times 0 [ 1514.306196] CPU: 1 PID: 16937 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1514.306994] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1514.307935] Call Trace: [ 1514.308241] dump_stack+0x107/0x167 [ 1514.308696] should_fail.cold+0x5/0xa [ 1514.309148] ? create_object.isra.0+0x3a/0xa20 [ 1514.309678] should_failslab+0x5/0x20 [ 1514.310127] kmem_cache_alloc+0x5b/0x310 [ 1514.310589] create_object.isra.0+0x3a/0xa20 [ 1514.311099] kmemleak_alloc_percpu+0xa0/0x100 [ 1514.311618] pcpu_alloc+0x4e2/0x1240 [ 1514.312062] ? io_async_queue_proc+0x80/0x80 [ 1514.312584] percpu_ref_init+0x31/0x3d0 [ 1514.313046] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 1514.313666] io_uring_setup+0x14f6/0x2980 [ 1514.314139] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1514.314724] ? wait_for_completion_io+0x270/0x270 [ 1514.315284] do_syscall_64+0x33/0x40 [ 1514.315709] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1514.316296] RIP: 0033:0x7f347623eb19 [ 1514.316742] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1514.318814] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1514.319701] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1514.320525] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1514.321373] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1514.322192] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1514.323013] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:11:23 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) ioctl$MON_IOCX_MFETCH(r2, 0xc0109207, &(0x7f0000000040)={&(0x7f0000000000)=[0x0], 0x1, 0x8}) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x1268, 0x14, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @nested={0x124b, 0x21, 0x0, 0x1, [@typed={0x8, 0xe, 0x0, 0x0, @ipv4=@rand_addr=0x64010101}, @typed={0xc, 0x3a, 0x0, 0x0, @u64}, @typed={0x8, 0x9, 0x0, 0x0, @fd=r2}, @typed={0x4, 0x1d}, @typed={0x53, 0x7b, 0x0, 0x0, @binary="45f1b6229af1903890818cb82ffa6e2ec400e4b8ca7baee0e2fc0664f1d3592172edb8765167ab898cd6e7e1d16a567ee00df1ce7c6a7f27232706aca9d96b7ceac2ec02ac582bfd4a330de0d9398d"}, @typed={0x8, 0x95, 0x0, 0x0, @uid=0xffffffffffffffff}, @generic="e7a3dad9929e672a55b253889682b8260aaa7e430c6758a260aa533af7f36aea0f0cf8bcafae85a8411cdb6827c7dc9b832fec420e56f159018489ba6b09cfbd3dee4945c91c1f226eecf74f3f2a8abd103f27771c9c4a3a9c72cfc7f03aff8af8070e8def0b1be87ad96656259fd25735f76a5882bdc7e668e777b96de5e79302c8a408ee08b87439cee7972581901d40", @generic="eed4643a6394e4916d426ef1a2d4176d0044800261f5dc92e5b1e8ad00bd72159a5ee1a2793b9940968ede58c2ea7dccb88e93cd54e88b95fb39f60f401c1ecdbb84ab1f05aab6e9638e09e054fe58f3c03b0d250523d0ee8bf07c7c80acaa5ddae8d2ff1f9c6b8ef08c32cf4b7a097585b2ec4f077d0f5d26cbb00a2b74c296715e66166588e5", @generic="4693f6509e1d079f094cd678fab59908f13f84984b7502e09ef1ee98ec5f5bf73152084dd491ffcde9b1877621d4ab9f29777353e68977864a9280d60ca04d6a158db82756b6771295d3b211b431f604fc891e1b6109acf75b7ca7f1a08d83fd8f71eebf67ce4681f0d8e16a59a13b94dda997e7256570165480d1150896ca4391f8952ed1fbc87c2a2a67291b359f2f1abbe3b18691f6765db1673737e52823d0c0fc71bf8562a363b1207cf109da67a2e813", @generic="19b43ffb0b2bef05d90e9428634eca0eef577f5b14ff4e1a45025385da8b4ad708d1feee87a10002d3da366d32a2469bee1378538cd8cc65fc1f5133b3034485246694e9556b6ee3b6473e9dc3a2c52a41faea3cfd465a50d9f3945484c4cc099c2ec330528221d32015f2b42b8644a3a1ff2bd2ffcf7226eccd6708cb2d8d8c34064e3a58b612f6d8e131111a4e2d7828dfb1a044d45fa32306901f38376a631ed0b4f67d064cac2461ef0c9617d710b732a09c98825ac8555f9813a1da02752438daf25d6b24c5ab0a511a97e12def818f38c36dc86448c15500a237bca6ee9712b6c79d37f00c709fb912c3f23e769c115ed88bce8d5c85fb7a06b866ca42432a8acb9997365eefc1faa4b1b82ca2dcd12978c9f3c314866a2bd5165fd6b9e25391e3eff891bc5db3f3f65af2f94a1c88d360e46333e6b4bc87372ba4b8e1f9d0b5f18f261963f4da77131d30cffc13b833e9d1e100691cad567ebae17081afed1af0e7b430bedfe2d3e853dcb88d44aa54c8542371acc49c917361d6e41f8c73ff4b6e6a5d62b21f9cb282d5a3133f205555b7681438c189ec5d85dde59ed78ef516282a56d4576999876fd6547203281c8b6e78bbe5b416a173a5e18ddaf155238e3585e1b5bf87b2a161766c02430de962697e3fd065d482c56e7d6aa575cc22b99a7a69b2b2d6e2b9c98e731d002de669d85268e7106d28d82e24fbeb6df88e06c92b5b1159156c69c61f3511c333026b36f33872f3cd6b918cd61d9db93152fb8ed18a8d571862c103e85b9e350d7ef90c0a2e30ec776fd6a8e183efc1793a3b971b495c09847c84a9ea291a845c82d56e802ff3ca97c38a38d204e9b053b33f15c0e6da78b1d5b9cd85ef5fd92e482fef36ce75c03268ae749db4c15e4398db6a55254587fb0ac315a771d33204c78c233bd05981045350b6c75bc779d40aabc1264bca7fff26af004b082699c1cbf35d837b2fc8ebbe1d4b3cdff1a1c6586e0e904bdcfba7cacdfaea852eda1d28235da7abce82278f7dceef03a008924842197b7518b296e69d149bf69384276c678df91d8cb843f51af034f192eeb523646f25fe8d48ff79beef0635b31e0e94278924f3b171f1280e44c8955a499e2660d65ab8e37c45e70272bac59f2df2f5bfc3f2194be258ba9a7da9d7f3b1ecd41b31fd169ed0a58a32c8e75720001f51c5092577ce57848a35ea732c6d440e281b6da5df1fb5c43b74436574e1badacc7c33d8d56d44a486ec18a43ed2b36b12382880f22c28b329c2a06de8d04932a37d3f9d3bda010e323567ce896ba3e7f657b23c9ec434f917718186c36e7fadbedc8cc1906878d57ee09170ccb714b3b2b2a88d415a129cd411fa04c9249bf68fad92803d10788c1a2ba3de0911a2d969978dbb0a5eee1fda1253710342c05ee8ffaa2db336a19ef46b7af939cd227a3d9591e4ce75f651ca65f144a6f4ba0a4192dc2b0bb2a3ea731ea07de02709429cc9ac6bd9b33823938a84b0cbd86733008fde162b1db8fe0b5680dd5f3b6b4fab8f392ca4cc21c4118329f1c7d8209856ad6d99e4270bf97eb856c4d2c5188f261bf16536d1e3c4ed50552084f0a0477a5e0fa617d3ec2056c84b60022e130dd55a4ebd662d85a76589d5744273df31641e4356b1dea4978ad1a3245da94a846d3a9988f9455e7d93db1f91e80dc725bd64d8e230685cf7844f43866f74c232edd39d739c09194e8f4b6581d0a5e65de3a1e97602018c7b4a49afaec6276734d1f902b8c5c40b83502fd315b23b1569658dd25d148c62417090d9ae397c17cb0aa926f6f83336c74ef4b68320d28fed6d9a180c149661b46f16a1d03648bb13795022280706596db76d0925abba453165fa71583a5cdac8a161798750d46bb075190a542edeb49e9b1ff17670e462d8b6388857b95d1017df01b71b84b58d44fcc6d26b262d2785b86ebe8c77f0d3adb6b03fe517a7c30cd23119ea7ace8ec7a851b9c78a9418d423c98210002f2008cd994c680849853f42e332ac67f460b44c951c5af582842ec952b8fb445ec99b497760115651cae9b37d4e4cff2d1cf0402a0ab702e62d976cc7b4b8672a4e8eaf20ac72e0e1ada03ba8efa4538310f8950b22dba32ab5b53eebb7977f10590bb111973e92c6d33db8b8fd5c8055220bc018ca7122488579b3f1179d1db92ad5a7976bb75f7009b4a8e065833a348641a016285a67263335c6691b6af5d13e4ac10bd05f397f9373995b4c12364d94aec8f2b57cb6297cb5dbf4d37cca113253b02047be8acf7da90a16192b44925fa06d481d56ccafaeda7cd0465e103fbfcfd7d9f1dd1eca179ba458eb9fb380336f77621b18984fcb569657e2e4c3e2018f568668e5e44392242aa4a7e24b6b7ecb9706c6f1342a0d97c36bd4f984888cb661ba2f0081017b03e720168bc05cedefb63bdd96e23916b83a089dd33c9f75974f50d1218bef07845fb728b6e67b3724e8fdde139f66881229101c321833b47517d861d3ba47c13f87e10f1441c994c6464b999084f0446619d84ae66a487ae07099fafad97e400ac9f6778611dfeb18a9450a07c078bf98000e613529219269e3898d2a5cf3a27e7f7618e1915d051044c4c395244403e3a36c70ff4e4cb7fa3b9a50c908196aec45b5a20df9e1dc3dfcd6173ff2c197cb9dc19939fed380cc3b865531ed2d631ef11da17ca6cb53391ff901f8e37737cf09ad7e965af9b2986ae9ba567573176cb710df32b82e9277a961da96c399e22e431c1a18c6ae433504205e7f4e4541ed997a8659af12cd897c3326562ea9863371a6ac8e7c930aa3a0f620f43ea546e9ea53f217a1cb661de908175bb5a3c32a4ee2c828e6068305bd3465e75c25a5cbf55cbd842778e7010b333257553e768a923fdd53730a64de3ea65cefe24fdaf7e4672449148739bb0a7a50fce10716acd17eaedfb05f6d9b3856b7ebe86d19fa40f0b3b5b83a1927750565305411a9e069360e97f1eb68b721db02555cf782bb9ca1c9f15471587812050c73128e931ede5d52c0c624b784d4678d76b0fb7640ab0345d46e841520e263e0bc57206329880c88974ee4161444ef593a7876ebd12a55c0b4e4eea77a8b1f65717ff128f3618b8daa44eb814298f01f65664042ec455d475faa254eb17e21772b2efd1fbdbee0d896986fe1a4626d10442046442b8c5d45600eaf038106bb0fb9430afbdc40cc38b5f9a35bbda451eefc9f48c7eecef5c4149465d21b0c84269a116abd6937ca56420db42f49bb3b34b458d1415daba9ca9db061f91b191b3d3e29f80714ff813a61e9891e880bdc9cdbebe88c7664fa34955be884559817695751717f420a5c23cbe86cb03000d6d91f77165130c2794b4f6086b2ae02ba6c8746a05d9b93e6883339cf51c8110c00e6f252995c1456e3639fb23c61c9de6f4def6f94764f0d386ff500eef8a96f8d3cb0fa9ee2a0a0ee1af453f45ad808857e7f7b5a8e3d9b540e019be8e315dce96e8aeade6ea80498878b20297d18af2f1227fe0ce0aedf9645322bf28a37d3526459921b11db5f5c7f62eba8019e6465f4bc57154dd90af39f59c0476d6ac112842c5b76b3ed1ffff1e48c1a041e7fe8b19581770b0be90d8bc2d89ad63b6a0474df525756e3bd240554da3dab7ce291625edf04b30457374631bb059a113a0f7be46fe1f168f299dc2d50a607912337527faf13da582c221b9bdeed428afefec57df63c759ec8e14a44d06ebc64332e2f5deda1e3709fcdbe59c564f0555eaa4ed620984103b8309cba728a5c436209e1ed09ff6bdac33694c30c4d75b781c957ba0869d46702c2f0a90f2863fe0ea0e24e5ada0819ae38df055c0b1536db5ee1750236f630078ca9805913fbe9214ffcfd1d08bccbfac45eab43a5fde5a625df0d9d3eb8e3f3b305ca484bd5ed1790aa85bcbca41d63f6ab6378ffedf1f89fdd6ba72940a399bed88e013bd38dd0339175554ed83f7ac943dd65ceb2f43ee54ef2d76ebc685248b8b1118919f8b2953271ff101536bc54bc74367fa0198d26b1a8a30b91104ab846f5353c0b5521f35385e04c22bea1a8937f880d4b597f1fd79b479ee1cf1c40b6806ef9f9c6b0980f2f3a607340f40aeeff73192af898e886009f4b4c8c3a3d7e1f53e17e0b929dd447de3598c33e191925d9fa9638e03df5c97a7f63650f58917d4762e68c20d91bc93a4a74318acdab5d5a3f283ad72e17f89f8b9c8164fd9965b70b0dd0a263a481d39ecaddb83ac678d1222407e907424e967a1c12af5d6411e8a46fdc54f4144fa2148ec51b62a906b940f5457b5440a4249f5c440b7debfe57d3d8f576761f58c63666dcf8a8c07376e450af763ebd7b53c4f7dcd701556406e3e76123500c4cfeb81d9cff987be3a39bc0ed4a17eec48d10eb75933cb7a81c371d047f82e309bdf0e49b04ea12073da2a7cd68a51faffc933942bd938c20998c2bca4130b5581253a9cbdda7038e1b453564ca2478628791433164fa5fc83c1f960c89fa4666055250a4c4816e3924edf2b81b0d814329cf9d8a5d1a4769cce18cb97032bda4dc54d890872af46f6b8aece48be6571206afe93d12d5117bcc17a35c68078b059a83fb3b4e22565ecaa7606c7af139c51915a2820d54f539032d658611cbf54c4e0155e0494421705e5e5bf1a6acae1cb9767b90880c0cb82e1c3e04e65da29b7f2cb80a7deb82480a6d09b45457ec228fbc666d68a229198771ce72ff723cdb831090f1a136ad990a04c88d86035ea98bb79b10500563c32e7989d87df59dab81312e4e6c3e9f30a70a2816a45ded8a32fe947e5adc78134210307700f91b75fed4d3b40c0070f1ee4c8069af8f238dc7cfbcfc1495581518343de8fafd9678729dc70086206e9548dc3823333ba3e97296629a5c0a77a376304314ab6f9362904b8e3f33f199cf76183a0bd947cd0542be24f4d13eab626964509d7d9b1691727af0de4700d48595f60f3c44ef082b51e6103678cc42a93f49b3f20a4e3818fab2d9e09c277acf34996545c406946fcbb1676438dac168d344ea7ccbc175e9672ea8065e336a67f857571632fe5642261bae1c0716513953183dac17f8d9bfc0599a1ea82f1afa3bac79b77a41c1d256a0233f4f0547963d79e01d829b5200bd197cb673f90b1c0424bf042cbe99c24bdd763acb573df70480009f8cc3b6b4c199da8d271a50eff893bfa6b6be756f39f5b1aab6626477d4d6ada4b9bbdc2245e46bbb948f78fcb1d82188ffe9c223885d135b3d3ec88bcd66e1b8a6164461da563267846e11b4461dfdabb9cb1f8ff5ca8d4bd2bf11335ba2e27c3c8ea0e058ec8a019cd4cdc6a79fc91bc2f5fd9e22b6ac54d8a6c911a42b0398378b560e7da28ad4b7e70667973201cf008c9262e8983c37fbe39047b1c053d67882ab71c3a342ef8f2c4a2cf2c029766322d37c99506bbadb70ae367e9cb3bf1ebe04f0c52257fd3f5e741ce1b485b89d51bef3d463dba8739e681e28a1338b826f8e10d4ab806c837075a6f4996b86c931b70c7639aa04c380b239384328a561ce5918ef03e7f3254ea047650d3454f678e545712707432f5033d761c606be19f299f97fc9e752e164fb6e7c9d6434a7176568d9e0f5bbc1f853a7763ab09f7d9d944354b6ac7f99dc6e7095f67c851594a1775f6fd58c43fd8253c47695fda5d4411e64c87e994c43b1007fdc0b920c5f1b67af14e89e96f5eae5fbe587c319586d703beab63275463c12eedc4f36d3da75c8a5e03ce7de2e8a7c98"]}]}, 0x1268}}, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) sendmsg$nl_generic(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), r4) r8 = socket$inet(0x2, 0x3, 0xff) r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) sendmsg$inet(r8, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000000)="b683ae40f3fdac402b01fa055e4299bd37dddcc878d124b8", 0x18}], 0x1, &(0x7f0000000200)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r10, @broadcast}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev, @multicast1}}}], 0x40}, 0x0) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r4, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x54, r7, 0x100, 0x70bd27, 0x25dfdbff, {}, [@ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0x6}, @ETHTOOL_A_LINKMODES_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}]}, @ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0x1ff}, @ETHTOOL_A_LINKMODES_DUPLEX={0x5, 0x6, 0x1}, @ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0x3}]}, 0x54}}, 0x4000000) dup(r0) ioctl$MON_IOCT_RING_SIZE(r2, 0x9204, 0xe907e) [ 1514.370753] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16959 comm=syz-executor.6 00:11:23 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000008, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:11:23 executing program 2: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:11:24 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x400000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1514.391635] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16959 comm=syz-executor.6 00:11:24 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 18) 00:11:24 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r3, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r1, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) [ 1514.453937] FAULT_INJECTION: forcing a failure. [ 1514.453937] name failslab, interval 1, probability 0, space 0, times 0 [ 1514.455316] CPU: 1 PID: 17009 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1514.456123] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1514.457085] Call Trace: [ 1514.457394] dump_stack+0x107/0x167 [ 1514.457820] should_fail.cold+0x5/0xa [ 1514.458271] ? percpu_ref_init+0xd8/0x3d0 [ 1514.458749] should_failslab+0x5/0x20 [ 1514.459200] kmem_cache_alloc_trace+0x55/0x320 [ 1514.459717] ? io_async_queue_proc+0x80/0x80 [ 1514.460221] percpu_ref_init+0xd8/0x3d0 [ 1514.460690] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 1514.461303] io_uring_setup+0x14f6/0x2980 [ 1514.461792] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1514.462379] ? wait_for_completion_io+0x270/0x270 [ 1514.462943] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1514.463559] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1514.464155] do_syscall_64+0x33/0x40 [ 1514.464599] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1514.465177] RIP: 0033:0x7f347623eb19 [ 1514.465609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1514.467684] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1514.468566] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1514.469387] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1514.470214] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1514.471027] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1514.471854] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 [ 1514.486024] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1514.500961] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1514.642591] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1514.643500] print_req_error: 22 callbacks suppressed [ 1514.643511] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1514.645351] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1514.646574] buffer_io_error: 6 callbacks suppressed [ 1514.646582] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1514.652775] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1514.653423] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1514.654852] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1514.656073] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1514.658010] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1514.658792] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1514.660032] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1514.661277] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1514.662564] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1514.663240] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1514.664502] blk_update_request: I/O error, dev loop4, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1514.665715] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1514.667060] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1514.667745] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1514.668974] blk_update_request: I/O error, dev loop4, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1514.670185] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1514.671478] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1514.672122] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1514.673420] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1514.674059] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1514.675345] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1514.678222] Buffer I/O error on dev loop4, logical block 2096903, async page read [ 1514.687679] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1514.688901] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1514.689895] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1514.690576] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1514.690593] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1514.692491] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1514.693173] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1514.693855] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1514.694542] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1514.695227] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 00:11:37 executing program 2: perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:11:37 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x80401) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r3, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) r4 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000100), 0x8731f5fb9d078303, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r4, 0xc0189372, &(0x7f0000000140)={{0x1, 0x1, 0x1dd4, r1, {0x100}}, './file0\x00'}) ioctl$MON_IOCT_RING_SIZE(r5, 0x9204, 0xf6e1c) r6 = accept4$inet(r5, &(0x7f0000000040)={0x2, 0x0, @broadcast}, &(0x7f0000000080)=0x10, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x8, 0x13, r6, 0x9f897000) 00:11:37 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:11:37 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x4000000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:11:37 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 19) 00:11:37 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) r1 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000002, 0x110, 0xffffffffffffffff, 0x8000000) syz_io_uring_setup(0x3a79, &(0x7f0000000380), &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f00000001c0)=0x0, &(0x7f0000000080)=0x0) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r2, r3, &(0x7f0000000140)=@IORING_OP_ASYNC_CANCEL, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r3, &(0x7f0000000040)=@IORING_OP_ASYNC_CANCEL={0xe, 0x5, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0x0, {0x0, r5}}, 0x101) r6 = socket$netlink(0x10, 0x3, 0x0) r7 = fcntl$dupfd(r6, 0x0, r6) sendmsg$nl_generic(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) ioctl$MON_IOCG_STATS(r7, 0x80089203, &(0x7f0000000000)) 00:11:37 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x791, 0x1) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000000)={r0, 0xfffffffffffffffb, 0x5, 0x40}) ioctl$MON_IOCX_MFETCH(r1, 0xc0109207, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1, 0xfa}) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r1, 0xc018937d, &(0x7f0000000100)={{0x1, 0x1, 0x18, r1, {0x1ff}}, './file0\x00'}) ioctl$F2FS_IOC_RESIZE_FS(r2, 0x4008f510, &(0x7f0000000140)=0x1) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) [ 1527.872401] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. 00:11:37 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, 0xffffffffffffffff) [ 1527.888319] FAULT_INJECTION: forcing a failure. [ 1527.888319] name failslab, interval 1, probability 0, space 0, times 0 [ 1527.891510] CPU: 0 PID: 17074 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1527.893410] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1527.895661] Call Trace: [ 1527.896379] dump_stack+0x107/0x167 [ 1527.897398] should_fail.cold+0x5/0xa [ 1527.898434] ? create_object.isra.0+0x3a/0xa20 [ 1527.898760] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1527.899680] should_failslab+0x5/0x20 [ 1527.899705] kmem_cache_alloc+0x5b/0x310 [ 1527.899734] create_object.isra.0+0x3a/0xa20 [ 1527.903958] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1527.905353] kmem_cache_alloc_trace+0x151/0x320 [ 1527.906616] ? io_async_queue_proc+0x80/0x80 [ 1527.907808] percpu_ref_init+0xd8/0x3d0 [ 1527.908905] io_rsrc_node_switch_start.part.0+0x6a/0x250 [ 1527.910375] io_uring_setup+0x14f6/0x2980 00:11:37 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000000040), 0x3, 0x7a52470ac0a5474b) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000000c0)={{{@in6=@mcast2, @in6=@ipv4={""/10, ""/2, @multicast2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in6=@private1}}, &(0x7f00000001c0)=0xe8) signalfd4(r0, &(0x7f0000000400)={[0x100000000000]}, 0x8, 0x80000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r4, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r7, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000200)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) fstat(r2, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000040)='./mnt\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0xffffffffffffffff, r9, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x1228800, &(0x7f0000000280)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@fscache}, {@aname={'aname', 0x3d, '/dev/usbmon#\x00'}}, {@version_9p2000}, {@access_uid={'access', 0x3d, r1}}], [{@mask={'mask', 0x3d, '^MAY_READ'}}, {@fowner_lt={'fowner<', r8}}, {@euid_lt={'euid<', r9}}]}}) perf_event_open(&(0x7f0000000380)={0x1, 0x80, 0x7f, 0x7f, 0x8, 0x44, 0x0, 0x3f, 0x80000, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x3, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffff800, 0x0, @perf_config_ext={0x3ff, 0x5c0}, 0x880, 0xfffffffffffeffff, 0x400, 0x0, 0xfff, 0xfffeffff, 0x4, 0x0, 0x7f, 0x0, 0x8}, 0xffffffffffffffff, 0x4, 0xffffffffffffffff, 0x9) [ 1527.911510] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1527.913059] ? wait_for_completion_io+0x270/0x270 [ 1527.914266] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1527.915442] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1527.916599] do_syscall_64+0x33/0x40 [ 1527.917446] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1527.918595] RIP: 0033:0x7f347623eb19 [ 1527.919440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1527.923569] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1527.925285] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1527.926888] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1527.928493] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1527.930103] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1527.931706] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:11:37 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000100)={"b97920ca3c9b5102f92f322876ac0cdb", 0x0, 0x0, {0x7ff, 0x1}, {0x2, 0x6}, 0x5d70, [0x3, 0xe0, 0x7, 0x38000000000000, 0x1000, 0x0, 0x10001, 0x1f, 0xc9d, 0x0, 0x4, 0x9, 0xfffffffffffff801, 0x7, 0x0, 0x8]}) 00:11:37 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x80010, r0, 0x64118000) ioctl$MON_IOCG_STATS(r0, 0x80089203, &(0x7f0000000000)) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) [ 1527.954984] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. [ 1527.962191] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. 00:11:37 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0xffffffff00000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1527.980275] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. [ 1527.987437] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. 00:11:37 executing program 4: write$binfmt_script(0xffffffffffffffff, &(0x7f00000005c0)={'#! ', './file0/file0', [{0x20, 'nl80211\x00'}, {0x20, '\\'}, {0x20, '['}, {0x20, '&'}], 0xa, "9a29f165c76386feefc7d85a36849d1b3872"}, 0x32) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, @perf_bp={&(0x7f0000000640), 0x8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r2, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f00000003c0)) rename(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./file0\x00') r3 = syz_mount_image$nfs(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x1ff, 0x2, &(0x7f0000000300)=[{&(0x7f0000000140)="7c7bf70b8a4f6c1c1cd2bd158bffd039176cc20e54ebdd142dd03ff37da8bbfd5533b49ecf8714bb66e79090c4c11e76c6773c52b3adba45c5ee57eea23739cb9ede95eb8c87233e062bdc195d3cd8281e1bb39e641f1f4c0b7deed4c2f5c15e723e11f49b2a03f05999b8c3d1c24e19e9a342a9f5644546bbb6483cb80a98b940b34343144edd0662aac292fe22fea818c2deb7aae9b3ced4e1d12a54629d1604e02c60996ffbf94f854f", 0xab, 0x8}, {&(0x7f0000000200)="a48d279cb8a20cf40d195af408a6204c76d4458916daac2931c570fee7482b52af40ef8f33bad00de2f14953db6dd0e41734d45b773a32d49f62ab7b7787d362ce33dcf0ecd441556157becfd4e07c3017dd2c7a6c9a98c67825b71b1cafca072c91e50fb4f87345a82a1b9ad13e578fe73bd5f730c80e54ff0d5a9a82547b0dfd69c192f60e71abf55fbe74248adcd56abcc2e9e3bc124c7b931f4bf65657e8145f945c0eeb653172555c5dac95d191746b7b611916e3cfb1358ae9431a457f8247e6f44ba4966feb698e", 0xcb, 0x8}], 0x2100002, &(0x7f0000000340)=ANY=[@ANYBLOB='/*,uidC', @ANYRESDEC=0xee01, @ANYBLOB=',\x00']) getdents64(r3, &(0x7f0000000380)=""/48, 0x30) readlink(&(0x7f0000000600)='./file0/file0\x00', &(0x7f00000006c0)=""/124, 0x7c) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000340)={0x0}, &(0x7f0000000380)=0xc) sendmsg$unix(r4, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r5}}}], 0x20}, 0x0) perf_event_open(&(0x7f0000000740)={0x3, 0x80, 0x5, 0x5, 0x3, 0x8, 0x0, 0x7, 0x8802, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x5, 0x0, @perf_config_ext={0x4, 0x6e3}, 0x1c4, 0x3, 0x52, 0x9, 0x4, 0x2, 0x1, 0x0, 0x0, 0x0, 0x80000000}, r5, 0x10, 0xffffffffffffffff, 0x3) 00:11:37 executing program 2: perf_event_open(&(0x7f0000000440)={0x0, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 1528.016726] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. 00:11:37 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000000)=ANY=[@ANYBLOB="0000000000fc000000000000", @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file0\x00']) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r4, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) ioctl$FIONCLEX(r2, 0x5450) ioctl$MON_IOCT_RING_SIZE(r1, 0x9204, 0x112f7e) 00:11:37 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r3, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r1, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) [ 1528.073955] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1528.076689] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1528.080766] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1528.363566] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.364260] print_req_error: 22 callbacks suppressed [ 1528.364271] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1528.366063] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1528.367248] buffer_io_error: 6 callbacks suppressed [ 1528.367256] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1528.383903] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.384554] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1528.385782] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1528.386962] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1528.391106] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.391736] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1528.392932] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1528.394098] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1528.398177] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.398775] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1528.399951] blk_update_request: I/O error, dev loop4, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1528.401138] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1528.402351] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.402946] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1528.404123] blk_update_request: I/O error, dev loop4, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1528.405307] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1528.406494] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.407110] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1528.408318] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.408942] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1528.410108] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.410754] Buffer I/O error on dev loop4, logical block 2096903, async page read [ 1528.441079] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.441741] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1528.446249] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.446868] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1528.448036] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.449001] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.449953] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.450906] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.451859] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.452820] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.468268] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.468969] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.469923] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.470871] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.471889] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.472847] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.473797] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1528.474740] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 00:11:52 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0xfffffffffffffffe, 0x0) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x20010, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:11:52 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 20) 00:11:52 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:11:52 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000000080), 0x4, 0x274800) ioctl$AUTOFS_IOC_SETTIMEOUT(r0, 0x80049367, &(0x7f0000000140)=0x8) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e21, 0x8, @ipv4={'\x00', '\xff\xff', @multicast2}, 0xea6}, 0x1c) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') 00:11:52 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000000), 0x10001, 0x101080) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r4, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) poll(&(0x7f0000000040)=[{r0, 0x1048}, {r1, 0x241}, {r0, 0x8004}, {r2, 0xc020}], 0x4, 0x400) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:11:52 executing program 2: perf_event_open(&(0x7f0000000440)={0x0, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:11:52 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0xfffffffffffffffe, 0x20000) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:11:52 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1543.403628] FAULT_INJECTION: forcing a failure. [ 1543.403628] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1543.406335] CPU: 0 PID: 17228 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1543.407878] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1543.409759] Call Trace: [ 1543.410353] dump_stack+0x107/0x167 [ 1543.411164] should_fail.cold+0x5/0xa [ 1543.412019] _copy_to_user+0x2e/0x180 [ 1543.412872] io_uring_setup+0x11b5/0x2980 [ 1543.413813] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1543.414946] ? wait_for_completion_io+0x270/0x270 [ 1543.415993] __nla_validate_parse: 3 callbacks suppressed [ 1543.416006] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1543.419092] do_syscall_64+0x33/0x40 [ 1543.419932] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1543.421083] RIP: 0033:0x7f347623eb19 [ 1543.421924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1543.426044] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1543.427743] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1543.429346] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1543.430937] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1543.432529] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1543.434125] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:11:53 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1543.485659] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. 00:11:53 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) r1 = dup2(r0, r0) ioctl$MON_IOCQ_RING_SIZE(r0, 0x9205) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x1011, r1, 0xadac6000) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:11:53 executing program 2: perf_event_open(&(0x7f0000000440)={0x0, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:11:53 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x2080, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r3 = syz_io_uring_setup(0x1433, &(0x7f0000000080)={0x0, 0x7fb1}, &(0x7f00000a0000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f00000011c0)) io_uring_register$IORING_REGISTER_BUFFERS(r3, 0xf, 0x0, 0x0) io_uring_enter(r3, 0x79f7, 0xbf6a, 0x3, &(0x7f00000002c0)={[0x9]}, 0x8) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r4, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r0, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0x5}}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_FAIL(r0, 0xc0189377, &(0x7f0000000100)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5, 0xc100}}, './file0\x00'}) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DISCONNECT(r5, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x60, r2, 0x300, 0x70bd2c, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r6}, @val={0xc, 0x99, {0x114, 0x4e}}}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x3e}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x3}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x20}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x4}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x26}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x11}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x30}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000080}, 0x20004814) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r9, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r7) r10 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x4, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r10, 0x0) ioctl$MON_IOCT_RING_SIZE(r10, 0x9204, 0x2a6b4) [ 1543.581567] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1543.597630] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1543.630311] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1543.652550] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1543.899415] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1543.900710] print_req_error: 38 callbacks suppressed [ 1543.900731] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1543.904346] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1543.904393] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1543.906825] buffer_io_error: 14 callbacks suppressed [ 1543.906838] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1543.908028] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1543.913263] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1543.913534] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1543.915664] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1543.918999] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1543.921381] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1543.921437] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1543.923776] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1543.924976] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1543.929026] blk_update_request: I/O error, dev loop4, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1543.929155] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1543.931452] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1543.932638] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1543.937089] blk_update_request: I/O error, dev loop4, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1543.937152] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1543.939483] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1543.940771] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1543.942423] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1543.943931] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1543.945404] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1543.948216] Buffer I/O error on dev loop4, logical block 2096903, async page read [ 1544.230454] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. 00:12:08 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 21) 00:12:08 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0xfffffffffffffff8) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:12:08 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:12:08 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:12:08 executing program 5: ioctl$BTRFS_IOC_SUBVOL_CREATE(0xffffffffffffffff, 0x5000940e, &(0x7f0000000100)={{}, "82e3cbd65eb9c40a07da3ab34209018b402693447ee8496551ac07c4fa6646066d154b4076211f2a93442fc4298ad35a575583b7e6a8512e75539fd020fd876d120be14d944ee0eebaf4292d0bdf8902e6724ec57e1b8bc29bf9cca8bcf9bb5251072fbdeab93b7fc6497652ac0672e7da55b556a29dff1ac79ff84f644adf5b5bd77ce9a22e8dd3bad4bd252c06f4ec144f07efe97b289d76690758da11383bad1396ecfc457d59ec828724239ce1ccee4d6ba168d05c63fe77d75d5d3c63407c62557f66a9117550086f77e360124afe2dc1b4a9960478cc9d8c35f7df30c37083b5664b8c3c10b0dd7857dfb74e7e14e4ab98691b26b7c413bcf1edc63b79d4dcb23770a5ebd89cd4417e21839d5f1c9f5c741119c0bbf7fb828ba424117682121864fbebd8b2d1bc0d741b8aee1a62ea0cec03bbfd349bd858ceeb1526a29b4f5b1aba7ada8de08486515d5ba9a84951cd8f7505de97f49849cdec877c1ef16c1551f145b5638cbcf1bc914c49d9a75edc63ecaca4527a6f45c6ba47e82cc50cf13c46f42a4ba9fffba200411db996fcbb639a2a3a7b2477ab99f6de9a7d888e557bd46269a75740c771e0e818039d233f8147ee70ab60f950b5541cc669251882d90c38d3d8e3440404c545cfc31c57f2d22f2e8bd5cda982b15c43259a1b84fb3a6df9ede69004ed84ef30e15b1f253fe4664d0c7b16909a116b43a141ab3f429a613c7f08f115c1b117606cd41d73340c2816d3369b00aea9307413b204d79b6270af73ddf55082eaca29f50bac46037c9925d09b3a176a381357a5a2632784695e83b93c433eefe4088cf26565be841e397beef4ca73b8a906dfab2c8c15272b483a10e6722f4c8cd6ee13bd4584b194393baa06109480eb23d852b6eef29f53840cd73796aa336e518ea13f8248c4d8e598239f9f48cf1b9f87af2fc4784950b27a19f46f4ea5b7797fe081efd653d396602404a123e8846a9c3a6a0acde0293b826d37f4d74bfdbbc603a1beda6e24770c529a77dc94694ea5a02a9a99409401bc0145a98acfaeb750303ae92374e5b696976450975cc895286b8f6fb6113c2ae4a6f8fd9db4bead4c108f8e17e1ab6abda07d7fc8721eee7ba0e93672f39ab63a8c243f0b77920a43bf12dfc68c44f97527407a81867acafaec658e62ad4f09d6368178b26e49ef62d6b9860fc0ee85853b7e50002fdcaa4406c74218f5f4c324548ac90cf1da2ca33fc8cbe989394509f607e1f4baf0b0e86495cf5de9ac8012ee7cc21d089b7611f2b4a1fbdfa30f81407310ee781f8377303c8fdd637e53bf25032426992d764930f9819207bf5691120e8cb91b923ef69ed1ed052745184bc3b1c092df7ad0b475e2c9e730cdd6dfd4e8a63a9d0644a3f3c9adaf17b519a258fb99737e94aa6c5e362756fcdabe3b3726bd5523c58d52ceb8c83e9e4947203eeea517093db0ae2b09b2af37592a9a8f07f14e5209da73b536a710f0eee33e9684c184cc3863be3fbd40294422c9411059cec1bcd3d530dddb96db01fa3ee75cb745680575aaac560c8bce47139c15514c1112c3da8d90a382f9c8a9212b048d2c9312b2473c1719233a77241e0b965bf08a77b6214f3f5544a0674cf9e8b8e7eb5864df8519a6f411dcd3da82d250ad28932c551cf31bb356dc26653e26c8be84b1ffd380ab76dd96fa13fb9cfa41b4f077ddcf9f0c2275bd0ea9be50f96677843dd946f28052b3e3569e996081c352d345417d0352226b64d5683bb4d9ae166b92d9a8ee94e5e375127188fc4d3c42f743698f1e1c599c23af70a7af55d72fa775630c9c456ed4bd8f1c1235a96c24df128d9b74daeb1836d693d872dc98d184df3d4b0ecfdd147311163568fa36d80e6055ed1bdd04e9da5680bd46deca87bae39d707424066ac6fe0bc0b790d64bac4ea2309b9d163bc6c29c0a71f7430e4fe9c6d071269e203299da7414dfcb810df40630a1c3dd0150952d12db5997ba9bfb0209c0640e52350a2cac466f10f9626cdedeaa80060b83738922e45908d225da0276457ec9d53a659c15eac462470f85e1dc7ec5b23d20aff008bfc14ecc7dfc69b7fb434ceb41a797e3035aef6d5879f8c9f7dbe5e882413f4b1a726f4014f14ddcf41444d70d5fb40b4a361a21265a0bf82b66c522725275efdbbc7240661ddd9605674d521db5b630fd4068e5bc6191f54b93e340c2c2b6622b816d1ee571f2076c284fcde21d0761af52b18078bf7c4390b1c3a7c22328cb4f0a53327281deea97883b3b1031535b7b8116f1440f0762fec6f2bf33059d5408d7cec5f0c458dfe14ac820ee75f9f6340c874b009e3ccfaae4dcd4c8438ac95752764f4391c13e945f039a4179da4fdb1c69f0885db8d6dff142eae8100b26ea2dcbc73eca72548956d6129751ba9dbffaab54e3389edc04d6224bce030ebe40ef518eda2137291996ded57797d40e13551c3f57f5b28a063b98908ca8f391cbbb41dbc5bd587de39dcff6c4551bc21d6b2097d341476ad00fc89bb333c5f33213f49fd2262d8ba4a2435c1d864e11ea1d7062b743ec7ca228dd0a61c773072963b7ec2295a883759e46c696605c17e3efd3416326eff55a8e94b4a24a59bb3b5d691c1352676bd7759538b933ab25188c4c4a76db10fc06f1245fea80d802b152b1be67a71ca4a76c9aaf4e4f18d3fe75fcadd77e60ccbacc63fef6814e6cd2ccdd0c2a3dea4a9f88f94fe5de78f2c38e2b84af997edd1c9848ddf1c236212ea6a323d425cd2cfae55c08e9f3d1c3b7c1787716e1fb0ef29f919dd5335c2c950308fa3eaa080f03a2f755e5a977239e0c715e83e151d8edf6972e6ba5aaaf68aa0fb83a5aff73ef158dcd9bb9543900dcb5a448a49b02feeaa953694e78001b253d4571d6b88ce999e402005048b0b7945a0324b402ac5156df630b0d8e0dd339e9ee5e20fbe8c0ee141eb2f8aa766119d110651b5f9f5f5a86c807d6ac768a522fe832b103e40a9f65a1135756a4f1557e90761e4b93d19d98088b2e2387e18accb2685371166354434215a0b1d54219376e20f89d68378bac5c7205b143546b93e11fc986ccf5099a451cfee2fdbe834d56cba7807afc622fbb730ea9c7fc16c09d068e83166558d3580f441eb1a24598e833db88ccf3eda48f0e8648d99b8587693b6ec1dd58babf7f12ce2a90381c4e09997a79b3f4df76bf986f72cf75145bb4f04520e637f091d8a846f585cbd29b9815f330df6432ff76dea6e03f67cba3f46ebbf92459d4fd40a424eb37fac77a217e0fb3bc630ce5b3060f0e899f092335245cde1b422f2c57fbdf1ca163f07841e411ab0224587fa0c7a68a7632a3f597cdbe99423c2e514b1e2399c9e1abea032a7a1bd3f3d23a19d4d94b88b8e6f551b6a4aaef3514f9b58eda400da452ed83f655d0143f415fa40989a8db39fa065a03c87b12067d5143bdce1d943228adf6080fbee05a89bd3d8f76b91d5b27a061a8331258f0929ae9ef1f34c15448613679178a8a078ab7bdd9e746cf045404ff8f4f7f30388d9df3df2659464f98335ee89c3b7baabbb9b601613bfc5d1629794683c5183ced2f5c9e1061365da1980b4e6e233c7e80ce829bde67242b6ff56fbee31f2bc5c13be96aaf6a9701e043bad56ac9ebc4ea72d2740050803a03c2b8cb861fb65e5a61ca5d7d32ac951068a7177634cb12da5e97fca58e844c73a8b39be3849b17b1261a591bdf8b52e8473d3b69c1972de682ba9a9723b5ef1ff05bd9e207046dd8d53a6a1d89021c13ea1906b951fb46157804c21ce813468d404ba4f23d9003535f119db30009f40a0a6c766367da6d8d46591a6945a7e76210dfa80bf3c97fc02bd195e51bab73dab7177ff3c7e3f5889a251712a6154c20fbc989eb2deedf4bcccd5e8abd89e93cc224f72cb8b6bbe5ea0ff8906aaeb2e27953286e6831844400d6b4e35ef980aa6cf520c7fdc27a6ba9a26a47d85d4d1e3f9e99d285899452d8ddc6b9900a69c357294a46af12186a51496fb289061d88497f29964721a6846a85a09e91899d890c5b33443a1396d519f939cf4da8c0f1c558ed385c6cbca3b206def22a5a56e80bbda6cbc3e9cd172805c1395b4756f5dcb6f8348e1a6c2a2727df86cf1d7c69406f6b8d9f6a10528cdb4a78a7290c40480f75e4d5942b736c73e3dfbe4b03bfce255d50f461e882f426b7282933adeaa1d82a0fa6a409bed8657cb3332752d1653b5ac4dee79bb9daffaae06ed392682b6ebc2ae3fdf8ef3d280058204a6839a4f21e5aff6d2f3ef0d6560665f783ef97c6ec723fbe340c28a8de15259cd65fd98162e74ec3bb4282904d6e01ba21200c14293220ed54155498c29e092ca6ae54b8b5235c8c134c0fb1c50d89945e6ec2e779ca76e7a0b65d3070c9f8d99e51e6311b6411f2dc5f3b6be6db9bef9fc70252def95c7600c531b80a9b06aa4a59fc13c71074dbec8a264ee5451656c94c57c9a0c5f688ab080192b42bd15c279ab0b221c2205205defc9b2830060a203e220bf58b43fec4711de9597d253d3974e76085aaafe86e8a0b691872630abeac726909e1eb0c130f9c4e4297b37b1bf428dd41eca7d38b8b7973fc9f682346432d3f1e61c84bc071f4441d34e38ae67c8232280d262a1271f30044e86c67d8a98549e45cea02c08f4f8e8957105a018e5b0d29544dad4c7a65421223bd0dffe73e828d56b0cd83e6141775681a7494d9378b08f0161676ee3b6cab68b4564da278dea4e3123cd8e0196e3c839672d12192b914318032cd8bc556c1da78aabb18a40f9f83969637dd36ef4f44d51b9a0bbd221adcbbd7e1aa689cffe2f954c989f895e54c99092dc568ed07754f801a2176a21050d80ff2fc5270443e32efe47019d94869e3c6d76f639d3ab9b9a4932d995550309edad3de6b56b9a626e62effccd498e2176c8c2190e95b43ccbaf2ca691835cccbb8243b145d889dde0a71f8aa2112cf0613fdb2b359f9cbbde48c87b399ccbdcbd99e4c4d3fbdc55defcb2f8bf816fda1519d7fe4d7df03336f26a6cee299d9bdd384b5b607b6b38abd44a367861dcff9576c24dfe2f6464a10de642399466b3d4c875ee6bff8e33badddc048f3b6ebed0f05b3173bc5cbb31d8ff1949738a350427ac9b77075a17a1a6168e77f2c54efb53ef534a46be7774e09959a07f6ee4751d8b96d835e50fff73ca620e6553ac90fec36432a3b090f9f021e42aeb942d9ad553d772efa900aaeeedd08ef6d873779c54f2dc23a3d18d040cba2353e5a5bc02612db4979d6a8596c967f784eada69f9f059675f2c05170402a1394e50cbd04f6b26f762e729a96074a940ade2c5476c125cdc98859f905a421aacce332220cf2f94edb8900d5de22af93a82410bb904bbb36a7bce3029764b38f11a3c6e510dca9e8fd4a430df21c9810d7c484e6d1e22103f89e692ea6b26c81a872c4a284e3e598dc825e6991540ca441fa0fb7fdbe7ca304f3dc6e21295ff27001dc160080f8b45c2331328bc6143a79f323a611d1ca5741c785fc7ca9bd7511d47a013b2fa43846c729f476364817275ea7bccb38edd1e3eb79c593d1733128d66b503ffe27a3ee93f05f5d427bfde692cb7eb28e6fabb3b19102dbcf81971c20eeb904058ba5ee9cb2e8d3e9e5da42b9d4f0929e5c012a8e4ff1436529b999540a84884908a19658eb141af938c0f9e07f16ebca5f9f76eb7ef2b4b77deda45ab63c467313961208bb48dd76bdfaf335c7f9f97b5697889443a5690bbc05e3d9"}) r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:12:08 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x303) ioctl$MON_IOCX_GET(r0, 0x40189206, &(0x7f0000000080)={&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000040)=""/18, 0xfffffffffffffeb3}) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) r1 = dup(r0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000002, 0x10, r1, 0x1) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000100)={{0x1, 0x1, 0x18, r0, {0xee01, 0xee01}}, './file0\x00'}) ioctl$MON_IOCX_GETX(r2, 0x4018920a, &(0x7f0000000240)={&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000180)=""/185, 0xb9}) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) openat(0xffffffffffffffff, &(0x7f0000000500)='./file0/../file0\x00', 0x20000, 0x80) sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r5, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='map_files\x00') getdents64(r6, &(0x7f00000007c0)=""/180, 0x200007d8) getdents64(r6, 0x0, 0x0) r7 = syz_genetlink_get_family_id$ipvs(0x0, r6) sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000400)=ANY=[@ANYRESOCT, @ANYRES16=r7, @ANYBLOB="2dcadbce1e98ace8da0b4dfec1f216461337bcd377ae8319be7dd63193f293a9864d5901d97776f5aea393a769f386f38fdcf7b5cae7ca2d1efcf542964995b5ec193128d1578333cb4d78d81441041bc4cbc14e5e8a001ccada686954329b7ec11f6967b95ff93274f1fdec7205b0f379bca9e23c137f904794ddacb808b5844bf86ac331e67c3bd6c1036702a1e873350d52d3a48437a0a395d0f1c34f6a71aedc6a2fb40409d04523d5a010cda5"], 0x100}, 0x1, 0x0, 0x0, 0x4044084}, 0x0) sendmsg$IPVS_CMD_GET_CONFIG(r3, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000003c0)={&(0x7f00000002c0)={0xcc, r7, 0x4, 0x70bd26, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xfff}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xfffffc00}, @IPVS_CMD_ATTR_DEST={0x24, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e24}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0xfd}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e22}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x10001}]}, @IPVS_CMD_ATTR_SERVICE={0x18, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@broadcast}]}, @IPVS_CMD_ATTR_SERVICE={0x44, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e23}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@loopback}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x38, 0x8}}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}]}, @IPVS_CMD_ATTR_SERVICE={0x28, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0xa, 0x6, 'lblcr\x00'}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x3}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x8}]}]}, 0xcc}, 0x1, 0x0, 0x0, 0x8010}, 0x4c0b1) 00:12:08 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:12:08 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}}, 0x0, 0x4000000000000, 0xffffffffffffffff, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000340)={0x0}, &(0x7f0000000380)=0xc) sendmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r3}}}], 0x20}, 0x0) perf_event_open(&(0x7f0000000500)={0x4, 0x80, 0xf8, 0xd9, 0x0, 0x40, 0x0, 0x1, 0x20, 0x3, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x34, 0x4, @perf_bp={&(0x7f0000000300)}, 0x0, 0x401, 0x2, 0x4, 0xfffffffffffff222, 0x9, 0x8, 0x0, 0x6, 0x0, 0x8001}, r3, 0x4, r0, 0x8) perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0x2, 0x0, 0x7b, 0x20, 0x0, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x19, 0x4, @perf_config_ext={0x7, 0xb7c3}, 0xc400, 0x7, 0x4, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x7dc3, 0x0, 0x7}, 0xffffffffffffffff, 0xe, 0xffffffffffffffff, 0x9) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0/../file0\x00', 0x200000, 0x40) mount(&(0x7f00000006c0)=@sg0, &(0x7f0000000700)='./file0\x00', &(0x7f0000000740)='nfs\x00', 0x2000a, &(0x7f0000000780)='fowner') r4 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/attr/current\x00', 0x2, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r1, {0x2}}, './file0/../file0\x00'}) dup3(r4, r5, 0x0) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') r6 = syz_mount_image$nfs4(&(0x7f0000000200), &(0x7f0000000240)='./file0/../file0\x00', 0x8, 0x5, &(0x7f0000000580)=[{&(0x7f0000000280)="074f83e08a63d1003c2cea040da7f1398a32740e7bd0595c8c4ff66490f9621d5c22c047f50bcad404bc9af5271cf0d771aff8183ed587771de51c5d61c88d790531c6453b7a610bb40f6d27c21c37", 0x4f, 0x8}, {&(0x7f00000004c0)="bcf72a03f032906c91aa000000000000000000000000000000000085", 0x1c, 0x8}, {&(0x7f0000000340)="05abf70d0a0487052d078001805fd2d839aea887104b41da18c8dd664ca010d416b472859ee7c86e3106008bb9ab0b04445d5a706a8b3961061f61c21ffb1d80674b949f64e262a40837875925500493780c32ca", 0x54, 0x89}, {&(0x7f00000003c0)="73f16edb6b1fd4e00be13d516445c3524971a04e7d350cb6f2fcf9b4f3172723c05714ee619c17846ee76795973ffa77824d1e9656fd15023225808e4d1e9178af2593698a2b3032302c4f98753f6d85ee448b60ae85cf73acb3300809753e7069a8de8a7cdc67580c1080cd03e992f4bee9b76053ef7d4b8215a953dd60ec5e3577f8c1f78967b4244e1c138c24fc6de6b579ca8fe87f64b255d7c6d9a8f998f1b2c4fad428f3f9e80c6932022bc805bebbab994136af2def01ee240a95f7c274848a4b0cc9b7bc713d06a90350174bb5a693038d0440d6b694f8", 0xdb}, {&(0x7f00000007c0)="be104a14eaf0bedc651665bcedc606d3505c639c835ca14faad9aa004d823ca2322a655ec6ccf903dc112a74ebb6ac72829a009a87d5b6a6194da88e92e2e3626f885221fb92821c5908eb0cb4e48ed74c99b51423549a6caa0f41697830880cd7d53fef2776c197d7f6a8ac5060656c1215eb88b4f2b540eb7db96cbd211f39eb", 0x81}], 0x111a42d, &(0x7f0000000600)={[{}, {}, {'/proc/self/attr/current\x00'}], [{@fsuuid={'fsuuid', 0x3d, {[0x39, 0x66, 0x32, 0x39, 0x32, 0x65, 0x36, 0x66], 0x2d, [0x38, 0x64, 0x30, 0x37], 0x2d, [0x61, 0x34, 0x38, 0x33], 0x2d, [0x64, 0x36, 0xa, 0x33], 0x2d, [0x2, 0x33, 0x30, 0x30, 0x17, 0x33, 0x64, 0x65]}}}, {@fowner_eq}, {@permit_directio}]}) openat(r6, &(0x7f0000000680)='./file0\x00', 0x800, 0x10) [ 1558.690444] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. [ 1558.738130] FAULT_INJECTION: forcing a failure. [ 1558.738130] name failslab, interval 1, probability 0, space 0, times 0 [ 1558.739594] CPU: 1 PID: 17376 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1558.740450] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1558.741476] Call Trace: [ 1558.741817] dump_stack+0x107/0x167 [ 1558.742275] should_fail.cold+0x5/0xa [ 1558.742748] ? __d_alloc+0x2a/0x990 [ 1558.743207] should_failslab+0x5/0x20 [ 1558.743686] kmem_cache_alloc+0x5b/0x310 [ 1558.744199] __d_alloc+0x2a/0x990 [ 1558.744631] ? find_held_lock+0x2c/0x110 [ 1558.745144] d_alloc_pseudo+0x19/0x70 [ 1558.745627] alloc_file_pseudo+0xce/0x250 [ 1558.746155] ? trace_hardirqs_on+0x5b/0x180 [ 1558.746697] ? alloc_file+0x5a0/0x5a0 [ 1558.747179] anon_inode_getfile+0xc8/0x1f0 [ 1558.747724] io_uring_setup+0x138b/0x2980 [ 1558.748254] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1558.748889] ? wait_for_completion_io+0x270/0x270 [ 1558.749499] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1558.750157] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1558.750819] do_syscall_64+0x33/0x40 [ 1558.751284] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1558.751925] RIP: 0033:0x7f347623eb19 [ 1558.752392] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1558.754694] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1558.755648] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1558.756545] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1558.757436] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1558.758330] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1558.759230] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:12:08 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:12:08 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) r1 = syz_open_dev$vcsn(&(0x7f0000000000), 0x4, 0x424001) ioctl$MON_IOCG_STATS(r1, 0x80089203, &(0x7f0000000040)) 00:12:08 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r5, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) sendmsg$NL80211_CMD_NEW_STATION(r3, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x7c, r1, 0xd8c7c5a5642b92cf, 0x70bd28, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_STA_SUPPORTED_CHANNELS={0xc, 0xbd, [0x113f, 0xc54, 0x3ff, 0x6]}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x7}, @NL80211_ATTR_VLAN_ID={0x6, 0x11a, 0x2}, @NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0x2}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x2}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0xde1}, @NL80211_ATTR_STA_SUPPORTED_CHANNELS={0x8, 0xbd, [0x8, 0x89]}, @NL80211_ATTR_MESH_PEER_AID={0x6, 0xed, 0x49c}, @NL80211_ATTR_STA_FLAGS={0x1c, 0x11, 0x0, 0x1, [@NL80211_STA_FLAG_AUTHORIZED={0x4}, @NL80211_STA_FLAG_AUTHENTICATED={0x4}, @NL80211_STA_FLAG_TDLS_PEER={0x4}, @NL80211_STA_FLAG_AUTHORIZED={0x4}, @NL80211_STA_FLAG_WME={0x4}, @NL80211_STA_FLAG_ASSOCIATED={0x4}]}, @NL80211_ATTR_STA_SUPPORTED_CHANNELS={0x6, 0xbd, [0x9]}]}, 0x7c}, 0x1, 0x0, 0x0, 0x8000}, 0x20000000) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r2, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0xf501, 0x0) pivot_root(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/../file0\x00') 00:12:08 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x300}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1558.796109] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. 00:12:08 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 22) 00:12:08 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) r3 = getegid() setgid(0xee01) stat(&(0x7f0000000040)='./mnt\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0xffffffffffffffff, r4, 0x0) stat(&(0x7f0000000040)='./mnt\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0xffffffffffffffff, r5, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x800, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@access_client}, {@dfltuid}, {@posixacl}, {@access_client}, {@aname={'aname', 0x3d, '/dev/usbmon#\x00'}}, {@posixacl}, {@dfltgid={'dfltgid', 0x3d, r3}}, {@access_client}, {@access_uid={'access', 0x3d, r4}}, {@access_uid={'access', 0x3d, r5}}], [{@func={'func', 0x3d, 'FIRMWARE_CHECK'}}, {@measure}, {@appraise_type}, {@uid_lt={'uid<', 0xee01}}]}}) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) setxattr$trusted_overlay_redirect(&(0x7f0000000300)='./mnt\x00', &(0x7f0000000340), &(0x7f0000000380)='./file0\x00', 0x8, 0x2) [ 1558.890358] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1558.900812] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. 00:12:08 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) [ 1558.917818] FAULT_INJECTION: forcing a failure. [ 1558.917818] name failslab, interval 1, probability 0, space 0, times 0 [ 1558.919167] CPU: 1 PID: 17393 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1558.919956] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1558.920909] Call Trace: [ 1558.921215] dump_stack+0x107/0x167 [ 1558.921641] should_fail.cold+0x5/0xa [ 1558.922076] ? create_object.isra.0+0x3a/0xa20 [ 1558.922600] should_failslab+0x5/0x20 [ 1558.923030] kmem_cache_alloc+0x5b/0x310 [ 1558.923496] create_object.isra.0+0x3a/0xa20 [ 1558.923988] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1558.924563] kmem_cache_alloc+0x159/0x310 [ 1558.925038] __d_alloc+0x2a/0x990 [ 1558.925437] ? find_held_lock+0x2c/0x110 [ 1558.925911] d_alloc_pseudo+0x19/0x70 [ 1558.926343] alloc_file_pseudo+0xce/0x250 [ 1558.926808] ? trace_hardirqs_on+0x5b/0x180 [ 1558.927293] ? alloc_file+0x5a0/0x5a0 [ 1558.927738] anon_inode_getfile+0xc8/0x1f0 [ 1558.928246] io_uring_setup+0x138b/0x2980 [ 1558.928727] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1558.929301] ? wait_for_completion_io+0x270/0x270 [ 1558.929867] do_syscall_64+0x33/0x40 [ 1558.930293] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1558.930872] RIP: 0033:0x7f347623eb19 [ 1558.931301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1558.933402] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1558.934292] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1558.935108] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1558.935928] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1558.936738] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1558.937550] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:12:08 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:12:08 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0x3, 0x44b01) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:12:08 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1558.953746] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1558.954623] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. 00:12:08 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r2, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) clock_gettime(0x0, &(0x7f0000000040)={0x0, 0x0}) ppoll(&(0x7f0000000000)=[{r0, 0x1000}], 0x1, &(0x7f0000000080)={r3, r4+10000000}, &(0x7f0000000100)={[0x73fb]}, 0x8) r5 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r9, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f00000006c0)={0x6e0, r6, 0x1, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_TX_RATES={0x340, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x14, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0xd, 0x1, [0xb, 0xc, 0x48, 0x1b, 0xb, 0x6, 0x1, 0x6, 0x18]}]}, @NL80211_BAND_6GHZ={0xe8, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x2c, 0x2, [{0x1, 0x4}, {0x3, 0x4}, {0x3, 0x6}, {0x7}, {0x0, 0x9}, {0x1, 0x8}, {0x5, 0x1}, {0x4, 0x4}, {0x0, 0x3}, {0x4}, {0x5, 0x3}, {0x0, 0xa}, {0x1, 0x2}, {0x5, 0xa}, {0x5}, {0x1, 0x2}, {0x7, 0x5}, {0x4, 0x1}, {0x7, 0x4}, {0x7, 0x5}, {0x2, 0x6}, {}, {0x1, 0x3}, {0x7, 0x9}, {0x1, 0x1a}, {0x6, 0x4}, {0x2, 0x9}, {0x4, 0x2}, {0x1, 0x3}, {0x1, 0x6}, {}, {0x1, 0x3}, {0x5, 0x7}, {0x4, 0x8}, {0x1, 0x9}, {0x3, 0x9}, {0x5, 0x3}, {0x2, 0x5}, {0x1, 0x8}, {0x7, 0x7}]}, @NL80211_TXRATE_LEGACY={0xd, 0x1, [0x36, 0x18, 0x1, 0x1, 0x30, 0x6, 0x1, 0x2, 0x12]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HT={0x2f, 0x2, [{0x3, 0x9}, {0x1, 0x4}, {0x5, 0x9}, {0x7}, {0x7, 0x8}, {0x1, 0x6}, {0x7, 0x7}, {0x3, 0x8}, {0x7, 0x2}, {0x0, 0x1}, {0x2, 0x9}, {0x3, 0x5}, {0x3, 0x7}, {0x5}, {0x6, 0x8}, {0x7}, {0x6, 0x9}, {0x1, 0x5}, {0x7, 0x3}, {0x1, 0x3}, {0x0, 0x3}, {0x2, 0x1}, {0x2, 0x3}, {0x2, 0x7}, {0x0, 0x3}, {0x0, 0x3}, {0x4, 0x2}, {0x7, 0x3}, {0x3, 0x3}, {0x2, 0x3}, {0x6, 0x7}, {0x0, 0x1}, {}, {}, {0x6, 0x2}, {0x0, 0x8}, {0x5, 0xa}, {0x7, 0x1}, {0x7, 0x7}, {0x0, 0x8}, {0x3, 0x6}, {0x1, 0x1}, {0x2, 0x5}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x6ef2, 0xfff8, 0x80, 0xfe11, 0x3, 0x0, 0x313c, 0xfffd]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HT={0x3d, 0x2, [{0x5, 0x2}, {0x7, 0x6}, {0x3, 0xa}, {0x0, 0x7}, {0x4, 0x8}, {0x7, 0x9}, {0x6, 0x5}, {0x1, 0x4}, {0x0, 0x3}, {0x4}, {0x6, 0x4}, {0x4, 0x5}, {0x5, 0x7}, {0x5}, {0x1}, {0x0, 0x5}, {0x5, 0x6}, {0x0, 0x7}, {0x0, 0x6}, {0x4, 0x4}, {0x0, 0x6}, {0x5, 0x8}, {0x2, 0x7}, {0x2, 0xa}, {0x1, 0x8}, {0x6, 0x9}, {0x2, 0x5}, {0x6, 0x2}, {0x5, 0x7}, {0x0, 0x2}, {0x3, 0x6}, {0x0, 0x9}, {0x6, 0x2}, {0x4, 0x7}, {0x6, 0xa}, {0x0, 0x4}, {0x3, 0x3}, {0x6, 0x1}, {0x6, 0x1}, {0x1, 0x2}, {0x2}, {0x7, 0xa}, {0x7, 0x1}, {0x2, 0x8}, {0x0, 0x8}, {0x4, 0x8}, {0x0, 0x5}, {0x4, 0x3}, {0x7, 0x7}, {0x2, 0x2}, {0x6, 0x9}, {0x1, 0x9}, {0x7, 0x4}, {0x3, 0x6}, {0x0, 0x9}, {0x5, 0x6}, {0x3, 0x8}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xbdc, 0x2, 0x6, 0x1, 0xfffa, 0x5, 0x401, 0x5]}}]}, @NL80211_BAND_5GHZ={0x50, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x7, 0x1, [0x24, 0xc, 0x12]}, @NL80211_TXRATE_HT={0x42, 0x2, [{0x4, 0x3}, {0x6, 0x3}, {0x6, 0x5}, {0x3, 0x2}, {0x7, 0x9}, {0x1, 0x1}, {0x4, 0x4}, {0x1, 0x4}, {0x1, 0x1}, {0x6, 0x2}, {0x6, 0x1}, {0x1, 0x4}, {0x4, 0x4}, {0x5, 0x2}, {0x7, 0x5}, {0x6, 0xa}, {0x7, 0x4}, {0x3}, {0x2, 0x6}, {0x1, 0x9}, {0x0, 0x8}, {0x2, 0xa}, {0x0, 0x9}, {0x0, 0x9}, {0x2, 0x4}, {0x1, 0x2}, {0x6}, {0x5, 0x2}, {0x4, 0x7}, {0x7, 0x8}, {0x1, 0x5}, {0x0, 0x2}, {0x2, 0x9}, {0x7, 0x1}, {0x3, 0x3}, {0x7, 0x1}, {0x4}, {0x2, 0x8}, {0x3, 0x1}, {0x6}, {0x5, 0x9}, {0x1, 0x4}, {0x7, 0x6}, {0x1, 0x1}, {0x2, 0x5}, {0x4, 0x4}, {0x7, 0x2}, {0x4, 0x4}, {0x5, 0x6}, {0x6, 0x8}, {0x6, 0xa}, {0x5, 0x1}, {0x5, 0x4}, {0x5, 0xa}, {0x5, 0x1}, {0x6, 0xa}, {0x7, 0xa}, {0x3, 0x2}, {0x7, 0x8}, {0x0, 0x1}, {0x1, 0x2}, {0x1}]}]}, @NL80211_BAND_5GHZ={0x118, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x4d, 0x2, [{0x2, 0x9}, {0x6}, {0x1, 0x4}, {0x0, 0x5}, {0x6, 0x2}, {0x3, 0xa}, {0x7, 0x4}, {0x0, 0x2}, {}, {0x5, 0x3}, {0x1, 0x8}, {0x7, 0x5}, {0x6, 0x4}, {}, {0x5, 0x8}, {0x2, 0x9}, {0x2}, {0x0, 0x5}, {0x7, 0x3}, {0x5}, {0x5}, {0x6, 0x6}, {0x6, 0xa}, {0x6, 0x2}, {0x0, 0x6}, {0x7, 0xa}, {0x2, 0x7}, {0x1, 0x8}, {0x4, 0x5}, {0x1, 0x2}, {0x7, 0x1}, {0x7, 0x3}, {0x7, 0x5}, {0x2, 0x4}, {0x7, 0x7}, {0x1, 0x8}, {0x7, 0x5}, {0x5, 0x7}, {0x6, 0xb}, {0x2, 0x2}, {0x1, 0xa}, {0x5, 0x4}, {0x3, 0x8}, {0x2, 0x9}, {0x2, 0x9}, {0x3, 0x7}, {0x6, 0x7}, {0x4, 0x4}, {0x4, 0x2}, {0x0, 0x4}, {0x0, 0x3}, {0x6, 0x1}, {0x7, 0x7}, {0x7, 0x8}, {0x5, 0x5}, {0x5, 0x2}, {0x0, 0x3}, {0x4, 0x8}, {0x7, 0x1}, {0x1, 0x4}, {0x3, 0x2}, {0x5, 0x4}, {0x2, 0x9}, {0x3, 0x7}, {0x6, 0x11}, {0x2, 0x5}, {0x0, 0x2}, {0x6}, {0x0, 0x5}, {0x5, 0x3}, {}, {0x7, 0x3}, {0x7, 0x3}]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HT={0x33, 0x2, [{0x2, 0x7}, {0x7, 0x3}, {0x5, 0x6}, {0x3, 0x5}, {0x4, 0x7}, {0x2, 0xa}, {0x1, 0x9}, {0x3, 0x6}, {0x7, 0x4}, {0x6, 0x5}, {0x6, 0x6}, {0x2, 0xa}, {0x4, 0x9}, {0x2, 0xa}, {0x6, 0x7}, {0x7, 0x4}, {0x1, 0xa}, {0x1, 0x9}, {0x3, 0x2}, {0x3, 0x3}, {}, {0x2, 0xa}, {0x1, 0x5}, {0x0, 0x9}, {0x6, 0x9}, {0x4}, {0x5, 0x4}, {0x2, 0x6}, {0x3, 0x2}, {0x4, 0x9}, {0x3, 0x8}, {0x6, 0x2}, {0x4, 0x8}, {0x6, 0x3}, {0x2, 0x6}, {0x0, 0x2}, {0x6, 0x6}, {0x3, 0x5}, {0x2, 0x4}, {0x4, 0x6}, {0x5, 0x5}, {0x0, 0x6}, {0x6, 0x8}, {0x0, 0x1}, {0x5, 0x8}, {0x3, 0x3}, {0x7, 0x7}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x6, 0x1, 0x3f, 0x80, 0x8e74, 0x8001, 0x36]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7f, 0x20, 0x0, 0xffff, 0xb9, 0xc6, 0x4, 0x3848]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0x4, 0x80, 0x1, 0x80, 0x5ea, 0x6, 0x20]}}, @NL80211_TXRATE_HT={0x41, 0x2, [{0x1, 0x9}, {0x2, 0x3}, {0x7, 0x2}, {0x0, 0x7}, {0x2, 0x7}, {0x5, 0x4}, {0x7, 0x3}, {0x1, 0xa}, {0x4, 0x1}, {0x1, 0x7}, {0x3, 0x3}, {0x6, 0x8}, {0x5, 0x4}, {0x2}, {}, {0x3, 0x6}, {0x7, 0x8}, {0x1, 0x7}, {0x4, 0x7}, {0x0, 0x3}, {0x2, 0x1}, {0x4, 0x2}, {0x4, 0x7}, {0x0, 0x7}, {0x1, 0x3}, {0x1, 0x9}, {0x1, 0x9}, {0x3, 0x1}, {0x3, 0x4}, {0x0, 0x6}, {0x1}, {0x4, 0x4}, {0x0, 0x9}, {0x2, 0x8}, {0x1, 0x6}, {0x3, 0x3}, {0x1, 0x8}, {0x0, 0x5}, {0x1, 0x5}, {0x0, 0x2}, {0x2, 0x2}, {0x4, 0x4}, {0x1, 0x4}, {0x1, 0x6}, {0x3, 0x6}, {0x2, 0x9}, {0x4, 0x2}, {0x6, 0x2}, {0x7, 0x2}, {0x2, 0x1}, {0x0, 0x9}, {0x6, 0xa}, {0x1, 0x7}, {0x1, 0x6}, {0x4, 0xa}, {0x4, 0x3}, {0x2, 0x7}, {0x7, 0x4}, {0x0, 0x4}, {0x5, 0x4}, {0x0, 0xa}]}]}, @NL80211_BAND_2GHZ={0x20, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1a, 0x1, [0xc, 0x6c, 0x12, 0x6, 0x48, 0x36, 0x9, 0x9, 0x18, 0x1, 0x1, 0x1b, 0x48, 0x18, 0xc, 0x9, 0x18, 0x9, 0x6, 0x0, 0x1, 0x1b]}]}, @NL80211_BAND_5GHZ={0x6c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x1d, 0x2, [{0x0, 0x7}, {0x3, 0x1}, {0x3, 0x7}, {0x4, 0x4}, {0x3}, {0x2, 0x3}, {0x3, 0x4}, {0x4}, {0x7, 0x1}, {0x2, 0x9}, {0x0, 0x6}, {0x2, 0x4}, {0x7, 0x9}, {0x5, 0xa}, {0x3, 0x2}, {0x0, 0x6}, {0x3, 0x7}, {0x4}, {0x3, 0x2}, {0x2, 0x6}, {0x0, 0x5}, {0x5, 0x2}, {0x2, 0x6}, {0x0, 0x9}, {0x7}]}, @NL80211_TXRATE_HT={0x47, 0x2, [{0x2, 0x5}, {0x2, 0xa}, {0x0, 0x4}, {0x5, 0x7}, {}, {0x7}, {0x6, 0x7}, {0x2, 0x9}, {0x7, 0x4}, {0x5, 0x2}, {0x4, 0xa}, {0x5}, {0x7, 0x7}, {0x4, 0x5}, {0x4, 0x9}, {0x4, 0xa}, {0x7, 0x9}, {0x3, 0x9}, {0x0, 0x3}, {0x5, 0x6}, {0x1, 0xa}, {0x3, 0x9}, {0x4, 0x5}, {0x1, 0x4}, {0x6, 0x1}, {0x7, 0xa}, {0x1, 0x8}, {0x6, 0x5}, {0x1, 0x9}, {0x1, 0x9}, {0x3, 0x9}, {0x4, 0x6}, {0x0, 0x7}, {0x7, 0x2}, {0x3, 0x8}, {0x6, 0x9}, {0x2, 0x7}, {0x7, 0x7}, {0x5, 0x4}, {0x6, 0x4}, {0x1, 0xa}, {}, {0x1, 0x2}, {0x1, 0x8}, {0x4, 0x3}, {0x5, 0x2}, {0x7, 0x4}, {0x2, 0x8}, {0x1}, {0x3, 0x19}, {0x1, 0x9}, {0x6, 0x7}, {0x7}, {0x4, 0x4}, {0x2, 0x6}, {0x4}, {0x2, 0x8}, {0x3, 0x6}, {0x4, 0x3}, {0x0, 0xa}, {0x2, 0x8}, {0x3, 0x8}, {0x5, 0x4}, {0x5, 0x9}, {0x1, 0x1}, {0x7, 0x2}, {}]}]}, @NL80211_BAND_6GHZ={0x4c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x7ff, 0x100, 0x5, 0xffff, 0x800, 0x4, 0x40, 0x6]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8000, 0xa5, 0x1, 0x6, 0xff, 0x0, 0x5, 0x8f0]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_GI={0x5}]}]}, @NL80211_ATTR_TX_RATES={0x2bc, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0x8c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x18, 0x1, [0x5, 0x4, 0x24, 0x5d, 0xb, 0x24, 0xe, 0x36, 0x3, 0x1, 0x6c, 0x5c, 0xc, 0x0, 0x65, 0x1b, 0xc, 0x3, 0x18, 0x3]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xc456, 0xfffd, 0x0, 0x401, 0x5, 0x6, 0xc8, 0x5]}}, @NL80211_TXRATE_LEGACY={0x21, 0x1, [0x2, 0x16, 0x48, 0x12, 0x48, 0x24, 0x6c, 0x48, 0x36, 0x7, 0xb, 0x9, 0x9, 0xb, 0x36, 0x3, 0x48, 0x1b, 0x24, 0x48, 0x1b, 0x1, 0x2, 0x4, 0xb, 0x18, 0xe, 0x9, 0x60]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1, 0xf961, 0x9, 0xa7, 0x0, 0x2, 0x61, 0x100]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0x1b, 0x1, [0x1, 0x6, 0x6, 0x30, 0x8, 0x36, 0x16, 0x30, 0xc, 0x1, 0x59, 0x16, 0x30, 0x60, 0x16, 0xb, 0x36, 0x16, 0x60, 0x0, 0x5, 0x3, 0x0]}]}, @NL80211_BAND_6GHZ={0xdc, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HT={0x4d, 0x2, [{0x6, 0x4}, {0x1, 0x1}, {0x3, 0x7}, {0x6, 0xa}, {0x2, 0x8}, {0x7, 0x9}, {0x5, 0x3}, {0x2, 0x8}, {0x2, 0x8}, {0x0, 0x7}, {0x3, 0x1}, {0x4, 0x3}, {0x6, 0xa}, {0x4, 0x8}, {0x4, 0x8}, {0x1}, {0x1, 0x1}, {0x5, 0x9}, {0x2, 0x2}, {0x3, 0x1}, {0x6, 0x8}, {0x6, 0x1}, {0x0, 0x6}, {0x1, 0x6}, {0x4, 0x3}, {0x2, 0x4}, {0x7, 0x4}, {0x6, 0x3}, {0x2, 0x3}, {0x5, 0x2}, {0x5, 0x7}, {0x5}, {0x3, 0x1}, {0x5, 0x2}, {0x5, 0x4}, {0x5, 0x2}, {0x7, 0xa}, {0x7, 0x6}, {0x4, 0x9}, {0x7, 0x9}, {0x2}, {0x2, 0x1}, {0x0, 0x3}, {0x0, 0x9}, {0x7, 0x2}, {0x3, 0xa}, {0x2, 0x4}, {0x1, 0xa}, {0x7, 0x2}, {0x1, 0x8}, {0x1, 0x3}, {0x0, 0x8}, {0x6, 0x9}, {0x4}, {0x6, 0x2}, {0x4, 0x2}, {0x3, 0x9}, {0x2, 0x9}, {0x3, 0x3}, {0x0, 0x5}, {0x5, 0x7}, {0x2, 0x3}, {0x0, 0x7}, {0x6, 0x2}, {0x3, 0x6}, {0x5}, {0x3, 0x2}, {0x3, 0x4}, {0x5, 0x4}, {0x4, 0x8}, {0x3, 0x2}, {0x0, 0x7}, {0x4, 0x9}]}, @NL80211_TXRATE_HT={0x27, 0x2, [{0x4, 0x2}, {0x1, 0x4}, {0x5, 0x1}, {0x3, 0x5}, {0x3}, {0x4, 0x5}, {0x3, 0x1}, {0x5, 0x2}, {0x3, 0x7}, {0x1, 0x8}, {0x2, 0x3}, {0x3, 0x5}, {0x5, 0x6}, {0x0, 0x3}, {0x1, 0x9}, {0x1, 0x6}, {0x4, 0x3}, {0x6, 0x2}, {0x3, 0x9}, {0x7, 0x2}, {0x0, 0x1}, {0x5, 0x2}, {0x7, 0x7}, {0x0, 0x7}, {0x1, 0xa}, {0x1, 0x1}, {0x7}, {0x1, 0x2}, {0x6, 0x9}, {0x1}, {0x0, 0x8}, {0x7, 0x1}, {0x2, 0x5}, {0x3, 0xa}, {0x4}]}, @NL80211_TXRATE_HT={0x2c, 0x2, [{0x0, 0x5}, {0x7, 0x4}, {0x1, 0x9}, {0x3, 0x6}, {0x0, 0x8}, {0x6}, {0x0, 0xa}, {0x6, 0xa}, {0x2, 0x2}, {0x0, 0x7}, {0x1, 0xa}, {0x1, 0x7}, {}, {0x6, 0x8}, {0x3, 0x2}, {0x1, 0x1d}, {0x2, 0x9}, {0x0, 0x5}, {0x1, 0x5}, {0x0, 0x5}, {0x5}, {0x2, 0x6}, {0x0, 0x3}, {0x1, 0x1}, {0x3, 0xa}, {0x3, 0x7}, {0x5, 0x2}, {0x5, 0x5}, {0x2, 0x8}, {0x4, 0x9}, {0x6}, {0x1, 0x2}, {0x6, 0x9}, {0x1, 0x7}, {0x2, 0x1}, {0x1, 0x16}, {0x1, 0x1}, {0x0, 0x1}, {0x4, 0x4}, {}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x8001, 0x0, 0x4, 0xff03, 0x4, 0x1, 0xffff, 0x3f]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_60GHZ={0xc, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_6GHZ={0x1c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_2GHZ={0x74, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x32, 0x2, [{0x6, 0x2}, {0x2, 0x5}, {0x0, 0x4}, {0x1, 0xa}, {0x1, 0x5}, {0x7, 0x2}, {0x4, 0x5}, {0x3, 0x1}, {0x6, 0x7}, {0x4, 0x4}, {0x7, 0x4}, {0x0, 0x5}, {0x7, 0xa}, {0x4, 0xa}, {0x4, 0x8}, {0x4, 0x9}, {0x1, 0x3}, {0x2, 0xa}, {0x1, 0x1}, {0x1, 0x4}, {0x1, 0x6}, {0x0, 0x3}, {0x1, 0x2}, {0x1, 0x8}, {0x2, 0x9}, {0x6, 0x6}, {0x1, 0x2}, {0x2, 0xa}, {0x6, 0x8}, {0x3, 0x8}, {0x3, 0xa}, {0x3, 0x9}, {0x3, 0x9}, {0x1, 0xa}, {0x1, 0x2}, {0x2, 0x7}, {0x6, 0x9}, {0x1, 0x3}, {0x0, 0xa}, {0x3}, {0x4, 0x2}, {0x4, 0x4}, {0x5, 0x4}, {0x6, 0x6}, {0x0, 0x5}, {}]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x16, 0x1, [0x4, 0x48, 0x12, 0x1, 0xb, 0x48, 0x18, 0x60, 0x9, 0xc, 0x9, 0x60, 0x36, 0x48, 0x36, 0x1, 0x18, 0x60]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0xffff, 0x3, 0x7, 0x9, 0x40, 0xfe00, 0x200, 0x7]}}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_2GHZ={0x68, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x3d, 0x2, [{0x3, 0x7}, {0x6, 0xa}, {0x0, 0x5}, {0x1, 0x8}, {0x1}, {0x1, 0x7}, {0x3, 0x5}, {0x6, 0x6}, {0x3, 0x3}, {0x1, 0x1}, {0x3, 0x5}, {0x4}, {0x5, 0x2}, {0x6, 0x8}, {0x7, 0x9}, {0x7, 0x3}, {0x4, 0x2}, {0x0, 0x7}, {0x7}, {0x2, 0x2}, {0x6, 0x9}, {0x2, 0x5}, {0x3, 0xa}, {0x4, 0x3}, {0x7, 0x6}, {0x2, 0x8}, {0x2, 0x3}, {0x6, 0x3}, {0x1, 0x4}, {0x4, 0x3}, {0x7, 0x2}, {0x4, 0xa}, {0x4, 0x3}, {0x6, 0x7}, {0x2}, {0x2, 0x2}, {0x7, 0x2}, {0x5, 0x8}, {}, {0x4, 0xa}, {0x1, 0x4}, {0x0, 0x1}, {0x0, 0xa}, {0x6, 0x2}, {0x4, 0x3}, {0x7, 0xa}, {0x0, 0x2}, {0x3, 0x8}, {0x1, 0x3}, {0x0, 0x3}, {0x1, 0x4}, {0x6, 0x8}, {0x7, 0x3}, {0x0, 0x9}, {0x4, 0x5}, {0x7, 0xa}, {0x2, 0x3}]}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x14, 0x1, [0x2, 0x1, 0x16, 0x48, 0x6, 0xc, 0x18, 0x18, 0x5, 0xb, 0xc, 0x18, 0x18, 0xc, 0x24, 0x48]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_2GHZ={0x20, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0xf8, 0x5, 0x7ff, 0x3f, 0x3, 0x7fff, 0x5, 0x80]}}, @NL80211_TXRATE_LEGACY={0x8, 0x1, [0x48, 0x2, 0xc, 0x4]}]}, @NL80211_BAND_60GHZ={0x20, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x7f, 0x2000, 0x4, 0x2, 0x2, 0x53c1, 0xfff, 0xbd]}}, @NL80211_TXRATE_GI={0x5}]}]}, @NL80211_ATTR_TX_RATES={0xc8, 0x5a, 0x0, 0x1, [@NL80211_BAND_60GHZ={0xc4, 0x2, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x7ff, 0x5, 0x7ff, 0x0, 0x40, 0x8001, 0x5, 0x1]}}, @NL80211_TXRATE_HT={0x22, 0x2, [{0x3, 0x3}, {0x5, 0x9}, {0x4, 0x8}, {0x0, 0x5}, {0x0, 0xa}, {0x7, 0x3}, {0x5, 0x1}, {0x0, 0x1}, {0x5, 0x7}, {0x6, 0x4}, {0x3, 0x2}, {0x6, 0x4}, {0x4, 0x5}, {0x7, 0x9}, {0x2, 0x2}, {0x2, 0x2}, {0x5, 0x7}, {0x7, 0x7}, {0x6, 0x1}, {0x1, 0x2}, {0x4}, {0x2, 0x1}, {0x6, 0xa}, {0x5, 0x6}, {0x5, 0x9}, {0x0, 0x4}, {0x3, 0x6}, {0x2, 0x4}, {0x4}, {0x0, 0x4}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x7fff, 0x0, 0x8000, 0x2, 0x200, 0x6, 0xe40, 0xf439]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x3f, 0x40, 0x0, 0x1, 0x4, 0x2c3, 0x1f, 0xcf2]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_LEGACY={0x10, 0x1, [0x1c, 0x48, 0x60, 0x5, 0x2, 0x6c, 0xb, 0x3, 0x18, 0x3, 0xc, 0x5]}, @NL80211_TXRATE_HT={0x48, 0x2, [{0x1, 0x5}, {0x3, 0x5}, {0x5, 0x9}, {0x1, 0x8}, {0x1}, {0x6}, {0x1, 0x18}, {0x5, 0x9}, {0x6, 0x5}, {0x3, 0x7}, {0x6, 0x8}, {0x7, 0x6}, {0x0, 0xa}, {0x5, 0x3}, {0x2}, {0x3, 0x8}, {0x3, 0x1}, {0x4, 0x7}, {0x1}, {0x1, 0x2}, {0x5, 0x7}, {0x3, 0x8}, {0x4, 0x7}, {0x4, 0x2}, {0x6, 0x9}, {0x1, 0x7}, {0x4, 0x3}, {0x0, 0x7}, {0x6, 0x8}, {0x5, 0x5}, {0x6, 0x1}, {0x4, 0x8}, {0x4}, {0x3, 0x7}, {0x3, 0x4}, {0x7, 0x1}, {0x3, 0x8}, {0x2, 0x8}, {0x6, 0x1}, {0x7}, {0x5, 0xa}, {0x7, 0x1}, {0x5, 0x6}, {0x6, 0x5}, {0x2, 0x9}, {0x0, 0x4}, {0x1, 0x8}, {0x3, 0x9}, {0x6, 0x7}, {0x3}, {0x4, 0x5}, {0x3, 0x7}, {0x0, 0x6}, {0x6, 0x7}, {0x4, 0x9}, {0x0, 0x8}, {0x1, 0x4}, {0x3, 0x1}, {0x1, 0x3}, {0x1, 0x9}, {0x1, 0x7}, {0x6, 0x8}, {0x4, 0x6}, {0x2, 0x7}, {0x5}, {0x0, 0x9}, {0x5, 0x3}, {0x2, 0x4}]}]}]}]}, 0x6e0}, 0x1, 0x0, 0x0, 0x11}, 0x20000000) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r5, 0x0) ioctl$MON_IOCT_RING_SIZE(r5, 0x9204, 0x2a6b4) [ 1558.975034] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1558.988360] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. 00:12:08 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r2, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) r3 = syz_open_dev$vcsu(&(0x7f00000008c0), 0x0, 0x10800) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000940), r0) sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r3, &(0x7f0000001e80)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000001e40)={&(0x7f0000000980)={0x149c, r4, 0x4, 0x70bd26, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x16}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x88b5}, @NL80211_ATTR_FRAME={0x145c, 0x33, @data_frame={@no_qos=@type10={{0x0, 0x2, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1}, {0x4}, @random="0d1d90987e30", @device_b, @device_a, {0x4, 0x5}}, @a_msdu=[{@device_a, @broadcast, 0x1d, "0bbb273b3ff890534be3f59b542c9335aafeafb5bf39808482c1e362b3"}, {@broadcast, @device_a, 0xbf, "69804750afafc3afbc54395616ac9959659320d14dfdf9fce6ac5a3713fbf8a13206b816a8151cfd9247fb1202066f8caa5141287034d41e162823b58b3bbe3c9f29deebd153af650e364a5f785d9d07efeb96c99b121708df83eed9789f8ca77f2e2d931c8bc338b624d8ebbcaca1957788e506fef5515bf358389abf8ceb5e35026bfd621ebed3b6f35b4dccf90c0b334149ab2e229ffcaac617ef407ce11dcc9e413f9eeeb42a014fea295b2108bcf377d2c98b93604fd2c445f1f057f1"}, {@device_a, @device_a, 0xb2, "ff42f265290b6b819c2b491b8048c7d946b83718496f19a22484d87a8b776dd7b8640a0aef5370f4f44974e009a270c5f698075aede79bc64ef676aaac0dcffd93e978b69aae79a88269d3a1bccde06d52ba4eb69bd571fa63a116a1c7493bbc73165d6d38a3f4e6cff7c2d2c8156367858e8f3b9b40bd7771f742e5a5ac583f75ea8952b84f6d0ab35fbff263d1f87ae7a0ae355040fb3d114f5c6765ca7e9bbd13b23c543b4c164e5ee0d8897c35a7e352"}, {@device_a, @device_a, 0xf6, "36d0b3d9501abc7f648d541eb188ac9ed4f8d3b31840da211d3631fb1da2bcf4e99b0f8001756507f8404ad1c57e9f59bad68b5301145422121ba7bbea199f678c9827cca2a0bb0dc8ecd3812f34cd453f44c27a8163a993838be39b90219e2125a28e11dc083d5edff92cdbed8dfbde4ef034408ed89e87088cb38ed3a4a7aecef03db5ca499e3524980c3962a73e31f4d2e94371a972a4ab4227fa92a866ccfe2a105d31e34dd44aa17a6f4ae734cc86f52f22ae1c6054c5573e60dcb053430d89a1ec027efa04545bf7d9d973313695ea0aa7a240945b6b91c0fa6c4a361b02024dc4997f5be419482996635ef1a5795154bde8b5"}, {@device_a, @device_a, 0x4f, "e9ba0dae22019583294a56820b8f354b50f86edd4b41f249d3b948dcc40dc18dfe88f2cf9ed5c289840e7154e00400080785ab82b0f23f49146c1d0965509ec2db5ce8cd5e2348934e2bdfa993834f"}, {@device_a, @device_a, 0x1000, "22d0c4407754d36d381743f2ceeac8d28a28267dda034e66df98acff80ed025963d8927d726f881ee83b7fa88b274f7aea37c1f63d31b121aba53dc8472aa242fda5f698f84b5fbd863d1508ed239f99b17a0376e6c340350049c557aa85195fbcb3d14d9b555978b12c14ae9159b18794574d6faa79089c3994ce2c7ebc486acb04c33702d315cc0b206ac94bf4ff34c65accfde3e080514e4d6458fe7b38b007f8b0c4846c2165554d3c516b02784cff3462a0ddf26b5fb0ff08b55f654628455217e7657beb1d1f986ff7bad9e034091e09b86340159fee881d4d377887dbab1f0cdf75e94401d426d87ee7a8b6bafbc2ab30509871d383d3e4ec5bd58e993c09aa3996f12f046826c82b33f818ec78190695f350a4ed2ab87cd147ed9c507f28fc1e518d1b8f4000b6e2317b0ba41658c12d8cf371fe83f034bff35cedce1a44f198819033c675ceb858700315bce264318ebfc4eeff79940502db6f53d367f7b947386044a3de94cd513b45153bfeded874dcad3262b5100c0edb6c473f8272a53ea4ea07e13bc19c5be00c8fed117ad2b475b79d5f6b414503d68456a772f84f9fe626522ac4f3f9a780f90de016d4f7dad5e19d05b32a97ddcbda4d5f81cbba57cf00a187c004c45ff3bf42f77b8960a088517d6a1723edcaef94b3546540b3f4c30be3553449f4ae0d31e4d111c7210f2d3a83c35cb83f20a87d0c14aba13cfd840e8126a07bbf33d516e33dbb3e9e2e63e047b210f85b147b2c67f537b90b4f68ad9981b2387a09d0d0e06cee55ea86a360fe706f4401beeab6268d5509970a42f9117a63d48ef69b5045ba2c3d8c85e7ad6fdc59f91d5e90a382388ca6a4a9e392322716bd87d4eda341ddfb8d75934a87c6233c8b934e3e3d9f7913905b4ae364cb1a9e35b998362ae632774368e26f550bb386788ae485824f8c920812caffd475249c80493326751e0821756f3662265b5273894aa42c9a59ca93e722922f2e5a4f31c8d828367d62e1b6ce3b64d1d89cda1b8e30431b3b290efb3fc162749e1e898b82ed38bfeec87aaf323d96d5435d31a399a2f32a46e2eccac28ca67b4e9fd8109809ab2321ca0b480e411af0f06d3126a8311e991c3e2890d22503a94ffd664a7fef15ed5b60711441726f907d4c870acf85b18157ab8c8bfb34606fe761d39648c3e867a07022500139e8a3b3cd944e48c0e9cc2ae982c4d777237617b2d80222245156a88ffb51933c98fa88805ddf928fcec289f3c106f8acc72166170724f26dc4ca4ae1b6d2d5bee83e55624e0ad2f4acf523f9017769dcea73a21c81813ed1fae79a3f31f1c497d18feed3eeb8a28325a279498500dabda897a6c93ae641db86e942d557a86c5bff3f619010603ed6b3957ebde4535b0ddf4fd9b9d89cb8e9104fab293b88cef3361911fe89cbd085c3bd16953b72fed123bd276d21259d4023ed3726f9c1c19c618819535202a876d58570814bd70265111a91772e36eb0824dddc13bab2f073ae5527b9158a3849dea9a1b0c6b1c735357a73d381d1fe7e93e36629bd54ac0a629af3abbe8bd6696c6673b51cc48dfebef624da6d100e7c9600af67a4c06205da03bdc9c2d05e369f7dbd9ec7b55de3a44593093295599c5f9fa2f5e216f17e4f281fd6874b25b1587bf1d837bf6ae000e14fcfc62399c990fc3ade263e03eec398e37f757a9f9d619d6ad2ccd8956d7a64c215eaab407770c8e4574513766e08305eca06c57a8f1ac389bce9e704b73f630b7c2f451ad60cde7cb13428bb3e7c355a8c4050269c6f939e37bb439b98f30b8f369b0a1403ac39dc1eb7b0e135344a1879e1ab70416dbd4602bae1e354cc8fe268851bdbd1ac53e751371a126736e9b76c93bc662e246007eb0ff97352e74c74b04498777008cd721b5ff8ef5d0a79d8a5771a74f2a8d9c653f380e05386b13acbbb5795818c8d317efe2a05a7efae64560016412c16b23ed8f777e566ae2901241441c07324fbdd2fb20827cc7321921b13021a0b1db64b2f81de4b51ee3789f26dd00f0e18f8ec142838f95283b3afe31e0ee48395bae5bca2fdb52764db4abc82989ef0f30a2d65245f142d6803e41ff57c3b0f39f9bca55d3dbf3e8f6e4765eef8333e5964a53f8ebea6ecf595c65a87013ac6cb2fd87d289d04a6b21f51dc0e7f2221840ad2d02980da6d28e2df7def3e8d3aa52682611f926e8accdb1453602386f62bb0929daa263de2942e20f2c9c4f18e662b10cca49327f1b60fa38f094ca6777dcf894274ddedaa6cf94bfd7c141d3a2e1f62ad8e5ec9131b32e7f9ca145b97dfe0ffbf14b51c41db9f058dce64cd6a07fc0e7c55019016c28126928ceb1e650af2c6f98ae8eb93bcd5e217ae4c8b9f1dc5aba3e07a3e5c47e7f413ec1280adee84df08832de8adece1e2487e43397b758bae08d8b637b748a88e1df32c8b7a8345218a7d0402902a22a40d8ce0cf3e6eb1a8f41b8142b873fb0c17b44e189aaedcef9fbc4fbc0f66af45cfb114a98bba4a3cdcfef89fa6ce44658d7d20cacac3060dfebc2b8bc83e969ec756ae1c83bfeedd9ea9bfee55d1eaf8c9292fb5fd02897dc775960076ba2aa51a18dab2a0bab46c7c85aedd7c469fab4f38e39afd6de3dc44f460d2a426119ce4e02fe8160b1c0745860f76e1b5fb30e6089118ca740a3d1a5e7093fd5d33abc8a53b55c85425e2baa0f809e9d1be088aa8a9357abdee4e46976868c60079edba4ff31942c511ded5f3fd3ad2e0308627af25bd946c8fe10a9cd0d749d51f8d6b2e61042987b5d8d28963816e5e26ad9e9f13c4c608a60aad33dd5e2666adfe8f333559a12dc21d1901626bb1b92c46b94f4d54f3394ce05bfd424eb6da05172019cf5a3650f90b707d07a0aa47f0a2b2a0c023c284a65f6515f84a235a7e27839c61a46085a9c3affc7252f0a38952215ff59f108eec5401febeed5658b609ed45643eeef7bf2fdb0535d490e5019094134c190c055ff4fb3b2b9bd2110dfa325173aa662d456004e2f90785c378edab6402516c20dded30c5617c9ec49579202495cbbef0f66c5dacccfa5fd872870ceb2b318179e7c38de1dddb9e18f1b1d14e99389ca5cebbf3dabf591fd6a409f706f66a97114f5352b3e1a8a7cc2b2e023ccc60ecb3cf3d706865e4f37bbd1958808af8e3098774ed87a6a45d0e63b37b026c7ecbc3172360aec4f420a78d3f8a7a529b6393f3bba702ecf628879c43f406dbec72b9e5f0c1d53c9f959ecf1904329a7c48bb30028e9e66b58d8c293820f6d93b984d33af371b4caf93cbe99b1bb027dc27a5a73440b4ff027d124897df022e340dc237e16f834177605265cdbe3c5efeedcbe75eeb2ac1443b3f2ad142a9bcd7d357413cf2f3dad26917779b77531c3e6d6d3b431c306ec1461b623f44598086115afd7c96efb3b64e89bc5ea250d993ce476ebee1f4ac42b48a7e8ca0e79ecceb35e564483bbe5a213ec341e9b4e997a57f8212af54ac6380307289e926ef0c75b41994da6129c25da2fd1236935497d4f6f1e99be1fc6341272785be93d6534d09eb4114e5918f761b16ee5b2537e73cba115dbac8178bf59a95478f7e9494617471c9afa53dbfd7590dc3f21ac46f59029bf08c92ad8575b52c3b486537c304fd93038bf220d414b33ac7d834ba9f443e58e0e21579721640ca78ce5109c809eac2c136a320b0bbaa5802e62c57226e59a292deb2d1f851656986e78d96954fe6d658dbf3cb6c8b2be1dd7102cc7f5c79b6a651ea3efd2de73ffa38d9f77cc31730eb3f8e835e65cf6d849f3af89114fdafff7a55dc0a0f0592aaa4078fc88a8d774ac316c83d28b61b129fec00aad14b29e09f74d7916c2f38f6925d5e50c5ebdf87f4a85b3126f81e1eedeb785b2d53a149593bdec887f21b1d37cc5e1287cb634f9567db5c3cb3ae3371e9c557cc35cc7822f2c02fa768cde83df55ed48c0a7504377921366199a38c4e85e82ca6b0c8c37c904de48c038710ffbf7ab023283f0b58f176a00132ce84bbd25e1bcc8b72808b31967de37866b6ca45b286625b62b88ea7099a1aa38055f321ec6d5cfda66ac32399493758ed4d08c119c9db534a64681a526796217f6db8810adf5080e964f641a958f9b56402d44b3e64cc8f29edc19d9ad2c916835aab5fb61f226a4b709f3e910170ad664d86cd6e06534cdf1f83bbcc3c5c75d250e602067c9372eb6374855b047d53885dbb5cc4d40212871cd4794641a8e3cab049af9bccbd002efcb7636aa14d893762776e7189b62bcf38380df22d514351be6d115f2c5af689454342aa90e7ba404e1a10b5b18db19914b4e14ce26d6aa9b79c278d03530f1c2558e4dda266d4228cb33d915ee0bf44a225a652ab878a15bea453564fa71512daec5555b8c729b88c189225ab24b8cc87661cc10d98f967c2db012cee4074b81c80a532fe34b0eb0fd387b54de1cec6550f00e270a2451be067cd3172cc7643d6f716a0c71cc35cc7d3f0440edde38374561716be0c337d3c368eea82a3256f0b023b10b112948e52acb528c009e42c8113c0ef4cacc9af4d7addf0dc60f6debdd154b41da2c6fbb9de7d9755636acac75640f1e72f5e30fa6087db204eb8b9d80713777329e7de028a412b5ee3edeb6e8b3bc1d071bb0dd79c70ff8687662a4a8d14170132e4eef5c5fcd9eabad1404c5c0c7fd24702cce03b1bbb87fcb79238888b73b812a5613c14fb7752ee339611ceb416049a85f210782c99beb282089edd046fda9da3a74c8a0366de1a0a64a842c8b1916c765c2975dde9f1e1f031ef79264c687566e1a5b739d6b9f8b678f096a2dc9398d73d3994bcb45cfdaa9243e55ce46f7429561b9fe27d549b0b829cc76db6a2faea471899310b10994f630ea6ed94fa3673e94781e8154dde05ddfeb20cd52b5592e98173982284bdb04eefa4ad0927a59a16b80e93a7cb2faa5b47d823bb4a3e2134b43ae85ce8d54ccfc1090099eb9c936105459eeca8b077a67b76a2e54189ac42896240614dc92f5e8bad1c3d327dd80894a40a7652d26685ae06595074770435d4f8cb796d5ca635b5d2b710fc25cf60883cfff0bd9a84d366b2cfcd1c9bdd56aaebafc834521d2f4e743856638dd2e76a7eeab54fe981bb41accf31c11def61155ee92fc0d4a34fa8ebed59984bacc4773a2b8e76a37a05e6d1c509bad31f1d7ecc443d29c815dbd1d573444368bb64f077261a951c424cb7e938076cfa89e8fa6ff6312569aee66ff11c257ecbb27660aabedd2fc966d6c92b67fb2df49e35c549aed755c197225ea4e50a09db40a1bc0929e6035383055def871eab6cc07a7e85400673427380525d79ebd70e9be807a57ff639cb59c126d820bea51e19d09794302190cd1f83a8b68654f7d518feef3e8b006b32f5b0724b9c69e9fb2d26827195e7d648b1245702ba77f33b73be13529021dcd7266e8cf6c49e405b56cac01018203e75535cdb7a2a43f6047adfe0ec170dab213e8cbb8a3608c71e9ba984da7d703cb514cc4955c3d163a60ce5271237d4ea9215f0acb46bbfa09a188dff93f5b38b2d35b38e72447e1b60345b317a43972c5c5f27a986eb77dfc85bcbdd1c10e5cc1725e12abb5912a50fa1d673fdd5d54c30ce572937a3ae92f428dcec3d94b0be20fa554ff078d07093d643edfe1f67cf0c3a87b8008079a3e1187a3679bd85e3aee5c7ebbad4f792d5c3dc1a610394a27fc41048bf141be5c256b48239b08f8f892f6867136c1af51808615280a97dff96ab1e36b58c"}, {@device_a, @device_b, 0xbf, "9972876010be1b81e4551f55c40e8312e6341619601680a3f9fc7bbe05b6146f28f9fbae78f728a6e8778c8faf3bd4bd5c0f5ffdc1d1b61cced27e5f6bcca2470342204d65d6db80c939d7c76886a0272f4e8f50cf43a33bc2d2a3a6384967dbe1def38ba53090c7cbc263c567e570fba0c9ff83b24d0f019c655e3f611af8b6df47e04277ea4a8cad9be2dc4f05b2b0c549c7d260cf4ed3668dfaed1a309471b7345c2d96aaf080764216913bf93fb9a01618cc0a533926e12715fa32a38f"}, {@device_a, @device_a, 0x32, "3c4830e5e70c5d2c45c3e15e4609f15c9352a226fb9db123c140f11cbebd4b119228fe5166340265e592e79838b65f4117e0"}]}}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x18}, @NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT={0x4}]}, 0x149c}, 0x1, 0x0, 0x0, 0x2004}, 0xc1) write$binfmt_elf64(r0, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0x4, 0x0, 0x1, 0x20, 0x0, 0x3, 0x6, 0x6124529b, 0x22d, 0x40, 0x217, 0x0, 0x5, 0x38, 0x1, 0x8, 0x5, 0x2}, [{0x1, 0x78361ca6, 0x8, 0x9, 0x600000000000, 0x9, 0x3, 0x5}, {0x4, 0x556f, 0x3, 0x9, 0x1, 0x3, 0x0, 0x7}], "483b1db9a647634c1d8531e001e3b834fc146d8bb960cfc8fd81dbba4f4b7be140b7391bc1c9f829fbb9d79b717300a3bb7e71ae4b3c48891e280089e88bb4b8c2fee6488ab7a07706a103a52af9c9e274010f2047d3b0f83118ec9546ced49090820d77ec0a6a9f07d825b4a62a4afff52ef0d6295245106f3ea70e3974bfaed6d0733061cc78e7267f432b2f75e53fdf361fadee33c1181ee43157e18faa33b7a494595108b5dde1a1dbec07c7f0e309c7c38eb0264a162a3d326c9260856838fdd4b578b6bfc32d36bd7fabdaed936e1beaed056e18b3", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x788) r5 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r5, 0x0) ioctl$MON_IOCT_RING_SIZE(r5, 0x9204, 0x2a6b4) [ 1559.039927] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1559.044969] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1559.079702] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1559.080413] print_req_error: 6 callbacks suppressed [ 1559.080424] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1559.082249] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1559.083459] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1559.088736] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1559.089387] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1559.090636] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1559.091839] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1559.096183] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1559.096796] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1559.098037] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1559.099253] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1559.101265] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1559.101884] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1559.103123] blk_update_request: I/O error, dev loop4, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1559.104330] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1559.105554] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1559.106203] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1559.107427] blk_update_request: I/O error, dev loop4, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1559.108638] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1559.109874] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1559.110532] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1559.111750] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1559.112408] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1559.113705] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1559.114389] Buffer I/O error on dev loop4, logical block 2096903, async page read [ 1559.318493] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1559.319382] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1559.322686] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1559.323360] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1559.324625] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1559.325663] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1559.326701] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1559.327732] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1559.329794] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1559.330528] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 00:12:23 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 23) 00:12:23 executing program 4: ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000140)={0x0, 0x0}) r1 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0xd7, 0x0, 0x2, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f00000000c0), 0x7}, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x4, 0x0, 0xffffffff, 0x0, 0xfffffffffffffffc}, r0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') r2 = dup3(r1, r1, 0x80000) syz_io_uring_complete(0x0) connect$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) 00:12:23 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0xd, 0x8010, r0, 0xc1687000) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:12:23 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x2000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:12:23 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:12:23 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCX_MFETCH(r0, 0xc0109207, &(0x7f0000000440)={&(0x7f0000000400)=[0x0], 0x1}) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, &(0x7f0000000bc0)={'sit0\x00', &(0x7f0000000b40)={'ip6gre0\x00', 0x0, 0x4, 0x1, 0x8, 0xd73, 0x10, @loopback, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x700, 0x700, 0x2, 0x800000}}) stat(&(0x7f0000000040)='./mnt\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0xffffffffffffffff, r3, 0x0) r4 = socket$inet(0x2, 0x3, 0xff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) sendmsg$inet(r4, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000000)="b683ae40f3fdac402b01fa055e4299bd37dddcc878d124b8", 0x18}], 0x1, &(0x7f0000000200)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @broadcast}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev, @multicast1}}}], 0x40}, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000c00)={'team0\x00', 0x0}) r7 = socket$inet(0x2, 0x3, 0xff) r8 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) sendmsg$inet(r7, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000000)="b683ae40f3fdac402b01fa055e4299bd37dddcc878d124b8", 0x18}], 0x1, &(0x7f0000000200)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r9, @broadcast}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev, @multicast1}}}], 0x40}, 0x0) sendmsg$nl_xfrm(r1, &(0x7f0000000f00)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000ec0)={&(0x7f0000000c40)=@acquire={0x24c, 0x17, 0x4, 0x70bd2c, 0x25dfdbff, {{@in=@multicast1, 0x4d3, 0x32}, @in=@rand_addr=0x64010101, {@in6=@mcast2, @in6=@mcast2, 0x4e22, 0xf6, 0x4e22, 0xffff, 0x2, 0x0, 0x0, 0x4, 0x0, 0xee00}, {{@in6=@private2, @in6=@mcast1, 0x4e24, 0x6, 0x4e22, 0x6, 0xa, 0x80, 0x20, 0x32, r2, r3}, {0x3, 0x5, 0x1, 0x10001, 0x100000000, 0x1e, 0x401, 0xfffffffffffffffa}, {0x0, 0x2, 0x8000, 0x3f}, 0x0, 0x6e6bbf, 0x1, 0x0, 0x3, 0x3}, 0x80000000, 0x0, 0xeb7, 0x70bd26}, [@XFRMA_IF_ID={0x8, 0x1f, r5}, @algo_auth={0xf8, 0x1, {{'sha512-arm64\x00'}, 0x580, "a14e44de5ea9c96642f173e31a65a3d27ec64a03422f84f47abaa836c4fb21cbcc0bbb518fed301c270a86b51526c9ae36be66ba32532e6eedd136de1c767702b6f99d44adc94db5493770ea47d2f20ce61fa89ec105c36ce1d426f76453c06e8d050005d0f42debe57f1795008116531735f4840d9d63558f53d9c2aae1d8eb8de618dafb978fe74d152051401535d79378833fd56b64480179f6f8fdb8a86328c3b5675c17c08762e0fc4ca255f3d9"}}, @lastused={0xc, 0xf, 0x1}, @replay_thresh={0x8, 0xb, 0x8}, @XFRMA_IF_ID={0x8, 0x1f, r6}, @XFRMA_IF_ID={0x8, 0x1f, r9}]}, 0x24c}, 0x1, 0x0, 0x0, 0x804}, 0x80) sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000780)={0x288, 0x0, 0x400, 0x70bd25, 0x25dfdbff, {}, [@TIPC_NLA_NET={0x10, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc}]}, @TIPC_NLA_PUBL={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xfffffffb}]}, @TIPC_NLA_NODE={0xa4, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x8}, @TIPC_NLA_NODE_KEY={0x45, 0x4, {'gcm(aes)\x00', 0x1d, "9078fa6e7326f17100ccf8bef4ac17717d81fb0251485961411ed0cc32"}}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xffffffa4}, @TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "641ce28c68f5eb9e1ba910bcc76bc0b3ffdff8c0"}}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_MON={0x24, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7f}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xffffffe0}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3f73}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x8}]}, @TIPC_NLA_NODE={0x134, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x42, 0x4, {'gcm(aes)\x00', 0x1a, "57641afaa02704cc97ba69fc4db6400e408896e907517f63e8ad"}}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x81}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x2cb}, @TIPC_NLA_NODE_KEY={0x42, 0x4, {'gcm(aes)\x00', 0x1a, "3b662dcc3ce0a2ef9dbe43b37ca0172a6296b56089a3a5d72803"}}, @TIPC_NLA_NODE_KEY={0x48, 0x4, {'gcm(aes)\x00', 0x20, "f72e71b71664e50a4ed8a32051540f8cb14b326d8b71e54d562555208efd83d1"}}, @TIPC_NLA_NODE_KEY={0x4c, 0x4, {'gcm(aes)\x00', 0x24, "b3a484c560c7c19314d8ec2168225bfd51e9032c60d32fbcf4fff0d4430c4dc4632dd088"}}]}, @TIPC_NLA_NET={0x54, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x5094}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x7fffffff}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xfffffffffffffeff}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x15}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x5}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1}]}]}, 0x288}, 0x1, 0x0, 0x0, 0x20040840}, 0x80) write$binfmt_aout(r1, &(0x7f00000005c0)=ANY=[@ANYBLOB="cc000107a30100001f0300000800000082000000060000000000000000000000256f95754bb3e71d137be702a200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f43a8aa57f20f4e53913a8003d587e5ec19e930891b1c33d4f4f85c0348090d862ad38466b4d06fe7f25095fae893217698a62d6ccb1811ed96eda8a40aa96de47ec175d8f098e50d7b19c4fccd8d840842f68b5f206448aeded7fc9d987444080dfa334963ca9"], 0x12d) readv(r0, &(0x7f0000000080)=[{&(0x7f0000000100)=""/255, 0xff}, {&(0x7f0000000200)=""/202, 0xca}, {&(0x7f0000000000)=""/95, 0x5f}, {&(0x7f0000000300)=""/255, 0xff}], 0x4) 00:12:23 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000000, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:12:23 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) [ 1573.916743] FAULT_INJECTION: forcing a failure. [ 1573.916743] name failslab, interval 1, probability 0, space 0, times 0 [ 1573.919354] CPU: 0 PID: 17424 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1573.920797] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1573.922539] Call Trace: [ 1573.923089] dump_stack+0x107/0x167 [ 1573.923844] should_fail.cold+0x5/0xa [ 1573.924636] ? __alloc_file+0x21/0x320 [ 1573.925474] should_failslab+0x5/0x20 [ 1573.926307] kmem_cache_alloc+0x5b/0x310 [ 1573.927154] __alloc_file+0x21/0x320 [ 1573.927923] alloc_empty_file+0x6d/0x170 [ 1573.928756] alloc_file+0x5e/0x5a0 [ 1573.929495] alloc_file_pseudo+0x16a/0x250 [ 1573.930372] ? alloc_file+0x5a0/0x5a0 [ 1573.931166] anon_inode_getfile+0xc8/0x1f0 [ 1573.932039] io_uring_setup+0x138b/0x2980 [ 1573.932899] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1573.933947] ? wait_for_completion_io+0x270/0x270 [ 1573.934962] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1573.936037] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1573.937101] do_syscall_64+0x33/0x40 [ 1573.937870] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1573.938947] RIP: 0033:0x7f347623eb19 [ 1573.939715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1573.943517] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1573.945102] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1573.946586] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1573.948072] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1573.949541] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1573.951027] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:12:23 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080), 0x400000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r3, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f0000000180)=ANY=[@ANYBLOB="01000000010000001800000087e490477f3228d7a29693794fa635935c51a7c90ac267c36d1f6049600c816eb8c986a77ed0170218d66c39b156f8a36210edced308f76c78582f625db53e785fd4fddd1baa710b70735c9f1d3ec92fee23b5831208b02b632e263b95e98c401bacccb345021d8e185df115ee78ba6f060c289e6113047bd29fc38fb9ec24e1ace6cc1f1d8dc09a2e57b03d70aa0d", @ANYRES32=r1, @ANYBLOB="04000000000000002e2f66696c653000"]) 00:12:23 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x3000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1574.006951] __nla_validate_parse: 2 callbacks suppressed [ 1574.006962] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. 00:12:23 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) ioctl$AUTOFS_IOC_EXPIRE_MULTI(r0, 0x40049366, &(0x7f0000000140)=0x1) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80800) ioctl$MON_IOCX_GET(r1, 0x40189206, &(0x7f0000000180)={&(0x7f0000000040), &(0x7f0000000080)=""/24, 0x18}) r3 = openat$cgroup_ro(r2, &(0x7f0000000100)='blkio.throttle.io_serviced_recursive\x00', 0x0, 0x0) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r3, 0x7, &(0x7f00000001c0)=r1, 0x1) [ 1574.055905] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. 00:12:23 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0xe6b7a000) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:12:23 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x4000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:12:23 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 24) [ 1574.081292] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. 00:12:23 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 1574.150417] FAULT_INJECTION: forcing a failure. [ 1574.150417] name failslab, interval 1, probability 0, space 0, times 0 [ 1574.152287] CPU: 1 PID: 17494 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1574.153417] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1574.154739] Call Trace: [ 1574.155157] dump_stack+0x107/0x167 [ 1574.155747] should_fail.cold+0x5/0xa [ 1574.156353] ? create_object.isra.0+0x3a/0xa20 [ 1574.157081] should_failslab+0x5/0x20 [ 1574.157684] kmem_cache_alloc+0x5b/0x310 [ 1574.158349] create_object.isra.0+0x3a/0xa20 [ 1574.159029] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1574.159824] kmem_cache_alloc+0x159/0x310 [ 1574.160481] __alloc_file+0x21/0x320 [ 1574.161063] alloc_empty_file+0x6d/0x170 [ 1574.161701] alloc_file+0x5e/0x5a0 [ 1574.162268] alloc_file_pseudo+0x16a/0x250 [ 1574.162940] ? alloc_file+0x5a0/0x5a0 [ 1574.163547] anon_inode_getfile+0xc8/0x1f0 [ 1574.164239] io_uring_setup+0x138b/0x2980 [ 1574.164901] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1574.165699] ? wait_for_completion_io+0x270/0x270 [ 1574.166476] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1574.167294] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1574.168132] do_syscall_64+0x33/0x40 [ 1574.168717] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1574.169627] RIP: 0033:0x7f347623eb19 [ 1574.170329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1574.173743] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1574.175173] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1574.176487] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1574.177808] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1574.179163] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1574.180485] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 [ 1574.194539] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1574.195588] print_req_error: 22 callbacks suppressed [ 1574.195604] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1574.198786] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1574.198823] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1574.200905] buffer_io_error: 6 callbacks suppressed [ 1574.200917] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1574.201883] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1574.206549] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1574.206598] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1574.208616] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1574.209590] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1574.212972] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1574.213969] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1574.215318] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1574.215992] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1574.217890] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1574.218870] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1574.222313] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1574.223350] blk_update_request: I/O error, dev sr0, sector 2096901 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1574.225325] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1574.226344] blk_update_request: I/O error, dev sr0, sector 2096902 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1574.228310] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1574.230121] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1574.231668] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1574.233221] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1574.234783] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1574.236327] Buffer I/O error on dev loop4, logical block 2096903, async page read 00:12:37 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x40000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:12:37 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x200602, 0x0) statx(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x48ec3efcfc5dc395, 0x1, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000040)='./mnt\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0xffffffffffffffff, r3, 0x0) sendmsg$nl_xfrm(r1, &(0x7f00000006c0)={&(0x7f0000000080), 0xc, &(0x7f0000000680)={&(0x7f0000000340)=@newsa={0x31c, 0x10, 0x800, 0x70bd28, 0x25dfdbfd, {{@in6=@empty, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x4e21, 0x6, 0x4e23, 0x2, 0x0, 0x80, 0xa0, 0x3b, 0x0, r2}, {@in=@rand_addr=0x64010101, 0x4d6, 0x6c}, @in6=@mcast2, {0x2, 0x7fff, 0x0, 0x401, 0x3, 0xa392, 0x3, 0x100}, {0x8c, 0x80, 0x2, 0xfb}, {0x8, 0x6, 0x20000000}, 0x70bd2d, 0x3501, 0x2, 0x3, 0xfb, 0x20}, [@extra_flags={0x8, 0x18, 0x235}, @XFRMA_SET_MARK_MASK={0x8, 0x1e, 0x1}, @tfcpad={0x8, 0x16, 0x7}, @algo_auth_trunc={0x131, 0x14, {{'xcbc-aes-ce\x00'}, 0x728, 0x100, "0513a976b8d2d7b5006515b115e86bc86597c723d680f1d6d966544839d352fcbe65085e594d5f0569e8c1c7be517f0a8267645e01a384c8d582c93fe58a95e863757dbbf1302ddfbbb33894ae07460d01436c4f20aaad2e8a67a22af8888e296290436f7d2391e67206e613462fb849c96c335bfb8851ee27ba1670fa922c10c34cd8a40601508f2410f2e268b2be232ef4a402d5119e957aebd4dd0e9007b9c98c33a638c4bd8b82ff11773f489b39d65baf4e267da32adfe5eb75f69135f8d3c1e4e0cc2e2435ce45fe519ff861a246c0b597f2e5f8f4c94fd5b1b979a7986448a0c7c3"}}, @lastused={0xc, 0xf, 0x101}, @address_filter={0x28, 0x1a, {@in6=@empty, @in6=@remote, 0x2, 0x16, 0x4b}}, @policy={0xac, 0x7, {{@in6=@loopback, @in=@local, 0x4e24, 0x0, 0x4e22, 0x400, 0x2, 0x80, 0x0, 0x62, 0x0, r3}, {0xe43, 0x1ff, 0x1, 0x6, 0x1eed, 0x7, 0x81, 0x9}, {0x5, 0x7, 0x1, 0x96f}, 0xfffffffd, 0x6e6bb4, 0x3, 0x0, 0x1, 0x1}}]}, 0x31c}, 0x1, 0x0, 0x0, 0x64}, 0x4000041) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) ioctl$FIBMAP(0xffffffffffffffff, 0x1, &(0x7f0000000000)=0x9) 00:12:37 executing program 4: r0 = creat(&(0x7f0000000080)='./file0/../file0\x00', 0x81) dup3(0xffffffffffffffff, r0, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') 00:12:37 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:12:37 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 25) 00:12:37 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f0000000140), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x9, 0x1010, r0, 0x8bfbc000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r3 = accept(r1, &(0x7f0000000180)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, &(0x7f0000000200)=0x80) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x34, r2, 0x8, 0x70bd28, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}, @NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_IFTYPE={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x40080) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYRESDEC, @ANYRES64=r4, @ANYRESHEX, @ANYRES32=r4, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) ioctl$sock_SIOCINQ(r1, 0x541b, &(0x7f0000000000)) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:12:37 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:12:37 executing program 5: r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f00000000c0), r0) sendmsg$NLBL_CALIPSO_C_ADD(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="fbfe0100000000009e0000000000"], 0x14}}, 0x0) r2 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r2, 0x0) ioctl$MON_IOCT_RING_SIZE(r2, 0x9204, 0x2a6b4) [ 1588.306398] FAULT_INJECTION: forcing a failure. [ 1588.306398] name failslab, interval 1, probability 0, space 0, times 0 [ 1588.309256] CPU: 0 PID: 17587 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1588.310998] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1588.313074] Call Trace: [ 1588.313742] dump_stack+0x107/0x167 [ 1588.314666] should_fail.cold+0x5/0xa [ 1588.315620] ? security_file_alloc+0x34/0x170 [ 1588.316744] should_failslab+0x5/0x20 [ 1588.317698] kmem_cache_alloc+0x5b/0x310 [ 1588.318725] security_file_alloc+0x34/0x170 [ 1588.319809] __alloc_file+0xb7/0x320 [ 1588.320740] alloc_empty_file+0x6d/0x170 [ 1588.321755] alloc_file+0x5e/0x5a0 [ 1588.322662] alloc_file_pseudo+0x16a/0x250 [ 1588.323737] ? alloc_file+0x5a0/0x5a0 [ 1588.324707] anon_inode_getfile+0xc8/0x1f0 [ 1588.325796] io_uring_setup+0x138b/0x2980 [ 1588.326851] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1588.328131] ? wait_for_completion_io+0x270/0x270 [ 1588.329381] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1588.330821] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1588.332145] do_syscall_64+0x33/0x40 [ 1588.333094] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1588.334381] RIP: 0033:0x7f347623eb19 [ 1588.335382] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1588.340048] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1588.341961] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1588.344019] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1588.345817] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1588.347634] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1588.349418] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:12:37 executing program 6: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/keys\x00', 0x0, 0x0) ioctl$TIOCMGET(r0, 0x5415, &(0x7f0000000040)) r1 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r1, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000200)={{{@in6=@dev, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@private}}, &(0x7f0000000300)=0xe8) stat(&(0x7f0000000040)='./mnt\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0xffffffffffffffff, r3, 0x0) fcntl$getownex(r1, 0x10, &(0x7f0000000340)={0x0, 0x0}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000340)={0x0}, &(0x7f0000000380)=0xc) sendmsg$unix(r5, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r6}}}], 0x20}, 0x0) r7 = eventfd2(0x3, 0x80801) r8 = openat$full(0xffffffffffffff9c, &(0x7f0000002b00), 0x400000, 0x0) r9 = socket$nl_generic(0x10, 0x3, 0x10) r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r11, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000002b40)={{0x1, 0x1, 0x18, r0, {0x6}}, './file0\x00'}) sendmsg$netlink(r0, &(0x7f0000002bc0)={&(0x7f0000000080)=@proc={0x10, 0x0, 0x25dfdbfe, 0x2000000}, 0xc, &(0x7f0000002ac0)=[{&(0x7f0000000100)={0xac, 0x28, 0x800, 0x70bd2c, 0x25dfdbfe, "", [@generic="b259101f4d36baf5e9e1ffb84ea632de6751182ede454fe093860e9b3731837f8d9e3191cd02196d988e2223f9534773e78c9133102124d5c7ebf79fce6e69860c1306aca414c90eff498f99d7c53dad1205beeb69ed4763d7244bbf21e565c6159250c0ac93d2ce559984b8523feeff907e524c8c281a1cacda5eae48d1f677843a91c2f93cd47acfe390e94ecd64f9eee7df3e7752af931763b820"]}, 0xac}, {&(0x7f00000001c0)={0x10, 0x36, 0x100, 0x70bd25, 0x25dfdbfe}, 0x10}, {&(0x7f0000000380)={0x13a8, 0x33, 0x10, 0x70bd27, 0x25dfdbfd, "", [@nested={0x51, 0xe, 0x0, 0x1, [@generic="d61f50f9d3e1e31ebe092c8ada71493e202b3c4d7a225d8a5603c464ce480b57ec933d1ed001934afd", @typed={0x8, 0xf, 0x0, 0x0, @uid=r2}, @typed={0x14, 0x4f, 0x0, 0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @typed={0x8, 0x48, 0x0, 0x0, @uid=r3}]}, @typed={0xa5, 0x93, 0x0, 0x0, @binary="691c584709c31fb6b21851afd21b4a317fd31b26e88c4fd511d9194ad5e9da55e2af40da0e1b686955615891999f3c3b48d31e68c670d2f7aeac4d6d418b539aa5c99bc43c9d49c414484b0579af30a3d59dd5335020f50b7974384cd4d3754df66e72d8b02d4fff0ad4bfcb9df847cb2c1351d6b9b6b4b442b777c685266d2ffa50dcebbd43681b71f41d61c1007ab306065a65fd30d63c01f9dc8b06c7b0fa6c"}, @nested={0x11c9, 0x31, 0x0, 0x1, [@generic="9ce00afb19765d2e12e1ba579d5aacdd4721eeb6797a6366e01742a916e1ddc8b0c6d473cc867cb1815d8a3d5827c44138eb1b1a58ad0cc6b921c0059de413b20e17ded2399f4f73120e9f304a1e0e5b7079619107be995c7dc8a46e99063b469804f92ac7b9df3d976db1b66e80f388bc9ffc89a79cb962858a2ae3534e9a702d37a9f8ce731c20e7912792718efcbe2f008ee2f458fdf0bcd0bcc0ac1efad7d27f72e798e2aabff1e08ce8b9674e6cd84058372722710ecc41c6388ed202b84aaa98af5fb1a88726c1c55ab247508b1aca28f313", @typed={0x11, 0x3f, 0x0, 0x0, @str='/dev/usbmon#\x00'}, @typed={0x8, 0x52, 0x0, 0x0, @pid=r4}, @generic="9fdeb30996deb4505f195128651ae8b24b7e536d88adf7ad5a0e26bedef2c8ad0c4ea1b8d39d3fd0c80158f31d00c1de2e03ce1c52f1a962844b91828e700d178d68e5f5d0372090b44fd69998e87b59fad288ba61e273314f2ee7e68212306f6baf9e39c6d6f765bfe5c085a07b6559b66794b62ca0d50068f575a7006d3d2ac2b5a808ac27ce8e47540239df0dd10911fb547ba59777b17a0d6df427b7c1f97336f2472f57069f53cf52055c286899", @typed={0x8, 0x73, 0x0, 0x0, @pid=r6}, @typed={0xc, 0x10, 0x0, 0x0, @u64=0x1}, @generic="bde045ae11e13b1d83c6adeeb24b64d32cfba3c79d5afd83c15d57f3ecd693f43add162de300cac644651109821f1052dcb2cd6d71be762f17acbc10fffd0c3cc96417d6cf7320fecbe5267ccc297f537960626a8c3e16e069ae7849a4adab58f0eed82433b84c63179014a8bcd8ecc0ff387143d8518fa26d76ada196801a7f44f5a8409c4ca111ce3dad523878be60af7a7f56dbf129143d41871700145eeea24d483bb31fc5c6121271bab906f59bd5d17a5570635885a8395fd9c1b8311274ba433678911e3ffc70185f398c77be9623e21f74d340f8bebd8d1072dfeeb8a2362d844aa8fac9b47cc59213caff8b16bdcd422ced81286375cbbcc7bcbd1e5d9737dd53070f5b36613dd80c6eaadf0285845d400100b1b34680559cb007e3de47485698f7b9a533d5746fe30fe7faf5b5f06f6ffd8d2d6afeb406cd1624cd7ccdf2a4a2a4ae9d8ae6ca00b8b7e6a2cbe2c0e4735353dd98a6271f9520981591b8fea6e39e653eb05805a263a3b208cd32ec9bbcf9f423b191436c4f5e8f72c1d003a309a1dfa1924f8ff069c731ac6e9a76359f8571730433e957d9ee7c7aed3b7d142355cb1f6aa717c5b847e848ccacd33102bc856090eb85a63e355859c2eb276f28438385096cb78c44fc16334ebe4dbb35eba01c948001d54b008a6ffc884541ad64ec278a75aacc76323333e4a26501f1b5efbf12353acdccfdbb4801317cd2dc875410741b98d11981d71497fbd82b0a93c34a6a27f7a89948e36b1ec1d7b7dda7c9de07b347fefbcb12583bacd4608836ca28c09deaedcc36a39b6bcd9a64a6d0559fa4b80380aa440852f427a1b6748046290d4c054e522d96a3831191d1c5ae70d7a44594da6af9f4c410347f9b01e021269c084bf278f798ece6e460cf9c86c03988c39ac58c60b16b258f3d756280d0f74d4e608fed7603fa10867146a8c0833d582bafb5815841f5db4fa60953393534cde3f0bb72639fd837a4d106e94e209cf0a593417f2af55892342e00c0b8e5f0fcb70e4e0c5e7c5b29f6fee908d7fd6e5a41d3394e0a6139e97cdf2032d6792968118caae0d420d6802dde1821b67b02d284f0f3d4c29891197b87ec36340dfd4ad3f55a894b944ccfdb3151bc29d3c0bb8287303510077a8e00e14b8b1ea0889c95c3badde984b48f68301f0882ff7ea4862ffdb8cbc2ba58390fc75228f8b9147075cb3d686265e92b05f4be84db7d8b4b2511bdfc0c9828076ed1d3c660241d249b318a71ddd20b598b1893bb8654fb11772f025ff18ea1d654d0cc29b42a373cc968dcb02d2e391733df19101d5bdd174f1846d318cedcd06ae499fc9e1be3804a45d6196dd3aed9f689a8b877e68dd385545f256c6d0b23408d00de72d12e3411e3a00e9db72896d738a2a059773f8ba777153d0bebf59f2b9e6e7a4a01a14399ac28ca844e7466900276fef6e4d180d744f2c81dec82535ee0d5a6160cee572a2f292d1b5a7c41ebb030b9ba1769015f3a56a07ee20a1c97673d5d456741bc58d230bf7f0403d3418eb077462bfd466139ec111c6856f46a21d4f84212b4de54fcfb7314c4ebd40ceb4ea7396dd4ac428e4c157dfa60c257108882ce46a582f4be5aa1672a5affbf4c799ca567d7652296fc9cca197ee0b9134e5ee347f2e6fe4366a5fb5d5b3c3bfaa021c859e23bbd74ace4032256dbcea86060392ba8e266a145dc779be06da230930ad34361785ab53ecbde7e082e75f86ac9df14eed8c6fe4bf71252516bf2dc14c017fa95c8fa9d43527ac246660b39b87397a6c69f1a95ed18381b7166e6d45ff2b7a32c51f91a0469c05f9d1a70e43bac33c4c7c13c4aa892a15491535a482ff54307b18199a95a1e85ae8eab42ac6816a9b6ce78506c98d2fba7d809059f3f3acb9fa914f6a6dc92f86981e2f4746529a1af3d8af1410e0de89d95340d8bd74ffb1496a5d228be93052d3f73c142205ca48340c906cbd9e0614cd5921414395b428ac92cb329cf611cf62b3b4b4b6a1a2541fc9a1f007f81505981aeffc2964edd88cd22e4b60f286053966b038d2299dadcc95706fbdd0f4aed4e5bd08c2c3bdec576cdf4249d52749fa24e3f75f7f32ff167fca9e5261b9dead7934608b3f11edb256508c95e3d86b428a53bbf05c9eb4f375e30d64e7180b4da7a46244ad6ce75be16b8606906e715ecdc4b7fd0fe0e9a247796d034723d6e3994a4189cb392c0984d169b6f1400ac78d1e15a26a1c7723bc3643ab8f8d6ae4466e3e44dc18ee84276f065aaa4bef04704a874198a3c6de242c11e7161e06dd011e46a735b0d722f14cee40a2bfa6bf1f415e232ee5ce96cc0d4fb55daee816f2b23f2fbdb740e85a0035d6b58c26c686cf951717fc3834621fee4e84f661fca6dc9fbc3b04622885ed40b129ce9a74deccfd4bad8609167221fdf2a23ec4c28a25752345c06af890be653115a09aaafa66c580efb8283476a8c4ec5057dcf9f629ab8129c5a06568a92a681f0341ccb91a79566973911c223a96e6e599be1f063a0dce0ce23cd8bf5d3ddba5193d68fa822a6858401765724b7fd3ce0a1c8838e0dde8aa3416f127e2cd49b12f0459cae8d0fe27cc781995e4b6293816652186badf61b3e9c5c3a3661a88c33ba1c144fa09c57e46855885c0bde7ee2bf30572ed90867d02d68bedc5cc68832c17d8840f51f16a620d5346c5f7677ab808bbf4c3c44d876f50d6a066a2e1ada887c2cb1d88b08a4924386d50c9c3067009b766e0c398b3d1e6c983dc8db76e1b8e702bee22e25645f83ac7aa0e219fa3a7edc5b77a724b6edf737394add732f512cbfeae577afd8df477990d7c03373a6df3dc3baa6b451854bb0fb935cb0e2fba80aebad05d337dd57a1758b1227d24ab6caca543de4431f0734a6dab996cfad324cf4f1c375bbaaec2591f1b0ec053ee2325f354fe1634977444c495550b1804416c20304d1b994a96cbc6452f039fdc8d9e3b740000157ece7a128a9a019358ff8542ab3c0068ed3bb6b0caf190de795975a74ea72265a266b40bd74e466f7ac0ca2aea906756b51e055ac9139c5a1fa122d5992d3a866b8224b07ce8b7758f85ca0a763e6a0e831d1cf402226f088cde31095254d968dd4b9763bb640ee57489f1fe225c3c7ab01ae595b3a3d564f89f9e628558a33d78f987b5faa0e13662c73f13eaa95809f59b80b359fb861b1c157e2dce05324e664e77ced4318f6df0f4c37142c2577d4cc6cafdf7cab1601c516d4e671b6195a66b676819eaf117a98a29a9f0f1645d58729538604dc821bd5d4a347251f7b6a34f80be5020af6b0ee889eb7444b63e791e2d19a0f5acd801fa6b17b15a02cc0eb34ff63e5432555c85a81791dd83a131910900f97033bfb26f298300a81e3d319c98f49c701ace3763eb900f96e749db24b233ef954852e7a3a1981384d48e57dd00c2a47a3290b3da99f3c3b0e9a2aff176ead9b50f1ca70630a97c2a282fd23673277cd55e10d9d1c84aded0ab5ec1631c454b999001eaf76782749f6f0306add0b20e36cfed4d7c9ef063efbaa080bfbf7f2d6568e9e2578af3516208b8e0a5f223a4f7a41dedd722f6de485e5676c3af3191daa1992567d5870a06a44e36d09358a565e64fd0384f8020cd6159c06e056589a99ea9056f31a41c3c5033c0cc17330fa342eafdabfba1bf7feffc2e3c4d0cb1875b1d5edb243456b95d0af978c762e4af156768b0a54b74e4c7e846260c0128ab88edc1f93aebe5d61f84147c0ea4aa566b06d481be45ca5c52bcff9abba4035cc408f16d57409e25db8ece1fe94788eabd5c9453d3d1e52f2e2f1513a345f1b80a1f2e52160e03d3d668711a03f184db58681c2c48dbd57c83056b98e74e290db3d77a4f7916e201364db5756ee39382090ac2b5224222ebf614210bf8a9c59a90df9e7052381d9e762632a5603c67d4eae87fbc61f131bb708bc5fdaa0446140030ec2ee0855ba7b13ba21e375aa5a0b026132755f7e3368154692c6656fc7adaeedf6eaac4d8d3fada53582400067aeff16034731c4d744655cf418f613e95be5ef07bc9c9a6f1be463aa60b114e40f55c02124c66f6be36a9d1b466cf2d960f21b8c5ff1c56d67a6e43ad8e25ec29b33267fba32bdd4a2377f6a9a47ef2628818642eb63097c21305fc80590bc4a2b7c2e17b58db854464449ceb398a3d25c2cf470f6b853be7eb3cd26519d1aa240d6694d669a7eb877508097a2b0d61b89b0ad735bf5983e3a9c4a1f49d73ce43dbeb3b65ef88bdd94b016267a95e88ebe4e0be745d35d6f76a4df131ce9d14083b54ba386415e907311627a99049e176f181eea055de1b59db52b2492516d9a434da02b469bf55f6f6729ebe6372f435b2ab2d8ab9ca97424997f249ee749dcc68186b7e5f0eb493747b9a02d751657f54d248fb37d48e562d36fbc1652468d2a3ac3623629801f5583519e9e79cebefda1ab3d799567daafc7d7a751d0c2513e5ef69f8562fd9b8304adc590317df7ac2b891999fbf683d8de4440decb412455d75b46fc075a077be4132498d1a932fc016ae15afaf94d25f5dcd544e1e39428d2b7ffc5ad07a03d02162ee66328d3301df6fcfc25f7dfb1b8974182ec553ccbf7f9c957b89b5e6a0a95f5d9890d0825ccd5892a67dbe895809214bbf3249363879348256326505267f51a487c0452e1769a6c03677e9bf7fb2303bab152549df0dbe378c2b5aae5f46eba9975e249d7baf198bcb5bb09c34bbf80da1f704fd4085604fccdca68d667aa3eae3b40f2e9c0688bda67cad3ac9a7210a4f3f265057d48eaafc69800ed1e33495c5bb4869039fcb16a8be4fc330fa4351348d4dac15fd3219df8c9d0eff65a9e0cc0986fff2c55e04cd3ef3d492839300591982cf6c22fd04b5ed23ae834d25c37f1b49d0945de17e2977676ecdf8e73d5adb5b887bc228ea7ca65ddb8c211224237bb4487445f16f18a1b6e46213dee114425c406579cb02fbafa99173023318871137ebd5239e42c6134bc8ecad39a8596d3398553e48a17e2bb212ddf4f45ad5ec580bf58f88a017822a5031f8d46b7621e45294bc30107811ff6ec7792c5b390ccdb054b6437d81100f0462f13b792d55920088b70509148924fb9d9723a16c2ad2e9ddfef9bd85a3d400db67bc728807cc3a83563efcc39f83ee40e150b14430b627e24684d48907b36b51943c59bcaf6f7d43164424c60ea54635cfb8a6d428c2f0573377ebe476ced696e1af885559c5ff185e43bd1371c278402c967a51ce88e791b52e24e9343350e58f0e9af7d7edfd7cca7154163b7cbf93e7d2ceda46bb35a33fa9c240fa415a48f6a62f30589f9a27ee4e479ef269e72f4e7cd208e3bd1f0907136ac253dd2785b7101fdca956855189836ec8769afa1a2ee6c6b2ec8d03aef353f851130e1170ab4942790f3ee537757bd3808185fa7194d73aae0364f621f47c026fe61d1af83b814b108cd98d2fe14bcef736f6afbdc25ed41a0de7eeddd159ab76c3128d04bee2d2d3a5611b6312814fffeaa8fa803d0c3432dd35e3942a266564bd5ef390811cfbd6697a8535908e110fe3b612a24d4dc3b7e13ceb2c6c921f7086aae9f23ddd5a9dd9160385b78344c88b0435513adc834c548861f5a10bfa29c0ac9c2f7136e5b9881ee0bc10601a8e693315341a24d4564040e18d37e12a1255feadb9e739175c27e2d132e549794eddf940bfe2e76238c758926f75e31b7682c70c7ac25ed5fb8ba32941f61bc947f6026064bb8a9f2b2679fad34307a", @typed={0x8, 0x17, 0x0, 0x0, @u32=0x1}, @typed={0x8, 0x37, 0x0, 0x0, @pid}]}, @generic="a43ca7fecf767a20987801d2b54186c4868aea0ce3411e2330fe35ce77aa8415d964d2d1682d7d738e5e0720919b8cf2ba1569aebb2a8c21a3aeae364987266172fca9fd44a9e87641c167cccdc55f8a429cf3b791e1f211ee81903edc67b1949e1b5923165b698a582387115df398570c2f4027f6518f89c9bdf9d0dad648b089f0bc8249ddf89adaefd7d70328b166faff13740f4f92231d494b97063d173b5bd8407d15cb738c79c346d728e0d301f284a14bac12df01db490325f7b3ccc0eb660e0a323068d490b0739114ca0a"]}, 0x13a8}, {&(0x7f0000001740)={0x1368, 0x17, 0x8, 0x70bd28, 0x25dfdbfb, "", [@generic="418387f9a3ecae0092780e8b20fc55dc77f9179707386ff1ea5469b228edf4a194cc18357b9cb8f310d473d4b30b1c2ddca38342cfc987d3d1a1233ae3d94de514530710ed3ead54a569bcb4b92b7fe10e8cc16bf333a5804bc8fcaaf4675cb1d51bf1bd6ba84947f04520e07ece2c23149b08748054627cea5eb62c1d0790138bf86fbecdc79ab3296f763f8a2dee68c261693bf550391972c0c9931d041c0fc2335ee8a029ce8a14f7e9a7c08f480e4d591b551f4dcd85486d1f7341bb2b090e9e099e0dd3dd3a19e623acd2bd65622adf1a7ff9", @typed={0x8, 0x4c, 0x0, 0x0, @ipv4=@empty}, @generic="d5cc739d52a886ff6f628c3653f554e7aa95e40907af204579cb2b80aa11ea67eb963c6f0996069dd1c6e6b2e86fd81f8d90cc420b91a685afac71de036f58484f7064dfb997795711e1a82735b42dd5cafafcdefa5b8c1cc66573bcdb11d3fd1032c7dc6201b7e75404c09d7271d2e41ad82c96f8ce95b4809c00fa14c11a0ab347aa040130d05b62c30c9959d4ea67378b40c249c3fb61674355b70d207e4992a48561b1b8d560b132e1f4e65d619c3b4155f9bb490111cb7de804d2701c93c817f4e7c8a80a51ba7f", @generic="c07708d0166a90f1e0c5ae064ad1e50205eafc47303c4f1687498725d659466331b46408972c01c22a4416452aca95a251d66b0f83654c3d00378737dc0305038c0afdc370a763752aabaeb0d55d8c49c704a37aceb32e559fb65e5cb52703c02727b6db781000b6e0bfe671d2b96b54331cebfe8f6b154531885a516f98d8ed0ea288b1230015524aab44615929db751cb6dd26a2ae6a5df190f44337f6b128305b44db9661bf706f5dbc4fd9da0221f96b75d1c8d9bf0f", @nested={0xac, 0x8f, 0x0, 0x1, [@generic="596be3f9485665a16671096603ef7f5197bd97ae6c8470315b91634d1219775702d4f3b83afe17f548ee6d4edbe995fb6278fdbb3d4a5ff69193dc10c66d973fafc553feb916314c33a97de2b11a5e5bd611c1437c336de6800a796b51aaac26adccb3668eb6eae53fd2f0822ca34b5570396acf4433938cf60c8dccbc489cd80d0794558b53ecc6396275aa2691fabb5b5fd16c", @typed={0x14, 0x4a, 0x0, 0x0, @ipv6=@dev={0xfe, 0x80, '\x00', 0x41}}]}, @nested={0x1049, 0x4d, 0x0, 0x1, [@generic="e34a6eb315878ed39b72f61fb4d467b7a2980cd8775525c153bdd8491aa6ee907dd1c90460720aacb61a7d3609bf6fb7a0c3139847db17056b56770d2e82368cc272fa19f9069d0be550b68b086321b37ce74b75a892a701f22bd2c2f5dbf07d9a559447d36000ce79ac23da5e13e0404c432e8e7480daf6da58babb47bdfb9c8a671bd3872707808ec9f82c7d573e4574b8ab9e9057717299708020b5c2c5b08a201e11b46ef2dda81fd1732887d1eb7b07ff540b0fd60b5ddf832c659970aad042a06f2bc3819c069e724a354d2c3765fd139f55e3b030648117584ed5026ba486b16b46c19122ec9c200dd8b60fdfe6b0d06164542e966982e5fc38cf73ce2267572ececcb6b976532bf1d2bc6e6cd73521dac298ecda119caa7e5691d76dbb2fa3099be8fd89367e6987faef047ad944d56d7e2e26390155d0db93bfe77277c8ebc973c0eb18bb4b155e7e013ba1e1f68fe5178871b35116d910dd78fbf9a08b89d427cb92bc543cd616234f04ccf3b70b716d760f6b2b6b3d171e960a91687c9e73690ae19a6749b5760a2197febd83d291a45001c78f9422afdc52d0b639a111cde1b29106cb045479680c276617fc298415a4ed437465b680e0adf803460d6a4c6725872e0d32d33b6763b066f3bfb0ef4a15587dff7e9c2d8880ac23c8f9da2466c27bf0e029d4161265064e9f4e03931c6120ecf8fe5d648a0c24f55ff12a3cb20e01544435364b8befb9590df458d95b71170b2aafbefa350650fb63e3c2ed960b35c5e81931000aa97d9da61da54e302de3b9e4954fd5c5f3d3af603e62f95ec68121d47668c8f51b7d1d15418e20532b7314ff96d9a80355361feb50aaa46ca55b0d2648368de5442f9e92ad6300294d8de67a2d86f1bd11df819dbcbc6be47822c585a9a247d78d4eaa557c14e64e81104cf0de56e3f940ae5a70b89dcb97425ce61845202b12fe064d9d8516b96088b483329dc64954598ac2bcac43fde5157366f098401593c0ed4446759bdfcd411b6186c8ee1bf962ff3acd0e9238175296e646f8ab1985c6c520db74976a7cd8341560604a8ad8d816916fbd60b8020e3fc80bc97186eb5cf8a0fc5e46364b891a5f34c7629ce4fb998a9cae64839ddd0e1eaa9df9f347623db5f9768318d0473b9a46ff717fd50c1522235788ec10c14fcf5504a3288cd4d2b960319fc64e8c5ceaa4b972a19769e9a0856c705cec09e5e9682a87ac6471c20e540d2a6c3d59806daad1c78c1fbcb2eace36b7ffe926d6c464e3b480e0c28cb9c6732a3a9a0ab1241b55853506beffc672404588a63a9acc98063cd5e534e28f51ff9db45309f6adfcf156fea40df8a6d826593e85f24508c009b4ea9959267d7ac71eb073f4809ed22db05eab9d5156c0e5e805eaaedc83ab3b3ef93c9060bdbea09f36891819257b69a7876c557cffc1ec42781c0dde0019b4dab396003e2d8d9942755df051b32ec2495133e4603ead67abad5bd2b727920703c9ff95628c494c9eae99f65a0e9c46ca8273f48505afd39beadb4c371bc41a1684e5dc5bb47027eba54d30ad47ceb3692e34b0c932ab8a6d51d550e1a120db05fe9051c2f795dd46cbce041410982625bcb2b56d25f217fac178721f6986dbd1d1369c5a58087384e72ccce0ba5ab4b97a74b371ecf8286d88001c2c859a841e7b5084dc1507006098b4194e996272ae3f2b1b54cedffba40a5aaf161df6327f3b43d4ab8b533c27838b12d9c03646fa72fc79dac43a3633022895ba0648747487ebf948a7d2d5cc3787fafacc61011f3739ebebd0755b6c3679e5ff316b9c94b98673a31984d8a5a201d190109de0fe2e0c21c2fbd9d096278bd057424c6ed8dd122128a7b4494678ef77333df08023fc2bffd02f9adb84b5012fdda00647604f483915617a463d17c31061977c0ea5ee5cfb6dcb72d1e0eeb38cf9b9114039548a2d51c591f1c1b8dbefaf16698277eaf92adc5ea6f961e3a8dc22bead921a6c1ff06a669c7630cb08b30d6568f85ba6de4bbe7eb0915f95a87b9c35bffedc454e466dd21d97efbb155d07d13f0d25b6e43a246181785d4da19903b7c3e91e13b1ee2aa9db0a68e264db1dc0eebdbf9ef8f5be7ac10a3b10aa62d73da3ebc7da348832a0376470ce0ddabad55bcda97a46ebbfbbe7175e727221c693d39ed7046c1c7a3cd01310bf3f6f92fc23c29a39c77f197c40dd172b9546da501952cb9887339f3cc2f7810a1c0c6f296ffccc837a6377e98c9d4f3027cbfade792e795f8d8bbc8fd03a120dce1a555809aecfcda5c539d74ebcbf5a24a1107a4c56c13cee9b29fb64b5473dde0540287c5b926d39eb6bff2c3d9f1d8b9217411e6c4b777f5bb725ab44a8fad902ebbf0578148e61a4f61a3a37610b1740cfd1807e7c40823a002fa69c36adc556c26ae8282c11f51879185d8be9c50cf7fe27ad440bb608a732b93ec7442b51b6a99bdde8a6d1c81f141cc0d5cce0558344a39cbf8ef53a524ec7ed46f267dc8a1d31f15d653b8ea6742ac9a5ed71ea3a5f54597a48fafe2200c7bc48af128cc1ba280582de0320c0ea5a37751e6b6f568c882fa2fdde0d730a6db86760a23d6e06109714c4c71162f7da72f6faaaa0d612b79de484b87dc30b4abf59d5d62b22985ce09866b34b785c32ea3c708cf3cd4cc1f59e68564049dfbdaff45ec02bb5b2ae5b4b85ce5db19603ccfbdcd30e35478d975438a48e62921f4873b68e94bfd007c241687676508b520130faa92ab6a3f10665c85dc876067061784f241b78d84bdf256dd83cf0057300868aea3abf10d4aa227db73e47de0a0a1e44c4b5bb0e68a9252e05e1e405d8b29fabed087374572ef855c5c13386b092f0a0d59462e9ad9cf7666c41f9d1fe584ddb9ae379bfdd2fcda2b482fc7892c2b86103cef10c9e627f312c3522838140199551ab8f787e1224958ff14a69c565a05882468c177b46ee40f5d3cbedcc78f3780b0514abaafb5feff84f43032f3fe3c508845aac6e85475ecaa33c7ef3611dcb47f8f1b56bfab89dd2cfc6b42d45fbfcb0fb86ca6f838fd72fd559c51f9bc61ff3070606cc0026e30d01fdee59fb4d05f9df7d5eb78964d8b308064b1fbd97a4dd5a8f9e49363ba1f50233df5b8c143ec8c4800faca0d6336d22014d542d20d273c62bf324a2a0615c7466eb6a2847c368ef7ae88c2f3d8fb7a2aa460b47a93bcf56ccfd2cd4f49cae619809b01c5a9a84eff3327acf4386b66ab84dc0e8f3fcb71563336a2c1838e9a74228779a8ffaa1f0a6e3a8055cdf98ccfb15d51dab7e6dfbcd19b9e36e3639d467dcc2498445e707552b5666b8f55eaf05672a9a3180ae068b30b33bd4e47b482193da126a5b559522469d07619a7d9ec46eccd42c54af42e4af06e9cd415deda3043a3b112f5808b21abaeed8bbbe93b921eca364666c06880ef911806de4a2e0c77e87fb695d610e169de1c4edf46ff8d76150f5f8a5cff235fc9b0d1c557613500b78926ecffff2eb7fe29ceeec6d5f66ca98fda031961041044a082d73b701befd488be1fe2879d94e70276ebf0e0a69b765051ad29e37077fe167e11e1935ca8f7efd38d08f26d4bf6d3c6b13ffecea0be11604c53a93e539df97a04e2c7028af3838181730edaf13909af175d9acb629fd24793561007a8eca83141ddfaa051ff4626f33290935c2df1273171dd93f8e61f5714e5a7cad5a4ebb7db79235b6f91b3b071410f038ccaba14126751920ec28ee043ece55ff766ba9151c7a17573085353023a14f8311851afa778070254454d163dbe881302cde8468ad09fd7e868cfce7adf81d0455e7527641b08fac3f72ff076e720db812fdd0bd3d387227164415fe7cff7c61ba43fad8bf91f506b22844d966c1b45ee637806ebeb2228dacc594ad9cb7607fc493213703cd7c2159c3677fe9052e45d97554346fbcfc6364056bfffa50fcee91e3b91be9246454872622db925f2d700afb0e326e47de48771f1fdfc8454a3f85101305c34f7ac556d00babde43231251b3f1f665dbc416df70c18d69af498da9cb5a3ab7c826b54dc93031c60026350ab77cc0d4af268a5ce9fc7961428df67c9dd472e770e0f59eed17f31c77445a65e5e48ae8699d90bb7b238ff5e4b2fd05d24a41e2188fed74db03a22bf1ba086680bc53cede5c326fc89ab96a3114d897e4d4e217b2702819b80caaee3829d13f29cccebf63436abfaacd559c91b8aac073974e5b01a63ffb4399c44160af824a888457c562962f42c4589ce218dc6f4dbff33e0277d40f30102c00b425c65a91450105dae394faa8552dc4e1f71ccc269e6349a368935db35afd11ceed85f8899f000e92fc7570cc1994f2da854bad52a7e9fba0ceada9e074c05076d9864e8a8d3d86bcc50e770de1b10ad4571c72837922b10570457c7ce58b932ba0b7c96e11ac7853ec92b5344b0100c1edd4e6a3472390bfc19a326b73eec1b4f428c7d6143e229f58998f2ed7052f230a2757ebffd75a64951fc68edff558f1f65f41c889e668218c1dafe1d74b37cb35277de878f4d370a81eeb94643ae813e6de6e2753628c744d686a4354bf21bade71f67ce16bf243d8832f93aeae0c23f1902e156a89b4c87258d6c43173bd6690e3c1086482fbd83688da84132733856349084ed128a047fff65a9b2cf7d9f9d1291b41e4bc43b56990d46ca85c9c36eeb02ec9f75ba081168faaa2c85879114b4e403b8377bfa08702289910f2fab38fe432e4d215a8aec25b596f75225c07d7594be2abc5405339e7673b75619a0f039df6e8d7ae926d01d4a981e8e486e3288e49ad272d969db84019db56279460ee5ddfe1b27992d79e0911528a53b606fe34add7e91a0272191def5f3a82e472471c790bddf63d3529abff374f6d5e083a83090c22c39d3047426b7812081237f26a31346439c88397337ad490de9b2ba1dd5b0cfbc54afc544207575b47dc99ff39d7db616b535ce1693eabb63ea4f1d5ef96015fac6bcc575fcdb2c8d39faf20994941c4b751da3469f7a31ecc9265993ce0ed23b34052b8270f12a8d6e51223a368450eb27ba6f9d4507e3afdf92def9870a26145b7a228558bed3c8d99dac0cd98c8c0da3c2236b744ecf1acd5138fff31f2d811181f82d18b6a9b75d681cd31ea90e4b19f24e8348fbd693a42922bd0c4954b2052fa015f87047ff9b373692117e8ad36bf9213280c327049011aac9cb086cbae19608548ea8612dbca908c4dbe3b156fd6c780912bd01144573b8fbaa0f22e8efbad7ba528e4c3e298ffc003f21ab99b1789c2fc76b77a13caff0cd80e7858f4f98a1ec99eedc25193905368b36f4a1e64a295e471de5d8b6be6c05724d6b3bbcfe87ba8f71ea00e2f9a5016b71fe8c8cdf8ea0641a4fe009fd4d69d81c2359828f9f81ffd5cdd06e0794307633350af288dbb226b64d2ca91c484191f49b000f654292867fe2d4720eabe1eaedb2c160d29fbff1abc61f9f429be81d5fd4bbcb372ab113b58142531395d984d021a79591715dd6db861756fa8abe873ce4c276709b4bda1381a057130425a9abbf0eca2688aac02505df90afec1a95d9b5f6dd746953bc11c256bfc91fedf81839c735cdcbbdfb760a86ee2a1e9d82f6a0056c310aee8cda031ac545ad985a377a0c0fcfd81242711c949c6c08d09b01a474f39d0cadcd8cdde0e74b95debbac0f2eacc9894301b2941795892c401409d894c917ebf8443ab6141fdb303396201cdf0f1f9947be0468cff16691e5923dae386f8153b567f53", @typed={0x14, 0x26, 0x0, 0x0, @ipv6=@local}, @generic="82569e145ff99aac7dd0c27ac7abae6391fd5bf581b5045cd8bd68d31e3cd138f6d9551f0e8797e36589c9b1e39000a815"]}]}, 0x1368}], 0x4, &(0x7f0000002b80)=[@rights={{0x38, 0x1, 0x1, [r0, r1, r7, r1, r1, r8, r0, r9, r0, r12]}}], 0x38, 0x4044001}, 0x20005815) ioctl$MON_IOCT_RING_SIZE(r1, 0x9204, 0x2a6b4) [ 1588.369067] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. 00:12:37 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x1000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1588.425931] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. [ 1588.462709] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. 00:12:38 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:12:38 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) ioctl$MON_IOCX_MFETCH(r0, 0xc0109207, &(0x7f0000000040)={&(0x7f0000000000)=[0x0, 0x0, 0x0], 0x3, 0x9fe5}) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:12:38 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, r0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') 00:12:38 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000300)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010200000008000b00000700000008000300bccb690be7bf5920d7f15fe7d0791d6ae61e82a735a8c402c566a0b80423cf997a6621871c41d2bfa45a630a8e", @ANYRES32=r2, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000100)) r3 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x8600d78fcc623017, r3, 0x0) ioctl$MON_IOCT_RING_SIZE(r3, 0x9204, 0x2a6b4) [ 1588.546158] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1588.559460] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1588.902830] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1588.904120] print_req_error: 6 callbacks suppressed [ 1588.904147] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1588.908571] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1588.908600] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1588.908629] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1588.910934] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1588.916578] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1588.917039] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1588.919283] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1588.920401] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1588.925546] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1588.925599] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1588.928180] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1588.929301] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1588.933348] blk_update_request: I/O error, dev loop4, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1588.933413] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1588.936047] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1588.937175] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1588.941273] blk_update_request: I/O error, dev loop4, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1588.941315] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1588.941437] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1588.943995] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1588.945779] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1588.946517] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1588.951114] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1588.953017] Buffer I/O error on dev loop4, logical block 2096903, async page read [ 1588.995415] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1588.996653] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1588.996694] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1589.000844] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1589.000900] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1589.003934] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1589.005214] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1589.006477] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1589.008066] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1589.009713] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 00:12:53 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x11000, 0xa) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:12:53 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(&(0x7f0000000200)=ANY=[@ANYBLOB="2f6465764f6d643000eb035fc24e19ee93253034f06de00bb0937921d6cea8a36a248e4d8b047692c8aea22de12b9c822d7860ad70f0bff15bac3de99e9ec8dc5143992b9ea9563b"], &(0x7f00000000c0)='./file0/../file0\x00', &(0x7f0000000140)='ufs\x00', 0x800810, &(0x7f0000000180)='\'\'\x00') open$dir(&(0x7f00000001c0)='./file0\x00', 0x0, 0x10d) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') 00:12:53 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 26) 00:12:53 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) ioctl$MON_IOCG_STATS(r2, 0x80089203, &(0x7f0000000000)) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r5, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) ioctl$BTRFS_IOC_DEFRAG(r3, 0x50009402, 0x0) [ 1604.101795] FAULT_INJECTION: forcing a failure. [ 1604.101795] name failslab, interval 1, probability 0, space 0, times 0 [ 1604.105381] CPU: 0 PID: 17724 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1604.107110] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1604.109155] Call Trace: [ 1604.109806] dump_stack+0x107/0x167 [ 1604.110710] should_fail.cold+0x5/0xa [ 1604.111451] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. [ 1604.111662] ? create_object.isra.0+0x3a/0xa20 [ 1604.113900] should_failslab+0x5/0x20 [ 1604.114836] kmem_cache_alloc+0x5b/0x310 [ 1604.115845] ? percpu_ref_put_many.constprop.0+0x4e/0x110 [ 1604.117199] create_object.isra.0+0x3a/0xa20 [ 1604.118280] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1604.119542] kmem_cache_alloc+0x159/0x310 [ 1604.120570] security_file_alloc+0x34/0x170 [ 1604.121631] __alloc_file+0xb7/0x320 [ 1604.122548] alloc_empty_file+0x6d/0x170 [ 1604.123565] alloc_file+0x5e/0x5a0 [ 1604.124441] alloc_file_pseudo+0x16a/0x250 [ 1604.125480] ? alloc_file+0x5a0/0x5a0 [ 1604.126431] anon_inode_getfile+0xc8/0x1f0 [ 1604.127489] io_uring_setup+0x138b/0x2980 [ 1604.128519] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1604.129770] ? wait_for_completion_io+0x270/0x270 [ 1604.130990] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1604.132279] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1604.133549] do_syscall_64+0x33/0x40 [ 1604.134466] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1604.135740] RIP: 0033:0x7f347623eb19 [ 1604.136656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1604.141220] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1604.143106] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1604.144870] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1604.146628] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1604.148400] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1604.150159] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:12:53 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:12:53 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x5c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x501, 0x0, 0x0, @ipv4=@loopback}, @generic="b36ed8e391099fc7082b9294167ebb2177e7b07b8f9def0110d45e089c4af9d1e9d0a92da8544fe791af348b71469af399d2796458c2f5b15757ed6242ea8a"]}, 0x5c}, 0x1, 0x0, 0x0, 0x4008810}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0e000000", @ANYRES16=r4, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r5, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) sendmsg$nl_generic(r3, &(0x7f0000000180)={&(0x7f0000000100), 0xc, &(0x7f0000000140)={0xffffffffffffffff}, 0x1, 0x0, 0x0, 0x400c0}, 0x20044080) ioctl$MON_IOCX_MFETCH(r2, 0xc0109207, &(0x7f0000000080)={&(0x7f0000000040), 0x0, 0x8}) r6 = fcntl$dupfd(r0, 0x406, r0) r7 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000200), 0x2002, 0x0) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000003c0)=ANY=[@ANYRES16, @ANYRES16=r9, @ANYRESDEC=r1, @ANYRES32=r10, @ANYBLOB="14000400766574ecd927a1f6196b7c4fcfd5c7c4255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) sendmsg$NL80211_CMD_START_SCHED_SCAN(r7, &(0x7f0000000480)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000440)={&(0x7f00000006c0)=ANY=[@ANYBLOB="ff0000003daa0fba5fecc1f8942c18136e1c3a94e91da755cb776654f810a407cd897bf65667f7a5181606989238630aa4e64ab9bdc0c0bfe0b4ed1088fcc4441ac4407a9f1744e85931ef5302bbd1b99dc3c2699f147c4695d81358de4bcc69a344d1a1968103fbb7296bcc7884ccac1cc40a53fd60fa7d60a68b97018284b4573745d5de5adb592a68e7a0eb55cb9ddb6e6ed16223c808123afc270e40a200f9de56f793cb557c532ec460091c8b33cfa0b1438d253bb17a63e465a317c6429d2e03f1962a2d4640de536638df7719cab0a1c6ffc5b0a39b1a593546c8b4e17eba9461858d60879ddb83d54844fdc1decfd44bcf5ef2a23bf7c175eaaba06e150b31437615fecb257bf240ebc8fd87c0a40ac9d3d8295a8dafd2fca16b54f8fa24eed66341231d356a5f399e6f25542762ce7e846952dd8710da", @ANYRES16=r9, @ANYBLOB="00012dbd7000fedbdf254b00000008000300", @ANYRES32=r5, @ANYBLOB="0c009900d8040000770000000800dc00d00f000008007700ff0f00000600980006000000c1002a0037bb1905e2b3c33db84181700049b3821dbfb7c0bb503b48ee2f5b40c6825f46c7e13e5c1092d7b7ba2bd3856abadb9c982d82fccb25270bebb7dcdc5749c04e84aff189108166405c2feffb7d56bcbb0a405153041acd413902547d52386f86edb6ebd6cb6bedbe46448f0acee110050224fbc5ae99286a81570b3c1c2f9e20b82654a2c36c0a42ca8077543b0b7a1082a0f593a1e80300031a6bedb4fda41e5ab25cad36fb856f435ff15bff847129f041b629010787ee70cb07f568000000060098000004000010002d800a0000000101010101010000"], 0x11c}, 0x1, 0x0, 0x0, 0x20000000}, 0x10) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r6, 0x4018f50b, &(0x7f0000000000)={0x0, 0x1, 0xffffffffffffff80}) 00:12:53 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:12:53 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x200000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:12:53 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x300000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1604.165517] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. [ 1604.202291] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.1'. 00:12:53 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 27) 00:12:53 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) [ 1604.229291] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.1'. 00:12:53 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x400000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:12:53 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 1604.277521] FAULT_INJECTION: forcing a failure. [ 1604.277521] name failslab, interval 1, probability 0, space 0, times 0 [ 1604.278936] CPU: 1 PID: 17852 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1604.279754] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1604.280748] Call Trace: [ 1604.281066] dump_stack+0x107/0x167 [ 1604.281501] should_fail.cold+0x5/0xa [ 1604.281954] ? io_uring_alloc_task_context+0x99/0x6a0 [ 1604.282575] should_failslab+0x5/0x20 [ 1604.283035] kmem_cache_alloc_trace+0x55/0x320 [ 1604.283579] io_uring_alloc_task_context+0x99/0x6a0 [ 1604.284184] ? io_import_iovec+0x1120/0x1120 [ 1604.284712] ? lock_downgrade+0x6d0/0x6d0 [ 1604.285202] ? do_raw_spin_lock+0x121/0x260 [ 1604.285721] ? rwlock_bug.part.0+0x90/0x90 [ 1604.286231] __io_uring_add_tctx_node+0x2c6/0x520 [ 1604.286813] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1604.287443] ? alloc_fd+0x2e7/0x670 [ 1604.287876] io_uring_setup+0x1fbb/0x2980 [ 1604.288365] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1604.288970] ? wait_for_completion_io+0x270/0x270 [ 1604.289557] do_syscall_64+0x33/0x40 [ 1604.289994] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1604.290596] RIP: 0033:0x7f347623eb19 [ 1604.291040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1604.293219] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1604.294116] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1604.294973] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1604.295835] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1604.296680] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1604.297521] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:12:53 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r3, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = socket$inet6_icmp(0xa, 0x2, 0x3a) getsockopt$IP_VS_SO_GET_SERVICES(r5, 0x0, 0x482, &(0x7f0000000100)=""/222, &(0x7f0000000200)=0xde) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r7, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) dup2(r1, r4) 00:12:53 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 1604.340130] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1604.349739] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1604.358587] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1604.361717] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. 00:12:54 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x200, 0x20a80) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1000006, 0x4000010, r0, 0xf7bc3000) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) [ 1604.379411] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1604.762870] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1604.763588] print_req_error: 22 callbacks suppressed [ 1604.763600] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1604.765459] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1604.765466] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1604.765487] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1604.768119] buffer_io_error: 6 callbacks suppressed [ 1604.768140] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1604.768745] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1604.771262] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1604.771738] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1604.773527] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1604.774171] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1604.776656] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1604.777780] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1604.779576] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1604.780254] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1604.785530] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1604.786771] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1604.787203] blk_update_request: I/O error, dev loop4, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1604.787430] blk_update_request: I/O error, dev sr0, sector 2096901 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1604.789929] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1604.791131] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1604.792963] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1604.793583] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1604.799117] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1604.801048] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1604.802948] Buffer I/O error on dev loop4, logical block 2096903, async page read 00:13:08 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x4000000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:13:08 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:13:08 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r1 = signalfd(r0, &(0x7f00000001c0)={[0x1]}, 0x8) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r4, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) stat(&(0x7f0000000040)='./mnt\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0xffffffffffffffff, r5, 0x0) ioctl$BLKZEROOUT(r1, 0x127f, &(0x7f0000000300)={0x3, 0x10001}) stat(&(0x7f0000000040)='./mnt\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0xffffffffffffffff, r6, 0x0) mount$9p_fd(0x0, &(0x7f0000000140)='./file0/../file0\x00', &(0x7f0000000180), 0x2002000, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [{@smackfsdef={'smackfsdef', 0x3d, '#'}}, {@audit}, {@obj_type={'obj_type', 0x3d, ',+@}:@&%\x93'}}, {@permit_directio}, {@fowner_eq={'fowner', 0x3d, r5}}, {@euid_eq={'euid', 0x3d, r6}}, {@smackfstransmute={'smackfstransmute', 0x3d, '{.'}}, {@smackfstransmute}]}}) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x480000, 0x180) mknod$loop(&(0x7f00000000c0)='./file0/../file0\x00', 0x6000, 0x1) 00:13:08 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:13:08 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 28) 00:13:08 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) ioctl$MON_IOCT_RING_SIZE(r2, 0x9204, 0x9ce08) mmap$usbmon(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x6000004, 0x1010, r0, 0x9be) 00:13:08 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) ioctl$HIDIOCINITREPORT(0xffffffffffffffff, 0x4805, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x4010, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r1) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r3, @ANYBLOB="14000400766564000000080005000900"/25], 0x40}}, 0x0) ioctl$FIDEDUPERANGE(r1, 0xc0189436, &(0x7f0000000000)={0x8, 0x0, 0x2, 0x0, 0x0, [{{r0}, 0x1}, {{r0}, 0x3f}]}) 00:13:08 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x80000) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xc, 0x11, r0, 0x0) r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = inotify_init1(0x0) inotify_rm_watch(r2, 0x0) r3 = syz_open_dev$vcsa(0x0, 0x0, 0x0) r4 = syz_io_uring_setup(0x5, &(0x7f0000000080), &(0x7f0000ff8000/0x1000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000540)) io_uring_enter(r4, 0x34d6, 0x0, 0x0, 0x0, 0x0) r5 = epoll_create(0x7ffd) socket$inet_tcp(0x2, 0x1, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000001b00)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0}) r7 = syz_io_uring_setup(0x142f, &(0x7f0000000080)={0x0, 0x7fb1}, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f00000011c0)) io_uring_register$IORING_REGISTER_BUFFERS(r7, 0xf, 0x0, 0x0) io_uring_enter(r7, 0x2b4f, 0x1223, 0x0, &(0x7f0000000000)={[0x8]}, 0x8) ioctl$BTRFS_IOC_WAIT_SYNC(r5, 0x40089416, &(0x7f00000001c0)=r6) ioctl$BTRFS_IOC_RM_DEV_V2(r3, 0x5000943a, &(0x7f0000000500)={{r4}, r6, 0x1a, @unused=[0x8000, 0x200, 0x8000, 0xb48d], @subvolid=0x1fc}) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000500)={0x0, 0x5, 0xdbc3}) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r1, 0x50009418, &(0x7f0000000900)={{r2}, r6, 0x1c, @unused=[0xe89c, 0xfffffffffffffffa, 0x1000, 0x9], @devid=r8}) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r0, 0x50009418, &(0x7f0000000100)={{r0}, r6, 0x12, @unused=[0x7, 0x1, 0x7, 0x7], @subvolid=0x7}) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) [ 1618.780006] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1618.783993] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1618.814382] FAULT_INJECTION: forcing a failure. [ 1618.814382] name failslab, interval 1, probability 0, space 0, times 0 [ 1618.817174] CPU: 1 PID: 17989 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1618.818805] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1618.820796] Call Trace: [ 1618.821415] dump_stack+0x107/0x167 [ 1618.822274] should_fail.cold+0x5/0xa [ 1618.823180] ? create_object.isra.0+0x3a/0xa20 [ 1618.824292] should_failslab+0x5/0x20 [ 1618.825191] kmem_cache_alloc+0x5b/0x310 [ 1618.826201] create_object.isra.0+0x3a/0xa20 [ 1618.827320] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1618.828594] kmem_cache_alloc_trace+0x151/0x320 [ 1618.829769] io_uring_alloc_task_context+0x99/0x6a0 [ 1618.831062] ? io_import_iovec+0x1120/0x1120 [ 1618.832184] ? lock_downgrade+0x6d0/0x6d0 [ 1618.833269] ? do_raw_spin_lock+0x121/0x260 [ 1618.834405] ? rwlock_bug.part.0+0x90/0x90 [ 1618.835520] __io_uring_add_tctx_node+0x2c6/0x520 [ 1618.836805] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1618.838174] ? alloc_fd+0x2e7/0x670 [ 1618.839135] io_uring_setup+0x1fbb/0x2980 [ 1618.840229] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1618.841516] ? wait_for_completion_io+0x270/0x270 [ 1618.842786] do_syscall_64+0x33/0x40 [ 1618.843758] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1618.845086] RIP: 0033:0x7f347623eb19 [ 1618.846027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1618.850737] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1618.852640] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1618.854302] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 1618.854409] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1618.857396] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1618.859138] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1618.860913] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:13:08 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) munlock(&(0x7f0000ffc000/0x1000)=nil, 0x1000) r1 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x20002, 0x20}, 0x18) fadvise64(r1, 0x7, 0x800, 0x1) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:13:08 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) socket$inet(0x2, 0x4, 0x7) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:13:08 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:13:08 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x11, r0, 0x3000) readv(r0, &(0x7f0000000380)=[{&(0x7f0000000000)=""/80, 0x50}, {&(0x7f0000000100)=""/72, 0x48}, {&(0x7f0000000180)=""/212, 0xd4}, {&(0x7f0000000080)=""/35, 0x23}, {&(0x7f0000000280)=""/228, 0xe4}], 0x5) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$F2FS_IOC_GARBAGE_COLLECT(r1, 0x4004f506, &(0x7f0000000440)=0x1) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) write$vga_arbiter(r2, &(0x7f0000000400)=@target={'target ', {'PCI:', 'e', ':', '0', ':', 'd', '.', '7'}}, 0x13) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) [ 1618.893625] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. 00:13:08 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0xffffffff00000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:13:08 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:13:08 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000200), 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r3, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) splice(r1, &(0x7f0000000140)=0x7ff, r0, &(0x7f0000000180)=0x7, 0x5, 0x2) r4 = syz_open_dev$vcsn(&(0x7f00000001c0), 0x8, 0x30000) syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x101, 0x2, &(0x7f0000000440)=[{&(0x7f00000002c0)="7e0ff0b04ee1ba4602c8768b6efb70960c84eafba5117f6e53382a6f86a34b1212103edc946d4ab02c45fc7a20ea854fc4a13b2ebaafc5f372262547a5f6bfe406053f2116516104aec1d332d722c0b021b23b95990898215df45b84abaaeb35e25fa14c8c669b5038779534850b9630d71c4955d5b97750609b13e4c3b7b94267", 0x81, 0x101}, {&(0x7f0000000380)="ea7c7bd93997098572d46655328c7e7e91e962d8dcc318961ec65b3d7d6d0ad65d37d90bf3513dd1189ec53ba6d964b296cc0c6e641a172e3c7d988771fe444990d0b85a7e06fd20941b6c7cb8a114d1eec983e26d3bf490768d08fc8e41540a0a0eeaf857d10b663661b282492efc45d040acb80785fc4d3619394792befaef54ed7c9d4647ed5027f61b480dfc1ed0a33b229560e9477e3eb05ae301ab125c1ba3a76ca4d0153f12af2f583c", 0xad, 0xb0}], 0x84403, &(0x7f0000000480)={[{@minixdf}, {@oldalloc}, {@nolazytime}, {@prjquota}, {@data_journal}], [{@euid_lt={'euid<', 0xee01}}]}) ioctl$CDROMEJECT(r4, 0x5309) perf_event_open(&(0x7f0000000080)={0x3, 0x80, 0x1, 0x40, 0x1d, 0x9, 0x0, 0xd8, 0x10840, 0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x2, @perf_config_ext={0x5, 0x4}, 0x48001, 0xc0000000000000, 0x5, 0x6, 0x81, 0x101, 0x200, 0x0, 0x81, 0x0, 0x2}, 0xffffffffffffffff, 0x3, r0, 0x3) 00:13:08 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x208200) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:13:08 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 29) 00:13:08 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 1619.045290] FAULT_INJECTION: forcing a failure. [ 1619.045290] name failslab, interval 1, probability 0, space 0, times 0 [ 1619.046922] CPU: 0 PID: 18116 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1619.047828] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1619.048891] Call Trace: [ 1619.049242] dump_stack+0x107/0x167 [ 1619.049718] should_fail.cold+0x5/0xa [ 1619.050213] ? create_object.isra.0+0x3a/0xa20 [ 1619.050803] should_failslab+0x5/0x20 [ 1619.051296] kmem_cache_alloc+0x5b/0x310 [ 1619.051832] create_object.isra.0+0x3a/0xa20 [ 1619.052405] kmemleak_alloc_percpu+0xa0/0x100 [ 1619.052987] pcpu_alloc+0x4e2/0x1240 [ 1619.053479] __percpu_counter_init+0x10d/0x2d0 [ 1619.054069] io_uring_alloc_task_context+0xcc/0x6a0 [ 1619.054705] ? io_import_iovec+0x1120/0x1120 [ 1619.055274] ? lock_downgrade+0x6d0/0x6d0 [ 1619.055813] ? do_raw_spin_lock+0x121/0x260 [ 1619.056369] ? rwlock_bug.part.0+0x90/0x90 [ 1619.056915] __io_uring_add_tctx_node+0x2c6/0x520 [ 1619.057537] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1619.058211] ? alloc_fd+0x2e7/0x670 [ 1619.058688] io_uring_setup+0x1fbb/0x2980 [ 1619.059226] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1619.059877] ? wait_for_completion_io+0x270/0x270 [ 1619.060512] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1619.061188] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1619.061857] do_syscall_64+0x33/0x40 [ 1619.062338] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1619.062996] RIP: 0033:0x7f347623eb19 [ 1619.063474] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1619.065830] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1619.066805] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1619.067722] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1619.068638] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1619.069540] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1619.070440] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:13:08 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1619.090480] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. 00:13:08 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) ioctl$MON_IOCX_MFETCH(r2, 0xc0109207, &(0x7f0000000040)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0xa, 0xbe}) 00:13:08 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) fcntl$dupfd(r0, 0x0, r0) 00:13:08 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) r1 = syz_open_dev$hiddev(&(0x7f0000000000), 0x9, 0x240080) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000000, 0x11, r1, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:13:08 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) [ 1619.184953] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. 00:13:08 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:13:08 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 30) [ 1619.234060] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1619.235420] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. 00:13:08 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:13:08 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) [ 1619.249681] FAULT_INJECTION: forcing a failure. [ 1619.249681] name failslab, interval 1, probability 0, space 0, times 0 [ 1619.251128] CPU: 0 PID: 18137 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1619.251973] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1619.252988] Call Trace: [ 1619.253311] dump_stack+0x107/0x167 [ 1619.253756] should_fail.cold+0x5/0xa [ 1619.254221] ? create_object.isra.0+0x3a/0xa20 [ 1619.254777] should_failslab+0x5/0x20 [ 1619.255240] kmem_cache_alloc+0x5b/0x310 [ 1619.255738] create_object.isra.0+0x3a/0xa20 [ 1619.256277] kmemleak_alloc_percpu+0xa0/0x100 [ 1619.256824] pcpu_alloc+0x4e2/0x1240 [ 1619.257290] __percpu_counter_init+0x10d/0x2d0 [ 1619.257845] io_uring_alloc_task_context+0xcc/0x6a0 [ 1619.258453] ? io_import_iovec+0x1120/0x1120 [ 1619.259000] ? lock_downgrade+0x6d0/0x6d0 [ 1619.259510] ? do_raw_spin_lock+0x121/0x260 [ 1619.260036] ? rwlock_bug.part.0+0x90/0x90 [ 1619.260553] __io_uring_add_tctx_node+0x2c6/0x520 [ 1619.261146] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1619.261783] ? alloc_fd+0x2e7/0x670 [ 1619.262233] io_uring_setup+0x1fbb/0x2980 [ 1619.262744] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1619.263368] ? wait_for_completion_io+0x270/0x270 [ 1619.263968] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1619.264607] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1619.265232] do_syscall_64+0x33/0x40 [ 1619.265686] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1619.266313] RIP: 0033:0x7f347623eb19 [ 1619.266772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1619.269025] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1619.269948] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1619.270815] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1619.271687] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1619.272559] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1619.273424] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 [ 1619.801279] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1619.802959] print_req_error: 6 callbacks suppressed [ 1619.802980] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1619.806572] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1619.806628] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1619.808543] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1619.809772] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1619.813462] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1619.813543] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1619.815334] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1619.818301] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1619.820704] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1619.820768] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1619.822572] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1619.825408] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1619.827674] blk_update_request: I/O error, dev loop4, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1619.827754] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1619.829551] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1619.830702] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1619.834325] blk_update_request: I/O error, dev loop4, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1619.834380] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1619.836175] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1619.837403] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1619.838795] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1619.839851] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1619.841081] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1619.843540] Buffer I/O error on dev loop4, logical block 2096903, async page read [ 1619.927297] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1619.928396] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1619.929460] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1619.930510] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1619.931555] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1619.932592] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1619.933626] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1619.934665] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1619.935673] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1619.937042] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1619.966368] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1619.967507] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1619.968628] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1619.970020] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1619.971605] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1619.972803] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1619.974033] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1619.975293] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1620.008611] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1620.009813] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1620.011052] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1620.012307] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1620.013644] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1620.014892] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1620.016130] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1620.017354] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1634.040125] FAULT_INJECTION: forcing a failure. [ 1634.040125] name failslab, interval 1, probability 0, space 0, times 0 [ 1634.043131] CPU: 1 PID: 18259 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1634.044667] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1634.046333] Call Trace: [ 1634.046893] dump_stack+0x107/0x167 [ 1634.047637] should_fail.cold+0x5/0xa [ 1634.048467] ? io_uring_alloc_task_context+0x4a3/0x6a0 [ 1634.049537] should_failslab+0x5/0x20 [ 1634.050342] kmem_cache_alloc_trace+0x55/0x320 [ 1634.051282] io_uring_alloc_task_context+0x4a3/0x6a0 [ 1634.052381] ? io_import_iovec+0x1120/0x1120 [ 1634.053281] ? lock_downgrade+0x6d0/0x6d0 [ 1634.054154] ? do_raw_spin_lock+0x121/0x260 [ 1634.055035] ? rwlock_bug.part.0+0x90/0x90 [ 1634.055961] __io_uring_add_tctx_node+0x2c6/0x520 [ 1634.056939] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1634.058046] ? alloc_fd+0x2e7/0x670 [ 1634.058792] io_uring_setup+0x1fbb/0x2980 [ 1634.059674] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1634.060768] ? wait_for_completion_io+0x270/0x270 [ 1634.061808] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1634.062974] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1634.064111] do_syscall_64+0x33/0x40 [ 1634.064873] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1634.065948] RIP: 0033:0x7f347623eb19 [ 1634.066701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1634.070610] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1634.072244] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1634.073669] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1634.075104] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1634.076594] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1634.078015] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:13:23 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:13:23 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:13:23 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r2, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) readv(r0, &(0x7f0000000580)=[{&(0x7f0000000080)=""/31, 0x1f}, {&(0x7f0000000140)=""/214, 0xd6}, {&(0x7f0000000240)=""/102, 0x66}, {&(0x7f00000002c0)=""/194, 0xc2}, {&(0x7f00000003c0)=""/131, 0x83}, {&(0x7f00000000c0)}, {&(0x7f0000000480)=""/35, 0x23}, {&(0x7f00000004c0)=""/63, 0x3f}, {&(0x7f0000000500)=""/47, 0x2f}, {&(0x7f0000000540)=""/29, 0x1d}], 0xa) 00:13:23 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:13:23 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 31) 00:13:23 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:13:23 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={0x0, ""/256, 0x0, 0x0}) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r3, &(0x7f0000000600)={0xa, 0x0, 0x0, @empty}, 0x1c) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r3, 0xd000943e, &(0x7f00000561c0)={r2, r1, "48d58c79a00e0d6247882180414fe40be0ffc07206867aa61891904ce1e3c6749238b560aef975f1bc277efb6104ae73384d3540c2e7b9c0de4149243db773a89b2131dbc68697dd3393c2a46afb417d30f227a60587d7993fd6c56e9a537f9091fa7f72e75f031efc2e5972222171e3fc0c85b0f06572d90c57ebcc2ecb1116fd59e4a51a672531c4f535e6f37e7bc854dfa4b357229b211accf1c92c35774cacada6cb6c9f2f696ddcab809b0f693fac886897d97884606d597df1494de34e40093d12cbc986318d8f27575941878c399de1509d86c98157b09250d0dfb299f06782a61fa7d13214c18c64ff58d87261c84caf768ce0a2802766b937aac6f9", "1c5bf472b800cd380f141d4d107b9e6b372b76d0d7c8b7701762e80f90c8313afbcc66c37c385b19b64cea4ac1cf9be931e8445f9c42b48adcd3114f4e3f9fcaee1431613525b10f1da84f05db07298773dd604194874b3c67ff89e3d5cae90cd17bcae4a77c9395814e28d800299c631a7a93bbd8326ec08901618daaaee3a14717282df0e16b01de249ebd15815ad4f423b5661c4e71b2ad5e67b1d393101d8fb1e38e09df55cc4fb8fed2db6e0bfe8062baf50013bfbee537918eeceda8fb264febffd968f80ae7e2ecf2bf0d3d65465a52bb6275214dcc5e441acc6b80b6be0c0918653315e988eb28d6307b4f9cbc1734838fc84e18ab958d5af33015b83f62de0df3615180f9f713367b85ed9822798e10356a5091c9f9522535722c4652f64048329993027969fc4b6ef74707c039d50d977dcac21004670f802e058c8d34dd6904b9dc0dd46368fb95199f5b6bc860e1c68af7895594ac014eb193a32782eac3881da9cb7eb6e494c4d58a5c1358f671fc390ddf7665159c6b38dffd1113ef8578ffb069228eb0d5c6f7e423632ed1e90c322a8f3f9598475936b3369a7bba9299af11161ca8a0e4e1c5bab62217887dcee0a5c367a3378e64d6ee7ee5e065d9f22e6c31e106a9758bf87358eb8bc1c40b3153c439b2f403ef19f1e280ae80838057aa07414bda0d6fac0f340de1a82a323125de15bd627582dd211b085c469df06b73ceb4bbffcd077c98ad91b7e63f7a4cde43ca47da627685c2ff63ebffbf9dc592a8eb0a80df5fd2537de4d8bfc2a0e22ce4d2591c963cd579ed27680a082259092ec168dcda71497bb5031a1580ea2c1f95457f29618d7e9bbbb75f3a18e193c3069d72e1bc7dec1dcace9e52c28b408dc12d66c6745cf5108628791c72a95753c32c61afd76c062110e556728cc72d8a8c3d33ddfe1466c1d2379490060ebd4248378e9b744f82bd2713fbbc4f1ae4ec7915a58b76afcbd28c32edfb30f9617626128f7c38b8013908f8799c3e0b61eff633429453236e99ba7014b9b2a5763332e9d87009844aede60636149cd2f1095765a8fcaea080c99fe5f16fb20a87fe759613903de38edba27dc35146b1af2959064649ebbab077befc7cb7c0a77257c526b6399a6fb4eb085ab5a76235bf125f0630254d4ae088128aedf024f5b5cbb4cffb2f4c118c7136045ceb99d07071b4c44ec3d00a8601ba17e22708e13cac198d59b5a5e77a16be3445706f8332258cfff098162eaa326fc10fe7845c1f42072b2ab2346ba4fdd1bffd86b4ef731a63c8947130067293af45c3c07745a43b5fefa52f7218b4c12c9a98755691054698dce490e926e226e4a9febe446cc3b06a2ff93a504b3a27e5e5295ef8690740ec8c282ce77097ff4a1be8fe143ebcca1184e3185a4a0791fde942fdc5e4d00672c78120c93f38808861c0c8ae4ce3072600058dde745b37ecb66e6e3e92af4b6518cea2f513d10dc182e39c44751ee10a60afbbd4e32e086249bd41c3f1fb3791771aba29b361976cb6da3927b9dfc653aae13d95f9591596f4331823561a94e1723170b22933a77a924bf9db05443f2570c31bca4ca2339272fe21a155c080766068bb2c2ba97979a934050e3515da10967fcff8e98227164781d187678803156047c0ef0ae5922539ca06a90df9a1dccca56ee279812796c95a44aba3653a80de1907bcf1b370788cd5b057ea540be40bbda10dd543adf583fbc14a84fa85ddd1f66e97455cc04f5f019c0850bdca6c4e3b0099ed91a8e4a18e75c642c849084562e12dc00cdac99179480c8326183d0062f66f4cfc5f93831d10e392385c1dcc8c7b3ca946e76ad9b29e689f08d65ef595065bf64dd9053b1e21a8a56514154df403de437de979760370e739242d206ae8243f73a1479da2cb770b18c3362bfca68fde15c3f9fa8764e522ab548f2af5026e534105d5253de492aa8b2e9d456bb9aed67ac460300f29bec814ac85a72d9a022be016b2d42f50963acd4774e141bbcd19d97294b20438a6c73c333cd2109093d27b7c1b97812564d6197ead652a8f7578687b3c3e78f06326e8507ec7da94bfee360771a5befc4533890fe00bd5a4d4cfb808b36e046a801d69c702b008842bd93c432d804de5b68c7b6a209301bf6c060b8041eea86105ba6b7d2839ad75d5fae18238756107d0d911cabef522914c1c5172e1089142627da743a38c1606dcc776d12bcd9338aa086fdff56287217c77f3f597f4ee3a336065707799f8654f4de6d47ad2bb74c854b73f96f4a28ab16477f429a95e6b79c3ef20ea3631898503394cafaf68f6a277d2f7baa8f997f882244ec75708da2808c86c39fef4268e91058326aaee51ecb0c34c3dfdc2e8c4b68c788269af68775019939b1ec27e51c673ee0988e51c5cfce1d114ae038043bd0522f6aee27a00691a58a41e28465ac21b9c0eae3d9a92b8e668c7df2f95c1ea98b0811bd9c30a7a496420778ba59dbe52e01ffbefd5f1e7a56ddc62f7c97335bece68664a538fc3851d47ec386fa1e68832170a48ec0ca920a5fe0653b532c6ad51fbc54b125eba2e1dafc9b2c39e2160ff676504538ce7772c217483849e212337208acf2f40fac53a4c439e87ba69099cda388363007528ae78bdfbda92105ac19d0c4c04804c7bd07d975799fafe60d687adc76e4e0cfb4c3db6c2adc62e4921b78861075f417fa955af3dfff3eecffd5403762a82ce6ddd8186f2f705d10feefd9dad5e3826d4f06da8e5e6273857d4152434277490144fbf97c5515d66896ce990ecca3f075171fb09b172d384c3db47349374258c98b89d0fd8d61dd5867bcc1dd7fc62a7646c0ff47a32c1a2004a85b16c70fdd8c2bd45613358be7630e7922333969d2e1ae23fedf38b9befb2da65e98baf2aa8423382727caee80a62c47190fbab13f4f99e6cd99b12a469ce1ff7b9c19145e8c90f29846d8793562a136e6ccf8570f6af79dd29f9ae5eda6451b76e7085bbbc65e6ce4e030b8ec6ea4a8a839a881e6bf350e82633d1d474929337ff131cde921639c59f29a3b54c7142df19ef29ebf64f9ed954bc9e753dff75ef4ac00c10cf21750bdcd1ba77e6e467f2423da98ae83ee5767aec4245eca68ac1b81276b2f0666be51032974a9e2c817e7390aeea63b1fe86f0214a5597b3391c51878f4212ff0c1af5a1a9f5f7d28b32500ebc7ceef8d1b7923667682259ad26ba6fc4ac26f3a269d1dc3fe94e1a83b4351ae4c1166b5ddc08e0841f32643970783f90927fff2f91436d3648a112a88948638c184501e651abb8d77103a67073ae2a8e63f95dc07e9c6f5cfc3d1a4f3bd17ccc0b8e4cea86b4290a45e536490e5d42c06c16648cdcd4f36de41da9ccb802c1ff4940d9acd206bda4f117f80154d370a6323e11f2573bdb659782c68e58821171d60cafc5037862c7c5164bd9a7e46d7c11632370135cd95bc098742000be790107d5096eb8aa648c248082bfa075a63e1fb396b6a372557f52a0ad44960dbc92c22dc0e4033da92d96ab75b42e45e1debae6b0efb4499ee7799fb86ac27e59e7d0c1bb54bc58f59498c5f5278ea97a918aeacb7a58a98a3c387811564bd318a7eb8116614a4fb8047741232fa8e85c8e74d6662af4a25a3deba99f4dca5d427f98e4f0fb3942b641ba0c7c59dd1cbd8918b0fd9ff62982d6acf87f738e4bab8c35c8656db5f9cf30fefd879f01a74179a5ce4c924bba0de88175cdc96c42f4dfef87f9a479cf608e5c96f80fb544b1eba88b735c1e4eb5a6af53db6a91507e839b2bdd7dcbf34e80ce66a2bd481a13575aa01bd84a71fff61eef29b9457769dd73c0dc009a0c0b373525ea2c8e714334bd6dbbd7bcbbb5f2520eca0c423afec4a913047fdcd6442af3e533e443aa2a9b24d86786832ce15f7907ee55ce1e6fcdd50a85894371e813247814a8b4828b69b6f136c7318d126c7b7c2de769cb530579c8d042f544ecd028df03d30f5e4acb9751edfc717de702a2a4c2a1a2389646f225d4ed1b15ecafd49ee2bb9f52ec849197f00bf0daecac388d97afaaebd839771182b4322d90ebf806a6a62efd0f57b2296acf3e9238b87e18813bd41b8b0390102b289a2b3e2c1be6af3d41acd2865eeeb78ae7e605a82f6e3f815719d0c930aa72c508d72527aa56c44e19bbdee27df8ec5b1a3a4f4abde8b5dd8ec4e71fe5a68aa28d737c45db553838178738d6f4d74cb9d58d79f055dff2a22e50718c75971a8ede7a60a7094b101fe0b2e13002bb055cbab83bdbadba738b67551c00a7d49e6bfee6f4a675c5e096393b9b8130f87b99e51dcca8ac999915662e84923fc05fef71951a37ecfe3bcd5d100972b8107e73b54ac43e70d6239ae0ccf10cf95735f0391aaa7dae1858f1e68417512da2158936b9fd664e8d09a43af939bc464cebac64e56f85712eb42558257d6324438cda5ebc6ac9630a5cf27947a4fad8c98ab51ff796aff9a1472a2430aa00d9f63b20caf46929d5ba347a9b842b6a6a4feaf0cd9e27c0b5acc81c9e14a3e97a2e4969ee8aadd21f2ac95299c44813abe365a154e96a4d484588b784d03e8ced3239d65c9a5cfebba81fa57a0b66275ded7cc689351cd6874deea8e6df3b1918e9f339dd94200ffbe5b5a2705f357c5be038d14f08380a424f78bca67bac76a1c3ade8ddfedc13969f7e250da2190f410df815a6f15402cd96c52786a96341fffb981cab26886c46b70b7e085bd4b385bc8f5b4af975b824a3bb67440b6716e461ddb91d1a7924859c6d27105651ed5cb22c58fb1ecd22df6235be27c563efae7d131d3a7752eb029e151ef1ab2af72bf486811f4b8c92a866dd6c50c3123b4cc6c5fb3207f93854bb43ea62bb779d26aee35736b7a33dc8b776d4cc8709bc025a5adacaba4a604e4c5b7208774e1afbfde37b977f75a6d8c5d0f74fa91bfb3d16b3a4338da1e966ca815dd310d4cf9d195bd3029bc678e46ae661514d92c416147764ad8fde4b44c6cf45c1b7a96cc48baefb1002bbcb65bf34ce5e4e42b274483b530b9e53f6f3f72c07808d9a921d2b663a5c5a43b869cfd796ad45780de78ec6cda31fe1aae1bf38f477f736d9d8198a77960cce92b756d7eb30e98bd76e8b184a1485d52272972f22bc600c0fea83cddca012c1eee96532a662acd782e5d74b1275c7c679bb78779becab57a3b00e6d84b354ae3ee93e6c732ffb1ee208aa683bcce48afd69cc00be3941d00c9382b7fe15dd85a750adad296f7a0da4403b371a11331ef2cad15cb1cd06445008ee07bec03a3fbc8e0372b39786da725e88d842380148d9b035b84a3ef4a4f4c5c7cbd29bc93d9b8baef4a68e7d10aec5d83926c86bc49c3218e581e67cb8fc1401054502d54f93f80ce26e5964"}) ioctl$BTRFS_IOC_INO_LOOKUP(r0, 0xd0009412, &(0x7f0000000100)={r1, 0x6e}) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:13:23 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x80010, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)) fsetxattr$trusted_overlay_opaque(r1, &(0x7f0000000080), &(0x7f0000000100), 0x2, 0x1) 00:13:23 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x4000010, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) mmap$usbmon(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2, 0x4010, r0, 0x6) mlock(&(0x7f0000ffd000/0x2000)=nil, 0x2000) r1 = syz_mount_image$nfs4(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x5, 0x8, &(0x7f0000000580)=[{&(0x7f0000000100)="234e13d4bb4b25d469e3706be00f1aff54d07756ed89428babbc25714c612537284bae22138152af6de2e6f1529ba451bdccb9a0a3665f8a5c10c220ebd2d01c0e8ad673cb9029967704e92f02b27e13388955a6261af90875647861cd729a974987e58b3dd93d779e3ed1655622902092b186ae9f8050587bbd005be8b86139779fe57316c8b0d898ed0950a236aacda5723c47a19b8c0c005b80a7885c7cf0a9e7529dc686607c6563f10c1dd4fce20a", 0xb1, 0x8}, {&(0x7f00000001c0)="432d061a132cf5475c70289a5657a77e62129aaa8dfac22e755eff71520b54f30e12654d0b6944bc59b9788ab36a04f86cef4645f8205d85a4a100ff5f88f3d17aff419f7878a8d56f302fc34608e62b63d2fc19e963320eb2cf8d7b33787de90f4af6439c1d862ae5b7169275a64b67930973cd1a0e6f1971e7f9d0faeba6dd77f5d234ab261865d74156975a848dc617530d397486073c15e92eed87afa2b352e6c7392d93bbbb5cdad9c0605a578ef3612b8050c4d44d731c30fd64ddc45a505defb9768b86de8e8427f8a98c60595749843ce077", 0xd6, 0x29}, {&(0x7f00000002c0)="39d88add409f811062e46ed8dd8c788891f1a8c7c0ec4c97535be0267ecd5104bd1b4542750061925fc698e75b6e3dbb2170090c5328e4fec99694e315bc9401b5ae35f46b1b0a19497cb764278243d1ae1c36a2aa", 0x55, 0xa148}, {&(0x7f0000000080)="4aa60ca784eea699062edf2243dd2e928a519805c8ea469d2904fd44bf11155d8207dca509661586f88347d995615092e2", 0x31, 0x1f}, {&(0x7f0000000800)="150ae70c6d884510612be2a42e734dfe3e36c981fa29ae264f9802dbe94b6195982c61c6347de7466745bce537e2508dde95b5b1382a8a299de939ad830c96c252a84947930f8cd330c64aa2e5034a198c25e1c57ec07ddd2f07b5e1d85d4099f17655114aeedf646c62b606f04f1a3a9178ec667908008b1886f47216a18184082afaf9db23b85f1c741f201e5fc1e9006b7480e11cd274b0bd4a946abbb5e61d374c5190c8590afa00000000e4abe5f106e5ba1c53f8b1e904c6d69a1d9e1fdaf0b9edde2374a7b797dfc09825b17cf9b785e021ea2f59a511a7acc41bbab9a2e17346a0e7e873c3948a250950fd357d10b64553675b7f39f62716882e023b1c5f5ec90e2a7b7604000000000000", 0x10f, 0x100}, {&(0x7f00000003c0)="4724ca5e0916bc6a19696f0fb19454eb9ac9cf84406bcc3dc2b9e0f31e9448ec3915fff78581fdf66a0a953386e3e0db406b63570ac9a3fbecaa9898918224104c4687dcbe9636df7165f50c891d76687b08f9dd6d6c9aa2b78596a2c6d7bfbbb9fe05c30e50d2099cdd2a06bedc68152facfaaf006396ad9819c559ea89a4c32aa227005e04d6b757b218f4df8efa992c989b17b993c095a18633032843fc5683b92ca0b543a0f5a61614", 0xab, 0xb9}, {&(0x7f0000000500)="422f3671416ea646ac1ea63f2b100a5dc0ac60db6e5003a50a9ca4ad50c20b8b284df9a54ca6c7f8e7bfebf94acff062b69693578d05efc5d07279c6a365a66d960a790cbde6ed86518f6cec92f23830259404260f6cfa686e80b48502df7f4feccf2e107753def616", 0x69, 0x6}, {&(0x7f0000000940)="27f4bdb205fce774aed9f123c5fa76594f13745f21ea5a5907d457fd0c3dd0401c651a01eba620231e6f11a83744f0133d18ed8063ad456c52ebe2cb6c701fce32a6452480f82518b229bcbd4df5ff7e4b9f427bd15dca779e1238493bae7a4cb4be654300230bfee28a014b777edcf00d1a26eb4a4f3cab861064bb8075dfc3abdbfdf3a8248e7d42eba0b34a8521a1e5bf1fbbee0d08902f4078d3fb03c2fd02338a8005ad452f08be65c4548b45193f525e8e3299ccd054046e783b50bc87cd4da151502cfb3b00611b58cd02a3f92afa8207ead3bcf600a7d77d943bf45f3affe407de61eb43acfb15f643948f0fff4895ac856790515a7fed79b49f05851558ba6b8688a5aba9105a9c833262cffbf25fe645b8b7651a6911a0967620c19bb311f97c20af6915dc2d79b2c16e4ac0446efdb4c25815de3ff254c1cfaa9f4b313a6e5cde1f48d684767728886f4c3dc50156affa2a1bd93ccdcd398c28", 0x15f, 0x8000000007}], 0x280a000, &(0x7f0000000480)=ANY=[@ANYBLOB="0029899ae2dd8926ec8b0b31565c6931a359ed374fe814f9076449f9135d7ee0f5c8e3bc4fde78b7974af5de588363736635d32d308102da5164b0159d932ab84a73d4866f8c81aad20de2ad25"]) lseek(r1, 0x100000001, 0x4) [ 1634.127782] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. 00:13:23 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x5fa40) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_elf32(r1, &(0x7f0000000100)={{0x7f, 0x45, 0x4c, 0x46, 0xed, 0x8, 0x7f, 0x5, 0x3ff, 0x3, 0x3e, 0xff, 0x1c0, 0x38, 0x1a2, 0xee8, 0xa8c, 0x20, 0x1, 0x7, 0x85ea, 0x7ca}, [{0x4, 0xc5, 0x4, 0x0, 0x4, 0x37c3, 0x5, 0x7}, {0x2, 0x7, 0x6, 0x3, 0x80, 0xa62, 0xffff, 0x9}], "ebfab9173cde8b5bf40924c17aed4028c3f76619ff1fea532331326234908fa62360207393c0680971bede0d9bebd37eccf78c933f632171135dba29349f6640541e263d3f0da88f8ddf584e9b81b9e19241d78445ddbeda437d37cac7c142794beadf51035786a50d75f758369aef"}, 0xe7) 00:13:23 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, 0x0, 0x0) [ 1634.159761] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. 00:13:23 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r3, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r6, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) poll(&(0x7f0000000000)=[{r0, 0x2008}, {r1, 0x2401}, {r4, 0x4600}, {r0, 0x10}], 0x4, 0x4) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) [ 1634.214481] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1634.223759] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1634.235568] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1634.242327] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1634.540380] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1634.541076] print_req_error: 54 callbacks suppressed [ 1634.541087] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1634.543055] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1634.544349] buffer_io_error: 22 callbacks suppressed [ 1634.544356] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1634.546602] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1634.547292] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1634.548607] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1634.549880] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1634.551298] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1634.551956] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1634.553266] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1634.554550] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1634.555830] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1634.556507] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1634.557780] blk_update_request: I/O error, dev loop4, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1634.559059] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1634.560451] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1634.561097] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1634.562682] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1634.563354] blk_update_request: I/O error, dev sr0, sector 2096901 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1634.564939] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1634.565933] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1634.566642] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1634.567574] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1634.568507] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1634.569435] Buffer I/O error on dev loop4, logical block 2096903, async page read 00:13:37 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:13:37 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0x4}}, './file0\x00'}) ioctl$FITRIM(r1, 0xc0185879, &(0x7f0000000080)={0x1, 0x1, 0x10001}) openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x800, 0xe7) creat(&(0x7f0000000100)='./file0\x00', 0x8c) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:13:37 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, 0x0, 0x0) 00:13:37 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x9}, 0x10200, 0x4, 0x2, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') 00:13:37 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2, 0x10, r0, 0x63353000) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r2, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x2]}, 0x8, 0x80000) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:13:37 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:13:37 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 32) [ 1648.054132] FAULT_INJECTION: forcing a failure. [ 1648.054132] name failslab, interval 1, probability 0, space 0, times 0 [ 1648.057262] CPU: 1 PID: 18400 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1648.058867] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1648.060792] Call Trace: [ 1648.061406] dump_stack+0x107/0x167 00:13:37 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x8, 0xb7, 0x80, 0x1, 0x0, 0x0, 0x34002, 0x3, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x2, 0x2, @perf_config_ext={0x0, 0x6}, 0x100, 0x40, 0x8, 0x9, 0x6a, 0x74, 0x0, 0x0, 0x7, 0x0, 0xb24d}, 0x0, 0x1, 0xffffffffffffffff, 0xa) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000340)={0x0}, &(0x7f0000000380)=0xc) sendmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0) perf_event_open(&(0x7f0000000100)={0x6, 0x80, 0x1, 0x20, 0x2, 0x6, 0x0, 0x10000, 0x802, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x10000, 0x1, @perf_config_ext={0x7, 0x1}, 0x1005, 0x2, 0x5, 0x4, 0x80000001, 0x7, 0x0, 0x0, 0x506, 0x0, 0xe4}, r2, 0x7fff, 0xffffffffffffffff, 0x3) ioctl$MON_IOCX_MFETCH(r0, 0xc0109207, &(0x7f0000000000)={&(0x7f0000000080), 0x0, 0x8}) ioctl$FIONCLEX(r0, 0x5450) [ 1648.062257] should_fail.cold+0x5/0xa [ 1648.063288] ? create_object.isra.0+0x3a/0xa20 [ 1648.064362] should_failslab+0x5/0x20 [ 1648.065247] kmem_cache_alloc+0x5b/0x310 [ 1648.066198] create_object.isra.0+0x3a/0xa20 [ 1648.067217] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1648.068406] kmem_cache_alloc_trace+0x151/0x320 [ 1648.069497] io_uring_alloc_task_context+0x4a3/0x6a0 [ 1648.070679] ? io_import_iovec+0x1120/0x1120 [ 1648.071702] ? lock_downgrade+0x6d0/0x6d0 [ 1648.072696] ? do_raw_spin_lock+0x121/0x260 [ 1648.073697] ? rwlock_bug.part.0+0x90/0x90 [ 1648.074683] __io_uring_add_tctx_node+0x2c6/0x520 [ 1648.075802] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1648.077027] ? alloc_fd+0x2e7/0x670 [ 1648.077883] io_uring_setup+0x1fbb/0x2980 [ 1648.078854] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1648.080031] ? wait_for_completion_io+0x270/0x270 [ 1648.081184] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1648.082401] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1648.083600] do_syscall_64+0x33/0x40 [ 1648.084473] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1648.085663] RIP: 0033:0x7f347623eb19 [ 1648.086526] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1648.090804] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1648.092575] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1648.094233] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1648.095890] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1648.097557] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1648.099213] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:13:37 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x300}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:13:37 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) readv(r1, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/151, 0x97}, {&(0x7f0000000100)=""/152, 0x98}, {&(0x7f00000001c0)=""/100, 0x64}, {&(0x7f0000000240)=""/48, 0x30}, {&(0x7f0000000280)=""/226, 0xe2}, {&(0x7f0000000380)=""/12, 0xc}, {&(0x7f00000003c0)=""/7, 0x7}, {&(0x7f0000000400)=""/142, 0x8e}], 0x8) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) read$usbmon(r0, &(0x7f0000000540)=""/27, 0x1b) fadvise64(r0, 0xffffffff, 0x7, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:13:37 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 33) [ 1648.184000] FAULT_INJECTION: forcing a failure. [ 1648.184000] name failslab, interval 1, probability 0, space 0, times 0 [ 1648.185744] CPU: 0 PID: 18462 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1648.186725] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1648.187868] Call Trace: [ 1648.188257] dump_stack+0x107/0x167 [ 1648.188769] should_fail.cold+0x5/0xa [ 1648.189308] ? io_wq_create+0xeb/0xc00 [ 1648.189859] should_failslab+0x5/0x20 [ 1648.190396] __kmalloc+0x72/0x390 [ 1648.190887] io_wq_create+0xeb/0xc00 [ 1648.191417] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1648.192131] ? io_import_iovec+0x1120/0x1120 [ 1648.192757] ? io_apoll_task_func+0x2d0/0x2d0 [ 1648.193388] ? __io_req_find_next+0x300/0x300 [ 1648.194016] ? do_raw_spin_lock+0x121/0x260 [ 1648.194622] ? rwlock_bug.part.0+0x90/0x90 [ 1648.195219] __io_uring_add_tctx_node+0x2c6/0x520 [ 1648.195897] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1648.196641] ? alloc_fd+0x2e7/0x670 [ 1648.197159] io_uring_setup+0x1fbb/0x2980 [ 1648.197746] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1648.198458] ? wait_for_completion_io+0x270/0x270 [ 1648.199145] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1648.199878] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1648.200646] do_syscall_64+0x33/0x40 [ 1648.201165] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1648.201882] RIP: 0033:0x7f347623eb19 [ 1648.202401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1648.204986] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1648.206049] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1648.207055] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1648.208055] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1648.209063] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1648.210062] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:13:37 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, 0x0, 0x0) 00:13:37 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) ioctl$MON_IOCT_RING_SIZE(r2, 0x9204, 0x333d5) 00:13:37 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1648.438122] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1648.438880] print_req_error: 6 callbacks suppressed [ 1648.438891] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1648.440851] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1648.442153] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1648.449275] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1648.449927] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1648.451327] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1648.452609] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1648.456540] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1648.457231] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1648.458528] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1648.459822] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1648.461598] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1648.462278] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1648.463566] blk_update_request: I/O error, dev loop4, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1648.464852] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1648.465908] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1648.466702] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1648.468013] blk_update_request: I/O error, dev loop4, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1648.469324] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1648.470365] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1648.471237] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1648.471961] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1648.475164] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1648.476091] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1648.477052] Buffer I/O error on dev loop4, logical block 2096903, async page read [ 1662.629279] FAULT_INJECTION: forcing a failure. [ 1662.629279] name failslab, interval 1, probability 0, space 0, times 0 [ 1662.630601] CPU: 1 PID: 18548 Comm: syz-executor.0 Not tainted 5.10.232 #1 00:13:52 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r0, 0x84009422, &(0x7f0000000100)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}}) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:13:52 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xb7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x6}, 0x44000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r1 = perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x8, 0x3f, 0x8, 0x80, 0x0, 0x6, 0x28823, 0x8, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x10001, 0x4000000000000000}, 0x8000, 0x4, 0x81, 0x0, 0x4, 0x7, 0x145f, 0x0, 0x9, 0x0, 0xfffffffffffffffb}, 0xffffffffffffffff, 0xb, r0, 0x0) perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0x7e, 0x7a, 0x4c, 0x1f, 0x0, 0x5, 0x2, 0xa, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1ff, 0x4, @perf_config_ext={0x0, 0x6837}, 0x381, 0x1, 0x3, 0x7, 0x7, 0xb2, 0x2, 0x0, 0x7, 0x0, 0x3}, 0xffffffffffffffff, 0x0, r1, 0x8) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') 00:13:52 executing program 1: r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0xa8, r0, 0x200, 0x70bd2a, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x10001}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0xfffe}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x3}]}, @IPVS_CMD_ATTR_SERVICE={0x40, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x35}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@private1}, @IPVS_SVC_ATTR_PE_NAME={0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xc2d6}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xc}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x100}]}, 0xa8}, 0x1, 0x0, 0x0, 0x8010}, 0x44004) r1 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r1, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) write$P9_RLERRORu(r3, &(0x7f0000000040)={0x1a, 0x7, 0x2, {{0xd, '/dev/usbmon#\x00'}, 0xc56867d8}}, 0x1a) ioctl$MON_IOCT_RING_SIZE(r1, 0x9204, 0x2a6b4) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r7, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) getsockname(r5, &(0x7f0000000340)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, &(0x7f00000003c0)=0x80) ioctl$MON_IOCQ_RING_SIZE(r4, 0x9205) 00:13:52 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:13:52 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:13:52 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x2000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:13:52 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) 00:13:52 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 34) [ 1662.631633] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1662.632823] Call Trace: [ 1662.633211] dump_stack+0x107/0x167 [ 1662.633607] should_fail.cold+0x5/0xa [ 1662.634021] ? create_object.isra.0+0x3a/0xa20 [ 1662.634517] should_failslab+0x5/0x20 [ 1662.634962] kmem_cache_alloc+0x5b/0x310 [ 1662.635408] create_object.isra.0+0x3a/0xa20 [ 1662.635879] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1662.636428] __kmalloc+0x16e/0x390 [ 1662.636827] io_wq_create+0xeb/0xc00 [ 1662.637234] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1662.637785] ? io_import_iovec+0x1120/0x1120 [ 1662.638259] ? io_apoll_task_func+0x2d0/0x2d0 [ 1662.638737] ? __io_req_find_next+0x300/0x300 [ 1662.639217] ? do_raw_spin_lock+0x121/0x260 [ 1662.639684] ? rwlock_bug.part.0+0x90/0x90 [ 1662.640143] __io_uring_add_tctx_node+0x2c6/0x520 [ 1662.640669] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1662.641233] ? alloc_fd+0x2e7/0x670 [ 1662.641634] io_uring_setup+0x1fbb/0x2980 [ 1662.642084] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1662.642635] ? wait_for_completion_io+0x270/0x270 [ 1662.643165] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1662.643765] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1662.644326] do_syscall_64+0x33/0x40 [ 1662.644738] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1662.645293] RIP: 0033:0x7f347623eb19 [ 1662.645698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1662.647671] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1662.648495] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1662.649270] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1662.650038] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1662.650801] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1662.651573] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:13:52 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x2, 0xa0bc3) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) [ 1662.707350] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=519 sclass=netlink_route_socket pid=18558 comm=syz-executor.1 [ 1662.719483] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. 00:13:52 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) ioctl$MON_IOCQ_URB_LEN(0xffffffffffffffff, 0x9201) ioctl$MON_IOCG_STATS(r0, 0x80089203, &(0x7f0000000000)) r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000140)={0x3, &(0x7f0000000100)=[{0xf89, 0x6, 0x5, 0x80}, {0x9a, 0x7f, 0x5, 0x9}, {0x8001, 0x1, 0x5, 0x200}]}) ioctl$AUTOFS_DEV_IOCTL_READY(r1, 0xc0189376, &(0x7f0000000180)={{0x1, 0x1, 0x18, r2, {0xff}}, './file0\x00'}) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) fsetxattr$trusted_overlay_nlink(r0, &(0x7f0000000040), &(0x7f0000000080)={'U+', 0x4}, 0x16, 0x0) [ 1662.761057] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1662.782495] FAULT_INJECTION: forcing a failure. 00:13:52 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 35) 00:13:52 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x3000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1662.782495] name failslab, interval 1, probability 0, space 0, times 0 [ 1662.785473] CPU: 0 PID: 18564 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1662.787145] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1662.789157] Call Trace: [ 1662.789797] dump_stack+0x107/0x167 [ 1662.790674] should_fail.cold+0x5/0xa [ 1662.791595] ? io_wq_create+0x6ef/0xc00 [ 1662.792558] should_failslab+0x5/0x20 [ 1662.793480] kmem_cache_alloc_node_trace+0x59/0x340 [ 1662.794693] io_wq_create+0x6ef/0xc00 [ 1662.795626] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1662.796875] ? io_import_iovec+0x1120/0x1120 [ 1662.797927] ? io_apoll_task_func+0x2d0/0x2d0 [ 1662.798992] ? __io_req_find_next+0x300/0x300 [ 1662.800080] ? do_raw_spin_lock+0x121/0x260 [ 1662.801140] ? rwlock_bug.part.0+0x90/0x90 [ 1662.802162] __io_uring_add_tctx_node+0x2c6/0x520 [ 1662.803341] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1662.804600] ? alloc_fd+0x2e7/0x670 [ 1662.805505] io_uring_setup+0x1fbb/0x2980 [ 1662.806516] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1662.807739] ? wait_for_completion_io+0x270/0x270 [ 1662.808923] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1662.810185] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1662.811420] do_syscall_64+0x33/0x40 [ 1662.812314] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1662.813569] RIP: 0033:0x7f347623eb19 [ 1662.814459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1662.818920] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1662.820764] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1662.822498] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1662.824214] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1662.825947] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1662.827674] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 [ 1662.833476] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=519 sclass=netlink_route_socket pid=18552 comm=syz-executor.1 [ 1662.844816] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1662.900054] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1662.901799] print_req_error: 6 callbacks suppressed [ 1662.901819] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1662.905626] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1662.906842] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1662.913015] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1662.914373] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1662.917004] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1662.917070] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1662.918171] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1662.921317] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1662.923888] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1662.923958] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1662.925051] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1662.928181] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1662.930750] blk_update_request: I/O error, dev loop4, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1662.930843] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1662.931900] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1662.935711] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1662.938267] blk_update_request: I/O error, dev loop4, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1662.938338] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1662.939422] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1662.942602] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1662.942666] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1662.944810] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1662.944896] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1662.947064] Buffer I/O error on dev loop4, logical block 2096903, async page read 00:14:08 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 36) 00:14:08 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:14:08 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) 00:14:08 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x4000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r1) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r5, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r3, 0xc0096616, &(0x7f0000000100)={0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000180)=ANY=[@ANYBLOB="4000ef07cb766bb52c73d7d43911e6dc9806ac477b0a2288cbf6ece8d362f9bc50e4100c7c314b657767968153ac3dbcab4ef8c05279291c4303412e2ee4efa240a58b2342246f0a4c2489390af2534f5706f8b6b5157647f9e14ba445c6b9f590fdfb71afd1e9602d54cc03ecefbc9168469032", @ANYRES16=r2, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r6, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) dup2(0xffffffffffffffff, r1) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) [ 1679.399142] FAULT_INJECTION: forcing a failure. [ 1679.399142] name failslab, interval 1, probability 0, space 0, times 0 [ 1679.400513] CPU: 1 PID: 18689 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1679.401310] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1679.402256] Call Trace: [ 1679.402561] dump_stack+0x107/0x167 [ 1679.402981] should_fail.cold+0x5/0xa [ 1679.403422] ? create_object.isra.0+0x3a/0xa20 [ 1679.403953] should_failslab+0x5/0x20 [ 1679.404392] kmem_cache_alloc+0x5b/0x310 [ 1679.404853] create_object.isra.0+0x3a/0xa20 [ 1679.405363] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1679.405943] kmem_cache_alloc_node_trace+0x16d/0x340 [ 1679.406524] io_wq_create+0x6ef/0xc00 [ 1679.406961] io_uring_alloc_task_context+0x1f1/0x6a0 [ 1679.407540] ? io_import_iovec+0x1120/0x1120 [ 1679.408043] ? io_apoll_task_func+0x2d0/0x2d0 [ 1679.408563] ? __io_req_find_next+0x300/0x300 [ 1679.409073] ? do_raw_spin_lock+0x121/0x260 [ 1679.409555] ? rwlock_bug.part.0+0x90/0x90 [ 1679.410041] __io_uring_add_tctx_node+0x2c6/0x520 [ 1679.410568] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1679.411146] ? alloc_fd+0x2e7/0x670 [ 1679.411565] io_uring_setup+0x1fbb/0x2980 [ 1679.412037] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1679.412619] ? wait_for_completion_io+0x270/0x270 [ 1679.413188] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1679.413774] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1679.414365] do_syscall_64+0x33/0x40 [ 1679.414780] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1679.415366] RIP: 0033:0x7f347623eb19 [ 1679.415792] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1679.417923] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1679.418793] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1679.419626] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1679.420458] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1679.421283] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1679.422096] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 [ 1679.428054] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. 00:14:08 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x110, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:14:08 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) ioctl$MON_IOCX_MFETCH(r0, 0xc0109207, &(0x7f0000000040)={&(0x7f0000000000)=[0x0, 0x0], 0x2, 0x3ff}) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:14:09 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x4000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:14:09 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) stat(&(0x7f0000000040)='./mnt\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0xffffffffffffffff, r1, 0x0) r2 = accept4$unix(r0, &(0x7f0000000140), &(0x7f00000000c0)=0x6e, 0x800) [ 1679.442501] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000001c0)={&(0x7f0000001e00)={0x3784, 0x19, 0x300, 0x70bd29, 0x25dfdbfd, {0x20}, [@nested={0x71, 0x65, 0x0, 0x1, [@generic="0cf7", @generic="1defd049e8cbb700e89556fc32eaa343b8e7a8f8aaa10325b624fe1b1e37cabbf4b1ca34c6432eafb59c1806facaa431792cbf7e8e143dc407805e06bd4622a6cce4304b53b4b8cfe7e28e961beb7b2d45d6485118d56ce3523d03a03a78e4f455baa464feba71f97ce8ea"]}, @nested={0x4, 0x87}, @nested={0x225f, 0xb, 0x0, 0x1, [@generic="74631237741da931e95fb9720c7bfe09035f8de719981c6161e972583675ac5075cd1dd23d713fd521ff8c7ef595b65002de536db3be1c65722cf81e98e00cfe1c3a04615d7261b74703ed6af7758825db727d509d83644fb9915790ce6cb244e5cf92d79bfaab4bbc3615d1162d107ee0a0df571874cdd620dab7332615261608fc3de19d5335fa0187f1c3b25d2f0e3fa9159e2061ed4db35ac1fbcdb4b61e91e7bcccea099766ac13f2cdd649e0bb6850baf43e2971eeca4f03594a71b6864f15d4b2bbcf1a5f24717d56798dc453948752e325eeaadd234d73f1436101d4e5a2d7b2574e1b32a1b61e14ab5fb879329867", @generic="4a38fd915e887c3c82857a84b95df0b00d6aed0a80347655f49270eab6957fd74409997909d15e2318bc0b6e4f4298e543967441f1dc6b96e398b39958596c27f5a6d6a1e4ef750d0ba360bda1df5633b89ef894e7b71f14dd69e3afe7676d034915b902890b1e97ef91d6b1e464e707b5ed7cf68fd881", @generic="a320c001945037a99a5021ef84424d5e896790d191c659e4df342ff3fd1a5cd6617f9238043eb8f18dd666fcb19ae2b6f8311bb0320d02ba97c7fe2af7367c3446a9661bd7ed2072a66d43199c6166f4911b8486816c7adfd1bbd06615251cd89bc3e7d6beb3f2ccca42604e9f62597b547d1ca8df57d84d20dc351ceaed0205fa9bc7d6ce7686e6ed9568e94972a2e628e83480702542ee6977bd1d060a50bf49", @generic="63adf72f11baeeb180c909ac6158cc442c9ac2c036de50", @generic="f984a05dab52e3d35e278bcafb9540695155923081433eca07985d3a0662e9155f0ab9c2642f8dd4c43f36feecf72a940751cdf6e75c8416353274737595861ca0f3f16399fdfd046817d6ee4ec54e2e8aff6fc0f2fe72d32659a926cf17843a93503cdcd5438fae2bcb11d752c8d30a19781165e0f0ab66f600f47b405d7139bfbe287581b833965cbb4bee57cd97a97b6204d98101158338dca9bc3e5a47acdf479571739cfa4e439aba88eef77b3c3c24d5d8a4842af3adf354bc0513abcf709925691b3d0acda58ca7e2d703d0a10c93edb768b2df66dc33fae0633f332a2d0a36e2dd73aae2140d3e6dd0088fbc91a0d51e34bfe67d0d1ba18e10683f441d9d33b43cf133d678e60eaacf93b3244bde27770f03a0ff05ffddaadfa6f4f8e384edfa9aadba88030429bbc2829e6c9ada8e721f54df9a3eb249b733624d1e26773b838b6633c91fceac7e44d3b99ed9ac6140a631e3409add58c8cbba5c32c73e98c81a5f25677afcfb8d16442590def30ddebb2c77474c245ff98e71dcb073fd28f9cc4df3f47baf027d865ef561cb966f0dda69c0e984d8b2dbc7d908204b1f82c5da15524d2cd22dcaabc29c950a69af25420462543322cfe97cec12d7129da36811a9c3e2e43bc9bab9b6ad8e8568ca40194e4a0c873c54a60cce394dd5523d53d23f9f00d883a03ef9ffa09a1ebf25bb685ee024c1e5c80ed3e62dab952c63bdf5f372d94ad75d02ddafca98c0711a505d1c490b2499c243c6b981b62a457aee4dde7a27e5f3944593291897df0b6c227b0bd2fd776c7be6d9c98def2ce45d92898202d6ca4f6c3768b42c56ca88cf08c8b801f68956acfcd06749b32279090d928905416825a7535e0b24ae87596e1a0b58292c00d73701f0ff59849a97b5720d49003b8682224cf0b806e30240f3105551632826f02277130c7b9654bcf9080ad76d28005ac701a015079220bae075c34de878a7d5f9fce230fd30e546458568d1b28e2044fa22b14ff62b5024038458bc0fb9e2d9b60a182bf06d4cadde4cf94de4a7c8d32aac74a378b5afda2cbe55e8c2d7dc823fde9841ab7fe1b331985763ad24bf7b6eb7064e2269d06a0408421fe720cd9e946216887e3b31e5db368d67e9ef98cb7b9a46965a8d4a17fde2a02d44565ae0d3f784c75346a116ee4a9625ede60ab5d94cee68851e8f0102915270000ff16cde7c9fa8f84af4fe3c0cf9fb8e7adc97007c90848b959149f0191133880a4146cf87fa53040732755408c7c5e12c312993f9848e6bf35f280ad4c6ece43eeed03956ae3dd62c5b3ec47f77881b83f6d26e674accaa5442b6fca03aee180705592392bbfd47ced0b882fad4e9b56375a2630f4107c0dc24f32401b1df19feb3803d88948d006a29791dd0d24cb08b68e5563c680e8cbb03bcbab9b5b936697f7aaef1857cc4c3d4319f06d3a736efaa0a4ceba135d6b6e991d8739cbab8e0478f65eaa31826340774d216b10501cc5b97594d18c41704a4fc26f585d873702bec72876880e330e0876bcf223f2d1ddafa1fcdf725627106c6d156a8764aafccd3c4ac321c141b4bf2bff785c5494ae74f6ebb2b6a40b9bc0f4e99284307b2139fdbc736113ab6da0c373ef78b5a6efdd58c63b013eae3129f98d0139ac35999ad106dc2117d98d7bcbb9357c8c3ae8e5a07a20adb94a1b52b468d37797fa5d9a3cf3fcf947fcccd4cc48f2a3f30812dadad819edfabcf283ed38d52fe15b53baca4540f9b8c5b73d965324ab11ba081d6cc2e419a7103ab1c8972223674d77b8b5c6a49e3a4e177fdc5c59123e236c4477c4e078c0fe47db4a76354bc20ddc5a3072f1b9e66bcfd2e1641454e48d82541b217399a4477590bf82bd2c1bee4a512a17178093163b183491f42697f3b435698e62be035930b0c46c0b8e5170a9f19d9b80ea3a54424375f28ba569a0a2a3a8acbfb5486e4854ffb01166ce617e97bb18544aaa6729f9746dc0011329f7e8e39215d919f85cdd7efd86b3be2b54fd1cd112b03598bfa00e92ef50181ce0e73f9ffd648300d9ada4e0d0458d7b51b6cd6a74a032589a0f1374088c5f35c3dda205fc45b291116be65d5c2b34a71c7fd35a7d4a2e7dd447c479a53342b46decea629e27b8feb837dae2c1e2ef00970bb2c7b6c17c7cc42709c01fb3db96ba9e9f3a736f338e797749effb4aa2be790e7d9384c4e5adf9dffae7b4c0920968029b34836dc7a8aaf2130c7215e4dfb5863c946a53a056df076dbcb77824c27c9fc4f097f05c535206c3cffd978d3ffb6f1481d62efa40ac5ab131a67eed4c114ec057aeee5598ed5fdaafbe27236e19990242ee322898d595866ac07183842ae42c9ca495bae4b6fc58ccbb474825e8cf016a2a241c27f0c38a711179958bcb06e9ec5368d746052cb5792a53fb04da1d3202b1bea637b0059d2d4d34ea3bf048a2802118bbce199ef8b5f84907806fb18a15771fe11041e4dfc5d611d2148475461e5babe86f97ddd4d5a34168dc4f4ee3b693b601367a83e1106f4e2dd7e64775d365601b97df788fdd37a7ae2930f7929c23cb6c005335c03c83fe42b58953d687718f71e831e708c017a62be5b42247dc2e4c237ee6414547b793dfecfd224920be1163db18a7ae8fe01ec59c7b3256698ed24e63d33e532cd22bbaf974633404faa72d421be6c0e67d788cc9a651b1b201954a156bceb3ef04a2b4b5c234ba75ec92899e2995183386ec6fcde544fb341d47bbf60ceb8e5ce3534b0c5b424d64183d8d4cd8c53f95ff62fa3f8d68927ac68dbd19997b1f412e84049db872c9e1b80a1cfe9cbfb5be940b9658c3ab60f6cadb8fe5b79dfcc8c70b72ff695353affe81184dedc0d25689844d3711915658de8144a80fa660c425cb5e49c38edee12b26b6ead41f64c155fcc97f8eb3a1fa8397c8a5a6e2fc986986dd71f6e2fd9ed1d65c8d6c39931c67b8955f356cae43d1affd56200650bdf36a5a99c29e94d603d73aeba6c134072aa69476e8afe9ffe23a9e38021267ce43bbb5703b1a7cd9c8c250c7db1d1e4e7774da33f7e1f6b8d9e055171206de75b70f71e4cc3186451fd93df5078edb35f4e9827a3bfed924c99cf968a58751dfbbbbaeec5daa459334799b0dfcd0bb8be47083367b7fc42393127e29a78a06d614ecbf0b7e4db031592c269a79642add7851e21e36bab5b823e0a2f294131a8620279fb14ce038058c75b036d2006ab8000f215bbe6abd8dc41ab919117831f3d01f10083e0b8da9b1a5d759c4b52f8b1820c03866f581909fd15e66e0614ca1f63028b9c82133d3134f65e2449fa8e4e171174d33710874aec2f6ae624c0f693e49dd29d47b8b09ffca0f952404dc03ff6c36a9d8b655289c151da56f97e1a355587e7abe6e834f6ffdc26db081ffaf65f1d4f677dda6909534d2b40d9b59a24cba3a6397de7978384bc8870e2ad6e62bd2e52617141db491434824464cc682c9c4d68f9c851f87363d780210541731ee71581a1eb403d47582dd6e4c400d9da7af6a0799af84cecab0648a006870744e91a6555d3fffc1c6a33192692d532f802d07b452e130a25aad8ecc87ac5691629fe574f64824555d386bcd12606d5e1b5b0b8cae0bdec5bb416781de410e3166ca5ead70c07644377ecf70c4e3f65e0f1cbe78ab30e7399abcdffb26962fd0bd8c98ec652917feae93251d7031586fe054707090872106f5c700d46f34a298fd7b70febb2ac4599b44620f4b94c8f1cf5db60a28a797804f42ffe1b4d45937902ec80d3e605916e728a37950ad2a69364363dbd9756c8876f1b24efd90b7c16ae2196fd036124b1835a1f88d6ed8da40766cb7c4abfa218bcc3efef57a53f1295e4bbf2f868501b1c4757a2488125aed93e183249b9ddca6d65ab87b5a9e751281d361e990585eaf1fd78690deee2783b0866296e3851fab049839213453481912a743b32c160a3f44162453e97c024d017c432f4bdb68cee846589dddec41ce9e8176fc722f71e8397b0f1bd517132e15d5cceb30f1df705e0938e4ffb16eaff13af53360f90b2a3dbf640e311c4ff85d3dd5dcad3ea4746ec9f72deaf9687f11a02eeb4e14f511bed0125ca12882a81d83befa38c4860f729e26b46b1fe1229f961cffaa483751adb9d05301864f77b8e8802e62337c564d1ae818f9820bda4d80975cd1ea1b4b6da0148afd09f60b480bedeb5b40120517cac5fd5972d8368710357e29d486369961ae96d71da949a7d8fa2db2c5f50f842225fc1427784cc29a6960db3c3301798a5853d50cdb2f4ce56b305318909a7796e5a177c509fa78e69d76b4981662e338ee85f7c71d1cef9243d8d2a34c37a74626887b1b6a73951b9b07231050ebac4682a89b6b83f138962b268130ea324cc37b678c5955b4c47b330ceb02c872a1f07266382f419ba7a59de6640343b8a90a471064d28edfedc2341df0f28bece02bec578b3904c38a9e4e3aba13d0467930ae535ae28f5d06baf47f708cfbf4cee3530abac92f0dd118315de6e3d2f42198d06672d243dc10a54db94660e20f7b6a8b29616972504abe112e7dd8efd24c420f593d85f7618c36c718bfa4db566717066ac65b4235fc8148ed15aa23c9268b2682e00ebdd811a5076a86c9bd1db2fd82c3268d5dbba09e63decd53a324c3b877f91b9667cd48bcb5a152ae20c64c6014448a4215705730ab4960d623e291e22e58e9f8e07b68aec1ca5dd45510bd117aae9ac6090e65284026950fb7273654c1ed37007e05c4aa8fcb8edfdffa09c3645a55a3dd163b371216920aaddd1aeb11a6c980485442fb58b9fc7e4287cedd6e209c772f805c20e17ff959c1642348b9ba33dd07a345019ab05a3c0c09b1885c837a7e00a522c3963571400d5a0e07c852cc29691048d64ba246e20e10a385a70182c2da9109e671eae7eae540d962887622d9d8840079996f3362fa9ea26eaeb081b03e14f53b210fdd35a44de49ddb717aa77dd1cc0980f3255cfbd172f6ee28093f8666b0a1c379adf3100a38ab067c5532579b4c47eb45b8e89f10c4e84374f30191afd9369810e164b34891126d7db752889c909cbec52de71ccd444078f5769342884452dc749042e3d942d31d9ed61312cb98de992b52c81130b19ea896ea123fbafb3fdae2d41f7a5790ef74dc2f5f9e55fcd8add6beb87d9105f971096dd6ad27e696c42b5d38b5e9ddf555d94bf6fab4abe72814804a457daab5e15525c7ce304970281bf1446e48dd2cefd8ecd022c51065d0813849b2af4a707df0820dc510c5d6bcbfb58aaab72afa961bd411a2b8633e0462ed63d7c56cb5ca13af279d63224ea4537303a963df50b20993010d34cff9ba919cd93a732147a8963aa9a55eea0d6767d708412d6a436d510a5d0ba71bfe5b19ea8ff29b64b3c477d5c782a2595d66692ea8baeb62d431710afa732de6904f47b5cccb1a6f977d23c8f988752de989c47f41b033487ac36904346b542d5bbd533e5d6096c6c596441c23dec36a0cad567f05fcd4f92987c42d51df7877b0d12d8104e5b6b7b533ff2e34dff586a8121eacd29b0f7324525af25e5205d6a861220fa259630b48a3e09f45056fecfc0dcd2447718bc26c93285593cd92dac94ba6fbd14e681c3187457cc9e66dfc328c728bd616dd9a5c273770ca52180c2e80a92df8126984891b2282f391fee954bdfdccbed7fb1e26700df0a6cae264cd0f0e8f7f1d6aec2be43c7793b63008662f3bd19a23487af9aa64cf93c9ee2535afae59e528f4a31154f", @generic="e058d8de93304cfc0cc0dfd39f741be5b831bf2bca9cc19376d4a0184b331490f686907a01c8d6a0aafb84b18f7db46cb548eaedcaf216b13233a2692cc988a9b1c05f0d55b465e579931dd41fb7673cf1b0b4552664f1e26b1bd3cae8ac5cf01a8bf0fc1c292445d76d92522eb51a6d17092356d4005b99fef5ffc19d8ee34e69658a31cf174e38b9c3628d779f3b2009e3e861750853578231a7b038d3a955ec8c2b5ac1fc66628df57810da6a51b1fe336aa093b2b09671cd70b65951e2df248aec059dde1e3e1f06eda6257297db84de611794e48022c72a0ff7b95c5ced704628ce8f052fdc7ea87dbf4c10caa68d695e8e7577594496dc8e8fa2c7284a49fc4d1f55538f49c43ef493d3901d69d514391f0d6a6dc953d81c810d91eef118dd1c0563fad758d06be0c1b27c43e8dcf6213a93cf5b7dd3bf750e153918095b551e616b3a762988d76a787ad299421a71a511abfeb48e9bc5d064527b2f916286871ae710ef9f98995febda97538ece848fe47878f5d6ebd1e4658fbe4da2bff6a1c09ec81b5fce85a13551e0d599903f216065b4ed57a4261dc6cf3add2757a9adbec8666821a715ca23f20df1a1dc67993e33d24ac2ce0948b802beb7500a68b58c8b60dc618da31296667f36023c8f10fe259803b46fd4902cb01ac2eeda539e3de9d85b98dfeef4427d1299351b1ddae33d4c19165e41c1f21718ae3086509225b732d8c71d3c9f0207ae6d4acb0be458b234d5b6e10dd0a7bb02ca3d586a6019fbd857ec7a353f1c6017fe9d1864ae0dee5bebad07932a23882bb7a7e8625815f8ad71900582591c5a0f75b6ecafaf1946098d0673baecba7bb8207a9bf34f3941f7fbc14e7b986fd96d60e8c321b251b7a9a4657439b1aa1eee274a145ffe91ad4e18a0d1708373e2432b03eaaae36bb2b47a4e9271efcdfeda8a8659f04c7715ca9a67ebc1fa3c7d3676ced80bfed422ba48d43d7adfb2d04efe0b2ccc64b6675718222f605b776d1d2bcf5a2dbf898ce6fada568c65b02449cda068c6c1e01674d0bd77d16207cbeb3bcbd1c2b514463c30deca869f2c15266785c246789cdfa4afa70bd7529c5c68caad64f1f125d867c84a948df3f953e98d91d5b8108236d073f4bcceb3f61953de4f1bb981f4fd7bfa1f178a2cf878bd056fe340323e131d386a568552763353d2441147f1cd8c52f1086c9411fbe3835abeb33ace056dd6525245684dc04a9822f68fd5125ca3aec14e9a6bfca601c75f79c6e027164b8f0275d154fb632662d604403699926008cbec5f477e98adfa4d8658090b4fa629de0325fde969a0981da5f7ff01f776c959352dbb264cb7adc8d9555f26e6e41259e16d9c66ba4a24ddcc90bcb1dc2e5d2e04f313c5eb35bbbfeac6fbed5d52a846c85ff7c2b690f9e35edf8a26269503cc75e495973141a81392757e817e7aaf5ed7f395aa913a06c744ed5b84ac6e29667db0548f555a14b9d415197d7c86b4c856eea723597889ebca20e5b6361a3a84e2c94cfa6310db41b9a3baf76bcd5914d90e0bccaa0b11f3218dbd24708b2d3396ab1878698fe2845895a36ca80065190e440b9618aa51cd25ca9792813a428c345f150f09c215d57a60efee0d35fb9b3c84d9875dbe006477dd75ee1572373d0a08fb78838fdd09bf67994b923fd298d16eb963d8a723b13a3608235258332f51bd12b76522c113b998473942ef718ba8b0c62bffba18968cfb08b0dd908978ce1b1f4685a9726ef22c8e4d5e2a47fdff747687a82f60beaa95a966a012ccf6d9394ec5c0911a803d4f2b013bf12f6bb737dfd11568b877eb9d7452a338c2839b52d3487be03812f4115112ec04874b95dd0cccfc7385e41302d5a30a63808e1ee3535748a346295391e2c6cdabeaf8fcb32b54c64f4ba7127c58ce3ea8fd37df60ad38e2d07397b568055903143ad43f6dfeb4d4d2598fe84986c84510c9afae9c3704e90237e2a2dddb19c951ad374902130b295ca164f034e2e4eb892f1ab3c6b1d2001ac47047b810b40133aaa2938f5b72acd761221b065866d8e430da056580b4475c01e26474050d9028ab8674ba0ad202fd44b7a28eaba4ddf1b0c02513ad6c2cc61a915d6c221efc6d92fe492316836ce77f77af29c621ae67f6335d46f30f35a27ce717b3a0f80dc9f0cf1cd623b86558afc0783c502378054b6599735d2c89c33092cc4bc45b37b592a3f037b98d929fbe04a2b0c22e4149328b3fa9a3f702b83370aa0eef32f5b2a948ee15a50ae84286a409ddb7085cd07760dd914b5d966f62dd1d91fdd649ed06d52b740b3e72e898b78411ecb2c82d7ab78594fc530ee88c2ea502c7024ef9d91f9d56bf907d73ed02038894123404d58f0196fd771b059e5b07aa2b4db1459d0928bf935bde120de5fd05dd813f2e66404eac07c5028e5bbab8be7301663dfe3f1f11fc995f982927acfc068648d3b5dfe58aca139518d2bf18927cb8d9d88ced44ff9b0a2a2c2b926fd25b389034aa9c06459b99124af13fde487558618000c7a216aacbb65854b61d20d7f35141f9428c2e8e88da266b6858bf759312e991f3165f9e5ce7a259bd8dd4fca2ebc02d60be0f7d3e36050eb03131fe2158884731ffb6304b266276dd0554759045c2a982823dda669b03c3c3f334dff3fa8b3c2f97bc6261c54fe64e7b92e4a00f0b70a128febc861faafb8cc8d523d9b64f7810959260f9c794cd9f307aa5d165cf88f703f0ae0833c39d4193e54e61bd1ffcd2432cebc4c666acb1d760796af6af7c7d6ad5f7762b51a9c34d035fe0957903a6ae4c60dc975c1e44043e87b91230ecaddb5716e59b977bcb048815d0d7f50bffe1f995f370377cc3f3fa76684209f340b3f5d19b25ee9c734b80865c6b3bd63e2c62b84771746d0c4637af4d3c915a062d23cbf227b83ab92b232e671cfcc76efc970190851fdd0ef603635384c3a9b606c3cbca230134b729aff3f90f7ebf7783d492ea26b67cbedaf752ac894fbca578f2c566eea34a8e91a64d83593591c559a5f540bf4ac33b00445857f945f1d5a2f4e8eb24f6e1b3993fed1c56a1af60d9e18b4f25ddaf9d3d8b036423e8dab8b9388a63b1fa0577ae20ad9b840f17770da9fb964bba68a61f4beeab32357fd9638e8981332944ca43d437c257fc84a7f17614695fc4092ed43ab5280d1031893aaba06fc5238ac346cb41d6b2eb4f8a039be8935989997f54999a4ad4ad840c95df70b0f80e92846e1f4827addf121bff4750b0ae33d49a782801c68ad17c24ea3427bad6cc2e25cbba39168a3bd17a1729bc2a8b51dfe7b532a9763bd1dbadf8c7ab97a858dff5a073bc3d2b11b0edb6a1cef6f74e94a38984e7842db91ac6bc1e6ea53517f55b064f4fb32d8a175fbb23be7cbe435a68af68999ec553781ef4e72dd0662ab31cfa76d76a418b3807344150cf8e7eb36e8895e1d9dd83016e705720c254348ee0cf3bad5ced6a1ada6eea83b0c628d70acb23b0f25d2d929ab4e80f97990e7d5bdbfe3ee9366e651696c5ef4ed01a77bf5c277546cec89dada5aefc34145a50d203f7136b788621c61b9ba4670492c3ba3eec9da7a53be3537bb1a31b56f6ca2c65a3fa5869d17fc73880a33717a5c069e5e78a3ed62a5d7df1f6bd7c0158f6219dd80897408e782a714b10be16f411336453734b4677e8acd12d0f58c1071de470cb02806b46d1bda68dba1bce251cd2f016dbfe461e5264e3883df3e594c1df2410e152bf04f847287566e019a3243c92b69c8c45879045828716e634f9fc868bddd0b69a8cc175b6f577b3f04339a9205ec95c2eeb423fca000c74d1c235dd1e7b8ff0579cfa854303424678d1f268d721e736aca91093cd3450725410b668b118a70a28eff2eb3faa28cee25d497da03356382e2744080b7eb11445b1ce10fe4a43cbe87d29778f31fe2211c3f78d5d075b3654533edbfea5fe5661090971daec8721b6bdb2f1fd7647efd6bf9de977544e2c8ee8abe256c202d7605b70033e1caae13b5bd14ff306601c410b86ca5c520016a87117b3d511bad6e2a0b858fea52925379602eb47b9c068e25a86717d0b15d72ef053679c173eb32a60aa8af2393e88de593a51ac3338ec27b92e3a0826d76c243c29e37b4f2f3cad48c9f0f6cccc27c71602a76e3fb1a13714e1b1b834530b88763ab93c618d200ccf39d91ddd9cf56edfd9f8e099f703c26566bf620600bdaa7262b7a3b2a8775e6e2cf9b727d514c0c408ccb78bb00fb5af7965d14bb66c5da10de7d36d7b8ff9957a44f3779e98c3672f79495c4e3f92f82056a6e023204feaec99ceaff35256a0a4c7c90b6448a16e2dadc58256c47e3813d5958bdfe54e485766da0d0de1fd541a78e8b63d849bf3ff41a84611d2f2d71bcc2ab46378aad90877fdf03a747691dd8ac26fbe789cc938334e7a79bf68a55bf6449b4dcf611aea7d9debd5175fac86eb1477637ea8adb88be7404f5559eaca8f727c7814b23bd62c4869b03a441edbcc1211be17fa9d669a2e8c0e4531be7b2d436917139fb0c3d3d47e9773a854f8517cbbb5bf525933e146f77c5b4528a229f0f8dbe214c044bc801e8ddc9884458ad04359bfc1a3b98a2c0a92c11b82aabfaf54b31b9c50098a53cd71e409b1350443a10151f91e16c3dd4b216bd3323f9aa3bdd4cd8305a6f97955d01f01c8d53fd235d07bbd4a6f2f9c10f56c2448087ce8b04111f2b102fae116f5abd535a1c5ed3c9507d44134971102dbef3f47d1baac3fee6cace0fb0ac05a5b5684c1e81a176e804bf6d35098a9fb134c386e1f3b921da613cbdba537d94dd0dac8721736e3ccbd038d140ce7f4e5daabd6fd96fd4062a4f16753900f4eea18afb1c9ee09ab1d5eb370848aca32a886f145cbe8381f1327678912503cace962f0e6e9167ad36d8f4fa9a19c0b8c95e679cd2fc5755c9292e3b0a5c0d0f984aba7bcefb394622e81ba3c4e11f0f0b80ab496c7be4db1a7af7efceb8634da5c473f0ae473a18b7c7c7b329ef877ca056fa9f8ea63ed3997ad89c833d752256a6b2d3b0c0c5c773fb242ac5cfe87937159928568873845d2f27bed1f0213e1458854da5141c0a3bec502d5fa7eb9869126aa5a4e9b7310a4a9f3a8e22807058c92d585b98bc5324ad7b2d3db5944660e99ed4fa5178ffa3b8fcf35e26d1e479d4e69ecdd35e846f6664881f9896aba30124f13dc47acc1c2b20c4ce57be6f402c7d8fff1757fb47de740e5669538555fbd0b87cd9618bd0e95088c78fc88ba6d1dfd832355aaa8de8bc430c1459eb625a8cb9641e05b16203df06a931f39f761ad4626541bdaedc0103b916831a81148da0491877f2611da4334f6127b5a59a0f34fd27293d15e6fbeaa1b6286b4c0e8a178fd8612b60aa38f1b2cf571cdf5617818fef03ce0a9ef57ffe3fb141e4aa1c6b156dd36fc545322c603f0187ea5204ef117caf2587b9f92b41ea6aa2f1d7307a3d68510f11457d96253de85d187f8762f5c9053de1511f6a211bfa5065226f86508c4542f8307185bb87ad5d39a362e9bb625e4eac5cab64c1aa411092e3d0973b2f5591e99880758fa84f46b81afdbe784b5a135e957ca864e807c8ce9d0f1061fd1ac22bfa2ea9320e0715592b0b641cc70e7ad873e598bdbdc10a684cdb9566ba35fe7c84ef157a0d5f81fec8700703dad78c328d324ca05767b131fd20c8443bd525b3c92b2788e21777f9229f78cce7f912a436f8eb3b980ddad02e092381abbabb3e485d648bc6b9f339e23d988621400e524", @generic="bdc801fe62dcdb4647c46699723bd307a4a3cc0da3f54882a10a72992bd60d5e1515e00937b0d5e5b9d618a4ff2b1d8ea0a4db848b64b21187"]}, @nested={0x1f0, 0x56, 0x0, 0x1, [@typed={0x5, 0x75, 0x0, 0x0, @str='\x00'}, @generic="5433711421cc6e3549c4b7b6016844f3c9b4033e5d2abcb846a36c1cb7f24fb791e3c4f4b5fddc5f8bdc53783e7afda75a36361f28b1da924a7368768881187ba677c0ab97df6d9755be6f7924d8642c9e05e7e4ffe1e8160d8f6d49fb5843d237a633a18ca5de2f9773512940b24ffed6134c85593985dae070af805c6f15e6aa0c76b93d06d923d297df245acddf4f347f5a64984e39d9781a2cb609971b20dd165c6f665391704a0709020a555846ee6fca436f1706618b5ccddc02f8", @typed={0x14, 0x39, 0x0, 0x0, @ipv6=@mcast2}, @typed={0x4, 0x82}, @typed={0x8, 0x12, 0x0, 0x0, @uid=0xee00}, @generic="599b6d2dddb09899003140fdacff0173184bb14f0ea05f55a0277dccc17ebaea085b6c366fab", @typed={0x8, 0x75, 0x0, 0x0, @u32=0x800}, @generic="c94f6d644a164bd566565a6869d5e5ca54b6c2debbd94ac57273d6b6c68afe3ec3d0345c320e7cdba811e0ae3b14da1ae685f20d38454dbf0f93c8542acccec5ac9f6328337e532a964c45ea9b8cc0262ee68791f74595c2622ae65ac8edba429150612ef12c0c454007edcadd22dbfca9c3b7f3775079ed7d959101ef4111208d936454f73d5c8d65d57649b9bb572ea282c8eadd0221f6dd59b72b1c420698eb2a2b90d348f022ca6b9567c0ecbddae60bfc0586e755df074d0bc75a9b4a75f30222c3844e3e721b3c631a6303ff8cfcea0692a4905af7"]}, @generic="7f25cb323669c802717b288d955564c6ef136250d4662287f8ac51b5b910b583403c4c2def116296d96c575e789eb7969a9603e7dd0d09259bd7391867e2b28f72535a28c1c32a112921bb14e2f076441874005f8f0a4644d9ed99fc4452c25de0494f3049aac33aae91b3d947cb9387f78a7df242cf45eb71a2e127300ade51899d86bac3db0a35c09269bc601d7af19f95d5dbc3c9a57a", @typed={0x14, 0x2c, 0x0, 0x0, @ipv6=@mcast1}, @typed={0x8, 0x28, 0x0, 0x0, @uid=0xee01}, @nested={0x11eb, 0x12, 0x0, 0x1, [@typed={0x8, 0x1f, 0x0, 0x0, @uid=r1}, @typed={0x8, 0x1d, 0x0, 0x0, @fd=r2}, @generic="feef5d375613560ce94f167fb646763b02a47b49764296eabf910808fefd74d2a050e40c1b9911ecb220fd2b6c057f9236acadab5b60d166224e6b5c35c2c442f2431d27f2f2aecb43af674b3acf36d838cb413040c2a19a23e0750e76d31f83d41fcf80659df0c164388da0f00b10bf678661e2dfec8626ac360fd9b06c462a826c07d914aec2a906494636e45cc07cf3f0681db75f11ba258996877dc7d95ce51a78093505a16fdbbdede19b97ef7e645ae8d1fd13d1b547d7ddb1d12f2f46650c05841d7c07a60bc453a3ac555b385312e838fa926b48b5a47ad405f75daf251759680574e82910992aca0608e954ffe9ec9d8dde14d6da544f936d2f1cc837f0090aa8c9a63aba9462aeea17fabbe993b0adff62b0c592b08c5b7ff4e443f29332a7e6d06a40fdd2bc4d2a33315abe3cffed745b2c7c2b3940f4b23ab062f64c783f05b3b832f3675001b22852db156df083aadf1872977e931a7094ae41d93ef01d111587c18baf4ecc7a8307615f2a341d6b1a232f0a63c56efb2be2494b69c6f6848a44f441ffc656d16cc7f2f189a767b061be53e373d995ec1cb53868ef69d0f7f88b0fea8119310c0c95c89c70c0bb2d0dfd51b05e1662023513bda6dcc792c25fd9002bf898aa170cc9b53c75c8c834f8a68d0bfe34d120420054e844d285be881c2d0ab6018c1546a1a90eda0e0421619a8106231536321fb1cafba3b6a74e93ffae921d705c9dca9f483a3e28104fc40eb533a6c4dc7dd2d76035b3766c4557e4352a971c1c9c932ff8208dd0b787eda6ab9525f62e7a794104182b92434b32266170e4d929787ddba824754224a9e25232d3e1b2c50b758850cb73a4469601eb01c2aefe4961e7cfb1e55587675fa700465294b74cc9ef56a7b143374fb67d07d64f078e31737bbd19f6f814215755f06743ac5bfc1895afb9350eb1995a5f2d02024bbe146423f5ed04aa20a9939993aeef5f908f052b9069e76bf025581dcf618a3dfe066d12f57a4408bea77f498586373ad149165e364c22434edd76f7a1add65234192de0bff345516289e5cf4241b6a03e7f54eea386c386e34309c2d0753ff405b1cd219d1524e474b3bb1f4947866fce428ccc11045540c2468d576b1a7986497131d90a2a731eeb71ffb1a099d9a56c2214fa42550f7af5d52c7017b645c0effc3664ce40ee04c92022600800b6c0774759944613982d80eaee501c0cc735909ddd063171e47c20a4a947c67eb24f0a7e3e452ac14418fd6d37cae8fd190fe2e280fb4914e4b130abaae3f9330f90fb406c24ddb4666e3719d51087e3cf94ad0e246a70c42626925b7972d2c58196662fa81364cf2bf4c731bf1a5a1f5e3e2b0b130c8df0941b885c3f7c4cd9c44facfa31505c41e30aff4231c43ec685fd90a2b6dd5028d5c9abff3f354a8520b0e72136e21828e3ae215a8271df2dc2d0d14b8ce9b63ff683421051061481d4555607e7e1de44f1ec763712942074401f19e54e55824d791d09f73e33e47718ad586ab4312df26f45a4aaf91bdeaa50db328168b6a3502f1e7e1636c6f11dda5af6211ce82ec9e3a4ac17b4220f9b1d261d1411f8dc8051c13ecfaffd0550b28b110e6fb46767255be866fc8d7cf116cf6ca6116e3d4b4e15cf855add757d23103e5c5cc200624077f47cddd1456a17e9ba73bd47cd022aa893e1fc27425bc58159b983acbb3c38cb6d295d647495737fe0c71678c44a25b25c27d9bf61adb4158bf5fb69b33f33cb6a3ed946529ce052812075ef695339f72c5697212c8173e0f9a937659786378663065f6c384dd0dfc44c442bcf1cd20358b4f31520ce8c5360d6771d539eaae7a99b2d20689ebed25bc31adc5b224db093f680981b57af1268304485a1a591c8fa7fefe0e0bac94cc6854a73257343d1ce8a793b5c954a8e5b866f0c3c66d7126188d8073b3012df0cc443bafd53ae58576737fd69950bec68a9e122fd32c11407cb261a177fd7fcfc42e779deda8510cce8179c27569782f181a053c34dc543ebfbf57294ba3e120c74c12a02ee67099717dce6d1fb2b8f311308035a6630aa93823118330a90551e37c0b41e9fb85870167024e326e47dfd1f0d41390962221f94f1c1bd7abc96f70bf1457d98f064761522d379622cdc93ee4553a3cfc1711101661f04fb1521ef1e14a82abeadc9e2dc793131b9e4370e6c5fa8fafb119a3518cf4d357e0db85e73e3040de7ba3343e81779fa2cee6bcd8d13761d3f2d4cf3c5babe5fa0543fb51e0e94ad776e3cc839b53965016ab06dfc68629b0821652b50fb58681f661cd9e770254c33ea1922b38fed88108568e6f3a521feef3f25906afc5771aab525d1b7ff6470764fca0c45ff0b922f2c2f66b074156b4d1f2abac503f5467732c9035a3743a4f26b445a22c1e6906f153434295deff4e69313204b39ec81ef2248a4430ce584ac276e7a437f3669e695a2648deb271b43faa0be6ca4ec16f9f650240e8d4a8c881f31a77a72673fe08afaf354cdf1a7be0fe5e154e6673e914ce65050361255cd7855520d29a97bca7d6fda72cbd0e5628a1af24041edc6a538c5fe25e424f21fae6ec20ed830fae99398ae5add974341b225711d2f6a15db7f708b427c7cc9573659a28ae6e640d2814ee9ec84a61be4fed14327a6ed8736e12efcb128387f6e0c7a1a1e661b27f573c6f35104c3c4f61b93b54fd4f78b47e2e12c01d001444ba0d31b100317ae20bc1e55163ca109013f4a4afb25e0c55b7cf3b4b0249a88af1feeb43401608b91068d50736674aa7c04cdcc3329fd17a24e21f978e35a43a23feb7a5848a3818cdb8bf28565091745c12e3aa15d97b540e292e54c07ca01a154c788d509cb43ad7ce7d1c462509851cc0a2c9ced06217df3976fb47ed0e00fc8a6fdbe3bb86269207dfa5854917985770bd783265db30c209ca69a27ea6f9dbafa3163642414ab2336e40b661e2e5442ce02b3cf95abb7808ba4a09f5a2f34a6293a94f0a9cc42b7135ed095204c8bc9485b09aaebe255f4706dfe95ae64c8aee1aebc58d8a66b6def9b5c5a223391084193e96b9c9934aed13ad65512ab7e2a5f7cccc9ce247ab2b06f3f77ee4071979398d6cf62b70360713c64abea18783e0783ff358be1300ce9f01c13c0a2aa144a3faf8d6a80f1ade075c099b2a8959626815c20b20d9d0a35159e99e24a83c7cf5677afba4d36b2ad42f2ead680670fcd7439acefc6e26f48435a61721721cb0f8c8ccb4f4375778041090806430495262cee837d7537b228c1cca472b77423e8f236aabca885b2c4c0073ed93da0f3f14e56ba8f4349ae842a92c2432e6a3e7967d5507a1e0afb47457156f2a64d86e948741b0f7636b273e0719247193f1a877d21fb2e3a1829076494e3ebedc4e01b5685b225b55fc5cfe338ce7a10eee3a121efaa1f7ddf306b1580814c42e100ca4f6b1a66852dcd5d2b176e99535ea39c7cab36dfaaa4ea3df2ebbc404677cb3a1d7fbc0f3539524a5ec10ac6ce1749812e2aedbcc1c25f089b1854932eaf252e69a6cbb460f3b8a1317a845da9c3284b765654abf9f07f3636e69fde2dea56e3e0598e5edb0a5407c37f93f3d7bfb15ac99a1a724b42d623f967f4ea22371080438ded57e14a02c8f3a77db28247d2625956eb9b1fc458aba0a427e715f65f9e403bda2c498310a54a2610551effcf2e93aced70d025db94d0315cc3e48231c74f70a193289af2cd0ca7c2ef447357b386357b3c8c6ace22275e427256e1e51746b9da5e985b96235fb8265c7065d0b89f7ce26632d6fc6b690a223e17cbe914048514bfcaa11514777b9fafa184af027e1f01c51e05b971fdcb729dcefa87dd306c55032161b7490e880c09cc0fbf2743c86b9f6529aabf48f46f6e8f7cf8f83e860294272eb2fb65f53b882536f0b817d44264e90ec5f277878c2fdbd322a51740257926aca0ee76aed4e050c57defb9afbc46613c7b916b6e69ac6b15c63559fe25fca2572cc7400d27979436814f30d0f86d498f2a77898c5a2548196e54be7908f9382afa6e4a3a87716adcc6b615f0f62863fb31539734fc91bc2ecc43683f9cb4533f6e1fee32a474e5b091be531bc0e509a01a33d714ae05f4d99984a109b3f1733f938fefcbd1fae779cad84ef07682e44b1f572b9e9163fd64571f0f5a0c25afe15a26fd2b4d50a8564550e9540032cac6e95b86ce6d46fd276ef877992e78fcd07999e38f128bdce88205ff2b9b901c4b681bddf173facead2b15acf6ee21fe2af98df8176e805d721e19e8e8a58073589ac77ce6427e6a25004023323bc892b66cf10ae620e08e7e6f9e514e1fcf1d10ea93da33ee1a571b009b6f76bff27fb486da53763538c3b597f45f46bae6bf0260c7e095a15546b964eaf5fb85586002305cf20dea03e87064e5aa122502e9b7613054ea19b55cc1bfa60fa34ed132b803f5d32a28d3506e8895de82b1e8f72a636886e31cc6abf530d44c4073a22f0b680ddb54c7314dc63cf2da8da4d2b6cceb343416b2e6f046180b13281cbf06f4f06a7d3bf3b063cc92eaccfdcadd4b8b752b575aef32d3da1d95c18be829cdbc94f50249bdb1b954daf42ef3d5bbe3caf3a0f72502696dc2ffc8bed98a34ebb26ec8d4034ee45f9e65cb928e5c20f7fa9662981b55864b4686229ffca87021896c12431b96e3021a287e5f24f859cd4b2769bc7c84eeda155ca00ba6514130d559f81ce63cbb2a16434464db15241c2974cfcec2e4c4b5bcaed57b61dbe21572fdc5bd1c1ec68c36717cbf38606e6725f5a8e37e3dc6d60b167c25cf8b4baf8aa6d7de29ca697ad9b17956cbe9b00dae496f633cd794e917a3e294037f543f23f1a375ae7ab1fc2d4561a544aebc315a83f19a357a0f4abb1afa6ce386ddfcb03b356fbb881dc3b6fc2dfb09507fbb3848889f7accb0de3010fb2a69b11e1cb9aa645dfbced5e3649970b08270f1cae7f06b0ab14eb28b52d97cfee1e549fa765ae26bc91fe9e3379b4db8345c6e7f0b099a6666674b48b7be74259fb30c015221948ee66bfddd90977077a02f72360be4f3e0b061930b71129f188e9cf42a46e40af9cf0861d75c1a5ccca6366d8c98f137ea90e00a68552cef3a52fc144f15b76ce63d424137d3d696be21e24e3ab03979acff9a88ec8d7695aefb00f325d317ff8e035fcb4446a967ca449ea95c991e800acd4421857b7521ef15bd686494889ce598749b4a800b02294eea3e569febd1391604c06a61183b5d2a9d0ebf61b675ff85396280aea0c50d91e670955ee090208871e5de835d0cd049db8337bf2d1bb3c74d1d1e67c6ee7ddb51a9487f2231477ac279cb1439e5b124249ffd32f5ccc0d1e29b78c745b409a3b49b16e6aa8ff91eb01030fb42af76d5f46363707586d55a16cb17dba28a71f07cfe97777d78ee7e183ed8fa2658fb60cafc2fca00e73c9e621be8e5654193ee497fbf1de7dc30fb387523d724d93656da2120fb61c63b387440a9ce20bf7d9773f40ee6774f873cc48e88bdf57593669104d7a7c27c9542e39da2140bd6baa754ce3e4d3cd37b12f23ae1a1e6b40d1c85ce7fb5913a6747896e38c8bfd9fc043ad992d864575fca5d2957f9558764043100b05465a9ee57dd90f7dcded873bd990434b40999f43d4b106e962bc59499dd95fb3b35bfb9eaf1ebbf90fcb3d8b9f9e931812f90588a5c3734c24a5af2fd3090cd392398dfc12bbea61075df2a5fe155f9812490013ae12d5793c2b1989080b14b521b1a4b823c74c72d", @generic="c654b09bacf81401a20af5fb28d7ccf3230e99b842dbdb74bd54fba3716bd6da6b5194e41f360b988b50ed6dc1626323783744f61aff53a650e51badbf24dd0d92c5592c2995c72ca383bdf76743465f31a47546307b0635f339a11f1f2e6d16c2d9c80fbc9aa32df7d6ee0eb5b42364579b7e15235835a28473c996fbfeb25b448a116770ed7ccb4751f1c364b7fa2cf9188aee49454b94a20b94fc2d8f13a846536bb0eace12a988e0c91d6e728dd373b0bfd74bb3979d53", @generic="17fef60a3242392e19bb408dfd0c766734b1ecc896225e7eba1e1429cc25a7b740c473a9dd3b8630b90b5daee4829620bf4bd209c76ea0b6aff624153b9d62dcf858cf437f01150f2ce23ca2bc671bf7243af987944a", @generic="c7abdc4ec0295dc11655a844cc5618da73235536361f0fdd561cfafe0b4fc7daebf6dc7b27c9b5b2766b07d7134e2aa1a9f87256601517ef6e9bb201f528c9a2b06b21426e9b999af2b436db303cecc3a869854e32129b45772acde0bf089210a3d7429012bed473f74712add75b9bfc008831dbf997a1bbd434093566aa0dc83629b43f87fbc0e42335919fed27706699cd8758309452f2a3237a3a4a2a13736763548c2583dd29442c342841ef0c131f2faa908de9313dcc0b129001c1efc0542288166c443e26"]}, @typed={0x8, 0x2f, 0x0, 0x0, @pid}]}, 0x3784}, 0x1, 0x0, 0x0, 0xc800}, 0x20008080) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') [ 1679.474770] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. 00:14:09 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) r1 = syz_open_dev$vcsa(&(0x7f0000000000), 0x1, 0x8180) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x101002, 0x0) ioctl$MON_IOCX_MFETCH(r2, 0xc0109207, &(0x7f0000000100)={&(0x7f0000000080)=[0x0, 0x0], 0x2, 0x80000001}) r3 = syz_open_dev$rtc(&(0x7f0000000140), 0x10001, 0x800) ioctl$FICLONERANGE(r3, 0x4020940d, &(0x7f0000000180)={{r1}, 0x0, 0x3f, 0xffff}) 00:14:09 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x40000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:14:09 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x20080, 0x0) r2 = accept4$unix(r1, 0x0, &(0x7f0000000040), 0x0) r3 = signalfd4(r2, &(0x7f0000000140)={[0x20]}, 0x8, 0x80000) r4 = signalfd(r0, &(0x7f0000000180), 0x8) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r7, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) poll(&(0x7f00000001c0)=[{r3, 0x200}, {r4, 0x20}, {r5}], 0x3, 0x1f) ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000080)=0x0) fcntl$lock(r2, 0x5, &(0x7f0000000100)={0x0, 0x2, 0x1, 0x1, r8}) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000008, 0x11, r1, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000003, 0x80010, r0, 0xf1926000) 00:14:09 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0) 00:14:09 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 37) [ 1679.557567] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. [ 1679.561819] FAULT_INJECTION: forcing a failure. [ 1679.561819] name failslab, interval 1, probability 0, space 0, times 0 [ 1679.563143] CPU: 1 PID: 18719 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1679.563938] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1679.564883] Call Trace: [ 1679.565193] dump_stack+0x107/0x167 [ 1679.565609] should_fail.cold+0x5/0xa [ 1679.566051] ? __io_uring_add_tctx_node+0x15c/0x520 [ 1679.566622] should_failslab+0x5/0x20 [ 1679.567058] kmem_cache_alloc_trace+0x55/0x320 [ 1679.567580] __io_uring_add_tctx_node+0x15c/0x520 [ 1679.568124] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1679.568737] ? alloc_fd+0x2e7/0x670 [ 1679.569162] io_uring_setup+0x1fbb/0x2980 [ 1679.569642] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1679.570220] ? wait_for_completion_io+0x270/0x270 [ 1679.570786] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1679.571391] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1679.571990] do_syscall_64+0x33/0x40 [ 1679.572414] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1679.573015] RIP: 0033:0x7f347623eb19 [ 1679.573454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1679.575539] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1679.576416] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1679.577247] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1679.578055] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1679.578862] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1679.579674] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:14:09 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000040)={&(0x7f0000000100)=""/181, 0xb5}) syz_io_uring_setup(0x3a7a, &(0x7f0000000380), &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f00000001c0)=0x0, &(0x7f00000005c0)=0x0) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r2, r3, &(0x7f0000000140)=@IORING_OP_ASYNC_CANCEL, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) clock_gettime(0x0, &(0x7f0000000080)) r5 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x1) openat$procfs(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sysvipc/shm\x00', 0x0, 0x0) ioctl$BTRFS_IOC_INO_PATHS(r5, 0xc0389423, &(0x7f0000000300)={0x1, 0x50, [0x800, 0x7, 0x81, 0x3f], &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000340)={0x0}, &(0x7f0000000380)=0xc) sendmsg$unix(r7, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="20020001000100000001000000c34f0da0e1ea72762760ea395bc43a12654ff8f321c3f96fa3eec50032de7170ec497fd459f1c2575eafc6a97d1689afe27e4f51565e398d327387988bc4dda286f8c5faf1d76f058dd3fa2d88eed169b05e7513af5dbbeeae697ffc7db20ef2ba47977c2d8f837f1962bca2235eb34c4badedb51166", @ANYRES32, @ANYRES32, @ANYRES32=r5, @ANYRES32], 0x20}, 0x0) sched_rr_get_interval(r8, &(0x7f0000000400)) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x5, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, {0x1, r6}}, 0x10001) syz_io_uring_submit(r2, 0x0, &(0x7f0000000200)=@IORING_OP_LINK_TIMEOUT={0xf, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x0, 0x989680}, 0x1, 0x0, 0x1, {0x0, r6}}, 0x6) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) [ 1679.608641] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. 00:14:09 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:14:09 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(&(0x7f0000000080)=@sg0, &(0x7f00000000c0)='./file0/../file0\x00', &(0x7f0000000140)='zonefs\x00', 0x1000000, &(0x7f0000000180)='\x00') rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') 00:14:09 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 38) [ 1679.674049] FAULT_INJECTION: forcing a failure. [ 1679.674049] name failslab, interval 1, probability 0, space 0, times 0 [ 1679.675608] CPU: 1 PID: 18822 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1679.676389] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1679.677331] Call Trace: [ 1679.677621] dump_stack+0x107/0x167 [ 1679.678035] should_fail.cold+0x5/0xa [ 1679.678473] ? create_object.isra.0+0x3a/0xa20 [ 1679.678992] should_failslab+0x5/0x20 [ 1679.679405] kmem_cache_alloc+0x5b/0x310 [ 1679.679864] create_object.isra.0+0x3a/0xa20 [ 1679.680336] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1679.680912] kmem_cache_alloc_trace+0x151/0x320 [ 1679.681424] __io_uring_add_tctx_node+0x15c/0x520 [ 1679.681963] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1679.682554] ? alloc_fd+0x2e7/0x670 [ 1679.682952] io_uring_setup+0x1fbb/0x2980 [ 1679.683422] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1679.684007] ? wait_for_completion_io+0x270/0x270 [ 1679.684544] do_syscall_64+0x33/0x40 [ 1679.684962] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1679.685545] RIP: 0033:0x7f347623eb19 [ 1679.685954] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1679.688017] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1679.688828] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1679.689637] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1679.690401] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1679.691199] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1679.691958] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 [ 1680.016963] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1680.018364] print_req_error: 6 callbacks suppressed [ 1680.018385] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1680.022640] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1680.025207] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1680.034383] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1680.035723] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1680.039024] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1680.039070] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1680.041478] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1680.042755] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1680.046958] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1680.047029] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1680.049359] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1680.050645] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1680.055283] blk_update_request: I/O error, dev loop4, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1680.055345] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1680.057683] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1680.058977] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1680.063217] blk_update_request: I/O error, dev loop4, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1680.063291] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1680.065634] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1680.067045] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1680.068766] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1680.070288] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1680.071702] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1680.074722] Buffer I/O error on dev loop4, logical block 2096903, async page read [ 1680.105491] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1680.107605] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1680.110637] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1680.112311] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1680.114903] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1680.117060] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1680.119295] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1680.121444] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1680.123279] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1680.125604] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 00:14:25 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:14:25 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) 00:14:25 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x100010, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:14:25 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r3, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r6, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r9, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) poll(&(0x7f0000000000)=[{r0, 0x1040}, {r0, 0x2}, {r0, 0x5020}, {r1, 0x402}, {r4, 0x6000}, {r7, 0x2090}, {r0, 0x8040}, {r0, 0x8020}, {r0, 0x4510}], 0x9, 0x507) 00:14:25 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000080)={0x3, 0x80, 0x40, 0xff, 0x6, 0x7f, 0x0, 0x2, 0x200, 0x6, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0xa121, 0x5, @perf_config_ext={0xbe8, 0x6609}, 0x2064, 0x7fffffff, 0x0, 0x0, 0x6b4dcc27, 0x4, 0x5, 0x0, 0x5, 0x0, 0x6}, 0x0, 0x10, r0, 0x1) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000003040)=[{{&(0x7f0000000200)=@abs, 0x6e, &(0x7f00000012c0)=[{&(0x7f0000000280)=""/40, 0x28}, {&(0x7f00000002c0)=""/4096, 0x1000}], 0x2, &(0x7f0000001300)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0}}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xd8}}, {{&(0x7f0000001400)=@abs, 0x6e, &(0x7f0000001540)=[{&(0x7f0000001480)=""/56, 0x38}, {&(0x7f00000014c0)=""/80, 0x50}], 0x2, &(0x7f0000001580)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}], 0x68}}, {{0x0, 0x0, &(0x7f0000001840)=[{&(0x7f0000001600)=""/239, 0xef}, {&(0x7f0000001700)=""/57, 0x39}, {&(0x7f0000001e00)=""/4096, 0x1000}, {&(0x7f0000001740)=""/25, 0x19}, {&(0x7f0000001780)=""/39, 0x27}, {&(0x7f00000017c0)=""/82, 0x52}], 0x6, &(0x7f00000018c0)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x80}}, {{&(0x7f0000001940)=@abs, 0x6e, &(0x7f0000002f80)=[{&(0x7f00000019c0)=""/82, 0x52}, {&(0x7f0000001a40)=""/83, 0x53}, {&(0x7f0000001ac0)=""/138, 0x8a}, {&(0x7f0000001b80)=""/65, 0x41}, {&(0x7f0000001c00)=""/231, 0xe7}, {&(0x7f0000001d00)=""/33, 0x21}, {&(0x7f0000002e00)=""/163, 0xa3}, {&(0x7f0000003180)=""/55, 0x37}, {&(0x7f0000002ec0)=""/148, 0x94}], 0x9}}], 0x4, 0x2023, &(0x7f0000003140)) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x44, 0x3, 0x42, 0x7, 0x0, 0x80, 0x942, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, @perf_config_ext={0x7, 0x8}, 0x4000, 0x3, 0x0, 0x5, 0x9, 0x7f, 0xfeff, 0x0, 0xa4c, 0x0, 0xae}, r1, 0x0, r3, 0x3) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') chmod(&(0x7f0000000140)='./file0/../file0\x00', 0xe4) 00:14:25 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x100813, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0x20400, 0x0) readv(r1, &(0x7f0000000480)=[{&(0x7f0000000200)=""/125, 0x7d}, {&(0x7f0000000080)=""/61, 0x3d}, {&(0x7f0000000280)=""/54, 0x36}, {&(0x7f00000002c0)=""/108, 0x6c}, {&(0x7f0000000340)=""/168, 0xa8}, {&(0x7f0000000400)=""/77, 0x4d}], 0x6) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000000)={r0, 0x1, 0xff, 0x7f}) ioctl$MON_IOCG_STATS(r1, 0x80089203, &(0x7f0000000500)) read$char_usb(r2, &(0x7f0000000100)=""/233, 0xe9) 00:14:25 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:14:25 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 39) 00:14:25 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1695.915480] FAULT_INJECTION: forcing a failure. [ 1695.915480] name failslab, interval 1, probability 0, space 0, times 0 [ 1695.917567] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1695.918211] CPU: 1 PID: 18852 Comm: syz-executor.0 Not tainted 5.10.232 #1 00:14:25 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) [ 1695.920718] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1695.922608] Call Trace: [ 1695.923164] dump_stack+0x107/0x167 [ 1695.923930] should_fail.cold+0x5/0xa 00:14:25 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1695.924728] ? xas_alloc+0x336/0x440 [ 1695.925642] should_failslab+0x5/0x20 [ 1695.926455] kmem_cache_alloc+0x5b/0x310 [ 1695.927315] ? stack_trace_consume_entry+0x160/0x160 [ 1695.928381] xas_alloc+0x336/0x440 [ 1695.929129] xas_create+0x34a/0x10d0 [ 1695.929947] ? kernel_text_address+0xf2/0x120 [ 1695.930895] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1695.931999] xas_store+0x8c/0x1c40 [ 1695.932759] __xa_store+0x164/0x2d0 [ 1695.933524] ? xa_delete_node+0x280/0x280 [ 1695.934421] ? trace_hardirqs_on+0x5b/0x180 [ 1695.935335] xa_store+0x31/0x50 [ 1695.936034] __io_uring_add_tctx_node+0x1cf/0x520 [ 1695.937042] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1695.938169] ? alloc_fd+0x2e7/0x670 [ 1695.938945] io_uring_setup+0x1fbb/0x2980 [ 1695.939823] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1695.940899] ? wait_for_completion_io+0x270/0x270 [ 1695.941959] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1695.943055] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1695.944141] do_syscall_64+0x33/0x40 [ 1695.944919] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1695.946006] RIP: 0033:0x7f347623eb19 [ 1695.946775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1695.950622] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1695.952217] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1695.953716] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1695.955193] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1695.956678] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1695.958177] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 [ 1695.966795] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. [ 1695.981842] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. 00:14:25 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x300}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1695.996625] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. 00:14:25 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000140)={{0x1, 0x1, 0x18, r1, {0x7}}, './file0\x00'}) openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/timer_list\x00', 0x0, 0x0) openat$vcs(0xffffffffffffff9c, &(0x7f00000001c0), 0x10801, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r4, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r2) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r6, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) getsockname(r1, &(0x7f0000000000)=@nfc, &(0x7f0000000080)=0x80) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:14:25 executing program 4: r0 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff) add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x0}, 0x0, 0x0, r0) add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x2}, 0x0, 0x0, r0) perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') [ 1696.042844] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1696.053648] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1696.279299] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1696.280000] print_req_error: 22 callbacks suppressed [ 1696.280011] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1696.281997] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1696.282003] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1696.282023] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1696.284408] buffer_io_error: 6 callbacks suppressed [ 1696.284421] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1696.285059] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1696.287414] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1696.287930] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1696.289607] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1696.290285] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1696.292680] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1696.293834] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1696.294003] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1696.295552] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1696.296182] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1696.298867] blk_update_request: I/O error, dev loop4, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1696.300201] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1696.300973] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1696.301866] blk_update_request: I/O error, dev sr0, sector 2096901 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1696.304340] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1696.305451] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1696.306835] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1696.307599] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1696.310080] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1696.316707] Buffer I/O error on dev loop4, logical block 2096903, async page read [ 1696.335106] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1696.336242] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1696.336259] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1696.338662] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1696.338670] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1696.338733] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1696.341662] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1696.342394] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1696.343083] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1696.343790] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1696.736693] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. [ 1696.741668] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. [ 1696.745897] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. 00:14:40 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:14:40 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0) 00:14:40 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) getsockopt$inet6_opts(0xffffffffffffffff, 0x29, 0x37, &(0x7f0000000000)=""/90, &(0x7f0000000080)=0x5a) 00:14:40 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 40) 00:14:40 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0xb99, 0x0) ioctl$MON_IOCX_MFETCH(r0, 0xc0109207, &(0x7f0000000080)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8, 0x40}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r3, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000002, 0x11, r1, 0x0) r4 = accept4$packet(0xffffffffffffffff, 0x0, &(0x7f0000000100), 0x80000) r5 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000140), 0x2, 0x0) dup2(r4, r5) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:14:40 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x4}, 0x0, 0xa, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0/../file0\x00') 00:14:40 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:14:40 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) r1 = syz_io_uring_setup(0x3a79, &(0x7f0000000380), &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f00000001c0)=0x0, &(0x7f0000000080)=0x0) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) syz_io_uring_submit(r2, r3, &(0x7f0000000140)=@IORING_OP_ASYNC_CANCEL, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, &(0x7f0000000440)={0x0, 0x0, 0x0}}, 0x0) r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3e708dd48ae64338, 0x100010, 0xffffffffffffffff, 0x10000000) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000480)={0x0, 0x0, 0x2, 0x0, '\x00', [{0x8, 0x80000000, 0x101, 0x7, 0x0, 0x4}, {0x1000, 0x81, 0x2, 0x1, 0x9, 0x7}], ['\x00', '\x00']}) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x5, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, {0x1, r6}}, 0x10001) syz_io_uring_submit(r2, r5, &(0x7f0000000080)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f0000000000)={0x800, 0x62, 0x1}, &(0x7f0000000040)='./file0\x00', 0x18, 0x0, 0x23456, {0x0, r6}}, 0x66) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x25c55) [ 1710.671906] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1710.673438] FAULT_INJECTION: forcing a failure. [ 1710.673438] name failslab, interval 1, probability 0, space 0, times 0 [ 1710.676809] CPU: 1 PID: 18994 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1710.678472] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1710.680404] Call Trace: [ 1710.681040] dump_stack+0x107/0x167 [ 1710.681935] should_fail.cold+0x5/0xa [ 1710.682907] ? create_object.isra.0+0x3a/0xa20 [ 1710.683992] should_failslab+0x5/0x20 [ 1710.684894] kmem_cache_alloc+0x5b/0x310 [ 1710.685873] create_object.isra.0+0x3a/0xa20 [ 1710.686344] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. [ 1710.686941] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1710.686970] kmem_cache_alloc+0x159/0x310 [ 1710.686998] xas_alloc+0x336/0x440 [ 1710.692100] xas_create+0x34a/0x10d0 [ 1710.693001] ? kernel_text_address+0xf2/0x120 [ 1710.694088] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1710.695366] xas_store+0x8c/0x1c40 [ 1710.696219] __xa_store+0x164/0x2d0 [ 1710.697081] ? xa_delete_node+0x280/0x280 [ 1710.698085] ? trace_hardirqs_on+0x5b/0x180 [ 1710.699139] xa_store+0x31/0x50 [ 1710.699921] __io_uring_add_tctx_node+0x1cf/0x520 [ 1710.701064] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1710.702326] ? alloc_fd+0x2e7/0x670 [ 1710.703212] io_uring_setup+0x1fbb/0x2980 [ 1710.704201] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1710.705393] ? wait_for_completion_io+0x270/0x270 [ 1710.706585] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1710.707840] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1710.709054] do_syscall_64+0x33/0x40 [ 1710.709937] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1710.711175] RIP: 0033:0x7f347623eb19 [ 1710.712057] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1710.716389] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1710.718217] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1710.719906] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1710.721597] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1710.723318] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1710.725010] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:14:40 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x2000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:14:40 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x8000, 0x103000) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="240000001800210c000000000000000002000000080000000400000008000500", @ANYRES32=0xee01, @ANYBLOB="4a87c247d4339c848133ce9c9815ebb97ef7099f83beebe1f9763191165ec05ac55b8e63ccaa73ff46f197c0deaa15fc8766293e63a067a42a206323efdfa8ea2ab48c2ecd9e00a4a8f57198b7aae5a7aef15de255fe51bfbe79768dc8684b7022fec263fba7b8ea4aa3805e47681ed7b1364e4ff1d5f16ebe"], 0x24}}, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:14:40 executing program 6: r0 = fcntl$getown(0xffffffffffffffff, 0x9) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000340)={0x0}, &(0x7f0000000380)=0xc) sendmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0) r3 = epoll_create(0x3ff) kcmp$KCMP_EPOLL_TFD(r0, r2, 0x7, 0xffffffffffffffff, &(0x7f0000000340)={r3, 0xffffffffffffffff, 0x7}) r4 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) ioctl$MON_IOCX_MFETCH(r6, 0xc0109207, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1, 0x20}) sendmsg$nl_generic(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x1f, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) readv(r6, &(0x7f0000000900)=[{&(0x7f0000000180)=""/44, 0x2c}, {&(0x7f00000001c0)=""/123, 0x7b}, {&(0x7f00000004c0)=""/124, 0x7c}, {&(0x7f0000000540)=""/200, 0xc8}, {&(0x7f0000000640)=""/247, 0xf7}, {&(0x7f0000000740)=""/80, 0x50}, {&(0x7f00000007c0)=""/113, 0x71}, {&(0x7f0000000840)=""/185, 0xb9}], 0x8) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x5, 0x9, 0x88, 0x5, 0x0, 0x3f, 0x201, 0x6, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x3, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000000), 0x1}, 0x0, 0x0, 0x2, 0x9, 0x8001, 0x5, 0x0, 0x0, 0x9, 0x0, 0xfffffffffffffffb}, 0x0, 0x1, r6, 0xb) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r4, 0x0) ioctl$MON_IOCT_RING_SIZE(r4, 0x9204, 0x2a6b4) 00:14:40 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x0, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:14:40 executing program 5: ioctl$BTRFS_IOC_QGROUP_ASSIGN(0xffffffffffffffff, 0x40189429, &(0x7f0000000000)={0x1, 0x0, 0x8}) r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:14:40 executing program 4: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)={0xc4, 0x23, 0x1, 0x70bd29, 0x25dfdbfb, {0x19}, [@nested={0x14, 0x6, 0x0, 0x1, [@typed={0x8, 0x4e, 0x0, 0x0, @str=':--\x00'}, @typed={0x8, 0x66, 0x0, 0x0, @uid=0xee00}]}, @generic="3a070d64648aa791ea27b14c3436a130516c66331e418fc3db0c9d2032a5939611789f3362a2aea08501ffadfeefbb1b1e0d869e31ed6011e3e85fe798e699cf0e6d0accc0fde9c0f6407cac06f82ace1d40886d72f41f373efc3568ff170f949ed0180fabb2e28dda4d6374628f1f9a87f3bc54d638360d99c1a5bcaa05ef0b7c982619f713ad33b9c84ee5802477f4367dc03ff92675c2d9a997"]}, 0xc4}, 0x1, 0x0, 0x0, 0x40}, 0x4000090) perf_event_open(&(0x7f0000000280)={0x4, 0x80, 0x3f, 0x3f, 0x5, 0x2c, 0x0, 0x80, 0x20000, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0xffff, 0x4, @perf_config_ext={0x1ff, 0x8}, 0x14000, 0x0, 0x101, 0x5, 0x4, 0x1, 0x7, 0x0, 0xffff348c, 0x0, 0x100000000}, 0xffffffffffffffff, 0xb, 0xffffffffffffffff, 0x1) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') 00:14:40 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 41) 00:14:40 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x3000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1710.903855] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19110 comm=syz-executor.2 00:14:40 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ftruncate(r0, 0x3) clock_gettime(0x0, &(0x7f0000000f40)={0x0, 0x0}) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000000e40)=[{{&(0x7f0000000000)=@abs, 0x6e, &(0x7f0000000280)=[{&(0x7f0000000100)=""/100, 0x64}, {&(0x7f0000000080)=""/15, 0xf}, {&(0x7f0000000180)=""/49, 0x31}, {&(0x7f00000001c0)=""/16, 0x10}, {&(0x7f0000000200)=""/72, 0x48}], 0x5, &(0x7f0000000300)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xb8}}, {{&(0x7f00000003c0), 0x6e, &(0x7f0000000580)=[{&(0x7f0000000440)=""/243, 0xf3}, {&(0x7f0000000540)=""/24, 0x18}], 0x2, &(0x7f00000005c0)=[@cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x68}}, {{&(0x7f0000000640)=@abs, 0x6e, &(0x7f0000000840)=[{&(0x7f00000006c0)=""/33, 0x21}, {&(0x7f0000000700)=""/199, 0xc7}, {&(0x7f0000000800)=""/42, 0x2a}], 0x3, &(0x7f0000000880)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x170}}, {{&(0x7f0000000a00), 0x6e, &(0x7f0000000c80)=[{&(0x7f0000000a80)=""/53, 0x35}, {&(0x7f0000000ac0)=""/29, 0x1d}, {&(0x7f0000000b00)=""/55, 0x37}, {&(0x7f0000000b40)=""/205, 0xcd}, {&(0x7f0000000c40)=""/32, 0x20}], 0x5, &(0x7f0000000d00)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x128}}], 0x4, 0x2000, &(0x7f0000000f80)={r1, r2+60000000}) ioctl$SNDRV_TIMER_IOCTL_TREAD(r3, 0x40045402, &(0x7f0000000fc0)) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) [ 1710.937437] FAULT_INJECTION: forcing a failure. [ 1710.937437] name failslab, interval 1, probability 0, space 0, times 0 [ 1710.940301] CPU: 1 PID: 19115 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1710.942002] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1710.944081] Call Trace: [ 1710.944736] dump_stack+0x107/0x167 [ 1710.945638] should_fail.cold+0x5/0xa [ 1710.946610] ? xas_alloc+0x336/0x440 [ 1710.947537] should_failslab+0x5/0x20 [ 1710.948473] kmem_cache_alloc+0x5b/0x310 [ 1710.949473] xas_alloc+0x336/0x440 [ 1710.950390] xas_create+0x34a/0x10d0 [ 1710.951316] ? kernel_text_address+0xf2/0x120 [ 1710.952425] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1710.953713] xas_store+0x8c/0x1c40 [ 1710.954646] __xa_store+0x164/0x2d0 [ 1710.955543] ? xa_delete_node+0x280/0x280 [ 1710.956580] ? trace_hardirqs_on+0x5b/0x180 [ 1710.957650] xa_store+0x31/0x50 [ 1710.958505] __io_uring_add_tctx_node+0x1cf/0x520 [ 1710.959689] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1710.960987] ? alloc_fd+0x2e7/0x670 [ 1710.961897] io_uring_setup+0x1fbb/0x2980 [ 1710.962976] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1710.964229] ? wait_for_completion_io+0x270/0x270 00:14:40 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) [ 1710.965448] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1710.966889] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1710.968147] do_syscall_64+0x33/0x40 [ 1710.969070] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1710.970353] RIP: 0033:0x7f347623eb19 [ 1710.971271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1710.975843] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1710.977718] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1710.979509] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1710.981262] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1710.983046] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1710.984797] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 [ 1711.056398] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1711.457455] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1711.458447] print_req_error: 22 callbacks suppressed [ 1711.458461] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1711.461207] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1711.462144] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1711.462185] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1711.463961] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1711.466047] buffer_io_error: 6 callbacks suppressed [ 1711.466059] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1711.466925] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1711.468015] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1711.469307] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1711.471188] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1711.472938] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1711.477367] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1711.478300] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1711.480099] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1711.480178] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1711.481004] blk_update_request: I/O error, dev sr0, sector 2096901 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1711.483042] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1711.484802] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1711.486213] blk_update_request: I/O error, dev loop4, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1711.487134] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1711.489043] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1711.491375] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1711.500586] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1711.502059] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1711.503554] Buffer I/O error on dev loop4, logical block 2096903, async page read [ 1711.562976] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1711.563963] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1711.565681] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1711.566635] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1711.567533] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1711.567564] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1711.569815] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1711.570734] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1711.571634] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1711.572529] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1725.444649] FAULT_INJECTION: forcing a failure. [ 1725.444649] name failslab, interval 1, probability 0, space 0, times 0 [ 1725.447108] CPU: 1 PID: 19136 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1725.448518] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1725.450219] Call Trace: [ 1725.450772] dump_stack+0x107/0x167 [ 1725.451521] should_fail.cold+0x5/0xa [ 1725.452518] ? ___slab_alloc+0x155/0x700 [ 1725.453407] ? create_object.isra.0+0x3a/0xa20 [ 1725.454336] should_failslab+0x5/0x20 [ 1725.455137] kmem_cache_alloc+0x5b/0x310 [ 1725.455968] create_object.isra.0+0x3a/0xa20 00:14:55 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:14:55 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x0, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:14:55 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 42) 00:14:55 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) ioctl$MON_IOCG_STATS(r4, 0x80089203, &(0x7f0000000140)) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) ioctl$MON_IOCX_GETX(r2, 0x4018920a, &(0x7f0000000100)={&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000040)=""/123, 0x7b}) 00:14:55 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x40010, r0, 0x0) lseek(r0, 0x3, 0x4) sendmsg$TIPC_NL_MON_SET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="cc010000", @ANYRES16=0x0, @ANYBLOB="000227bd7000fedbdf2511000000100007800c0003000600000000000000f400048014000780080003000000f0edea96000008000200000001002c000780080001000300000008000400000000000800030005000000080001000d000000080001001e0000003400078008000200ffffffff080003000300000008000100190000000800010001000000080003000900000008000400010000803c000780080002000800000008000100200000000800ff0f0000000008000400020000000800010002000000080001001d00000008000300ff0000000900010073797a31000000000900010073797a300000000024000780080004000800000008000100080000000800030005000000080002000900000004000780b40002800400040034000380080002000002000008000100060000000800020006000000080001000900000008000100040000000800010096000000340003800800010001000000080001000700000008000200010000000800020019000000080002000600000008000100090000004400038008000100010000000800020007000000080002003100000008000200fdffffff08000100c600000008000100050000000800020002000000080002001f000000"], 0x1cc}, 0x1, 0x0, 0x0, 0x8000}, 0x24008804) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:14:55 executing program 4: r0 = semget$private(0x0, 0x0, 0x60e) r1 = semget(0x1, 0x2, 0x4) semctl$GETNCNT(r1, 0x3, 0xe, &(0x7f0000000140)=""/80) semctl$IPC_RMID(r0, 0x0, 0x0) r2 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000a40)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000a00)={&(0x7f0000000740)=@report={0x2b8, 0x20, 0x0, 0x70bd2a, 0x25dfdbfe, {0x2b, {@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in=@multicast1, 0x4e23, 0x7, 0x4e22, 0x9, 0x2, 0xa0, 0x40, 0x2f, 0x0, 0xee00}}, [@encap={0x1c, 0x4, {0x2, 0x4e21, 0x4e21, @in6=@remote}}, @lifetime_val={0x24, 0x9, {0x3, 0x0, 0x8, 0x10001}}, @migrate={0x9c, 0x11, [{@in6=@mcast2, @in=@rand_addr=0x64010102, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@rand_addr=0x64010101, 0x6c, 0x3, 0x0, 0x34ff, 0xa, 0x2}, {@in=@loopback, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @in6=@private0, 0x2b, 0x3, 0x0, 0x3507, 0x2}]}, @offload={0xc, 0x1c, {0x0, 0x2}}, @tmpl={0x44, 0x5, [{{@in=@private=0xa010100, 0x4d6, 0xff}, 0xa, @in=@broadcast, 0x3503, 0x7, 0x0, 0x6, 0x1, 0x9, 0x4}]}, @algo_auth_trunc={0x140, 0x14, {{'rmd128-generic\x00'}, 0x7a0, 0x100, "2e98a1ae07b7e5fa20f3d6bb1e203e6d3b49b5f491d2574fd383752bd17309592597a96497813daea0400cb083ca3eed168e3f94ee1e9c31a5ef355d95b877e093a2186182788d4e0e4068b1f3295e4cda963ae30476f215ef25b3fa1205e9796eb6c0c4a40e446e26496f1ca9728ae98ce97f0afb11fd120800ee98be4c9bbc4ef37c51f55e9853c1bd2688b90e93de47efb56d6dc4be771bbf6be66192fabcd7daf208d1e3448c0e5c26ef44db78eef71bbda00611bf11355ec211b54719bed371839b8d5e2f0fc9fb3b2f9f9a390d67fb6f380c49d3d12a74a8b9ee9dd8d17de7949039b1794e93aeb8ff21907aec71f8b521"}}]}, 0x2b8}, 0x1, 0x0, 0x0, 0x4000001}, 0xc081) semctl$GETALL(r1, 0x0, 0xd, &(0x7f0000000240)=""/189) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) semctl$IPC_SET(r1, 0x0, 0x1, &(0x7f0000000500)={{0x0, 0x0, 0x0, 0xee01, 0xee01, 0x71, 0x5}, 0x508, 0x800, 0x0, 0x0, 0x0, 0x0, 0xff}) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000340)={0x0}, &(0x7f0000000380)=0xc) sendmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x20}, 0x4008854) perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x1, 0xf9, 0x7f, 0x40, 0x0, 0x37f1, 0x102, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4, 0x0, @perf_bp={&(0x7f0000000300), 0x8}, 0x558ed4cc3374860a, 0x7f, 0x7ff, 0x8, 0xad, 0x400, 0x41fb}, r4, 0x3, r2, 0x2) r5 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r6 = semget(0x2, 0x2, 0x40) semctl$GETPID(r6, 0x1, 0xb, &(0x7f0000000580)=""/78) setxattr$security_capability(&(0x7f00000000c0)='./file0/../file0/file0\x00', &(0x7f00000001c0), &(0x7f0000000200), 0xc, 0x1) rename(&(0x7f0000000040)='./file0/../file0/file0\x00', &(0x7f0000000600)='./file0/../file0\x00') r7 = semget$private(0x0, 0x4, 0x42) mknodat$loop(r5, &(0x7f0000000080)='./file0\x00', 0x400, 0x0) semtimedop(r7, &(0x7f0000000440)=[{0x1, 0xfff, 0x800}, {0x0, 0x2, 0x800}, {0x0, 0x74, 0x800}], 0x3, &(0x7f00000004c0)={0x77359400}) 00:14:55 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x2000) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:14:55 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x4000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1725.456867] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1725.458215] kmem_cache_alloc+0x159/0x310 [ 1725.459144] xas_alloc+0x336/0x440 [ 1725.459896] xas_create+0x34a/0x10d0 [ 1725.460719] ? kernel_text_address+0xf2/0x120 [ 1725.461656] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1725.462806] xas_store+0x8c/0x1c40 [ 1725.463591] __xa_store+0x164/0x2d0 [ 1725.464383] ? xa_delete_node+0x280/0x280 [ 1725.465288] ? trace_hardirqs_on+0x5b/0x180 [ 1725.466230] xa_store+0x31/0x50 [ 1725.466956] __io_uring_add_tctx_node+0x1cf/0x520 [ 1725.468000] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1725.469133] ? alloc_fd+0x2e7/0x670 [ 1725.469986] io_uring_setup+0x1fbb/0x2980 [ 1725.470971] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1725.472154] ? wait_for_completion_io+0x270/0x270 [ 1725.473308] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1725.474543] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1725.475759] do_syscall_64+0x33/0x40 [ 1725.476631] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1725.477822] RIP: 0033:0x7f347623eb19 [ 1725.478707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1725.483072] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1725.484860] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1725.486541] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1725.488212] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1725.489885] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1725.491559] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:14:55 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x40000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1725.556029] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. 00:14:55 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) r1 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x9, 0x1, &(0x7f0000000080)=[{&(0x7f0000000100)="8966c55fd8bb4bb63e5aee57c06afbf5bb1daf1c63121a555718e59da2c6c3909945bab0a055931c17cd0c7c816289e51f427b4126d7139c00056b115e94afb81db2d16028fcc64dabf8a6c4d1964c9cb9750554164cb65a352edf31fb3be7e6134b55f47097edd1808f73cc6839d3383232a2bde1ac31ab5f3a5c36303b79cc40cd2b4cdc7d21c005092a723438c5976ebfc741d188e4714af1e6e61dd93a049ef617d25a99", 0xa6, 0x8001}], 0x10024, &(0x7f00000002c0)=ANY=[@ANYBLOB='nomblk_io_submit,bsddf,quota,jqfmt=vfsv0,fowner>', @ANYRESDEC=0xee01, @ANYBLOB=',euid>', @ANYRESDEC, @ANYBLOB="8abfd640636b6673666c6f6f723d3a2a292a242c646566636f6e746578743d756e636f6e66696e65645f752c7569643e46042efac2334e72502c7bbcaafae8afe154e6bb22b071e288d5b5f2faaa048c81cdaa9647a6e718c270ee5bd1fc3028b912074e1419aae6", @ANYRESDEC, @ANYBLOB=',permit_directio,seclabel,\x00']) mount(&(0x7f0000000280)=ANY=[@ANYBLOB="2f6465762f6e756c6c62300085dc9a29c63276d601cce8c9c55eda3bc4b6342e75d48ffefba6ca9c25"], &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='efivarfs\x00', 0x10, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r1, 0x2000000) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x8, 0x30, r1, 0x988f7000) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:14:55 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) ioctl$TIOCSPTLCK(r2, 0x40045431, &(0x7f0000000000)) r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000100), 0x90e80, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r3) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:14:55 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r2, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) r3 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x980) ioctl$BTRFS_IOC_SNAP_CREATE(r0, 0x50009401, &(0x7f0000000100)={{r3}, "dc539a41a3ee9938b869d62c919a75cd0dc22636324ec6e5ba0483d600f810375259a3907cc00505f7f293bb994540114324e6da991ab534a8499414a5772d9978bba857357ac70c4d37686975e1d367b6a5882a021d40193c9b1c6edcea0fa67f25fe5fc7bb2572699534b60ccb00099188da06966fc2110302222de975782a394de4a0d381fccbb9514c4bdd0aa36c25715e911409ce13aac3c3e3356fb9d9a0e64db4a80134ff9988f6658a7d0a36d95d87451dbb43a8d27f72caca7f121f82544c5263fe4c8cb80176de5863363bfbc1a48afb9554a5e2fefcae96369a10fc547cbe30d6f38f857407ba1016cbebd82a333feb2f9b4e563cc43e25d1edd4d3828c62f1e36c716dcb67653e9145c0ab0e49debd28563544eef925324390c9285ac73c2c27c7293868c6531df8120a34f9e57b6d57628e0e8d4d089e0db1406a6015d66a72bb5f2aef3cde3ca0cd55a215160d1df48d6ba8dcd71cd04b7d4a9ccdab1875d7f6d1f7deadf29bfc51ef520e80eba92dff85eabe8ad17d948e2a8058ca0a8d8ea41e674ccf45a877184707e40fe9e7126da0793268a8c6a59313a270ffae5c2cd7a18a4adf951532046cbaba8a8f653b567456e05a7d77206eee5fbf090552fc79fb1163e2e375e69e2ffef9b68580a003c8f9620cb66250af2fc303b2006b83e8c88d6d5c1615634c6be323dced03fdb7abb0c5af2c2ffbbf17899d181d7d241cab8ebc0e7c071fef6485fe03c7a6482305ec9183a53bdbac0ffb324b44c4c26d28929d20af7f3463c75028f582b04936c9d527e5580926cf58aa33b19b7a8d866c40b1b2caaa23eee1079e309d8f280655247231785d3126aaa83c57bafbb62d45d47f0968b746198a0dc304de663bbdb0d57ab5adeaab33a449f59ffcabae32f7787e792316bda6d24e6733632542c34d67fc6175bcd5109103b03c4464af1ebad7e29cde8a9a0d4ab82b9b02cc9d46143da6b8bc7f25d88491b819524b8baec00a8b9766487829007639c5a074140e7cfd3490cc59ed10d87de29a8a067d6bbd1a46adeac105bcd4a02194c70a3a97928c50519186ce3cec5131d784ef37fc5134a72a3aaa3931987411e235d9c0ccef2b0187d8fc1a3e72b9d25167c6f2d4dc066270db087216a8d0a0bc47d9196850268e4cb6e619445f1bcde62558a3d8bc3edde1f66ed511a883de739dcb15dbdda805efd79b98f7c16494002281fb9974218cd86f09a3f1d2b9f21b15e251ec7134cda43cac471041e5d40030052e64f5189bcdd2a6fdb6679e2f700c530e3d4085c6861730c8fd1132633d9dd6e0a1ed3da3db9d15892ab3a719bd5a39f21ac797afff6c2a07e5a918644310d9c36f3df3ea9954b8d1142b9311a4c37f4a11987e945d14fad7a2aa584144522e193376c9cd793943713517bc8ccc829c741de5ef82ee749054195e44a0d0f1f3e1dc21dd6be566c38b3af7a6dcc13dc045ac53328e24a25b192790587e16353253bcde520ee5fcbe9b493c6c6f57d208cabbcd3e1319d22bb7a1d9ac82a128cbc2e2f5bd82a5611a32842883f8bae9230f4e8982ed0910f12eec9b459bfcf0c1e7c16a99b681f7f78bfc7dc0685ba76aa4018506a431134bb6b2ed040436e0d8507a7e0f557d24700f0e606ada56b07a3cf7391cfef4d7f97656619b50cbeb99da7a7df13890313b1ea905af6300cdc5dc36c5606e1c38cf3b33d3efffd4b9106737ee46a117b6b24392f26d1c42aa4c967444b8a8988400ec755e20320e5071b2428a16f7b873d1a1aaf0118ba56994f1669b722b42350f530238c7f9d13131bb2ef5c78b61780e9d9fd189e0a29d8f3af61ac89628658c9c0fccb0c02f0cc96e05b6dfc9f46d1b841a9eca1d1e8b4941d0b912e3da3eeacf73c71f06fa5e4f7387d514ecfddad8e88c42fb4049ab6362556e460e142b30561fd6595a7da92120618230ad28b44a22c761ad28d1d5b18ed6ed6c218e7e1135fdb64f12cf22993e8107e876803a86615e828ec04c10f941a0a00c5b0c633db46f2a2d5000af5353f83517fef562ac0b1ed9400fed960175b72282e1102bc932e00e9ab08582c95e51575238de25dbc10dedc50b14b60bfdd96cbcebddc3fdc38577c76d4d47d8b08c8de0867b3e81b654138d913f615eaff2c7519c0fe83ccfb2dd544f287b4a36dfa43f4dc957bf3a06aa5285530b234c82c6a4c7f88b80f347b735cdf07b61fe78e90462eae036a0c7a2de5483ae57da06834b3dddef45bd2f72df0f6f4da57db799878b1d1db01fe73053ec8996d26d59775802618d2ff147d0e2cc323d8d3f8432da2c75d8b66b4dc6b31a983deecd739311555083ce72b31fe0c45e04296d6c29fb511e4d195b726926a7e4d7ec540cbf1a0149acf2273b0a052fe917d2db365d23b1bd2695c2ddf223e73a23bea2dc7b23210fe69199a664753cffaf7dc2df51d904d807b7c6afa176f657f026cae457fc834c29dc8eaf12f1fcebed06857be8c139104dd20c23ef521e1ec884d0eaa98bd45d74b4d818f064587cd83cd92ce400e1ce4a07e6d56141551cee5880fc40125b869893f30df6a9263e64725b3bc967bc7dabcf12e6b4d478783c12d54330919de6eacdacffe8d5eda4f56099651c7b03b1af90efae40fe8579043f0c1829c5c9c12c71b357ae29241ebb5101632103b97b6f2bcec3d1b1846ac278835a4dc802910175c638fe86e22761abf483535c05c26b08e8107d3dfe4fa845f9277f0dd590081c8c2292702005334b732a20ac18dc22947e69374b4fdb4c7a27497d6b38dded7db599364da1915b431f250c284cd5590959fb538d4712b13e54af4c726782e93db47dffb34618f12ea8d1cdcd7cbed28b3a103dd23e0ce52ea7258844cd9c4e024237514052cd711b7c0601a781370a7fd3b158ff51ef7d4ef3fcafc6100d987de8f46f12c6d7e54ca9d84e79f1816159a1e0d301bedc49614bc8f7b5447f7b6e5589ad2222c050ed9e6224b70ddb68a121bf8c79144e03a55361b6b98aeced7f42cd02902701c33b1fb057778e218166775da9347d2f4207d4c707e8fb44fb637285f99fa100cbc0f06c5eafb3e3c7a23c6916520a917e3cb278ce9039f40729375bf08cac4cf425fc93ae0b2af2402803bd757ff9b6d8a1a4eb82220da60b14dc4f4b037e8c688cff5a24a9e0109458cb7b4c51e5de8028b7b2366178cfa4cbbd78db17eb4b3b1eab7eaa9d90b59c44b01ea3a6981d04453b67ecce1728b0f9c745166dbc56dec06504493a01f43210df345a397a768c14f7f82922b668c9a426372795ff016c402e44d5b39e17c45f2d8a6b666ab7feaf3100d4d2c51b5def08b3d2d0edabe3cedd338a31c59252879245dbcc40ea4421d747eef915829040ba1123e5f6ed8bdcd238619887d5f3d354a40e57ad155943375fc2b3fd26b574746e06d072e1a29e429d2fc465a7140d4a27597117de12a00421fefb959eb074a1253e03f700f118a1cef3d241e985f7d7785a7506b18b003e265878cc5664f37fb2e69a9db508d904c6ee3c9e7dd2d9d7ad00d06e4005ece64c22263ae1855a90c9022e78468a74ac0b0f3c24e3d88cdc3ab5da67949035462a8b802d99d12967438fc3abcc6978705b1405ab39bd2e63fe90654809d0060ae2708117ee71e7aa1681fccad5b9ab39042075f81071229f7ac56ea7b03fc1f07ab73d36885579dc2c3db17e5be5a681fece519098a69800468610dcd2da8af4667858cd139594bee3852e99b205c127d9ee6f311f0263f1131175d4743b7fd881fe71a61f52dcc7c4b7d52f9362031c86d8b4345f8056554870c4acbc43ed663a537344e0156997f7497b3168cbb10328d80cd7fe40d2342e9e5252faa5457a58877ebe2e68c8c4da088276c9edaab0959ee6994dbcdc5129e664cadfbcdca10caeea8199e1445fd14ca1d13901f65945fcd6090283c2c3a71b0cbff7823cec7b9b49312b0d0fe8cdc762265cb98dc8f535b5736ec1d5e6ddc2897a846d0e63f27e21acb64e997daf020ef2b195cf602e8c5192ab463c63f76866da4afe715e706699459cdc2f9b7b92b1b9e3cfea3f9b1747f2d2cd05977fd2d6cf83a1200e6ecde67a40926ddd16b34266bb933f8f3ea0794c002474c9191c00a425c6fcb950fca5d7fac4289b19a8107641b469c4ae359d896b7f7f66322a218c2d429304f1589dcf914f880927185d70908a2121f06b19069668a7ae73c48a667689a3f9f122ee8e683efae45813953fded6777edbf00f53b202bc6dd232b697d00d250973489b0d4fc2314a58f959466c7dff7ad0d0149195a62b6cb9436380e4da051757419275ba7725e801ab120cb10f240be04ddd32b622e5884243cd14b25cf7b4206d020bd7624187cc775f3e825d72d4522f1c9e7e9026467e7f704ff79d7c1c8355c7331806d7056525e0ad65beaa7c6eac8a7c1d29b8695155f9454a181515ca1b45e0c4fb344826427ea238fb117c22737820386ff56c6e7cfc4b37c29e22ffbfb867bde8cf8b4b15e6d55ed10001d9c6f4b6491d64a3608750c0b602a4e47beb6c25dee45baba4e4a97c72d3c492d242e936762a4fce9038f5304a1b7f879948392c9b2b278b33a15d3c6b37b07ce861530e90cc300ef5cde8097b5daff87d4d962fa68eca8124a76149fad329abe2277dfa8da51879bb1da6158959e439cd4414f4a7fe3d23b53575cc4b95dd2ef0641990b58cab538654fe0db2f7897c935f0b0c9a7ee7bf91c4b997015c0d8d5207074fc8b3b46b6e31423efa5efe7e823db0b57fc2f0f7932050a950edf6c2185a5ecab7dbc97f2072e5d830a2ab2518b7ddb68a2d118631b47c55fed8e00b4a7f8eb4a299e1110aafbd0210465f04fa431f2f6ed1eda46e7d6eade10622cdaf515264aef94bc6f3b2f030d4cf307067720c919278b8df3511413390a1423ffbc3de3ef2e47cda7e7ab32c1d93e13260b9bd29c8e4076682d39fb0c48aabbd281295395110f541a73346830368f001798d394ed2b96749b605442abde4215d2e1ad702ae26f4fdac45348f8c8ed71a0480f60f4a15af4092198d37a0aa7bd4a5e64aab5d4eacb1e7409beb55ef8ecf51def281ceb07103671c93dce42975656da2b3bd0e57ebb9f2475c8aa4266680d6ed145612f9fe0c64c777aebcfad8cf4f97ce455caa2faa3bf7a0348456054e03aacf1941dcc3cb2a337f96e855ae8c73f5e993d96fb654c9ffc82eb2f68c01784c8b6616e321ae896aee3f60821bb23316e29dc094186b24decc654a5e22a62276846a6a86ffb1ebd45f56ef7f4c9e1cf2ef2abb4be209352f578c4ca6b60c5b41a4a23a262ca31dfc1cec282f0f03a5d8d9f599be5075e27e1ed67362adab7de07a5222209b40568e09a5550369cac86d43826b365cc8d106c6fb2c62c89c499a40b6e709d198e155c1a6625020aa5dedb66d3999e43f788749d8531f32141dde13e5d784dae052457d0722066b7630a4ec834dfebe66d04f250e399322f3b304d2594bd8d810615390565ecdd249a853e8a1fc2a73b9290bdc0108a034a613638c754499cde4dfb0c3ecca6185f6b21c3a84a5ec2f4a1f2840318e72d141eb7e018412c02e47198396ca8bc083de08809c5319ca4e8fdfcba9e89e5e009eefe4cc6260b08cab8b75881c5341203b0081403b4534052023d1ac90f99ba46455faa87a57ccd114beb18455642db1018ce9f6463c1b383753daff2c3388330947c50847c78662bff2512b00dc962f5cfccf44284c6ee68ef247bfde758574d13dd4"}) r4 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r4, 0x0) ioctl$MON_IOCT_RING_SIZE(r4, 0x9204, 0x2a6b4) [ 1725.615822] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19156 comm=syz-executor.2 00:14:55 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:14:55 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 43) [ 1725.708933] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. 00:14:55 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='./file0\x00') 00:14:55 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1725.796567] FAULT_INJECTION: forcing a failure. [ 1725.796567] name failslab, interval 1, probability 0, space 0, times 0 [ 1725.799196] CPU: 1 PID: 19233 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1725.800762] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1725.802672] Call Trace: [ 1725.803280] dump_stack+0x107/0x167 [ 1725.804135] should_fail.cold+0x5/0xa [ 1725.805029] ? xas_alloc+0x336/0x440 [ 1725.805887] should_failslab+0x5/0x20 [ 1725.806779] kmem_cache_alloc+0x5b/0x310 [ 1725.807723] xas_alloc+0x336/0x440 [ 1725.808537] xas_create+0x34a/0x10d0 [ 1725.809408] ? kernel_text_address+0xf2/0x120 [ 1725.810443] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1725.811627] xas_store+0x8c/0x1c40 [ 1725.812464] __xa_store+0x164/0x2d0 [ 1725.813298] ? xa_delete_node+0x280/0x280 [ 1725.814252] ? trace_hardirqs_on+0x5b/0x180 [ 1725.815257] xa_store+0x31/0x50 [ 1725.816023] __io_uring_add_tctx_node+0x1cf/0x520 [ 1725.817125] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1725.818312] ? alloc_fd+0x2e7/0x670 [ 1725.819159] io_uring_setup+0x1fbb/0x2980 [ 1725.820085] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1725.821225] ? wait_for_completion_io+0x270/0x270 [ 1725.822317] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1725.823494] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1725.824648] do_syscall_64+0x33/0x40 [ 1725.825483] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1725.826650] RIP: 0033:0x7f347623eb19 [ 1725.827473] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1725.831500] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1725.833080] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1725.834629] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1725.836153] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1725.837679] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1725.839221] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 [ 1726.315151] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1726.316184] print_req_error: 21 callbacks suppressed [ 1726.316199] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1726.318923] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1726.318948] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1726.321041] buffer_io_error: 6 callbacks suppressed [ 1726.321055] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1726.321956] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1726.326046] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1726.326075] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1726.328124] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1726.330320] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1726.332171] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1726.332252] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1726.334232] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1726.337141] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1726.338986] blk_update_request: I/O error, dev loop4, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1726.339016] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1726.340993] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1726.341889] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1726.345043] blk_update_request: I/O error, dev loop4, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1726.345580] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1726.346927] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1726.347889] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1726.349216] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1726.350085] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1726.351371] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1726.353668] Buffer I/O error on dev loop4, logical block 2096903, async page read [ 1726.406807] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1726.408290] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1726.408328] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1726.410588] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1726.410630] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1726.412914] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1726.413922] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1726.414947] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1726.415958] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1726.416964] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 00:15:08 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 44) 00:15:08 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) sendmsg$nl_generic(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) ioctl$MON_IOCT_RING_SIZE(r4, 0x9204, 0x400000000001cad1) 00:15:08 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x0, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:15:08 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.log\x00', 0x288840, 0x110) r1 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x0, 0x1bc) syz_genetlink_get_family_id$SEG6(&(0x7f0000000000), r1) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) socket$nl_generic(0x10, 0x3, 0x10) 00:15:08 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:15:08 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x4000010, r0, 0x4000) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) ioctl$BTRFS_IOC_FS_INFO(0xffffffffffffffff, 0x8400941f, &(0x7f0000000500)) 00:15:08 executing program 4: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="240000001800210c000000000100000002000000080000000400000008000500", @ANYRES32=0xee01, @ANYBLOB], 0x24}}, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x9, 0x7, 0x0, 0x0, 0x0, 0x0, 0x38408, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0), 0x2}, 0x0, 0x400, 0x0, 0x0, 0xbad3, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x7}, 0x0, 0x8000000000000000, r1, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') [ 1738.908197] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19288 comm=syz-executor.2 00:15:08 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:15:08 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1738.946698] FAULT_INJECTION: forcing a failure. [ 1738.946698] name failslab, interval 1, probability 0, space 0, times 0 [ 1738.949302] CPU: 1 PID: 19302 Comm: syz-executor.0 Not tainted 5.10.232 #1 00:15:08 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) [ 1738.950858] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1738.952869] Call Trace: [ 1738.953470] dump_stack+0x107/0x167 [ 1738.954288] should_fail.cold+0x5/0xa 00:15:08 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x3, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x80004, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) mkdirat(r2, &(0x7f0000000180)='./file0\x00', 0x10) r3 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="240000001800210ce88ccd2e5b6990bd02000000080000000400020008000500", @ANYRES32=0xee01, @ANYBLOB], 0x24}}, 0x0) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) futimesat(r3, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)={{r4, r5/1000+60000}, {0x77359400}}) [ 1738.955170] ? create_object.isra.0+0x3a/0xa20 [ 1738.956301] should_failslab+0x5/0x20 [ 1738.957161] kmem_cache_alloc+0x5b/0x310 [ 1738.958079] ? mark_held_locks+0x9e/0xe0 [ 1738.959013] create_object.isra.0+0x3a/0xa20 [ 1738.960002] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1738.961158] kmem_cache_alloc+0x159/0x310 [ 1738.962112] xas_alloc+0x336/0x440 [ 1738.962921] xas_create+0x34a/0x10d0 [ 1738.963782] ? kernel_text_address+0xf2/0x120 [ 1738.964807] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1738.966001] xas_store+0x8c/0x1c40 [ 1738.966819] __xa_store+0x164/0x2d0 [ 1738.967648] ? xa_delete_node+0x280/0x280 [ 1738.968591] ? trace_hardirqs_on+0x5b/0x180 [ 1738.969568] xa_store+0x31/0x50 [ 1738.970314] __io_uring_add_tctx_node+0x1cf/0x520 [ 1738.971410] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1738.972597] ? alloc_fd+0x2e7/0x670 [ 1738.973430] io_uring_setup+0x1fbb/0x2980 [ 1738.974373] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1738.975532] ? wait_for_completion_io+0x270/0x270 [ 1738.976641] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1738.977822] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1738.979004] do_syscall_64+0x33/0x40 [ 1738.979850] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1738.981014] RIP: 0033:0x7f347623eb19 [ 1738.981855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1738.986041] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1738.987785] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1738.989405] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1738.991040] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1738.992661] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1738.994278] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:15:08 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0x0, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:15:08 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:15:08 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:15:08 executing program 4: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') mount(&(0x7f0000000080)=@md0, &(0x7f00000000c0)='./file0/../file0\x00', &(0x7f0000000140)='cgroup\x00', 0x8000, &(0x7f0000000180)='\x00') 00:15:08 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000000, 0x6a75293511e66657, r0, 0x7a77000) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0x400, 0x4, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}, 0x1, 0x0, 0x0, 0x4048005}, 0x0) ioctl$MON_IOCT_RING_SIZE(r4, 0x9204, 0xb59dc) [ 1739.147301] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1739.186159] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1739.186889] print_req_error: 22 callbacks suppressed [ 1739.186911] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1739.189289] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1739.190742] buffer_io_error: 6 callbacks suppressed [ 1739.190750] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1739.208735] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1739.209714] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1739.211289] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1739.212787] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1739.220567] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1739.221501] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1739.222999] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1739.224524] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1739.227368] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1739.229070] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1739.231784] blk_update_request: I/O error, dev loop4, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1739.234321] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1739.236286] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1739.237620] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1739.240205] blk_update_request: I/O error, dev loop4, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1739.240246] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1739.242748] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1739.244143] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1739.245847] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1739.247172] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1739.248808] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1739.251832] Buffer I/O error on dev loop4, logical block 2096903, async page read 00:15:22 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:15:22 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000240), 0x20200, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000280)={{{@in6=@local, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in6=@remote}}, &(0x7f0000000380)=0xe8) mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x2000, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@mmap}, {@nodevmap}, {@afid={'afid', 0x3d, 0xc9}}, {@version_u}], [{@fowner_gt={'fowner>', r2}}, {@measure}, {@smackfstransmute={'smackfstransmute', 0x3d, '/dev/usbmon#\x00'}}, {@fsuuid={'fsuuid', 0x3d, {[0x37, 0x30, 0x63, 0x0, 0x36, 0x38, 0x61, 0x38], 0x2d, [0x37, 0x31, 0x37, 0x31], 0x2d, [0x35, 0xc, 0x64, 0x38], 0x2d, [0x38, 0x37, 0x35, 0x32], 0x2d, [0x0, 0x64, 0x39, 0x38, 0x64, 0x32, 0x37, 0x63]}}}, {@fscontext={'fscontext', 0x3d, 'unconfined_u'}}]}}) r3 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x0, 0x80) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$MON_IOCT_RING_SIZE(r4, 0x9204, 0x2a6b8) close(r0) r5 = syz_open_dev$loop(&(0x7f0000000140), 0x3d, 0x53b400) ioctl$AUTOFS_IOC_ASKUMOUNT(r5, 0x80049370, &(0x7f0000000180)) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1, 0x13, 0xffffffffffffffff, 0x82d74000) ioctl$BTRFS_IOC_LOGICAL_INO(r3, 0xc0389424, &(0x7f0000000100)={0x1000, 0x10, '\x00', 0x1, &(0x7f0000000080)=[0x0, 0x0]}) 00:15:22 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r3, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000100)={{0x1, 0x1, 0x18, r1, {0x4}}, './file0\x00'}) r4 = openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r7, @ANYBLOB="14000400766574ec255f746f5f626f6e6400000408000500096a8c76dbdc7714ec2c70c5d50e5133bd9846fcea31d195e771f0def358db3abfadc42b9ae3d8cd8231bd449acb0e895aa590ef2a5fbc6e93762dda39b5212182c0347f0cccdccb"], 0x40}}, 0x0) dup3(r4, r5, 0x80000) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:15:22 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0x0, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 1753.284041] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. 00:15:22 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 45) 00:15:22 executing program 4: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x80000) mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xc, 0x11, r0, 0x0) r1 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = inotify_init1(0x0) inotify_rm_watch(r2, 0x0) r3 = syz_open_dev$vcsa(0x0, 0x0, 0x0) r4 = syz_io_uring_setup(0x5, &(0x7f0000000080), &(0x7f0000ff8000/0x1000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000000100), &(0x7f0000000540)) io_uring_enter(r4, 0x34d6, 0x0, 0x0, 0x0, 0x0) r5 = epoll_create(0x7ffd) socket$inet_tcp(0x2, 0x1, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x81f8943c, &(0x7f0000001b00)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, 0x0}) r7 = syz_io_uring_setup(0x142f, &(0x7f0000000080)={0x0, 0x7fb1}, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000100), &(0x7f00000011c0)) io_uring_register$IORING_REGISTER_BUFFERS(r7, 0xf, 0x0, 0x0) io_uring_enter(r7, 0x2b4f, 0x1223, 0x0, &(0x7f0000000000)={[0x8]}, 0x8) ioctl$BTRFS_IOC_WAIT_SYNC(r5, 0x40089416, &(0x7f00000001c0)=r6) ioctl$BTRFS_IOC_RM_DEV_V2(r3, 0x5000943a, &(0x7f0000000500)={{r4}, r6, 0x1a, @unused=[0x8000, 0x200, 0x8000, 0xb48d], @subvolid=0x1fc}) ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000500)={0x0, 0x5, 0xdbc3}) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r1, 0x50009418, &(0x7f0000000900)={{r2}, r6, 0x1c, @unused=[0xe89c, 0xfffffffffffffffa, 0x1000, 0x9], @devid=r8}) ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(r0, 0x50009418, &(0x7f0000000100)={{r0}, r6, 0x12, @unused=[0x7, 0x1, 0x7, 0x7], @subvolid=0x7}) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:15:22 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) ioctl$MON_IOCG_STATS(r0, 0x80089203, &(0x7f0000000000)) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000240)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010200000000000000000700000008000300", @ANYRES16, @ANYBLOB="14000905766574ec255f746f5f626f6e64000000047096962d2aaa5e48abf8ae293d80dd85"], 0x40}}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000001c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r4, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009a7f4f3754a8db379c828fd2dd597f0c8f0aa109a485b4e47d72fa8b590445347cf6de763aef88dfaa78df48bfd"], 0x40}}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000280)=ANY=[@ANYRES16=r4, @ANYRES16=r6], 0x40}, 0x1, 0x0, 0x0, 0x4010}, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r9, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) poll(&(0x7f0000000140)=[{r0, 0x106}, {0xffffffffffffffff, 0x4200}, {0xffffffffffffffff, 0x11}, {r0, 0x88}, {0xffffffffffffffff, 0x20}, {0xffffffffffffffff, 0x249a}, {r0, 0xb1dd79c967fa03}, {r2, 0x4000}, {r5, 0x2444}, {r7, 0x201}], 0xa, 0x0) 00:15:22 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x2000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1753.323308] FAULT_INJECTION: forcing a failure. [ 1753.323308] name failslab, interval 1, probability 0, space 0, times 0 [ 1753.323782] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. [ 1753.326335] CPU: 0 PID: 19549 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1753.330090] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1753.332313] Call Trace: [ 1753.333016] dump_stack+0x107/0x167 [ 1753.333992] should_fail.cold+0x5/0xa [ 1753.335011] ? xas_alloc+0x336/0x440 [ 1753.336018] should_failslab+0x5/0x20 [ 1753.337033] kmem_cache_alloc+0x5b/0x310 [ 1753.338111] xas_alloc+0x336/0x440 [ 1753.339048] xas_create+0x34a/0x10d0 [ 1753.340061] ? kernel_text_address+0xf2/0x120 [ 1753.341163] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1753.342434] xas_store+0x8c/0x1c40 [ 1753.343316] __xa_store+0x164/0x2d0 [ 1753.344211] ? xa_delete_node+0x280/0x280 [ 1753.345234] ? trace_hardirqs_on+0x5b/0x180 [ 1753.346280] xa_store+0x31/0x50 [ 1753.347087] __io_uring_add_tctx_node+0x1cf/0x520 [ 1753.348286] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1753.349581] ? alloc_fd+0x2e7/0x670 [ 1753.350481] io_uring_setup+0x1fbb/0x2980 [ 1753.351529] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1753.352770] ? wait_for_completion_io+0x270/0x270 [ 1753.353986] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1753.355256] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1753.356605] do_syscall_64+0x33/0x40 [ 1753.357522] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1753.358774] RIP: 0033:0x7f347623eb19 [ 1753.359696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1753.364177] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1753.366021] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1753.367782] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1753.369526] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1753.371255] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1753.372999] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:15:23 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x3000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:15:23 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0x0, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:15:23 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, @out_args}, './file0\x00'}) pidfd_send_signal(r1, 0x29, &(0x7f0000000040)={0x7, 0x1200, 0x8}, 0x0) [ 1753.429054] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. 00:15:23 executing program 4: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1753.485768] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1753.909826] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1753.911234] print_req_error: 6 callbacks suppressed [ 1753.911255] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1753.916041] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1753.916363] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1753.917375] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1753.919734] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1753.922377] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1753.925281] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1753.927917] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1753.929254] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1753.931194] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1753.931904] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1753.934142] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1753.935471] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1753.937151] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1753.939748] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1753.941998] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1753.943296] blk_update_request: I/O error, dev sr0, sector 2096901 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1753.947691] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1753.949056] blk_update_request: I/O error, dev sr0, sector 2096902 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1753.951779] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1753.958176] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1753.960011] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1753.961788] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1753.963547] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1753.965287] Buffer I/O error on dev loop4, logical block 2096903, async page read [ 1754.024582] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1754.026095] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1754.026195] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1754.027610] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1754.029041] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1754.030948] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1754.033157] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1754.034582] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1754.036067] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1754.037506] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 00:15:39 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 46) 00:15:39 executing program 4: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000200)={0x1, 0x80, 0x6, 0x7f, 0x40, 0x10, 0x0, 0x0, 0x2200, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x1, @perf_bp={&(0x7f00000001c0), 0x2}, 0x80, 0x6, 0x5, 0x0, 0xa7, 0xfff, 0x0, 0x0, 0x7, 0x0, 0x100}, 0x0, 0xc, r0, 0x1) mkdirat(r1, &(0x7f00000000c0)='./file0\x00', 0x36) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000180)=ANY=[@ANYBLOB="0100000001016f0200000018000000", @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file0\x00']) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) unlinkat(r4, &(0x7f0000000280)='./file0\x00', 0x0) symlinkat(&(0x7f0000000080)='./file0/../file0\x00', r2, &(0x7f0000000140)='./file0/../file0\x00') rename(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000040)='./file0/../file0\x00') [ 1770.241749] FAULT_INJECTION: forcing a failure. [ 1770.241749] name failslab, interval 1, probability 0, space 0, times 0 [ 1770.244475] CPU: 1 PID: 19674 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1770.246303] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1770.248208] Call Trace: 00:15:39 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000480)={{0x1, 0x1, 0x18, r0, {0x3}}, './file0\x00'}) read$usbmon(r1, &(0x7f00000004c0)=""/227, 0xe3) r2 = signalfd4(r0, &(0x7f0000000040)={[0x5]}, 0x8, 0x81000) ioctl$MON_IOCX_MFETCH(r2, 0xc0109207, &(0x7f0000000100)={&(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0xfff}) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000140), 0x1, 0x0) fadvise64(r3, 0x1, 0x8, 0x2) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) poll(&(0x7f0000000000)=[{r0, 0x4b4}], 0x1, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0xd3abc) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r4, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000600)={'veth1_to_hsr\x00', 0x0}) r6 = socket$inet(0x2, 0x3, 0xff) r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000140)={'syz_tun\x00', 0x0}) sendmsg$inet(r6, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001980)=[{&(0x7f0000000000)="b683ae40f3fdac402b01fa055e4299bd37dddcc878d124b8", 0x18}], 0x1, &(0x7f0000000200)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r8, @broadcast}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev, @multicast1}}}], 0x40}, 0x0) sendmsg$ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000740)={&(0x7f0000000640)={0xe0, 0x0, 0x400, 0x70bd2c, 0x25dfdbfc, {}, [@HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x4}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x6c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macsec0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gre0\x00'}]}]}, 0xe0}, 0x1, 0x0, 0x0, 0x4010}, 0x4800) r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0) clone3(&(0x7f0000000400)={0x4004000, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200), {0xa}, &(0x7f0000000240)=""/74, 0x4a, &(0x7f00000002c0)=""/162, &(0x7f0000000380)=[0x0], 0x1, {r9}}, 0x58) 00:15:39 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r0, 0xf502, 0x0) 00:15:39 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x4000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:15:39 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000000)={0x0, 0x21, &(0x7f0000000680)={&(0x7f0000000240)=ANY=[], 0x40}}, 0x20000080) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r4, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0) r6 = syz_open_dev$vcsu(&(0x7f0000000040), 0x1, 0x10dd40) r7 = dup(r0) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r10, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) poll(&(0x7f0000000100)=[{r1, 0x300}, {r2, 0xa}, {r5, 0x1108}, {r6, 0x5240}, {r0, 0x20}, {r0, 0x2004}, {r7, 0x8080}, {r8, 0x4160}, {r0, 0xa}], 0x9, 0x5) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:15:39 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, 0x0, 0x0) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:15:39 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) [ 1770.248822] dump_stack+0x107/0x167 [ 1770.249783] should_fail.cold+0x5/0xa [ 1770.250652] ? create_object.isra.0+0x3a/0xa20 [ 1770.251688] should_failslab+0x5/0x20 [ 1770.252564] kmem_cache_alloc+0x5b/0x310 [ 1770.253486] ? mark_held_locks+0x9e/0xe0 [ 1770.254412] create_object.isra.0+0x3a/0xa20 [ 1770.255405] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1770.256567] kmem_cache_alloc+0x159/0x310 [ 1770.257515] xas_alloc+0x336/0x440 [ 1770.258327] xas_create+0x34a/0x10d0 [ 1770.259182] ? kernel_text_address+0xf2/0x120 [ 1770.260209] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1770.261400] xas_store+0x8c/0x1c40 [ 1770.262222] __xa_store+0x164/0x2d0 [ 1770.263052] ? xa_delete_node+0x280/0x280 [ 1770.264008] ? trace_hardirqs_on+0x5b/0x180 [ 1770.264996] xa_store+0x31/0x50 [ 1770.265744] __io_uring_add_tctx_node+0x1cf/0x520 [ 1770.266831] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1770.268015] ? alloc_fd+0x2e7/0x670 [ 1770.268847] io_uring_setup+0x1fbb/0x2980 [ 1770.269790] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1770.270941] ? wait_for_completion_io+0x270/0x270 [ 1770.272077] do_syscall_64+0x33/0x40 [ 1770.272926] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1770.274099] RIP: 0033:0x7f347623eb19 [ 1770.274944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1770.279162] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1770.280908] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1770.282534] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1770.284176] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1770.285807] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1770.287440] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 [ 1770.324853] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. 00:15:39 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x40000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1770.343238] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. [ 1770.347498] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1770.380987] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. [ 1770.399488] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. 00:15:40 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) r1 = syz_mount_image$nfs4(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x908e, 0x6, &(0x7f00000012c0)=[{&(0x7f0000000080)="6d53e34cf6b21d8e4ac087282d06e0310e64546cbd6f0c5281fe19277f731bda379572d6d0a09e3cb6e9f9862e87290cf80aa8ff595728", 0x37, 0x6}, {&(0x7f0000000100)="f118ccfaecae3709c89bdab3aabb023e42826acc890eb0abe154cde433a7f8389f5c29d7c5998f43049dec39c93c8ed99bfc853bd9719bcf3e16576c3400a1ea0bf10b130f9b1a672c7809d14494b8ff4c222b5f4dcb42cda0682422faac0d8dd8a093192fd05b531d7a8895fb7dd2cbc0ae65025d480e50f003420d09b2647ac6b5ff065c8c841e55b6c3352b00e081aa26cd501ed27546ead2399749663bb84d9fd8d13b1d2ed3750f802c810cbc761a8533e4b7090f5638787d75caf0f95c4b5dfd5c483c9eb5fc2ade5bd29768efab62b8b348c33fdf585a47918ddfa3779b4df72c378dff5b378a0b4827c14173bb6405684f035eca7eb1615b52c6a5f1780caa184af5d11ea7781318bdfb85d7218a2bdc3b54549a2a8550dd235c8e62638d58b76873e08fbccfaea50635925b35e63d9d00cf7aae0dbb6d896d6d692b952d2aca381817bb886320cc97477f16c6ca84b0fc14242d4b6772a047c1057f3aa7c7d9ca2e6901176917889b8778dff84ce01f412d633744ac3f0d83c60591bf7c78fd5e524d404c401109391ee5eedf7dab9d1b32d1ceb2daf2adf1824b09d94fc56a32c66f73ca1b0176401c2119a8648c0c575ada78bcf9cd51eecdf395a6601fdfd0403ea7681e903ec7f61f8dcbd365bb106722f939acf1715ab5c92c2fd9396bfb0a229c652eff37cc94edac876341ba0522ad98174e731b64b1f04c2542dcb2fe6a7f6cca9e93c7d1a8155456e91f465d39438f89fb18723c12e8570e8edd0e29320671297446d70550636f9371f2ac2425e3ece13ecdc8cc85a8ae366c7cb074d07018eac3a466109cf493378e37d3c9916f3f2cfca445e044e0702f92c5705e341eecc8251a1c5c4a004702a57451e77ada4b55e44e4a2f94c0183b2123a5b9d07167d530e5094a129fa08d45b7516ef9228c56a4ac4609da08f0dfea90bb393599fd47bbab3641a981982c05ae1235749310dbef3efb234eaafaba3c7dbcdcb3adf7f2448ec8cec199b3440c627d27de902eaaab2c9af12c70e543cadac148958578affce11d713b377453fd29583e70500c6f9ec5499d084c3b4c60357dd833f623a7987af52821280bd2582693bb0ec1b7e548135eb8ca0460b154456883fbee3fb96756ea0aa40193b9c74226d268115fcc7006d3b7a8c7febc8a9d293a23801a77ed86f48a0df964133cd5ccb3d29befc94c1ff62cb58e6d9fe2a682c89baf17b83f156140651b02fa5a6f01c5b2ce497119023d79ebac63d55a5cdcc5c70a961a048a5480c2f0f6ff79bf2375337e7f2243ba5376b33e35ceb70fef6985b5abef7670448e88f1cfbb639a8dcf5d63e465b95cf3f84629bc40f4de79419f75aa79f377da839b2da2469a5cbeea40ebf2a43252128fd4525930bd0ac1cf751edd6ebcb465b8d61a5063ee68f5f419643852a2aad29fbd4511c418685b1eaee41b2870150666bf21f59fd86c8cd8b2acb31c75e968c21bb7cf6bf138f7d3fab52ad67587db55d758d034171056cfa5f528ebaad8b1a0d3d1316cf3333e30f405768ecca8d368a4554f61fe45a34ce8bb9868eb09eba57a5a1ea6efeed436333f668d5d13f09f420ae456be2903bc0b2b3912d0b2517429bd2a90d8699833cb24f7beb7f0078edc5a40d5c7078101a8b4ecd5e7cc56da297127627c2a33f4e54b6942c7a9caf06b4776c3058ad981d9c5e1a894bc51886ef9206281d3f9c1ee492c0980d6b93df88e2b61b446c6f41beacb8fc83ea76f43b469c4693f158f5ba7c0238a3b9c242f74e09ee70e78bbf20175811a02bd40c1c7f93bf4aaa12b8d17abf3fed8ec7b20557116722b9ed0b1bebf0a676b385510b9db321d94493f86aa9ef7aa3eb82a5bcffbdbce6f60d5632860d503107807c6bd9b9b0ed958ec551da525cdc84aedd748242e954b72af80017415541545dcb5e0a2af967c1dd7430b6330e2e0310dce852c77cd82aae2f7eb24aea1bcccbba4a2bc399c27acffab4be4a069bbbdf676bd76f2d3fe3b00452bf068c48ba8b055db17cb73f142a481c32cda5cdb5664d48d85633848de0590d415b561bdd6807ed8e6586988537431f17d21bdf5fdb6a371f37bd18298ac9037bb450cbd50a5e95c6386be910b8effb204cf191dbe6a5f39b3e3838db5480edaca03dddeb25062644298add778fe719ef1ecf25f91463190835dd6827aff8f727c6550f1d033a4dd9666f5ec6d3d455c38b38241eed483b3ff758edb7e892a784ed04abccd8c7db4ffb8e58f3fd5f440971d8969c84e2117208a0404cd72508d6f47cf9f670732e90c3d96f16920939c29e42b5a7c04fdaa807a1c2354d083f627d91a4ba24dc49df11eafc455a49821c29a357c12a31375d6d349f2f752f4d3378f781a5b90c7a72a6a25112e3006bcb9bc1098f34c06a53c1510163d2a601a2b17e44781d1bff33374520c7e1245f66273c9525d188b622fa5826c445f9f6a044ed40f6a2773ce01cce569b664d187f57336134c2dff29322b8d3f92b342ec88ec9c70f7e7dc869c2f0eb6829a93771d91ada8ce1d97d8274823875852c3524685a843e7003f52f20431d0436848bb7bfc3c0a2ec9c1d03f4aacbbe1892711eb00f12ab03288ed7769b5a36bda31eb9cd90be6e1fc015d52e6c75e4b31d76ac2b12047a989161b531534a52f5b8afc816d1fbc1b885da4ff7f6934c11bdf53a6915063af8cbed9dc9d0f6563db7a21eed117d275fe1cc078bf8d0f9ab9ccf8f7c6aaae84d961ae11e5ada1de4c6f9af90457c30833d9ebd6c0b598c1af317ad20dd25674a82da855d3922eee8135c44a0ef715554f57ec6a00f6fcef76fe69a50330950d02bb479ccbcc2e6cefab840b6d099105e0e4eac0d5cb216afc90c1f0bafedec4a20817f5a51ccfe414776fc6e4c7f2d4cb7461ead577edbc126fa92d7f4f84284cf67e3190d176fb8a434174047ba6f98b7133cec486ca7cd4a0040188ba8caf17262456fddbb849e03b2ce0041daf94106c3cd0faf76beb79b5fbee7ab7be37446144f500be405cbcd0c856b411b18ddb1a99782a97aea4becd0662d25ef0efc065f40bf56cd6720777170628d23f38333fbe4f6a798eee8d54c9f2388ee45ef2b21c785e4fcce48ffa6315802f73fca6f0813815e97a142fdadfe1c9a4becb3a1ce5296cb11fb8544b5b5ffd684e5a7253ae2271f6e6ff71775c9d655a9a6319ed480a19c54ca18798c004db8042392077921be5bec38061c3e21383886522cd880e54e6e7f95170b84a7e0153f22bca47452d06bc5afa452ea286aa2c49c493bfa8d53de1f6ff0109d11df7d2ad9db3af2523b3fd16d69bf5478f4814e5cd6d5973ffb32d3c2e4e5c9677379b06b9af41594fe43d6e6c8cccc3187c7515977197096cdfb079057ff1d38d9c2285dbce1c888c188717921f0f164efef8f9b1cc2e0d9da9fadb16ed7a49039edc8cbab091a43eb7b04d5f99186218f7528372c020b627050ee4691f79f0a3fe1f70e16050050240bc9afebbf9bc1535c7d9fd12c143976cbb18d59e2b5b4d0185c04728df1c6592a1733b97a7f2ecb06118db184b304c32d759c17a93652eb437d0987fd9650898295f056e7f8f86ae89051b9acf8877c8879d10f0fbbde76b469099fbb95ece0a7ea8a982eb8b575157c79b59729c18bf34aadb2f0a79b17ec081991b7f29a9cc39d16cfd6aafd54d8cdfaf58fb4bf1f0e26a06812000b499da19c6b2571a48cad49838bf104c50751660a8c2c637fe6cb42283e3fb93a8e06f49e10cd382dee4cc6d8c74291e53dd204bd2d14c4e195e8f83a1d660831bc9a5f18422fffcd1237377afb7f17bd1bd2b8ca4e1d5e7a21a6ffa2e9bc6f96735a7e793defdf1b11f70f95d1f1b676a5abc56b442a44505c1801957cf844f7127e655b517ac396e2e1b60d7a2a58d2eabf27481ad1dea11d168137ab2afae1abeef994b1bd79a9bc5c1c5e71544859dbd9996c34a9b52c457650deeffd1950fb62286ab0c1c079d60429bcceacfdd868b2a11cab6e1e2cb802a37fdf5dd4b88c0a0b139ef07950e0fa6341c528ba7de0b18239b86638a436e18db5804be6e8b5590c60026eb1730afb363cbc96434843dfffde64ec1ac002fc42509f1098e4da368422af007f33dbbc6ae67b186823ed42933dda0b4a9bfc0dacc6e96464615258abdff81f770021774651f971df0cc2faf735fde95feafff60a2c50b4d68b36dc4e53be63a25cbdf89dc87fa5fde75dc4b3e592be769d0629975784ff2a8038ce09825d1cb305e8dd8133866e6d24e69209721e32549e3680a324d51eca82c0a38ac2412515ba2c21ec8ad9315c7a66d42615a6bd1fe9fa9aa2ae56006e784bc2d7bf613509e9381f264c9e7bce7cbd78f1f996c50b3745979183af8461dde0b4b713aaad246746df365cfa5e7c9fbead87bca851f53c8e56868aeafb7ba5c16dbb0a375ec6b236ccd1d49d893451d155aac60cfaf62dfb84cc453c7864b9fcbcd98f8a0ad90b67fd86da8f47c61e0a46b039b9d8d1fb27166a1dd712a3700ff55c24e5dca5d75f99147c9d9461b93a2053a16facde860e4817ae73f97d28aa7497525b6f8ddc983979961d5589ddecacd6da7011d399180020cbf838e07bfe5262c4a2cadc64d9dcf26eaa16d468624d8b269721fe48fed1079e999ea019cf35ba4ba20dff66d57dfb9e93fcdbd665796dd8dfaf9f47612bd4c64738c7dfd4d55d640585d831e10a2084900c870424013e1bd9b59555f149a49334e362d0eb12c443745a6bee290b950bbdf8674c8d07fcc1e5894e417dd816e187e530288eb832497a120ba1889ab507df2355577f6ad9efb3fc8b0c3897abb1d1b6da3fb3f9b05b87dd74dc3225319ae23a40cd6cadd984eda827910e1b6d563854005218056a5f3a2329b2f58a583f4691909421823f048b2e80dcc8ed4e94b8848d170246905610111fd9814474d434b741b0f89a430c4e763f90d8da9a08b6b64a641470cf85eaef45af4582e69bd4505ccdce81803cdffd66c8628693dbc30e8836b11e1d73461e221fb03522f10078ab7314b66ba834f1f8ff6cefaa5c536a8812a2b3cd1c4c81fc5d3ffee4447c352025a488caf0128c12de5b8851b573ca9ccfd22d838b289ccb7e33727d3b0192184972e494e285c8f8a26ecc206a2a787b37f017da4df70b336a736a62e022e45f96fca4cde9069a0c063c3b491b184d9b912a471a3b24bde5b32b5ed44a3d902387b8b5f357208314ca63d3a8e12f4408318223c17422121f7e60446857a4a4f3beffafc212a12f5fb8198c05432ac23761f1ec8c666341e0b7a99ab1dc2dfcd66e6cbd0cad41064f1b5e5d89b14ca9613e6dc229dd071771a78e5fb519508cc454aac4ba895ebcea7cc5bfa0bdbe87c06cb31ab6761975d4b65186f3317034c7c26704bf7d2014a42067d7d396fa8d9145e7ac18c717b2ce8138d685c7a1dd4874cf898e4d3e201b045d50badc8d5cb11e88075d6dcafee0fcbb4de70bdc58230f0d5d542aad26e5ba4f3b1116c9b1bbd78f2d3036e0853fce106a6ab467064ee0a15df0b9ed8642a4865820aa28fab4347c5a18d36edecbfd006cbfe917af41cfa25852f3e0ba13d6fccff2192d90711eaa8d0967a18c714dc5f8df66d9968095397ef5a70d60639d567735f04cd4cd726731f94c34bcd0e842de83e4668029b6cccbdc4052ee5e194f455c9382f83c9a582d18847ac5d281309fe87bfb8d76ddec375717752ea88fb2ebb5ed7d50deec6a1523e4ac886fdff72deee75f5f1bf1eee22f41949a429d9", 0x1000, 0x7}, {&(0x7f0000001100)="a08f75acf9e4ffe2574dcac185e3c3e99e03aa8573d4753a76bc2ef3c7dfc316ce58f0f693c73cf608733fc9f3cda1a7fa008442d6b21b753734f19ba1a548ee41d2ac09a48df3695ef723c218f7524c09dead56538e9749cbdbac6ce2eef28f1947e7a3d3be9e382a36a9cacdf591068bd375a2b5f81bd1775621233b3b46f13ed35e38b80bc28475969fb03bb35d9e4034f6f8f20aa3ee019e66309df54ce70bd13ccecb230dae6f7b96758d49c7bca27352affd630b30d239be9ac2", 0xbd, 0x9}, {&(0x7f00000011c0)="0fe48917978239f8a23a68fe5404b7439179f803654e97117bff3bef8f1adbb792984ad18c42b435a82610fde9c2c27d5040c30895c0c6119b996b11dee7b5882837541fc38557c49a89c5bb88705a4abd5ed5b5c730e9de8c1bf7aac6c1a07af7ebeeed1f720ec3fb94240ec31900", 0x6f, 0x7}, {&(0x7f0000001240)="7f1bb1", 0x3, 0x74}, {&(0x7f0000001280)="fd818da668099eed226f5f8dc97e0aeed0f9e7db31936af20cb1c6ca6b1fd27f77aad633382789b7763e87b22cba85d56fe30e", 0x33, 0x1ff}], 0x20004, &(0x7f0000001380)={[{'!'}, {'/dev/usbmon#\x00'}, {'/dev/usbmon#\x00'}], [{@subj_role={'subj_role', 0x3d, '-!%e]\xa7-W+'}}]}) ioctl$EXT4_IOC_SWAP_BOOT(r1, 0x6611) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:15:40 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 47) 00:15:40 executing program 4: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x2}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:15:40 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:15:40 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0xfffffffffffffffe, 0x501100) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x3, 0x810, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) fchmod(r0, 0xcb) [ 1770.541087] FAULT_INJECTION: forcing a failure. [ 1770.541087] name failslab, interval 1, probability 0, space 0, times 0 [ 1770.544011] CPU: 0 PID: 19760 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1770.545594] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1770.547497] Call Trace: [ 1770.548116] dump_stack+0x107/0x167 [ 1770.548954] should_fail.cold+0x5/0xa [ 1770.549829] ? xas_alloc+0x336/0x440 [ 1770.550684] should_failslab+0x5/0x20 [ 1770.551563] kmem_cache_alloc+0x5b/0x310 [ 1770.552518] xas_alloc+0x336/0x440 [ 1770.553341] xas_create+0x34a/0x10d0 [ 1770.554211] ? kernel_text_address+0xf2/0x120 [ 1770.555249] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1770.556465] xas_store+0x8c/0x1c40 [ 1770.557296] __xa_store+0x164/0x2d0 [ 1770.558140] ? xa_delete_node+0x280/0x280 [ 1770.559104] ? trace_hardirqs_on+0x5b/0x180 [ 1770.560113] xa_store+0x31/0x50 [ 1770.560881] __io_uring_add_tctx_node+0x1cf/0x520 [ 1770.561993] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1770.563200] ? alloc_fd+0x2e7/0x670 [ 1770.564061] io_uring_setup+0x1fbb/0x2980 [ 1770.565028] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1770.566199] ? wait_for_completion_io+0x270/0x270 [ 1770.567328] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1770.568543] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1770.569735] do_syscall_64+0x33/0x40 [ 1770.570590] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1770.571774] RIP: 0033:0x7f347623eb19 [ 1770.572638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1770.576907] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1770.578666] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1770.580321] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1770.581970] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1770.583617] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1770.585276] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:15:40 executing program 4: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x2}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:15:40 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) pwritev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="0529d7ccbb83d4e6214a0a3662aef4fff64f7217996f5500c028b76bd31d64672f6c669dbf3a36f1579c47167cd525b8e41033c187c32e0ab025f1a96d94a6a27045e8eac5f3f2b531c33ffb754001e5c8474356bd8d52fb8ef9e214582f73027cf2dc92ee2300c0be839253dcf9bdb5feee947838bd947e79b4e3a244248c60c3c3cc6354b94ee70ffbac6c6e20c3ed50163c0bb82807cc55864de7e208b6b4dc382c676746d72b8056de69811180215009cbce676b9462fcce2baf89319b4257e0ae36f73cc98a358fc69b0a3bcf3ac3238251a2de7be308ebe0351b79324eb4430495e7179da1497ddd04aeace22af73861dffa3bcc893dd566e30f5302cfb428187cbcda7b6e5dc7a11117d22c0c1733bcacbe9265f7e578031480c1f14e7023a195d2c4aaacdf195a53fa21841e8052cdc31cae1cb5db9470ba513cfa8a3dba0f8c9c7eda3b4b6e75ac03406c6c88365b6f5943497f870eae35960f7f2e2234a5520046d59cbf4cc646cc9e5f291c2691b56eef00b6337338e3219271ecbd29c15f08bea65ba9ed85937496158d5ffb71b822f505d7447c5017b854262ee43567986333d7e4e55c48affd5dd4269645ee2a85cf2d14a2b000389860f989ed753423552a297bbfee35bde7bad469b13a415f23b12b0bee8d8b153dd573f49c8afe9712405d06242226e6e987558be315322759b2d98544b718c2b8a0fea51e56cb82dacbd6bd30856eea00e6cee338f5f1171ac3c8d3182f136db5d4cfde9d0520674fd4f9e3364f23ef0e3fd2b6a4794474283468110ad03dc0dc7016dca3ec69d6da5fb7cabed217c606b724c83ab4a23bd9b36a8f373fb83830707d7296600317f32e2a6bc9924410e48a0e767e954b3fc1554696c477b7996330068f9582c351f0a5e157527a8ab5b8474a55fdf1ea492337c956819a97f3281b3886d247e537ac14aa379b8377c558b939ef75278c2526b62e65ddc770a0de715f501973d7dd4d8590eb973504dc315516f77781ed6de1eaa8a330a29079e2731b982c7e9d961871993b079bfaf93601c3c30bd996b6c01a0cb28c720909ee9f3b31c4107c9a6e30de59db222099d439c14faee92533ee6f2ed28c5b35f71c9b2826c4e72ce954e44efd63dfca1ea9850f93012056c345cab801cf16843f69408d86faa80e2c8bc6d5b28fe8d4eb6cbe9b0d1404cc6411a6e8f59f24b527190886d8f053315e165422c756d951d00a5c7c94a5520cc1a9582510e4cca7c5d2d6d97e99202a1e036c0225af1fcbb2bbe74f86e26345e0ff0d5bbcebc335dcf1b3d188100c7d86c7fd7214c4f7479a339587c1bd2eb63f7bf693324549b90ed4d8e75c231b7a8c6bfb52eeb2a40e3c3f3e9a7b76aa2946cc4e3cc45fd018266ea341d32139e1f62c87455191b536050ff7017b939e37c08b1d49ddb757b3b24d5c2fa7f97371faea97fef20ed4210666c3c6d276b33a016a9b45800adb5bb9facdc2afc5e30d7a5d18eaedc0c1181cb2f004da6006464f9b80f03c8beef408f41c7aac1dffb76903a2d1dc23f5fd6ec6becc719b2cd068df654b1a69a8ab8d8b6b64b964df87a630e763187a0d0fb60de7ecbfcee26b4c22de283bf66a4707a5d93a1a99c5b95b96a23c5c5f08bcb604a48d7df7de9453536b7e0df6eddfa723d1c3f3734c39203fb7d7198f03893b94167b0c3cb248563a318daa547c2f770ab1071d21c045a96da6625dc5895a9e99e34e66f16f5a3ce2b2921765693e716d45ce30fe3afb19ebaea58f3ee986d06db8f93ec40b82052ef5ddc6ec29a95f20487ed3c279d6e3d43655e5602f1d0b6b874ca5cf859898b019fddcb97f750077c613df464e908887fa87dcb50fb78c0e10c53a31b350ee6405bb1a90513afb8fcd893158fd9c5fc134bbf7d885e72a09b7e08585b3b678840f555d4f2cffec0d01ef908118c73f98bdbf263c8a427fc74dba13a3891375155ebaf073b0052b51350eb0a7facbbf3070dc8b1ac189f08db46d3c3af088ff264ea40b72e44725f7922a8826050a2019281d0df5cbd94b66bedfd8f73fb04ac628ad773e442aa3441bef6b5f6d115eab5df9e383a54d39d48745ac6f2e82ef0293b6462a6d4f2c747261e8861b8d5ea8e5d84236311cfa59bdccb093441afb27466a915274c578833e41094a42924a03a00aa1bd33c3dcf4a7093b0179b951da68699a2e1a3df2e353e36fc1491204930307af81c8bcb53f12428a896f945dd6c3bee6adce35263050e4e67413a97d76aa574dd0c75649f390491ccf8fbe287d0b11734f8b383587395ed9f8f7ada00f82026332703365afd3d46644bb1a31dbde3ec90297433c4d8afd7ff6b003708e004c7ab18cccb81c56106eb7ed4a663f21ad677a0ec97d0c07608a3bf25a8ba1f82bc70170520de3c303c6b5f76de985644287b6a15965b7ca7743b87ee6e0312a4028854dfa378a30dabd4ecab9333cd398ef4dcaacf2130ea1df72298a19923eef164fe62354d102ef59c61b6ee0ca26f2ce2f16d83fcc1db040fccd645ab3fe60f994dcaf5a8efe4b7dbb9299cd7c904b5e1eedabce8dfbc42bfc472327f83cc62e2489b8d6d532bad4de1c86f5b6261a6d18bf3929fb0d4341c48589800b7b52fdd0339ea2df298fa8f2f718d772537044767926769271640c96a573925ed2f072a36d97a4bdd4de2e5f918f5eb90c5fbce3a871ab2cc3b31ab4d543a12c62baf4d9b924524d12c52f32479e68764a1adccbeb885c86a588686c534d0b9afb1986ed6139d235ed8de63ef26ade9bf6557bf3005c600fd35485de7c3606a7448b7f12f82020b271dd1bcdcbf4fc3feb1ab4d88b794c6d98e182b8198aeaa4185fb2b1d7ba39a7804bdcd0fb28b168364962fa960c1ae7fb8a165fd03b8809e834e89a08623efeabf5a87fad172b8360769e3ebe7ff3757e6aaaeacdf1442b7573ce036c267f56d3a8345a7f3626baae83f09b73b52d49371a40f06c7a2eda8e68519e35ba93e7c8bdd785df81b0c6760ca57196ab21e12033daeb85421b787cf52e773a561a1d9cad668650f74dfbc76c1f8ce15f7bf7a043a07872952361c1bbe0849f5eb0be6e4e3c8949321964eb4967c20edf55a231f83942dcc41412cd97eba322357bedcfc257f82a7cca16ac6e68112597c10c93c785ddec9379619e5a88eb27660c34e3399941f8ad11e5e50e8d1756356dabb0f1d4cbd13b83fc8b66cc41a44395a37d0798700280ca0c517fd9c17a54c740070b86ce2a87caa994fd4bd24da3f0deeac23f0dcdbac0ec4c70ea89f46d190976efae27658e4956c488fbeb39f60a244f3bb875a4002d18c365c198af5e3a8df7b31b5de498c964a9c5d2d6bfc7872f3990e05b5e4d4555cd5d9868767486b09708baa4ea3a34ae2770a18221f03a202d9def6c8452beabc4da141c2208e416e2c8a9ada977ef89c2f690a845b835adb27522bcfe684c497c2ed4a0bec85abd01af12c212c93e95b7e8199a60b1be7e32daeb315ab4376883110d64c998c7ed52db59fd6bbddb9c071e11d5a9ca5495ebc226176d4a4d86c05a3d315cd292cfe7fdee6e849ad9749fd9e7473ca8838070df241c6a39b1cd176832b7c901c93b2be674ecbd0d1ac525d76d3bfb4c89b4cdee4979380923c0ff0ff14c2fadb2c33370a1bb44d4610478cc82e3aa15208ae791bc791b62cd3570786186648564a305d2f4d2008ea5467776169853e805bad8d38317869601ffae0cc068e2d9ae82b94fefb197e6562e89b5f8a1cab57232a63f8867bc15bd9525c5ae60021565b88ad788bc5ec87d341f92de8043a15eb8bf162229e4d0319e0db292045e72016cc8f3658e372d42dbb2cecd095a51af227bd935f243c390b4a25c5ab0468293deb20cc57073762db45eb28947bbe4b6639ab861a9f5b9b9a20926aaf23524c1f5d98b3a99ad90ac0e41a0dedc8f0c90011e248737a09efec4bd079cf526914bb479a92101e17e4c7f64020b54ed44ef98fd83de9e688724c6348ee992d2bd591d7b53cb350cb26ac11a87fb18b23be296fdccb19a6856b9461305e3d91917c0d07cbc5c8db59f5e599c3db906c9fa28e2ab9d42f652ca9af7c6503890ed1a290dc55fa2ae9e503f95fdf9df0d0cd3b89945f85dbc6c57d3a39e743eec0ee3bfe8215566edf5066c811e20b0e8560d3ab5f4434d2cbd8ce14199e12b8ddf7d2f566bdb7407c2ae34db64df8951cbe5a13afda84fc4db7c820f384a36447de102472b357e1f2d7871b72544de7ca080a2c07ca17949c33122f18e73ceac50a0fb992b44660b20e4427b999acef0aa6bd2746bfb473801fad9293d15419da5e9ca92b030e69a01df34b6add7a2fca6e5107d8e64db7cb518e7cf907267d5edb531417356804a5c43242ce44664935c275344dfa26b398059382b1c57b957eb450bc993eb3a363442ca5820fa4c20829c9830b0a0d8c6c7676c75c1cef58307933554c81f8aff046c90c0cf338c33dd76cff7fb0fd9dbb7c2103ea4ef460ebbbe96eb09e6b4a190cd5c4b6f2158e8012f6ea679ddcf824fc33bddfa7fa7156ebbb03f87e8154dbb62d258b7b07a7e76e538082aeef2fb9dc3ade2e824486b2a7a685b8aec5ae6ab32ab0cc530eb01f9f013a987b39d3a35ea0d977cd4a4e09206382d98045ed712416642846cf3114eaf58bbaf4e6d4bdb5283502d2b9e2c62acd89a67d18a7f6544d58cf80a1f9bee540c456be5232a5d9194d7120788e87f39c4c28954d54ef3e3cd45811aba23baa419ccf9d5ff750315e62e528f3999b81e1d2ccf193c18c92d677accfb3448647b4629ee1b23dbd533068860bcef73b1ce5111dad1a1ba4513e6d178cc23e2c7f62b32d7a7bef3872933c44eb8c65ef136944b4bc745e58d22832bc69f08f94a9d5493b8bb801cf749146f5153fa7200c100ea62d66b8421ae1cd71ab485710f979d5cddc9df6718555998a9f04167999ff2fd68cc9c914bdd59abdcc731543fe314ad54e8a9c63e7fd54980031dfae4b8d934ffeda19341a16c2bb72dbcfbedccbb2c71e5301b63f382ff24affad38f7e05c39724562ff90f2de72fb67c6a1204e7d543b69666fce8540dd62e4f9c7df19c377ae90550a3cf49b91bf184286921f94064029d988015d55bb850c60ac3b63d451060e01f5a469180c82180e4048a93882817523d13a357a58f0d98d9322e0df75ad5b624ba09e9b36002b99659c24be075b54e57d32de27743e0a21197f9379f8957f11a37ac55180bb24c2386447a73eeb600c63ec64ea0837ff7f33e5566e87ff3f1b45ec2a2356a9d737c0e98f2b08b3b9d32eb8e24dda60f378d0444eb667b67c9e3d4a81528cc35241ede6897ee0d41a754535c1cfe9a22d5ec13d5cf1e93088a3a949acb456ad9ec1e29535f5312ce70f1567c7e67ab5f432ab69e0c43158733eb7d354c3ab09e2d70b8c78730b2891ff3f3a7f2150b7822a7e47a5f71c29d9c4198a7f4193ec230498d909b23eb18243b3bb066c58dbfd1172fa14f9145c2daafd9e65859c8ac6215b91b71ed937eabbc71de96beab664de290dd24fa5ab396b782e82f4fb0afa9872e3f7478dd7eff14b64ee0fbbbe8eb38d01e85d5344a04413ba0726491fd035cb5b1c5317588cdf4301ddaa7a8444b0442a4714a8d2acfcaf4a6401a9bb7c85c6e857f5404a3cec6e8654a02f15a11254a60a9cc822df6e245d25f9caacaf2ff843077c20d3a5b500d086d63e19394155573b4e2b652273577d788e29da21c1f89676987d914258183a80a1c98654bece02a3ec1297d52", 0x1000}], 0x1, 0x1, 0x8) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:15:40 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, 0x0, 0x0) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:15:40 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x1000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:15:40 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 48) [ 1770.737572] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1770.754637] FAULT_INJECTION: forcing a failure. [ 1770.754637] name failslab, interval 1, probability 0, space 0, times 0 [ 1770.756638] CPU: 1 PID: 19820 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1770.757825] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1770.759250] Call Trace: [ 1770.759712] dump_stack+0x107/0x167 [ 1770.760353] should_fail.cold+0x5/0xa [ 1770.761014] ? xas_alloc+0x336/0x440 [ 1770.761667] should_failslab+0x5/0x20 [ 1770.762330] kmem_cache_alloc+0x5b/0x310 [ 1770.763032] xas_alloc+0x336/0x440 [ 1770.763648] xas_create+0x34a/0x10d0 [ 1770.764303] ? kernel_text_address+0xf2/0x120 [ 1770.765073] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1770.765975] xas_store+0x8c/0x1c40 [ 1770.766598] __xa_store+0x164/0x2d0 [ 1770.767227] ? xa_delete_node+0x280/0x280 [ 1770.767948] ? trace_hardirqs_on+0x5b/0x180 [ 1770.768691] xa_store+0x31/0x50 [ 1770.769252] __io_uring_add_tctx_node+0x1cf/0x520 [ 1770.770068] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1770.770958] ? alloc_fd+0x2e7/0x670 [ 1770.771587] io_uring_setup+0x1fbb/0x2980 [ 1770.772311] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1770.773177] ? wait_for_completion_io+0x270/0x270 [ 1770.774020] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1770.774924] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1770.775816] do_syscall_64+0x33/0x40 [ 1770.776459] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1770.777341] RIP: 0033:0x7f347623eb19 [ 1770.777977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1770.781112] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1770.782397] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1770.783616] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1770.784840] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1770.786047] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1770.787251] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 [ 1771.071263] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1771.072062] print_req_error: 22 callbacks suppressed [ 1771.072074] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1771.074290] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1771.075028] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1771.076532] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1771.077291] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1771.078766] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1771.079510] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1771.080988] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1771.081735] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1771.083195] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1771.084647] buffer_io_error: 6 callbacks suppressed [ 1771.084656] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1771.086387] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1771.087818] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1771.088869] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1771.090298] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1771.091335] blk_update_request: I/O error, dev loop4, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1771.092765] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1771.093803] blk_update_request: I/O error, dev loop4, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1771.095221] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1771.096335] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1771.097129] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1771.097906] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1771.105129] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1771.106173] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1771.107201] Buffer I/O error on dev loop4, logical block 2096903, async page read [ 1771.130010] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1771.130785] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1771.132304] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1771.133034] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1771.134438] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1771.135265] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1771.136060] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1771.137203] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1771.137995] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1771.139134] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1771.164706] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1771.170195] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1771.170975] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1771.172085] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1771.173199] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1771.173970] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1771.175040] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1771.176213] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 00:15:54 executing program 4: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x2}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:15:54 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, 0x0, 0x0) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:15:54 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 49) 00:15:54 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:15:54 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:15:54 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x20000, 0x105000) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl(r0, 0x400, &(0x7f0000000100)="4f1b6bd14c52cfdc3dcc618af927b3596c64dac16ef0751c5bbc140166c49a118cab65dda8dc1ef349bbbfe3eacec17775de3da35ce67c08c380f193bfde0811e9ada5cb9fc5c67527d05fe677b267b0f019929fd6f6067eff4c2678ca77ee62e2cea2e3ff07fced4011545aca5ee9d8d2e3845710fc2bb55808c612f3f6d59155a8283ac19ea2c82828508ed52c9961df68e26d4b4cd0273391fb8b7c7cda2abac889d0d119aa05abf06be896411f82d185c90f2849a27c4cdc8af8bcd0001afe5492fc622078162db61b5ad0e6a299b71866fbc5770c6295965a75f050e87bcac9844426dd74ba0ce25a85d2dacafdc6af3e20c351fba853bed497ac") ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) ioctl$MON_IOCG_STATS(r0, 0x80089203, &(0x7f0000000000)) 00:15:54 executing program 5: ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000040)=0x0) recvmsg$unix(0xffffffffffffffff, &(0x7f00000026c0)={&(0x7f0000002580), 0x6e, &(0x7f0000002600)=[{&(0x7f0000000080)=""/38, 0x26}], 0x1, &(0x7f0000002640)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0}}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x50}, 0x20c2) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000002b80)={&(0x7f0000002bc0)=@proc={0x10, 0x0, 0x25dfdbfb, 0x80008000}, 0xc, &(0x7f0000002b00)=[{&(0x7f0000000100)={0xc0, 0x2f, 0xd49b979b2b21218f, 0x70bd27, 0x25dfdbfe, "", [@typed={0x11, 0x2e, 0x0, 0x0, @str='/dev/usbmon#\x00'}, @generic="799d34d7dd9babbbb60e19e913", @generic="f41d526b3d59f9a2f61a86e9bec6b7a8976389d56e3b3218cde273ea1cdbd1e5990982eab015574b4d685f6e7b30f1f510a32ff25bfb99822f7e5dd7bb8f61246872aac2ffd53ac36209d12747b19db6772ddcabb47150dff448baee670527ff064dce449777a9bf82c2cb78574efed83f4140017a0b4280036d193f1b77f0688430acad09721cba95fd90c45e9ce9"]}, 0xc0}, {&(0x7f00000001c0)={0x1010, 0x13, 0x300, 0x70bd2a, 0x25dfdbfd, "", [@generic="e1f6e6b581b8ba9a3258c0728b5ba87bef98fec6ba3e35978f8447de7f2f498d889c1d8d3cff478e73c923e2faf6cc1561c44e406f9b47419acf752f02cbb1a0aac3b753e9d34e2181f418c22d9bb174b54e0bbb9f4026b06c4c12f1ca5c1ba770f49d8b1bef1eeb3856d732a8d25319f04af2c5b117b3002cd0107a0caa066bad7292a88b1171f52f42428c8e7cb40eda1184c2b9849d205c1254fbad2e2d3333591ff72138be9857309029d26ed8a26c55eb48cae235da6075c823932b5c915e98fc8b21f1cc1d7bd769b04814af19a7e3f11cb401efa6e583808f56a6a00b3ad3f127a865f778a08f2f53b30f4f6944205e3e0b6a42650698c89de412d218aecba01485082977ae712f5cec3410c6198c483859889f40f0f937a831f7926f8e05a008ed20a5adbe37909235f005daa1c1011ed343843c35bd76c5e4dd4eca003e9ff570bef15a33200779688fd933e4ab4b543d0daf85bfb9442d796ab7eb3ac3fd876cc1390b471018e49b16b0c1cc0b26fae4a8c482de7d5c8217b262db986595805e8336ec00cd89146f0ae1777404f85ac5db59a7742f4fbc2ac25492a986cc3bd1d26db039aba1481800996b8d2dfb1612a7227d5f0ed9278c5b4446dd9e6db82a3dcd52b5315b622c16150ca6b5e34af48160484e6ccc7a5378070b144165209a11d8aa3646a8e90101699fe075965431798d3f293d46a6818fba04da95ff5286c559a96a2d98cfebb256698f578b23d7518081c5ac496e9d2c368bd15b0c4ba672c7bab7e161bcd9dda59ce2abc036067de50449a7f89431d86bba190c4cf4b66215e5dd49ea125975daedb08fef383bd9367e17f0733510a8a8bb29ca61cc0df7a7e1dd802cd08822e5a7833889b8c5a158c88f8eef9814e4a3395eea9962f92b36374b025f5679e4c7c39fe7a6051ca5c4d0bb76fd8bdf20ab8c3a2b58e22e14fcdb9b8cf17d57db370ae1b5426b7bf783dafd4b9d6ca433a80a5f2ab8170630935ad4374181fae0743490d0631ecfde3ef923c6ac680c3382c37f395e6f5b65768f8a90f95af70886e11c99031fa4373235bc8a4156172f349cf9006cb88cf012e46fba66181559312759c5ddc935bc9fb91f33502cfa4744b5028ce2ac14a36efb592f5d92824c45dd6ec378c14c9519ad3e3870b8627ae9e06fd3d3699cfef5859379fbaba48041b0da784a585ff8c81c7da5e7cf242b8d89b950a475406550e4ef464c5f6a206ec1477203ba55ac3797da15295dc81b9174ad244076d96b4f17001f2024891abf45fa5f086ca57e676cf5c2c74334c7aec7023fdc16c30d00f8f1c3ef651bb9538f37868095f0de99bb94dfba6be70fc771cddf3cae2cb402caea1630398255f5741586249cbfcab271d730b959335dbc0d9a2651c2a106cb3fc7acda1b72edaaf6c77894234ab40ceabeda4c231d4b9b3068e8d4d5f212e86be15ed25a57b19bc1c9f5177e60ae6d71f349e1f3745aa00fc5c77e0807020e55eb7a957d421054eb6ae6d6d62d74ecbc6825a9b10a89575a1ed3e412d2253f4ff4e62171b9cb1aca55062704e3293d1fc2d9207c3b5f851b45d9cad01eb9a133491674d2827b951de044737bc6c1e7159139b5e98ca0ac401d54bda92d1d67ef783cd1023b6db7731f6d5b47f4be6f99bff9b451fcf4d4d9514754becfbb6344b6e0d520b80eb45e56f17718f0fa8c17e864f8000ec3747d5998538d8d97bf773bc0b0428dcdb74ba95797014f857d9258d9af441e268e535eafe91ec7f602fe743687323dfb205bf4402c6e6765d787b5c438ba3b1d7ae522205bc338478fa877b058a4ff54557ce5aa5350cd75ede6b77eca778effbbfbec820c1daff30942a935cbdcd3e88f31e029e54ee645fb311b97e2a1b0c5d3d324c956313ca404764d6180a0ba916b74f322f38949045bfcda353d38a1ee6813cbc1beb4f4f50eadd929f236d66d86dfe123a3008cbe72c0669a426f1ac63097a9c3f0881f35bc4045eecb3836d17e1a0395150a3f47caa527e9f4347d244d2647f3d7f745ea430312baa458d23ea4af529c9fb4b797d7e1ea9db0f94c46976daffa66b87e40df7b5e34c463207c84bcef5d53a83ac52f9a8c641e785d1f416570eace706c9f9c7eb279fe385edd6c89b3671c8f9c2e62f8c13c7abbf9ebc2239bd157f07b675dc84aa52a53738facb26ca2b54ba1d1022488311b40b4c7c6235b21588005cf3fd7fde7b74dcd8374d181101ecce86265e072628eff3990f6295832eb8654b284c2def6b3558f5bbb9a4bb9eca1e6498fc3519a859eec55c1d45cc8f7e59c32703c5aac9094ea3caf3209e2401e63626701f6bb1c6690777c4ca6602baa029b135e3bfc17857f6eb19b7e809a1efc0bf12466eea0d6c28e2b9deee8a7e8307e96be8c495baeff97eea32c6ef7ba21830a06dd3337e0b85859ea891c6dbe6d59ca21f75f703274e16378b222762d79655670b5131e5003ccbda210ad0681c5a1b4a8d65e6759e5159261d2cb32c32edc385b7766cbfa2d32b7bdd00826eb4a007319d8965d32caae4a191412ea47ea087f452c43a53817e70d064abf3042e260483ee43874a80d6b136f7bf323a805826298b0ac2cd5745cd7d3806b2fe5c2ea60d917f994cbfa5aecea6a84a053ec2b393a8716b0ef720a41debba67c24e876f10673aa3f84f242d2a67eb018c45a891828bb24241e93a5379bb41500ef116ca41036c198f04f20a95d758bae11f0fecc2ef61e9ec84a5241d664d4b2d6c301823f86e68f5a672e021ec0e171f1ec8b7a71f4c982fc9c68abb964eb23ecb02f30e430cf690e4d3e373b0d2c1dfa7ce01931bb3ace8bf9a5790d3ca3aa966236a59b5f804b542182e7c13726b745c89047dc91cb92e47d333bd954aac377ad72df4a161cbf9e38d1e2095a70bddd8322e15eb7888fa979621cf9147bcb6887c983dd7af0a6c6b59ba3fc639e686a0812fbd5a303b0d2c84ed0835a49638f47a1011411aee48ab3e0e58b3a9cfacc1425e2221692b58eb7bc7d87bcc1741cba4af484dfb16a237e1fbcad8170f11df6eb9a79388eeaf34cb8652ec7d7301d949a6015107371f1a20776b9acd2e1e851774d1773c5c0d1804549018f611203c375c1ab24a9732e2306ed8d905175982052c4d4d90b847caf28025fe6b8c60d235dc7d51e845d6c394c9ab49ca509864e173127a04d36f986ca8bde9b38d71f958f3f552ed3bf4df9ab40f78dd7c1a7a1545b0b8aff570ee34d1fd6a9df0ee7c45f4fd325ec7a927c6cd668484b64e4fbb879bc7d4efc77f692bb6b26c72e2a364d43d9bd27ba048bdddbce1c8aa945cede3a39f09841aa93723db4aa6a1f2e0bbcbbd2330a5c96e75aafa34f8c0c926c80fd787adda911bd6b9eb594608745cc883ebbb873c57f3d01d69199a6085f243a9020c784e9810a8b26066cb1b3d47e3f297eb2ac37f75f5f28e021ea8035a0f73211c13c48e64d7adaf724dcb8a4d3b25065110890bb2b6c30b38530b4ff2ffdaf48c1d598e63864e4a8340c765d0e1159377e189077be82ce810fff7d21963c8583f942a3f11171e74fc99c941bf3f22868e8383e85192f2701694a4ac71e62be3573cd9b09a03b81a5cb40ae85a92493e1f21a59be3ce66ce0b81ad0fb733fd0439da7e916fa27263b536c3814142b9ca98ce65d49b62ecdc99843c1ab0b507fff138cb3b3aa04ea1772c6200b7b737a9ab93ced622c7b3375db61b0e7be53994c9ec5efdaca2334044e1304ba054bca1495397be2e39f74f826513e0a67aee7f643481c3ee15afaea0d650f9029a8170a116e4a9e1dae888aa5d41cbbe77a14cc82637fff4630e3832a857ac8d7a10b44c0a6c6fcc6320615931ea8cdc9b6d467f7c6974778a9f4ed75f94c6f4923818ef92cf81706f4116519252a6c48a88b91c6690cdc3024b096593f1d12bbf75195f66b3346f9882b9422ab85e592410a9c2da909bfca6330b7627c4d0d3ddf0de3dfe7fbbe0f8ec811f640d8ced76df86dec779609e63e4553987f28f3583b14eec8fb14226295dbc2e05cf2862c46523cf6c2e0e413410c69017063563a4aa5aed2d2daac5eeafc78ee336ec260d77f049a104ad0af4c51dd54e94975460d26be3918576b47a08b7d4fb2f8ff727e08486391b072749f0b9bbf547c7458ab87a41efe4da71bbc291675b6aadd6e63e108a25219de115b6332f4c5032878a24c48d7defa665af6d432103718e648d51a852169b8836764e89a761b63745608718cdabc46d4494e3b8d937d5970a9d9444913e3ad03a22cfb7e17ccfaa8ab72273e3efe606c3b5805d280d975bd09ee0813d13f5281c0d4804f70db505898e3a61ba4be64352bfb17b6e7167b7d0bec28cfb877ce3423f436fc1e6c9ee7df30a577867dee558bb5c0545215a0be30ddbe0e306cec26944ae5a55f7578e67955ae3b743447fa133b4276b44b3881b8f980197b6ddc7ae8e090c8b89db818e7f4b8721ff4cf86b71b2c09f824e5bcb41651c466222e52936ddbdee988c70c2b0f28942fc1db67a04268a4de80ff87c5d8aa9b31d1b2f7ac05d49bdd96c22651e9fe9b4490b5465944d03e94a5acc17b11eeea0ec7b9c4898ffa224515f11d3213eaafbf9c4b9c23dc5d0febb525cb233dfeb5d5f6fb282f443948f3a30e8218c0e456b75e82cab12bb6a1533488e122c03fa9a1bdfda79c1fdc2f57fba24c5f1432c8ba983b18b4c6e9136e19a91a0f6c4a9de13b06dcde20e88cb03385c4a08c7a22fbb18fd429355a4f2248d9e7906bc26ce092591f793c4b19946f275cb68173b47a64b2e5aebfdf0751e45a0a2783f1dce57ef4125e44f2a4f201597561c6dd5f01772cec08b0f28609916b9085df61a5e9b5fdb5c5fc6ec58820183df8c9051abf7a4591e76e30bc3bdc0ef4537e4c1f5710a5efa8adac6a1442d73ad26b867c6e0b7d11e2a97ec3cf4c5922fdd1ed98ab8f606592aa222428de1af3cfa2d0280265330064150c4ad53d15649c3b5c4d41700fc03b2f781c63682a7e76abe21cb4229e16e4585aaefe9e807de5f9c887a8d13c9326145eab66565d01846f0817889b24589e7151ec6670e2eb227a995332731ca37d9d60602ed28e002280f9245a28104f2b19ad7c0a09a42f9ee5d58d05a8b4320124b4721c1df18459b8a9006a41fe95777e0ecbf3092d304abe9545f3cce672ba2e0f50e2a13df3eecd9f969b4ab3200e75fad9bb6d7f6461899596d7cfab50e03fad11f3a7794bc12b57e822d80a896a8551c1da29df481bb6d83686aca0dadbcc148f31b4c2884901bac1549f0ab82aeb2360b64cc39034538501ea4a8665f27271376088644017b6430c8d7b161880bfb41a490d9bcf0a2166374a31b8c66e40f4f6d29c4a4074c5d08b0e1dd7af02a4d3569d63f0ef56204614ed66194b1cb9f43844c1c5d266e4940d175e1795d8f652f2511218d813735916de425faee798939701588d15fe0c2a59f07d0f4080daac4c15549db13d2136ce1b55503f936462a11f188bbcef823b8deb8873655db8c508a6a5ff144599624bbe68e89bb453ae66c795568d447d8650dd2fe59a39a4427d698cbc4c5f396b81d1a1279240f702ab0d41321ff1dcab904767a4d4853a8fd05acc8e09b68397377a7cf784c5b69ee531018695ca8e6b539a38924f99bad465748cbfea0c3bde9f3f48b168fd1d90166210c2245612b3867917378f16e5f87ac8cb18ea1f795b2dc28a31db14ef843d3a624a93990f3b26b190c2a0359ffd2fd2e1909dbec0e4279cb40c7f5dae0fe8"]}, 0x1010}, {&(0x7f0000001200)={0x1370, 0x1a, 0x10, 0x70bd27, 0x25dfdbfb, "", [@generic="1b7bd06b06e87be49b5c7c1143c4c3f4e369d516bd2a505a5a6cc9ff3e4b6ff8f70fb43fd3135c203eeaf0ba6c3598ee12603fa09671b6b809e45e281b997abb632b5e03a783844db0ebe6e2c0870c063f14d6a9807908ded1b8c3fad362379a04714ff78cdfcc595ec6a9e2f052aced730db4b170d005c669b139fb99a5f93aacaced4c51e8c26084027879126f02d48292ef5e32d15360d35f1f81aa4c7ea80ab707b17fadb8abd179eaf368c0def8f74b83e17523aeeca88a55256717cfc4f6eb224216da1677617e05cd149c6165b15f671aaa664a7245c1d3526a9d6d492f2ee4956ada9f798138c6a66c376b810ec5355c05d316dfdf88", @nested={0xea, 0x63, 0x0, 0x1, [@generic="fb79e6600abcb290446af51465886c3b1009e11be68e35d7b105b7eab6051f5631ef20e66989a0af40ef424f9573a52f2934a3342c510a0688ee8d2757220472fc554bc5204276bdf490cdaeb43e77dcbaf6de648e2d4691a820a09e416d64be7f853238c136d23a533de3e61ac5eca8ca000327791cf92184b60e8f9325406e605340545539ad61f65dbf425351ec61968124ab426a6114c7c3b13a492846ec774edab0b18e051be3f0c0257443c3fddfe6242ca21a1185a8b7e0a3058db50166ff597deff1fafaed525e9450b8b14bcd5dadaedbfbfc51da52004be261", @typed={0x8, 0x0, 0x0, 0x0, @uid}]}, @typed={0x8, 0x8e, 0x0, 0x0, @fd}, @generic="58a03736e85067e19aa965d5fe74d5132395ed8ea433ef324fc7d3ffd5204408cc7750d50c5002e7bd9796bd15f2d448821d96200defff2ae80b12678a06d2585498c906fb246b51acf506c71650d38c61980520feeeac487f20455f579e923ae19f700b549d", @nested={0x10da, 0xe, 0x0, 0x1, [@generic="c1", @generic="4c35f39b5a990005ea3fed1834882eba72c96fce34bcb125195d24b37d5547dbb2c1eba156f86fe5e4310f91252be920ce03c510f3a9bff4561f9373ab6267537ef531756ccfa2ca3845ead5840b6332962bee58b6fe86062d690ab6eb8b9ff327ff0a819d09990d2de2af27540d6c54aed4923b4193be03d5c814e562a4b21fac63f8b6543a513822e7f702b4e939ee624c461a524b1b2f488d53bc7d084f05ac465203dcc03feb75", @typed={0x4, 0x88}, @typed={0x8, 0x74, 0x0, 0x0, @ipv4=@rand_addr=0x64010100}, @typed={0xc, 0x6d, 0x0, 0x0, @u64=0x80000000}, @typed={0x8, 0x6a, 0x0, 0x0, @ipv4=@broadcast}, @typed={0x8, 0x0, 0x0, 0x0, @pid=r0}, @typed={0x1004, 0x96, 0x0, 0x0, @binary="71b50eec9bca674089c235a81f6b3f223b111d489a2191d3a7b80770de7d66293b49d8a860762a1833b366c349bf3cd8b7d409c06c443375b12845268ee1ca46e6b5a537640ff7621499a3cd5fbe06cea68f1a4025be1498255ed94682be43644c81fdb36a535c6efe9f1b32d8251a8969d42f05e81dba812d0b0dde857aa3ea7e88a3e0d2d73c7a521a385c4e8912143a92f0cf0652d4d053b21a89c57d45b677f6a16441970bb5288d9c9924b14e164283dbf056c7af8719e72eff0c47ff41c0e546830523ec6ed27886daa7348e8838f42386256f9a57c76dcb46d03efb8f325284db4391f2026cd2751610d47235a3ce7d792653d9a4eb3276ad4186ef19ec847213f34451a54fc34e52784367bdc27ea50d1783d57aa813c9070074030829363588994617979bbd09dafd40166b4a393884f1df966f788a52f8fe2b5fade30b710ccadf9b5d04c00326c58fa33e648f01da2a006a91631a84e2bb78f38ffd6102e4aff4f2d04a4a77376b353c99ab2734be9e0baa55dee3834c416a4a45728aa232cbf910634121612c71f8260552d106981248430b1d1c527d47240e1e776c281bbd5e08d25759df84947c69d0566b1ea16ec334144e36bb7e484c065c829731af83910843461cbdf713f2a9a3f3df92aa7cbc7727bf0b9a6dd2aae978c1275770cd40c1e672f7b6589a8dbc04de37ffcb2e476eb24157474a692ac51cbe93d962c8c0bc4bde3479dcb21ca5d1072edbf244bf975316ac52c15f876cf28b4e0ca3d277c9e65f267eaf6359706e3d9d982bd136deeb98dcbabab8455540b5d42d3c96c2cbf3c5e0c30b71c742d7cff417f8c6d97249ba82f0c36fed3214f4727b9da59241f35398c2a34efa9b2ea01aa99c0640c89a8852bb56b4d15f77e283d09534c923dd0845a6cc0c7e4302197c4a0e76fe6ec28c8648f00e3b3f0cbbf7096ba80aaa58a5c0eab23b4ef3b5ae92ac4edad1f72e3131a06243d8e1b552531f88f4cb3132b3696894a363d66f31b19d1acd3d13354e53fa4271b7dc272c96c06582b836ca41f767e8f7e5be230ab2f65dc2a11115988d807bd6e04334fa809b416239fc9640def06bfcb840089f9a832f297748d6330d348624b15e65b74eb2e015302d69cb9d87faf6ee0fa5e7aed432136dce90542a6d4eee5ee8a2c1c279dcbcc3394abd0df2cb8f2a7bf80e324e538f6f66b6253b8d059260e02e5c42070b3d177ec10d08d56807d7abf493998093217b0ce9071da0c3185203c465d6a243e31dd86357912db997cb3da9b11a08c174cb389b675b3da5f76c2b260d8a8814ee115c73828fac0e80b27aa39bbcd2346b129b0d722aa3a52a2fddf017b0765c43cda14179a9680b977f718cdd8711be939e20101537b6a9ffeea849f9d4e46813dea15457b0806c3b97bc2ef9322fd2adc6c453e79474af0d0603369033ceb3bccb74686e781214f83fb1999f18220a04974e4bcdfb5d39b70214c29fd14a07c131bb8ef2f0044778cd55514549f82e9c8d58ed74660b59a5e066d1cc3e1ea272d55341870a8308dcaa62c7d9c18da7232a767ba105585cf555463a8be79416144bbb45eb9f1840223732e75d37344bcad46b956e5fca35ef74c93642a03d520aea626c0f85cd031c88c04061fe017479c109703f114ce5ffec0bf37ede569e8440befe7c2b67af6c3944fa1a25834eee605b17f673531cfbb2c66e16175a77c6ac05efa535cef1a0c55d7d0ac04d7c9d0b67299435ff1dddf7f65310ad1c4587b67c2955bc04c22842f0c2c544e35a6782a12edb9fa08fa77aa47726029dd7dc571f6a14d146b0fd00bbb2c83d82a884b3f9a5990fda55edd9f504ecbfa016d536c902b43590019c8e7146743dec1845d5660ae2ed3376fe55f582e805af7be7d3579ae5dc4f033e63047183c29ce14383eaebcf08865ae91fde5d487502f0e120c1b65992705415355de6d50f17bd8e5c21ef521f253cf2809de9360f184a7cf83e3733f55ac123fe19b0e517d250bfd97ab6977dd4bb62042a8103dadabe38b30bc77e32dcdb0f7ae41a25cc31e60debf6e4390a30f9104c68a03c2231c1666c22681fcbdb5af4a6a65a0896ab7bf3d2960d0d46f8e643a38ac353ad03309a756fbebbc1ee97e91ba0a76e186f9111c052e3849261fc2f5369fe4d4d59d16cc4f624bd88ad2041211e4034f83609e977649294b87771e0daf0d3633f99c57625f5724e021b72d55e66d28bfe7d33b5f646df396bdf8fef45d76b1a58a500f6e62abeba635a6f0ebb84efb417d85c41ab273e2e5a8b5c09429a94a4517558acb7ec5963e11d7e9a9ab97e756a7f06882f6b8fb2b7cc28572af8fdb81f16d8ee4aeb14e057679e0a48d1e2332f3eb4d7d4e6b39d3e4effa189d0e6ef04b94526121b02c01b85b066c5cc04429182fee9ae2eadccd78ed23056b57001bae34631c830e183524a52314234c5d8716dfb96d20290c8e900cacebddde9fb45e8b565553fa693da49146f04e4ebc155227df2a4e5afd007a6ed83f50e1e86c5b7f4d1cfbece0eeb42cd36734e8424d19c4731c7dbec9710a5a9d3089034588e70fdb6ef670ac763a917373e58fb93b0bc37d1de4f89a74e1ff869cbb17780a74404ea321f9b9c3e2e07d1e0089caffdb30d839814055d5bf201e9b232aaf252efb4b461163b10750b885cc5f463d227faf90ca55d85683e370a588f9fa63d1581553c523120c442b869b6c9706d3aa4375bad5554cd0213cd65f400cabae8e2aa25882f6fcb8fec428d63a5fa53a98be5fdc910feea0a46756ed0442214794482631eab6488403d2ca3078e3d8a80187772a253b88200a88e3dd2ce2b6ad4f0bbeaf4d409358622aa24c9e86ec300cd96a88ee00cd6236896ab199985e7c69b145a31fe6b64e2ade3b668680f34ebb8abc4dfc7b3f7d83fe5521a9e138ba6559203b45430fab8726b994f7a6298cb030a64d04cfd7450c049edbac101aca997e156ac419c0a4a96e5081409732090f03955c43c15a42efe3a5d5b3bdf55e909ce1fd279bcd28e0b7c332308f267a3295cd92c18f3abf487e6eb634d9857a26cec711f0118ab8883b00c68bf612ba4ba49374b83316a8ba4d1a8ae8d348ac6e0a52e42d7130f305c82dc2178f07fd1c03eecd1af6e9d261b494bd0fd399fa51fe492b4b56962cc28c50f0989c3977ef94b0a92893a173f0c6583cd008cf5aa96f166bc8d6898d967479985a4b15e9913a593bfda88a774d5224bad99cf5dc8ba13bcbbaae2ccf1a819fd70e59dc878499afd095fac373b707f140c1dd910eecffedd8d0fa93749239116944e64ecfc145128d5b6e4f9e4b93c3a572d635ddeb4b86fb90ff2904f9ad4b8f29fadc201cb15d3fa92f16d12f18369fd2228fae647e40a25820a249070cc70d0a9bf0426865000e7ad6553e333b44f3cb43d4af6142612c89323bb0e9e9f1e29bb492c085ea3be4f6e8bc0faa77c19d81a37e2d3e8be33696b1ecea9b9aca389b729e48779ee28c657dd716a225e6c8e5423e2d1c175f34de8eb7e1332a4a511c5600bc69f19f037123bd2a004321e9fa83000adff4f885cc4aaff59f8751c4c3e6ec69ae1f29fbc115b6aaba7cd3b99505e9a4143382dc22ea61893b66385f1a8ed79e8aeb7dcccb995ed136717e94293fa170dfaacb8a86ee8ec74671487a349a759296542a1314592aae0d86164e5bfb838dcb8fe45fddfec6b1c8fdd0623c5f0642b745c4750c6e615f9e545ee527786735e152646d266f6d31af6a7ebd20c5613b2910cc3d1d97ae36475c2e60fe4346659b98a055418a81ec54ecd04c99e4c084d0078f65fc608747b578b59df2b68f2c3e9b54f00ec78d656e0b090224c3bc7d20c3e836f7e104ccde31607de680c13ed5699c0a182296c7de656817581bbc70b2e9aa20c4093df06f91d08f3aa1d0278b31038f24fbec35651109add01d3d4bbf6379a0b8e2f35a32aa024aa80c834a73f103477d0208cc72e83efb489cf305a80300add31cccc33dc0233822b479298cd406c92361c6115d8772073052a781158053f42e28528f9daebe2872f3f51ef1accfe2e99dd6b112771e709971e524c814bbd1f858660403edb8ba0f323b81e3f3117f13392d7be12e3b6d3f040ffbcf8132fa67e9e3244990ab409ab1d44e3b06f99d27b10c407f58c563573d0317aaae160bb39118dd7028924312cfc2abc066f32065157570e50107ef88ced69bdd8bdb0e1f1598bc7d949aeb34b46210fb61663067aa3a0bd9954e7b19e6c339a3e57806d07d60c9f31369235b2ccb1db324162362ffba17da51747c33cd625611b725fa67d0fb86bd36ae9b515e3a6bd7a29a0062a5cd8ee50ce29dbd46550ae9567d78b54418aaf259b1243d76ca1f2d0737df2c8afdfffd88213f9e2360d32b1bd777ecd08bd6648f616c9a305d77860e16103ece1de206ef73721f6f6da33e1b988108a048913df630b376831609584af0eebc69d1a17a3c3cc338d6c0c66d51bfed08620a53ed6fb2549ce074dfa69b1bc9d8e6b13995920aefdb10446aa2551a0df6425f09c685a7116edacade978f0de3fa8a42d1cb409acea2191289f184dc0f8ec67503d543e62f57f004c7fe31e9016d8c573816fc51bbb0a5ff9b31b7ae83c815d07157f8063cce604c6ed2443ab9916259c5b6d36ff3182ba1ab25429a0293ea377f909fff7732b2e9a0f176a724c1f5465981b638d35f0dcb6b2fcfd981f167729bb0558ac92e8e853a64755095ab5c1be7105a71194ff9e77cf8c727fbe85a8b6d81ce075be16e5aec042e9afc73c905e0e77e2d4189d78c1cdaffaecef32228509c093a1b8e92a9d1a441630583016ccb897ce179407988ce0c68f8c3fb793d0f719d646f77a1f04d9a641ad34ede8367eb6f76f2a744618a6ffa9f49e23b664ee853ca8dd3d03f46176248039bdd037180e4f6309353ff82f34351063c508e56bf83fa99f0ddaaf67d12f3ff38bc42662200b1252367fbd459313c40eb50a090d8c23cec7d84e42a922b54d634d4564fda2d6b5d79d177e71ce84ffe5aaa3fc9ee492672c2ead772122872ff18095b2c70987f8836195ec73cdc74c64a5aa1c3fe2c917d87c11ec6dc95f0412c3b634c30fed094aff1c8292fdc8c31030c161f0a798ddc361b17aa910efa8aeba26255bf064a4b2943c47ca32a2902dd7f5fc31786098e9fb43363bf74f01174b0b10d6d7ea6e751e39d933821ba1859abac5f254aa12ee00a88a5c53438154ef9692a9792dd0292e8852b5961ebf7b3daa4e7e74ccc013304cbf788761ace08001d7d2e5bd5d9ed31836d61bfe340b3e47e4167b1987cb3a95d57dde4321d600e020882fc473370b19408483cf00c5133103fd5e4555e05a837a26f64fb15379c8a4622e3a217fcb1ff868fbc295b1883de2cd5813eda2834a01f662adc4a88ad8c0b1a8917c89bd574d906ee27f1c59d0d206056c7d7883ad15d0925dde2529192b8b04fd84213875c407e7b19c8570caccb44373b9f04fc609a7d6a961d936cc1dce27a6ca607e7b63ced3b118e652311f2f5ae7d8cfe02f4c5e35a5eeaf823d8d1795069688c6b1f63238906f178e75c6162e837d575e71e020888b755647582bcb99653e118d787817ced20207fda56faf89efebe60fdd48949f46e6fc0c9cb8c66148e45d8bf1196f737450df02060a9866867546c971327bec4c5764210a007ce593ae8e64c7769b0c6a82d869d1d7395f75bced5610f3e7c63103eeae4aafb9f4cd6fc927732a7ad0eaeed40addb6299ed6175e82c081"}]}, @typed={0x30, 0x3e, 0x0, 0x0, @binary="72118ab16f44b8f151318a636cbe1ec0aed50be08032f31117bfb3f741f2a8e3576c932f3227b8aed3c45d70"}]}, 0x1370}, {&(0x7f0000002700)={0x1c0, 0x28, 0x100, 0x70bd29, 0x25dfdbfe, "", [@generic="9c855502a3987c05f829b7536b3965cda219268209945a9e7d6fe1addf139ab21fbf913ca332cdc338d60438ce7c73e003dee84c9ca618a849d2647729a0c2072289067781bc2d230160132da1802256a77b373074bef108ce3127f932e0a1c22c11bf748b9cea13dce183d4fc9380a2a4b4968ed2f11fe7fc5426f782af36ef24cadf8dbf716ffb7a50672f9eeb75a8c6890686ac4198fdc92386b4e0a015e7ebb1db7dcb6ed5e2b09be6fb75eb77b9969c6ec1873a9a66d6d20aa48758b9b8f858794d48126ad1f7737d64883da3a4f142edc074e93ce37d903866f719377168e9f894aae55cd39455f2cf52907d69e21aaa52e69e", @generic="2182799bcda109c49985f17d19e43de41394dc17904f5a860b67d51efc684f0bfd9534cbefe67b9d347704a733ae862a816d66ce17885fba06712ec213fd9a777c49be281e427d88d9884a25d273367670792ed8a81b25d6f53a1e5dd4ed4d525c48ecfd82af6fb5dd2126dff6fb7f206438bd82f89298f465a12e8b1a12b12a0a65002c5b0561c32d400ce5194a4bb296ba65080f27af06f39de194bc16dfaa034053", @typed={0x8, 0x76, 0x0, 0x0, @uid=r1}, @nested={0xc, 0x57, 0x0, 0x1, [@typed={0x8, 0x9, 0x0, 0x0, @fd}]}]}, 0x1c0}, {&(0x7f00000028c0)={0x218, 0x35, 0x8, 0x70bd2c, 0x25dfdbfc, "", [@nested={0x208, 0x76, 0x0, 0x1, [@generic="2e8828f5d565c5677bfd0e7946ba3de0ff7d9b421d1555e8c230d923818be398d665d53ed85532c43f92a746773b86188ce9c6080374941530eb7a55b5af1756a205de38d6ff4d27e59eb8aa2cf8ddb7dad9e5760aafb425624f5188db5f2abb399478ef011117d01dabb15886a2446059dd4a882e43347c9f3b09", @generic="dcb3fec1931e160ee405cb174a380d6a1e9dc2df1840be31e2d33804703a759544ab74c0ab82eb249f4bb42ebe4015d3b1c747e152c2fdeb1ff0c2e2015ecb12bab6459041ef09b4e86869db43f93392826c96ad5e9272868825c7881320923e1f324720fc0f23263e4845067813c6b59f553f9774aee32ea1f5", @generic="9a46311ee13fd03450a86464f756364273b83d54a9e500809c7239ed030b1fef5066072e261de2fa2b7a840d6e203498c31c1536c8f4aafa2a30a8a7c241a875c2f0ca22243f398ce78b7c1062b739af14dba62d313be0e9f1ccb317dd764024c4120117da1f29e5e30c3f7aa30cdded86ffe0065d69bfbefa5c68e02f597c65b8c9b464575df454c7d2ed6b52bf1cc4e2c8f6a0af263437049744e68c21f0ee3f722bc8f38b0f327488aa2e6482a7b94d5b9c753aa6f3e00fbba8a797de4c2324e1445fcbd9f90c5d28fd177af523a52f9ed8f7d3009043d8a96fbcf78f18e2369615273f8375", @typed={0xc, 0xb, 0x0, 0x0, @u64=0x9}, @typed={0xc, 0x35, 0x0, 0x0, @u64=0x1f}, @typed={0x10, 0x2b, 0x0, 0x0, @binary="56c726dab3f1b56197501785"}]}]}, 0x218}], 0x5, 0x0, 0x0, 0x4000080}, 0x20040000) r2 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r2, 0x0) ioctl$MON_IOCT_RING_SIZE(r2, 0x9204, 0x2a6b4) [ 1784.706150] FAULT_INJECTION: forcing a failure. [ 1784.706150] name failslab, interval 1, probability 0, space 0, times 0 [ 1784.709008] CPU: 0 PID: 19930 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1784.710625] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1784.712614] Call Trace: [ 1784.713239] dump_stack+0x107/0x167 [ 1784.714107] should_fail.cold+0x5/0xa [ 1784.715016] ? xas_alloc+0x336/0x440 [ 1784.715922] should_failslab+0x5/0x20 [ 1784.716841] kmem_cache_alloc+0x5b/0x310 [ 1784.717812] xas_alloc+0x336/0x440 [ 1784.718662] xas_create+0x34a/0x10d0 [ 1784.719557] ? kernel_text_address+0xf2/0x120 [ 1784.720644] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1784.721895] xas_store+0x8c/0x1c40 [ 1784.722759] __xa_store+0x164/0x2d0 [ 1784.723702] ? xa_delete_node+0x280/0x280 [ 1784.724727] ? trace_hardirqs_on+0x5b/0x180 [ 1784.725756] xa_store+0x31/0x50 [ 1784.726541] __io_uring_add_tctx_node+0x1cf/0x520 [ 1784.727694] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1784.728919] ? alloc_fd+0x2e7/0x670 [ 1784.729774] io_uring_setup+0x1fbb/0x2980 [ 1784.730763] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1784.731969] ? wait_for_completion_io+0x270/0x270 [ 1784.733144] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1784.734387] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1784.735612] do_syscall_64+0x33/0x40 [ 1784.736504] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1784.737724] RIP: 0033:0x7f347623eb19 [ 1784.738606] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1784.742995] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1784.744813] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1784.746508] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1784.748204] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1784.749864] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1784.751552] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 [ 1784.767511] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. 00:15:54 executing program 1: ioctl$EVIOCGLED(0xffffffffffffffff, 0x80404519, &(0x7f0000000100)=""/233) r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:15:54 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x300000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:15:54 executing program 4: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:15:54 executing program 1: r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040), 0xc142, 0x0) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$IPVS_CMD_DEL_DEST(r0, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB="f8000000", @ANYRES16=r1, @ANYBLOB="100029bd7000fedbdf2507000000340002800800050007100000060002004e2000000800090000000000080004008c0000000800070006000045484d0b6ad166ae000800060005000000080005000008000008000400000000001c00038008000500ac14141e080001000200000008000100020000001c000280060002004e210000080008000900000008000700040000006800038008000500ac1e0001080003000400000008000300010080000000000000000000080001000000000014000600fe8000000000000000000000000000bb1400060020010000000000000000000000000000140002007663616e30000000"], 0xf8}, 0x1, 0x0, 0x0, 0x4004005}, 0x24008801) r2 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r2, 0x0) ioctl$MON_IOCT_RING_SIZE(r2, 0x9204, 0x2a6b4) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000000)={{0x1, 0x1, 0x18, r2, {0x7, 0x101}}, './file0\x00'}) fcntl$dupfd(r2, 0x840ba4d98dc0ae03, 0xffffffffffffffff) 00:15:54 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x14, 0x18, 0xc21, 0x0, 0x0, {0x2}}, 0x14}}, 0x0) 00:15:54 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x8010, r0, 0xb3d84000) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:15:54 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x14, 0x18, 0xc21, 0x0, 0x0, {0x2}}, 0x14}}, 0x0) 00:15:54 executing program 4: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:15:54 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 50) [ 1784.940420] FAULT_INJECTION: forcing a failure. [ 1784.940420] name failslab, interval 1, probability 0, space 0, times 0 [ 1784.941939] CPU: 1 PID: 20065 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1784.942778] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1784.943781] Call Trace: [ 1784.944102] dump_stack+0x107/0x167 [ 1784.944532] should_fail.cold+0x5/0xa [ 1784.944971] ? create_object.isra.0+0x3a/0xa20 [ 1784.945502] should_failslab+0x5/0x20 [ 1784.945938] kmem_cache_alloc+0x5b/0x310 [ 1784.946405] ? mark_held_locks+0x9e/0xe0 [ 1784.946870] create_object.isra.0+0x3a/0xa20 [ 1784.947373] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1784.947986] kmem_cache_alloc+0x159/0x310 [ 1784.948484] xas_alloc+0x336/0x440 [ 1784.948911] xas_create+0x34a/0x10d0 [ 1784.949360] ? kernel_text_address+0xf2/0x120 [ 1784.949904] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1784.950533] xas_store+0x8c/0x1c40 [ 1784.950961] __xa_store+0x164/0x2d0 [ 1784.951396] ? xa_delete_node+0x280/0x280 [ 1784.951893] ? trace_hardirqs_on+0x5b/0x180 [ 1784.952413] xa_store+0x31/0x50 [ 1784.952810] __io_uring_add_tctx_node+0x1cf/0x520 [ 1784.953387] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1784.954015] ? alloc_fd+0x2e7/0x670 [ 1784.954453] io_uring_setup+0x1fbb/0x2980 [ 1784.954949] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1784.955548] ? wait_for_completion_io+0x270/0x270 [ 1784.956132] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 00:15:54 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x400000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1784.956767] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1784.957606] do_syscall_64+0x33/0x40 [ 1784.958029] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1784.958615] RIP: 0033:0x7f347623eb19 [ 1784.959040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1784.961186] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1784.962055] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1784.962866] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1784.963674] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1784.964516] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1784.965367] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 [ 1785.193271] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1785.193980] print_req_error: 38 callbacks suppressed [ 1785.193990] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1785.195889] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1785.197095] buffer_io_error: 14 callbacks suppressed [ 1785.197102] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1785.202730] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1785.203395] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1785.204622] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1785.205805] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1785.210327] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1785.210942] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1785.212188] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1785.213441] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1785.214779] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1785.215417] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1785.216673] blk_update_request: I/O error, dev loop4, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1785.217893] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1785.219107] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1785.219717] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1785.220943] blk_update_request: I/O error, dev loop4, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1785.222144] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1785.223362] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1785.224016] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1785.225292] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1785.225944] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1785.227211] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1785.230109] Buffer I/O error on dev loop4, logical block 2096903, async page read [ 1785.267122] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1785.267866] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1785.277509] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1785.278227] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1785.279517] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1785.280499] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1785.281452] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1785.282405] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1785.283123] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1785.284154] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1785.302179] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1785.305191] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1785.305888] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1785.306861] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1785.307819] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1785.308782] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1785.309741] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1785.310705] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 00:16:07 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 51) 00:16:07 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:16:07 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) mmap$usbmon(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x4, 0x13, r0, 0x40) 00:16:07 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x14, 0x18, 0xc21, 0x0, 0x0, {0x2}}, 0x14}}, 0x0) 00:16:07 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000), 0x0) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:16:07 executing program 4: perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:16:07 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs2/custom0\x00', 0x800, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1, 0x40010, r1, 0xc1e9c000) r2 = dup2(r0, r1) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = openat$cgroup_netprio_ifpriomap(r2, &(0x7f0000001100), 0x2, 0x0) r5 = perf_event_open(&(0x7f0000000640)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x6}}, 0x0, 0x0, 0xffffffffffffffff, 0x8) r6 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x40, 0x7, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) creat(&(0x7f0000001d00)='./file0\x00', 0x1c8) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r5, 0x84009422, &(0x7f0000001900)={0x0, 0x0, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}}) ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r6, 0x5000943f, &(0x7f0000000900)={{}, 0x0, 0x4, @inherit={0x60, &(0x7f0000000140)=ANY=[@ANYBLOB="0100000000000000030000f30000e1000500002e00000009000000ff0000000001ffffff00000000040000fffffffc008180000000000002ffffffff000400000000000000000000ea54ffff2100050001000000002500"/96]}, @devid=r7}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000340)={0x0}, &(0x7f0000000380)=0xc) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r8}}}], 0x20}, 0x0) timer_create(0x2, &(0x7f0000001e00)={0x0, 0x3c, 0x1, @tid=r8}, &(0x7f0000001e40)) ioctl$BTRFS_IOC_SCRUB_PROGRESS(r4, 0xc400941d, &(0x7f0000001140)={r7, 0xffffffff, 0x9, 0x1}) fadvise64(r1, 0x4, 0x3f, 0x4) r9 = fcntl$dupfd(r3, 0x0, r3) sendmsg$nl_generic(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001e80)=ANY=[@ANYBLOB="240000003d00210c000000000000000000000000080000ae0400000008ea0400", @ANYRES32=0xee01, @ANYBLOB="50bca3ef487086c96fff08032d3b23227942bbb4aa11154fe3f85efa913c24e97cc4edbfad5fce50f07e861bf4cb42427bedfd9aff83b6fad276d49df25b9421a2ec472852613115dca728c464e653cc55fdb857a27f3b3050a6faee135e"], 0x24}}, 0x0) ioctl$MON_IOCX_GETX(r9, 0x4018920a, &(0x7f0000000080)={&(0x7f0000000040), &(0x7f0000000100)=""/4096, 0x1000}) 00:16:07 executing program 1: r0 = syz_io_uring_setup(0x51, &(0x7f0000000000)={0x0, 0x9b4c, 0x2, 0x3, 0x1ab}, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000080), &(0x7f0000000100)=0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000009640)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000007640)={0x7, [{}, {}, {0x0, r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r2}], 0x4, "9755154351ac9a"}) ioctl$BTRFS_IOC_TREE_SEARCH(r0, 0xd0009411, &(0x7f0000000140)={{r2, 0xf8, 0x2, 0x17, 0x1, 0x3, 0x9, 0x4ee46b74, 0x2, 0x3, 0x800, 0x401, 0x8, 0x101, 0x751}}) r4 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) r5 = socket$inet6(0xa, 0x1, 0x40) lseek(r5, 0x3, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r4, 0x0) ioctl$MON_IOCT_RING_SIZE(r4, 0x9204, 0x2a6b4) syz_io_uring_setup(0x161f, &(0x7f00000014c0)={0x0, 0x728e, 0x1, 0x0, 0x31a}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000001140)=0x0, &(0x7f0000001200)) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16, @ANYBLOB="01020000e3ffffffffff0600000008000300", @ANYRES32=r8, @ANYBLOB="14000400764574ec255f746f5f626f6e640000000800060009"], 0x40}}, 0x0) setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000001340)={{{@in6=@private2, @in6=@empty, 0x4a22, 0x3f, 0x4e23, 0x3ff, 0xa, 0x20, 0x20, 0x2e, 0x0, 0xffffffffffffffff}, {0x1, 0x4, 0x378, 0x8, 0x7, 0x800, 0xffff, 0xad1}, {0x80000001, 0x3, 0x101}, 0x8, 0x6e6bc0, 0x0, 0x0, 0x1, 0x3}, {{@in=@multicast2, 0x4d5, 0x2b}, 0x2, @in=@multicast1, 0x3501, 0x3, 0x1, 0x80, 0xe5, 0x200}}, 0xe8) r9 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x5, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, {0x1, r9}}, 0x10001) syz_io_uring_submit(r6, r1, &(0x7f0000001300)=@IORING_OP_ACCEPT={0xd, 0x4, 0x0, r7, &(0x7f0000001240)=0x80, &(0x7f0000001280)=@ax25={{}, [@default, @netrom, @default, @netrom, @remote, @rose, @remote, @default]}, 0x0, 0x80800, 0x1, {0x0, r9}}, 0x4f28ed49) r10 = accept$inet6(r5, &(0x7f0000001440)={0xa, 0x0, 0x0, @loopback}, &(0x7f0000001480)=0x1c) fcntl$addseals(r10, 0x409, 0x0) [ 1798.043406] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=61 sclass=netlink_route_socket pid=20082 comm=syz-executor.6 [ 1798.046638] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1798.051268] FAULT_INJECTION: forcing a failure. [ 1798.051268] name failslab, interval 1, probability 0, space 0, times 0 [ 1798.052685] CPU: 1 PID: 20087 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1798.053544] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1798.054567] Call Trace: [ 1798.054899] dump_stack+0x107/0x167 [ 1798.055352] should_fail.cold+0x5/0xa [ 1798.055821] ? xas_alloc+0x336/0x440 [ 1798.056283] should_failslab+0x5/0x20 [ 1798.056761] kmem_cache_alloc+0x5b/0x310 [ 1798.057261] xas_alloc+0x336/0x440 [ 1798.057699] xas_create+0x34a/0x10d0 [ 1798.058159] ? kernel_text_address+0xf2/0x120 [ 1798.058712] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1798.059353] xas_store+0x8c/0x1c40 [ 1798.059796] __xa_store+0x164/0x2d0 [ 1798.060246] ? xa_delete_node+0x280/0x280 [ 1798.060765] ? trace_hardirqs_on+0x5b/0x180 [ 1798.061295] xa_store+0x31/0x50 [ 1798.061703] __io_uring_add_tctx_node+0x1cf/0x520 [ 1798.062293] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1798.062935] ? alloc_fd+0x2e7/0x670 [ 1798.063388] io_uring_setup+0x1fbb/0x2980 [ 1798.063900] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1798.064523] ? wait_for_completion_io+0x270/0x270 [ 1798.065132] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1798.065775] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1798.066410] do_syscall_64+0x33/0x40 [ 1798.066866] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1798.067494] RIP: 0033:0x7f347623eb19 [ 1798.067951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1798.070205] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1798.071139] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1798.072013] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1798.072889] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1798.073767] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1798.074637] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 [ 1798.090526] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=61 sclass=netlink_route_socket pid=20096 comm=syz-executor.6 00:16:07 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000080)={&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000000000)=""/81, 0x51, 0x1, &(0x7f0000000100)=""/4096, 0x1000}, &(0x7f0000001100)=0x40) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:16:07 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:16:07 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:16:07 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x2}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1798.387717] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1798.388426] print_req_error: 38 callbacks suppressed [ 1798.388436] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1798.390256] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1798.391471] buffer_io_error: 14 callbacks suppressed [ 1798.391478] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1798.393018] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1798.393649] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1798.394875] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1798.396076] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1798.397015] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1798.397641] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1798.398857] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1798.400055] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1798.400992] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1798.401618] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1798.402875] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1798.403502] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1798.404757] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1798.405384] blk_update_request: I/O error, dev sr0, sector 2096901 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1798.406638] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1798.407263] blk_update_request: I/O error, dev sr0, sector 2096902 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1798.408513] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1798.411116] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1798.411979] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1798.412853] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1798.413717] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1798.414584] Buffer I/O error on dev loop4, logical block 2096903, async page read [ 1798.430287] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1798.430960] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1798.431966] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1798.432616] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1798.433571] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1798.434287] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1798.434980] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1798.435711] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1798.436423] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1798.437144] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 00:16:21 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x2}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:16:21 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:16:21 executing program 1: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) creat(&(0x7f0000000000)='./file0\x00', 0x0) r1 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x400100, 0x31, 0x1e}, 0x18) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r1, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000340)={0x0}, &(0x7f0000000380)=0xc) sendmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r3}}}], 0x20}, 0x0) fcntl$setown(0xffffffffffffffff, 0x8, r3) 00:16:21 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:16:21 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000001240), 0xa0000, 0x0) ioctl$MON_IOCX_GET(r1, 0x40189206, &(0x7f0000001300)={&(0x7f0000001280), &(0x7f00000012c0)=""/54, 0x36}) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000000)={r0, 0x58a, 0x1, 0xfffffffffffffff8}) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r1, 0xc018937e, &(0x7f0000001340)={{0x1, 0x1, 0x18, r2, @out_args}, './file0\x00'}) ioctl$MON_IOCX_GET(r3, 0x40189206, &(0x7f00000014c0)={&(0x7f0000001380), &(0x7f00000013c0)=""/221, 0xdd}) ioctl$MON_IOCX_GET(r2, 0x40189206, &(0x7f0000000080)={&(0x7f0000000040), &(0x7f0000000100)=""/4096, 0x1000}) ioctl$MON_IOCX_GETX(r2, 0x4018920a, &(0x7f0000001200)={&(0x7f0000001100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000001140)=""/185, 0xb9}) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:16:21 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 52) 00:16:21 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000), 0x0) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:16:21 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000240)={{0x1, 0x1, 0x18, r0, @out_args}, './file0\x00'}) lseek(r1, 0x9631, 0x0) fsopen(&(0x7f0000000000)='gfs2meta\x00', 0x1) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) r5 = socket$netlink(0x10, 0x3, 0x0) r6 = fcntl$dupfd(r5, 0x0, r5) sendmsg$nl_generic(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x20814c0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_u}, {@dfltuid={'dfltuid', 0x3d, 0xee01}}, {@cache_mmap}, {@aname}], [{@mask={'mask', 0x3d, 'MAY_APPEND'}}, {@subj_type={'subj_type', 0x3d, '/dev/usbmon#\x00'}}]}}) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r4, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) fcntl$F_SET_FILE_RW_HINT(r2, 0x40e, &(0x7f0000000040)=0x5) [ 1811.928733] FAULT_INJECTION: forcing a failure. [ 1811.928733] name failslab, interval 1, probability 0, space 0, times 0 [ 1811.930724] CPU: 1 PID: 20232 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1811.931914] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1811.933342] Call Trace: [ 1811.933800] dump_stack+0x107/0x167 [ 1811.934427] should_fail.cold+0x5/0xa [ 1811.935085] ? create_object.isra.0+0x3a/0xa20 [ 1811.935868] should_failslab+0x5/0x20 [ 1811.936527] kmem_cache_alloc+0x5b/0x310 [ 1811.937238] ? mark_held_locks+0x9e/0xe0 [ 1811.937938] create_object.isra.0+0x3a/0xa20 [ 1811.938691] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1811.939565] kmem_cache_alloc+0x159/0x310 [ 1811.940283] xas_alloc+0x336/0x440 [ 1811.940897] xas_create+0x34a/0x10d0 [ 1811.941549] ? kernel_text_address+0xf2/0x120 [ 1811.942328] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1811.943223] xas_store+0x8c/0x1c40 [ 1811.943849] __xa_store+0x164/0x2d0 [ 1811.944475] ? xa_delete_node+0x280/0x280 [ 1811.945199] ? trace_hardirqs_on+0x5b/0x180 [ 1811.945946] xa_store+0x31/0x50 [ 1811.946504] __io_uring_add_tctx_node+0x1cf/0x520 [ 1811.947331] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1811.948213] ? alloc_fd+0x2e7/0x670 [ 1811.948832] io_uring_setup+0x1fbb/0x2980 [ 1811.949538] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1811.950400] ? wait_for_completion_io+0x270/0x270 [ 1811.951242] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1811.952128] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1811.952997] do_syscall_64+0x33/0x40 [ 1811.953633] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1811.954508] RIP: 0033:0x7f347623eb19 [ 1811.955128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1811.958222] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1811.959508] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1811.960715] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1811.961930] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1811.963144] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1811.964348] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:16:21 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) 00:16:21 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:16:21 executing program 4: perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x2}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1811.999213] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. [ 1812.006575] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. 00:16:21 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) r1 = openat2(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)={0x0, 0x40}, 0x18) mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000040), 0x9028, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {}, 0x2c, {[{@afid}, {@cache_none}, {@cache_loose}, {@fscache}, {@msize={'msize', 0x3d, 0xffff}}, {@cache_mmap}, {@access_user}], [{@fscontext={'fscontext', 0x3d, 'unconfined_u'}}, {@fsuuid={'fsuuid', 0x3d, {[0x39, 0x32, 0x67, 0x37, 0x61, 0xa1, 0x62, 0x3e], 0x2d, [0x0, 0x35, 0x62, 0x32], 0x2d, [0x31, 0x39, 0x64, 0x34], 0x2d, [0x33, 0x61, 0x35, 0x37], 0x2d, [0x39, 0x65, 0x61, 0x65, 0x33, 0x61, 0x69, 0x3a]}}}, {@mask={'mask', 0x3d, 'MAY_EXEC'}}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}]}}) [ 1812.042974] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. 00:16:21 executing program 1: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) (fail_nth: 1) 00:16:21 executing program 4: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:16:21 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCX_MFETCH(r0, 0xc0109207, &(0x7f0000000080)={&(0x7f0000000000)=[0x0, 0x0, 0x0], 0x3, 0x4}) ioctl$MON_IOCX_MFETCH(r0, 0xc0109207, &(0x7f0000000040)={&(0x7f0000000000), 0x0, 0x1}) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r3, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) listen(r1, 0x3) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r6, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) fgetxattr(r4, &(0x7f0000000100)=@random={'security.', '+\x00'}, &(0x7f0000000140)=""/81, 0x51) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:16:21 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r1 = syz_open_dev$sg(&(0x7f0000000000), 0xaac, 0x40c401) pwritev2(r0, &(0x7f00000015c0)=[{&(0x7f0000000300)="36c5a440a281d09a2e53da58d984bdec1bbaf09640b7363382213bb71f40d612145133123f0106cf2c4d9f33d5a9d86dd65d273c2958b38331b804bb2f3d63897fcaacdd66eada29e30b6b3d4c9b9cf9ea339af6cc33fe2851b33b327536951a473b58f3fa51e8c411d1fcedc20c0ba855f041798cdaed9e3b1fbca1701538469476c883527b97b55e79635a56bfcb976dfba0f3981f865cd044010ac529c461ca3ce9ae3466e7c56ff141c5d9a147b3b71c65e43474ee7eb12a20b1550f4e3dec8d93fee67b3b84983ef638b1f84d668ff0479d9cd6c7e91e99496b6ade323c4d95d833dfd9f318cd7663ded2cb7a3abfdc6a2d83aff2c49db3945e3511429f4f0e8d033701aa6ca398aaf5f3957860505ee917802f2cc444ee3da805ef3d38b3325d6d6f2536f38a486c12f51f1ad3d42cd649453c8507dabcc9605f1ef4deca0d85fcf7043d3535af05761d6fd3f01d44b13e59055e3ffcaf7fef4b0e60ccb67358dd9a1bb225c3e24ac8467069c2a9821c424e757856bb27f21bbb2c22c2014128a14d0899516ca061821e499bea32039d55910433ab8e2d20f3ca3f1e645130d2de73b6f4784aaccf81ac2c2df9f4be000dbe572c71754ce48a2bd6cadef99587d71aa3cd435124b18a141abd1be647c9a9f8db6e22480863703b85593c154bfa6d40fbcfc301dc7d4050465060d19bab898aab35fdd6fcbf5c3152edd19fa93b904a97b9b6d17cd54362d421af839cad7546bf070039f001eb62d93babebc477d3479226ffba368420264e12e2713ebdd641c406fabdab9a666f59f33f50118657fb3d8a218dc17c3160011425b4a137bb74aaef9718217a92fd138f09b5c18553c029a08d93d607587309fb7b87a60a9994d14f3546fe9a6a091c837d14dc945b445544a4a35a5ac7c59499f81f287d51f9018bcb09715b90c081d21ab4dee0043f6c2d17b7fa6a6c8e66390897ec279f1271df452c86de45b8414675344db1fb5ea61c3d427239a697367f20ce3a0e14b2074108620dc5219f4d615191afcb1b258f90cd9cac63ba2f061cc737b63e938dc658a00703e7426914a81b9dbb4ae0f07170a5ef18c299fd7906a4ed058e700439166ae1f22d2a52b1120e3d169a94f08143a03e2f29b2e3af3fca9b326213aa0e7c449903a2eeff598a607749719cb035dcd370208a6c31e994b21cba3e0a06ed0227d5221fb143a2a1633341a46fbd1f16922fc3166e277574e0689fd80583eceee47bd07f0d48b141aeaee41479bfcbc5d97db2118f8923f057aaea26da97c95d1f616cbbb9e6b9726306a42475563636c07b0fe778ff9372ef5f661d3a0a9eab2ac737eab67aef33f07bf0c9c2bac496a328774e25b52204f0f851900070d6fcd865358df5d2b9f98061f7db5c1c4c58aea8c48fe46a3a3793542f045d20593b1ffabc9f2df94d6a6ef70995b14a823fa24dd685936e970d9dd99dc808371ce2e6f1d3a3ed70c857ff3974dda813d27c678f927c42450fcdf85607c093705fa48ca8a29f64383dec551596a0a30e7ad17d211643f23450ba5cfb23d3fb48e633b3d02f7cbcbf1fbb345b574a89a2bfa4d3a4aa65828664522400e1b6ea2ec41f508331ae794863215fa5df731f98aaeca81bfff1a65b5b94b2ed6cba563ec5c58284171981e97c6340683141211722ebeae0dd9e1bbbfade26043d5f991f46cd4fe2f6a1e58c8f9c28b0e5b9dd63aa2b3e01ce8f5ebf766aba9785895e9309f9dda1c3e1584138a018cd8cacd455b57ba032c0fd53896bb219a9df49d55da817621f04544f653d55ec72353344c94d70f31965282e933356025a1ea8a72329c76c282c1c3ed4b50d42ea8b9927af545a25582b7a3a24efe82639488890af55dbdf7455b41c90a6605ea72223e622002c40380b5dcf6b5504230c54292d6a661ad9810859ad06dd6c57174503c36db88b22cb92c97a35c5c3a939eac74fc2b82a85c6d2d4b73498738f3a9b76a76c72655d80ace49229872dbd9107f21d2e14ef85acbdeef000e6bb0cfc5f096b8b1a9936a30f844b6a7d2f7ffba73b480f194ac00c008fe1be5c5e1268a8ac1db836d8fd12f865c95a006f05c789eb3dca518fa60f80dcd8100125199eabff492959e2778fb2526b7c318f4b03f466449eb2d4dd0cee7ae30cfccfb8bdce549f0c94699271077d54e2d82cb5528f6f3ee27577382a041ba31dc623d1f223e1636cbaccf0e37751d160d8a605947a8b09feac2cc05ae6214df31d704a1d15a5a5dc080384a304391f56c739b58dac7f433f5d1f27fcd838571dd6c3fc2da10674afa90967b0069cc845147a46f5e04d3be0509f7cf56e8039438dc5fd1e1792db223e1fb918431519c60190c997fb2ee60610ff0d0020111ccf15dd435331aa01970092119befaf2341ba42b62fd05b5151bece696520cb436a26b28bd74531de08b3edee6b7182154610805ef31f92dbe1d7875c2fc172ad2c7b6014e53aa983e7b6faaba600273733a4b4128659013e0fefdc678ea9333ce8df72f87c45157e668a9cb4bbab0935deeb22d3f61d6874e5d9e34b8912ec09e47f00dc9a0c6dd3e90eb37806ba62db198881ba577c82746c65976eb3c4cf920901f17491404fe0bf794c5f805839aab8a537192a66ea024df46a2288f8549f5cacb4aceac1f04890b051398c2407cc8a73d81e1bd548299d77153194cc44707e525664d18e07fd8f3b75f7a870a9a4282bb3ff46a7a84130fd1d940ecc5fa5c0265f38ecbae151e6335038195df07c72d439ea987d5f1568b2d91319f59db600ad125afb3394c80adce09afc2f9b01092ecfec759f95f4963239b4c13f28b7adb9a0bbfa6ac6ff4e4735070913539b355a39f21cd758d798d73ba66994f1281eeeb0b0728fc58d59a825807612f49eba175f6da0b88e2597b14aa9b54a8dc8913cfe8b7ca33b20aabed7f644eedc470a5485c866864a372578b5c3f9e39273dc3ea21f6557c6abce4fdd272106304bc4994cf568f885ed939357594dfa3c46a6885ef5e77f06f696b686dc29054d36778862073b5affd3bd08e87b3da8c82593ad44cb41fc38b4e46a68f8a8e59ea5482458ebde5d9806a9bbfbd0dec9bd9cc29876d114eb4c844a3382c19848ecb66df9dcede56bfd20af055a4d1152b40d5235d0668b9ef10ebe711a891ab5bde2ca7af3073b496e7418a959d6097d68de8ece2bed03077ab832b6ec52f7d659efb83e8337b62850cd0f4d5536271a3023b1129d8c23c7d9efd72be8d79618b832e261a4e080cde0164b27128ba041565ec56ca337b3d19696d9859fb61a3760d3d8129bf1aa0f7f1cf8311b06b7b69b08c36a686a020f0932ee20245bc3211ac517915128796795d59babb66bd05542182a3691c83a7e76ec772f48120457301a32c95b55134ff3ebd07a0210ef160f31b67765fc13a92ee8e17181ef35a083e2ad14689c48c370a51a7cd91bbd7878a8a63999ea2b2d3d5780f51b7c2817747642fab2a137ffee9a78b4560abaece7486321a6c7aed5b38ed0003ee672181f3f802b53eb3bd3c88f85d4a3ae565f263b3521dec5964246feb08ea10147b222910a42cd7294ab49aab6504afb1f577b1915187770f1987a370060866f941797a2f8eafd360a83dc41a2b13f02cd34cfb8e0f5bba0131595ebf22cc10fba3b425f8c945818d648c52dc9133961f543ee0d8d79ce955c710ecd642e39241a0a52d062fc5c85425be7a2092ac78df0b44939b4c841c3b73ef4ee7ec02b2c7ec5f4fc308aa43181c9a40e9dc2d8fd5d921fc2573055d7f84e709eaaa87046fecb5d19863b3fcb825ee1536197347bd2c71360205034cdf40e6f3ff4f7a4fa22eec33c41f32e01e2b11bd0ebd74f6876645e1bfea1ef9a203df68451ff91801007235fd0c528e221ada97197b97b7c8f3a3db3ecc5f695e77488acfaedcd4b93f4046e608d0cbd222f48f0b9ac5e7fcb044ee5298013e25de13093de3812e2440b0de813f2065cdbefb8293c5aad97c14925e9d7c85088d4fc919bb3bc3b59b88a179932d4fdf6ea8189ae944b03cb8c2219d12eb8825c205101f8e3b66531374f32a74c11b085beac3e1d1bb965613e4a2d03e30089804c1b4abecdf1025da6a8e72c9a59a8c29098554016914ccb6ed523b968d3c1570317607d943d78f335bd65f8d5f22200e7776b69d0c5af27fc99d32083eea542db8c90cf7385f3f89ced8d2af17278ae3589e30beaaa63744f6406ee73d3bc6980599e930034e954bfa77e90e459f602e91429c7ff530f80962039dad636c23c8b50968be318a8b11c131cebc854623e595819a328d3098bc40b9daba8f97738eb6086c8e6d42886973f7a91dfdc214be24b7ba9483543cccf2b53710ab9b9b4328f7d892a7b411fafe188a5142bb48c5c9c8c176f566a91b8dec64cbb11999339307f3a3c364d4a7daeb32314fb2a17086afcb7492eb28488b26948c0c381a21d38e33f7da128fa79d6ec25ede0369303295ded700cf4cf927561c72156f9bcd72683476cd8a00707b135b04ec1ec97a0c9442990ce9e6e3624caf371a3877e71f544cf980ae9c9324e6a351ce074e89dc22f9af93a12e3ade62641f333352fed297862cc15d7e2394361377817053d3324673c56d93147e6df69d5c13a31ee505ab3d46f6f990e4bf439bf151601459a6ca3f72218947b782f733d3bfc22564cc9980e9bcccd2c798848de9ed7fb5aea063172a0353d9febf65a7832ce764289d8d0cca8dab553d4f28a2436329bdb62dc001443a6f8d15aec94756b0bc19c00e54986053ca2fd86bd4d27dac7cfbcc3822139e69bb6194ecc93dda427de88f839fedaef5b11f690969b7d3ac6205d91d66220992b38ea439ebfc4ee3d690a9095c410a9ab66ac5aa90f949c1e4de33d61d5189370a32d2921826369d11e0de9a1c128e0f5ffd6be68cc17052228462bb0126088fd6b28135f514e35a560c103e881fc8bfb98b88c9412c19a9cf6c6c8426a8ef318e145b75dfdca0a3a6f095593a2fb79cfcc67044cd73ec8e33a1866bbc384991e9795a71e14bdaebb59ddd12b3c177d15103168065a65afb3ab58df30d482b8fe411d918076bcb25b417cb3889a31a68a89fd4669863fd228d06056b39fcf1fb85a4c740dcc615af86f272bf967e42deb5714e476d85dcacd491af51a88725a0fc866092369f5205100ba1c494b070e0e214d58c95d73bac673c0d474e2470f3228e022e407a536f37b53ec0f608c9cdb4ae8cbcc44d4f0a3c9c5a71cac3367133d1f8a21f6caa535b28714bd9b124ee1ba20dcdd45965e93e82677e5580b57927a888827b08cda86c5457f0eef9001b1f7e4feff853e2f6c3964ea61d5f1097fcb2a2eee5c34189458ceec4b8ad766941fe9f6ec0e4b8cf7d20fd29abd32c9183d038bcf4049e15062ac0eab8a5b8e83e7c9e41254319d22a3f69f01c535518ff9be178f484d99e5e399815793a0988fe17b61f2b7efd4b79874a01ac4f00bd7d170dcaf3f477a041721ba0a870f3fb9c6a540adcde2785c3d0a93cef089fcc166cf4358b41359ed2396e48e29233f283b41ee520208cd1cabeac14dbceb3c4cad0c43b34190413008fd98a4418b21c586fcd3ac083dd8d2cede2fed23a33294ada5d56042afe0b140caaaf0a3b2700911c3ddd748d09174f2760935f782ad05fa09ed70bbe9be3c1be15f76bf476668890b1e24a4ea53fbe3561ce12e89bb399b3b83bec4747c9876c9f9ae717f9d702c25d43d82f85365789530c2641e4709c1490a784f771caa04bb", 0x1000}, {&(0x7f0000000100)="9d28c9eefc6b57e6456b0a968d5c200b1359f9abfb29356089d6fee3a7df21fd5131ea4886532a50e2e98fababdcece586b97ad498d95ebdc12a43c0ee0743163ebfd73fd5bcb4ee072bb41c7edc7e8e202ed64e6ec3556b7b9ed1390f35cfe66e9e0df2cfd69ebe64c6054502c7b811e1228045ccc1650fb4630f985e725b7f6275c649f476caf314b912905fb0387461447b12fa0aa00e633647f9fad796d1508f89a9911cadbd0c7c2acc36e53262fdc138701be746cd6921912f0ebf553c0691cf", 0xc3}, {&(0x7f0000001300)="4be375b031fcef5541bdcf7a8f49abef26cadbdecf4ed0657c6ecb6506216708c793b417465d1de5a5e2d992da8fb646ca07282e06ed8c53cbd4b200022a9d274f0fae0b05d07ba0089f1a30a35277231ce4c1cb3050159b4cb10dc451deaafbae748ff61062ce08b51207d1fc157674af5e6877415e98f766c34c1bd863cb85e8aa49b8fc529288c475e057fddacaa5fcfdd0578d612a2967da1ca4169f32811886089e42c8d910fa0538fe97cb0a5e1eeb5749aa9ec75a5a59a97103fca7bf7854e36bfc833979374c8a3a473726a3b612", 0xd2}, {&(0x7f0000001400)="334a6a3748b31a0a2052a8d78287c073518dc9c81fcd12f659ecead0c017faa0c0b0c40e56a125fd7a5f6ee94e9a85cd7cf05c7b4079523edc960714db24a6b92e959496cdde95018b1c58f864a3aeadad7dbd8920a15f12acf6c84a7773655811080e885853e2a49e6c8d8e9a999c207cf6c24b4e81b8fa0b170de339cdeb27e630f160500683b9ae719cc80638bcaf876cf6cad56d46608c6269bf23f0286cd95b7c7a34b077fd22e9b4f6a8b1ceefd78e5a5b850a55dc226d43d55fc7f3bdb703264b629eaa46f946228b4269daee", 0xd0}, {&(0x7f0000000200)="357b33164f11c868e2a25d0782e9a8fa0e4b3722461d1e34af01d5e7f4557ab340e11223469cd6057c3a7f272cea8b7c8f760b62791df3da92bd3e22354f10c9f858768a6879e4a8135221", 0x4b}, {&(0x7f0000001500)="875daf36beda05c5308ba834871d3fa38869d5f078226ac93cc47d9eb1a91e2cef4cdcdeb6409c325261fb2894373618dfce09f7115aa7fc96bd665c9aeaa8a785148edaaf2a09a3c8a48557f49d328ef63b7085198b53bf85b25af8bc2bcb2f3c4cff51df500b4ede62f159e9ffe8173b72af2fcb95cc659d9766a4e5070b7fede9", 0x82}, {&(0x7f0000000040)="7468c7942afc743b37858abf015e53c78a07b368b4bb1ed7b7bb7c2b5a2f0e850c807a49bd53846accc439580bc6659241fcbd1d62074d0e9a2a", 0x3a}], 0x7, 0x4, 0x418, 0x8) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000009, 0x11, r1, 0xffffe000) pipe2(&(0x7f0000001640)={0xffffffffffffffff}, 0x84000) ioctl$AUTOFS_DEV_IOCTL_VERSION(r2, 0xc0189371, &(0x7f0000001680)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = fcntl$dupfd(r3, 0x0, r3) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) ioctl$MON_IOCT_RING_SIZE(r4, 0x9204, 0x10000578a7) 00:16:21 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 53) [ 1812.192836] FAULT_INJECTION: forcing a failure. [ 1812.192836] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1812.194714] CPU: 1 PID: 20343 Comm: syz-executor.1 Not tainted 5.10.232 #1 [ 1812.195725] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1812.196948] Call Trace: [ 1812.197350] dump_stack+0x107/0x167 [ 1812.197899] should_fail.cold+0x5/0xa [ 1812.198480] _copy_from_user+0x2e/0x1b0 [ 1812.199080] __copy_msghdr_from_user+0x91/0x4b0 [ 1812.199776] ? __ia32_sys_shutdown+0x80/0x80 [ 1812.200455] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 1812.201216] sendmsg_copy_msghdr+0xa1/0x160 [ 1812.201868] ? do_recvmmsg+0x6d0/0x6d0 [ 1812.202463] ? perf_trace_lock+0x2bd/0x490 [ 1812.203110] ? __lockdep_reset_lock+0x180/0x180 [ 1812.203815] ___sys_sendmsg+0xc6/0x170 [ 1812.204397] ? sendmsg_copy_msghdr+0x160/0x160 [ 1812.205060] ? __fget_files+0x2cf/0x520 [ 1812.205672] ? lock_downgrade+0x6d0/0x6d0 [ 1812.206286] ? find_held_lock+0x2c/0x110 [ 1812.206909] ? __fget_files+0x2f8/0x520 [ 1812.207508] ? __fget_light+0xea/0x290 [ 1812.208090] __sys_sendmsg+0xe5/0x1b0 [ 1812.208691] ? __sys_sendmsg_sock+0x40/0x40 [ 1812.209335] ? rcu_read_lock_any_held+0x75/0xa0 [ 1812.210019] ? fput_many+0x2f/0x1a0 [ 1812.210568] ? ksys_write+0x1a9/0x260 [ 1812.211111] ? __ia32_sys_read+0xb0/0xb0 [ 1812.211719] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1812.212502] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1812.213278] ? trace_hardirqs_on+0x5b/0x180 [ 1812.213930] do_syscall_64+0x33/0x40 [ 1812.214488] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1812.215251] RIP: 0033:0x7f6b601a6b19 [ 1812.215808] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1812.218538] RSP: 002b:00007f6b5d71c188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1812.219669] RAX: ffffffffffffffda RBX: 00007f6b602b9f60 RCX: 00007f6b601a6b19 [ 1812.220723] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000005 [ 1812.221769] RBP: 00007f6b5d71c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1812.222790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1812.223847] R13: 00007ffdf1ab221f R14: 00007f6b5d71c300 R15: 0000000000022000 [ 1812.262740] FAULT_INJECTION: forcing a failure. [ 1812.262740] name failslab, interval 1, probability 0, space 0, times 0 [ 1812.265561] CPU: 0 PID: 20363 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1812.267188] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1812.269307] Call Trace: [ 1812.270039] dump_stack+0x107/0x167 [ 1812.270940] should_fail.cold+0x5/0xa [ 1812.271836] ? xas_alloc+0x336/0x440 [ 1812.272669] should_failslab+0x5/0x20 [ 1812.273547] kmem_cache_alloc+0x5b/0x310 [ 1812.274474] xas_alloc+0x336/0x440 [ 1812.275287] xas_create+0x34a/0x10d0 [ 1812.276140] ? kernel_text_address+0xf2/0x120 [ 1812.277157] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1812.278346] xas_store+0x8c/0x1c40 [ 1812.279167] __xa_store+0x164/0x2d0 [ 1812.279983] ? xa_delete_node+0x280/0x280 [ 1812.280916] ? trace_hardirqs_on+0x5b/0x180 [ 1812.281878] xa_store+0x31/0x50 [ 1812.282639] __io_uring_add_tctx_node+0x1cf/0x520 [ 1812.283744] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1812.284977] ? alloc_fd+0x2e7/0x670 [ 1812.285852] io_uring_setup+0x1fbb/0x2980 [ 1812.286788] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1812.287471] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1812.288028] ? wait_for_completion_io+0x270/0x270 [ 1812.288794] print_req_error: 22 callbacks suppressed [ 1812.288807] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1812.290004] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1812.290783] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1812.292971] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1812.292994] do_syscall_64+0x33/0x40 [ 1812.293015] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1812.293771] buffer_io_error: 6 callbacks suppressed [ 1812.293779] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1812.296265] RIP: 0033:0x7f347623eb19 [ 1812.296290] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1812.299314] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1812.300040] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 [ 1812.301126] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1812.301916] ORIG_RAX: 00000000000001a9 [ 1812.304566] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1812.305655] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1812.305667] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1812.305679] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1812.305694] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1812.306431] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1812.309071] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 [ 1812.315011] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1812.316656] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1812.319932] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1812.321930] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1812.322692] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1812.324564] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1812.325347] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1812.327200] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1812.327960] blk_update_request: I/O error, dev sr0, sector 2096901 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1812.329783] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1812.330554] blk_update_request: I/O error, dev sr0, sector 2096902 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1812.331218] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1812.332420] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1812.334873] blk_update_request: I/O error, dev sr0, sector 2096903 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1812.336615] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1812.337693] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1812.338718] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1812.339752] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1812.340783] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1812.341822] Buffer I/O error on dev loop4, logical block 2096903, async page read [ 1813.062343] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. 00:16:36 executing program 4: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:16:36 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) (fail_nth: 1) 00:16:36 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:16:36 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2, 0x10, 0xffffffffffffffff, 0x0) r2 = socket$inet6_icmp(0xa, 0x2, 0x3a) syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_SEND={0x1a, 0x2, 0x0, r2, 0x0, &(0x7f0000000100)="766cf466f2a3dd8a1d05428131b8af3e3f2c42ea6bfe3a83a6e2ea417700326f40207109bdf70cf577d58c9839fbcdf84cc95a3fcb6cd000a84ce2f8c789de6fe6146a89fad029710801b15c20fdf93430493d80b0fe0e6a429ac6399816e54ac21f7347d34093ec6b61c2b3c10f0051ebe082dbaf17c3530fcd98264b7b4d67d3542f418ff936443b38e883b40cb56fdbcbb589fac6fd7fc85321bfbc88c4f7a894a3497d4d997498c7e7e1ac4c679ef293edc6db0f5efd12eb4ac7e03394e48b", 0xc1, 0x200488d0, 0x1}, 0x2) 00:16:36 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 54) 00:16:36 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000), 0x0) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:16:36 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x3000000, 0x100010, r0, 0x7824a000) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:16:36 executing program 1: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) (fail_nth: 2) 00:16:36 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) ioctl$MON_IOCX_MFETCH(r0, 0xc0109207, &(0x7f0000000040)={&(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0], 0x4, 0xfffffffb}) [ 1826.468887] FAULT_INJECTION: forcing a failure. [ 1826.468887] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1826.471686] CPU: 1 PID: 20386 Comm: syz-executor.1 Not tainted 5.10.232 #1 [ 1826.473280] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1826.475217] FAULT_INJECTION: forcing a failure. [ 1826.475217] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1826.475242] Call Trace: [ 1826.478708] dump_stack+0x107/0x167 [ 1826.479564] should_fail.cold+0x5/0xa [ 1826.480464] _copy_from_user+0x2e/0x1b0 [ 1826.481395] iovec_from_user+0x141/0x400 [ 1826.482365] __import_iovec+0x67/0x590 [ 1826.483270] ? __ia32_sys_shutdown+0x80/0x80 [ 1826.484315] import_iovec+0x83/0xb0 [ 1826.485177] sendmsg_copy_msghdr+0x131/0x160 [ 1826.486209] ? do_recvmmsg+0x6d0/0x6d0 [ 1826.487116] ? perf_trace_lock+0x2bd/0x490 [ 1826.488118] ? __lockdep_reset_lock+0x180/0x180 [ 1826.489212] ___sys_sendmsg+0xc6/0x170 [ 1826.490134] ? sendmsg_copy_msghdr+0x160/0x160 [ 1826.491210] ? __fget_files+0x2cf/0x520 [ 1826.492136] ? lock_downgrade+0x6d0/0x6d0 [ 1826.493104] ? find_held_lock+0x2c/0x110 [ 1826.494083] ? __fget_files+0x2f8/0x520 [ 1826.495031] ? __fget_light+0xea/0x290 [ 1826.495956] __sys_sendmsg+0xe5/0x1b0 [ 1826.496843] ? __sys_sendmsg_sock+0x40/0x40 [ 1826.497862] ? rcu_read_lock_any_held+0x75/0xa0 [ 1826.498948] ? fput_many+0x2f/0x1a0 [ 1826.499800] ? ksys_write+0x1a9/0x260 [ 1826.500705] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1826.501932] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1826.503123] ? trace_hardirqs_on+0x5b/0x180 [ 1826.504136] do_syscall_64+0x33/0x40 [ 1826.505003] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1826.506203] RIP: 0033:0x7f6b601a6b19 [ 1826.507070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1826.511337] RSP: 002b:00007f6b5d71c188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1826.513101] RAX: ffffffffffffffda RBX: 00007f6b602b9f60 RCX: 00007f6b601a6b19 [ 1826.514758] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000005 [ 1826.516405] RBP: 00007f6b5d71c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1826.518065] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1826.519714] R13: 00007ffdf1ab221f R14: 00007f6b5d71c300 R15: 0000000000022000 [ 1826.521427] CPU: 0 PID: 20392 Comm: syz-executor.2 Not tainted 5.10.232 #1 [ 1826.523189] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1826.523915] FAULT_INJECTION: forcing a failure. [ 1826.523915] name failslab, interval 1, probability 0, space 0, times 0 [ 1826.525218] Call Trace: [ 1826.525254] dump_stack+0x107/0x167 [ 1826.525286] should_fail.cold+0x5/0xa [ 1826.530248] _copy_from_user+0x2e/0x1b0 [ 1826.531244] __copy_msghdr_from_user+0x91/0x4b0 [ 1826.532394] ? __ia32_sys_shutdown+0x80/0x80 [ 1826.533509] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 1826.534764] sendmsg_copy_msghdr+0xa1/0x160 [ 1826.535826] ? do_recvmmsg+0x6d0/0x6d0 [ 1826.536791] ? perf_trace_lock+0x2bd/0x490 [ 1826.537860] ? __lockdep_reset_lock+0x180/0x180 [ 1826.539019] ___sys_sendmsg+0xc6/0x170 [ 1826.539983] ? sendmsg_copy_msghdr+0x160/0x160 [ 1826.541118] ? __fget_files+0x2cf/0x520 [ 1826.542105] ? lock_downgrade+0x6d0/0x6d0 [ 1826.543129] ? find_held_lock+0x2c/0x110 [ 1826.544155] ? __fget_files+0x2f8/0x520 [ 1826.545156] ? __fget_light+0xea/0x290 [ 1826.546144] __sys_sendmsg+0xe5/0x1b0 [ 1826.547085] ? __sys_sendmsg_sock+0x40/0x40 [ 1826.548143] ? rcu_read_lock_any_held+0x75/0xa0 [ 1826.549295] ? fput_many+0x2f/0x1a0 [ 1826.550205] ? ksys_write+0x1a9/0x260 [ 1826.551146] ? __ia32_sys_read+0xb0/0xb0 [ 1826.552156] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1826.553443] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1826.554714] ? trace_hardirqs_on+0x5b/0x180 [ 1826.555786] do_syscall_64+0x33/0x40 [ 1826.556703] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1826.557970] RIP: 0033:0x7f7e9f951b19 [ 1826.558891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1826.563400] RSP: 002b:00007f7e9cec7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1826.565267] RAX: ffffffffffffffda RBX: 00007f7e9fa64f60 RCX: 00007f7e9f951b19 [ 1826.567025] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000005 [ 1826.568769] RBP: 00007f7e9cec71d0 R08: 0000000000000000 R09: 0000000000000000 [ 1826.570522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1826.572273] R13: 00007ffd49bc8f6f R14: 00007f7e9cec7300 R15: 0000000000022000 [ 1826.574094] CPU: 1 PID: 20389 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1826.575718] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1826.577643] Call Trace: [ 1826.578261] dump_stack+0x107/0x167 [ 1826.579105] should_fail.cold+0x5/0xa [ 1826.579988] ? create_object.isra.0+0x3a/0xa20 [ 1826.581044] should_failslab+0x5/0x20 [ 1826.581931] kmem_cache_alloc+0x5b/0x310 [ 1826.582868] ? mark_held_locks+0x9e/0xe0 [ 1826.583822] create_object.isra.0+0x3a/0xa20 [ 1826.584832] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1826.586013] kmem_cache_alloc+0x159/0x310 [ 1826.586976] xas_alloc+0x336/0x440 [ 1826.587798] xas_create+0x34a/0x10d0 [ 1826.588665] ? kernel_text_address+0xf2/0x120 [ 1826.589707] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1826.590917] xas_store+0x8c/0x1c40 [ 1826.591752] __xa_store+0x164/0x2d0 [ 1826.592592] ? xa_delete_node+0x280/0x280 [ 1826.593565] ? trace_hardirqs_on+0x5b/0x180 [ 1826.594568] xa_store+0x31/0x50 [ 1826.595335] __io_uring_add_tctx_node+0x1cf/0x520 [ 1826.596445] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1826.597655] ? alloc_fd+0x2e7/0x670 [ 1826.598506] io_uring_setup+0x1fbb/0x2980 [ 1826.599472] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1826.600639] ? wait_for_completion_io+0x270/0x270 [ 1826.601784] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1826.602990] ? syscall_enter_from_user_mode+0x1d/0x50 00:16:36 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1826.604179] do_syscall_64+0x33/0x40 [ 1826.605259] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1826.606460] RIP: 0033:0x7f347623eb19 [ 1826.607319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1826.611574] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1826.613335] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1826.614989] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1826.616640] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1826.618298] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 00:16:36 executing program 4: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1826.619944] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:16:36 executing program 5: r0 = epoll_create1(0x0) r1 = epoll_create(0x3ff) r2 = syz_open_procfs$namespace(0x0, &(0x7f00000003c0)='ns/cgroup\x00') epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000400)={0xd0000007}) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) connect$inet6(0xffffffffffffffff, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000000)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0)}, 0x5, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000200)={0x20000001}) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000004, 0x10, r3, 0x10000000) r5 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000002c0), 0x539002, 0x0) syz_io_uring_submit(0x0, r4, &(0x7f0000000380)=@IORING_OP_POLL_ADD={0x6, 0x1, 0x0, @fd=r5, 0x0, 0x0, 0x0, {0x8a}}, 0x3) socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r6, 0x0) ioctl$MON_IOCT_RING_SIZE(r6, 0x9204, 0x2a6b4) 00:16:36 executing program 4: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:16:36 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:16:36 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{0x0}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:16:36 executing program 1: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) (fail_nth: 3) [ 1826.818817] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1826.890378] FAULT_INJECTION: forcing a failure. [ 1826.890378] name failslab, interval 1, probability 0, space 0, times 0 [ 1826.893248] CPU: 0 PID: 20512 Comm: syz-executor.1 Not tainted 5.10.232 #1 [ 1826.894930] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1826.896937] Call Trace: [ 1826.897590] dump_stack+0x107/0x167 [ 1826.898475] should_fail.cold+0x5/0xa [ 1826.899398] ? __alloc_skb+0x6d/0x5b0 [ 1826.900318] should_failslab+0x5/0x20 [ 1826.901243] kmem_cache_alloc_node+0x55/0x330 [ 1826.902349] __alloc_skb+0x6d/0x5b0 [ 1826.903242] netlink_sendmsg+0x998/0xdf0 [ 1826.904248] ? netlink_unicast+0x7f0/0x7f0 [ 1826.905302] ? netlink_unicast+0x7f0/0x7f0 [ 1826.906342] __sock_sendmsg+0x154/0x190 [ 1826.907308] ____sys_sendmsg+0x70d/0x870 [ 1826.908304] ? sock_write_iter+0x3d0/0x3d0 [ 1826.909321] ? do_recvmmsg+0x6d0/0x6d0 [ 1826.910268] ? perf_trace_lock+0x2bd/0x490 [ 1826.911303] ? __lockdep_reset_lock+0x180/0x180 [ 1826.912437] ___sys_sendmsg+0xf3/0x170 [ 1826.913382] ? sendmsg_copy_msghdr+0x160/0x160 [ 1826.914505] ? __fget_files+0x2cf/0x520 [ 1826.915476] ? lock_downgrade+0x6d0/0x6d0 [ 1826.916489] ? find_held_lock+0x2c/0x110 [ 1826.917499] ? __fget_files+0x2f8/0x520 [ 1826.918500] ? __fget_light+0xea/0x290 [ 1826.919466] __sys_sendmsg+0xe5/0x1b0 [ 1826.920396] ? __sys_sendmsg_sock+0x40/0x40 [ 1826.921440] ? rcu_read_lock_any_held+0x75/0xa0 [ 1826.922623] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1826.923894] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1826.925137] ? trace_hardirqs_on+0x5b/0x180 [ 1826.926212] do_syscall_64+0x33/0x40 [ 1826.927123] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1826.928369] RIP: 0033:0x7f6b601a6b19 [ 1826.929270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1826.933718] RSP: 002b:00007f6b5d71c188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1826.935562] RAX: ffffffffffffffda RBX: 00007f6b602b9f60 RCX: 00007f6b601a6b19 [ 1826.937302] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000005 [ 1826.939037] RBP: 00007f6b5d71c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1826.940766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1826.942503] R13: 00007ffdf1ab221f R14: 00007f6b5d71c300 R15: 0000000000022000 [ 1827.316185] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1827.317609] print_req_error: 6 callbacks suppressed [ 1827.317629] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1827.321034] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1827.323291] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1827.332310] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1827.333491] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1827.337062] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1827.339344] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1827.347843] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1827.349046] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1827.351502] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1827.351542] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1827.354200] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1827.355299] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1827.359337] blk_update_request: I/O error, dev loop4, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1827.359387] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1827.361980] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1827.363109] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1827.367179] blk_update_request: I/O error, dev loop4, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1827.367475] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1827.369832] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1827.371121] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1827.372940] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1827.374721] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1827.375830] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1827.378906] Buffer I/O error on dev loop4, logical block 2096903, async page read [ 1827.413859] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1827.416409] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1827.418954] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1827.420455] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1827.422258] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1827.424013] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1827.425380] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1827.427343] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1827.428750] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1827.430231] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1827.459076] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1827.460811] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1827.462123] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1827.463371] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1827.464616] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1827.465884] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1827.467167] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1827.468457] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1840.786220] FAULT_INJECTION: forcing a failure. [ 1840.786220] name failslab, interval 1, probability 0, space 0, times 0 [ 1840.787682] CPU: 1 PID: 20623 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1840.788536] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1840.789554] Call Trace: [ 1840.789883] dump_stack+0x107/0x167 [ 1840.790341] should_fail.cold+0x5/0xa [ 1840.790819] ? xas_alloc+0x336/0x440 [ 1840.791285] should_failslab+0x5/0x20 [ 1840.791761] kmem_cache_alloc+0x5b/0x310 [ 1840.792279] xas_alloc+0x336/0x440 [ 1840.792725] xas_create+0x34a/0x10d0 [ 1840.793197] ? kernel_text_address+0xf2/0x120 [ 1840.793765] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1840.794422] xas_store+0x8c/0x1c40 [ 1840.794871] __xa_store+0x164/0x2d0 [ 1840.795326] ? xa_delete_node+0x280/0x280 [ 1840.795855] ? trace_hardirqs_on+0x5b/0x180 [ 1840.796401] xa_store+0x31/0x50 [ 1840.796825] __io_uring_add_tctx_node+0x1cf/0x520 [ 1840.797422] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1840.798077] ? alloc_fd+0x2e7/0x670 [ 1840.798535] io_uring_setup+0x1fbb/0x2980 [ 1840.799056] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1840.799698] ? wait_for_completion_io+0x270/0x270 [ 1840.800329] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1840.801238] ? syscall_enter_from_user_mode+0x1d/0x50 00:16:50 executing program 4: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:16:50 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:16:50 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) pwrite64(r0, &(0x7f0000000300)="5fd7921614fa1b8135372278ce3b57fee81c145b2208149edc9e82fc8c464844183a54e6f8753cbd72a1a1ee704ec2891f8df2edffce36580116d148fba9e6c2d6eb138b86a83efa8d5b005b69a60efeb7944d8b3714ccf1703061326e78f05595", 0x61, 0x199a45c3) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) statx(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x400, 0x200, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x40, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {}, 0x2c, {[{@mmap}], [{@euid_eq={'euid', 0x3d, r3}}, {@smackfsdef={'smackfsdef', 0x3d, '/dev/usbmon#\x00'}}]}}) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:16:50 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{0x0}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:16:50 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 55) [ 1840.802018] do_syscall_64+0x33/0x40 [ 1840.802543] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1840.803202] RIP: 0033:0x7f347623eb19 [ 1840.803678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1840.806039] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1840.807012] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1840.807923] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1840.808836] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1840.809710] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1840.810628] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 [ 1840.831530] FAULT_INJECTION: forcing a failure. [ 1840.831530] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1840.833043] CPU: 1 PID: 20632 Comm: syz-executor.2 Not tainted 5.10.232 #1 [ 1840.833921] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1840.834953] Call Trace: [ 1840.835293] dump_stack+0x107/0x167 [ 1840.835759] should_fail.cold+0x5/0xa [ 1840.836252] _copy_from_user+0x2e/0x1b0 [ 1840.836768] iovec_from_user+0x141/0x400 [ 1840.837296] __import_iovec+0x67/0x590 [ 1840.837799] ? __ia32_sys_shutdown+0x80/0x80 [ 1840.838448] import_iovec+0x83/0xb0 [ 1840.838967] sendmsg_copy_msghdr+0x131/0x160 [ 1840.839534] ? do_recvmmsg+0x6d0/0x6d0 [ 1840.840034] ? perf_trace_lock+0x2bd/0x490 00:16:50 executing program 5: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) ioctl$MON_IOCX_MFETCH(r0, 0xc0109207, &(0x7f0000000040)={&(0x7f0000000000)=[0x0], 0x1}) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:16:50 executing program 1: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) (fail_nth: 4) 00:16:50 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) (fail_nth: 2) [ 1840.840593] ? __lockdep_reset_lock+0x180/0x180 [ 1840.841395] ___sys_sendmsg+0xc6/0x170 [ 1840.841880] ? sendmsg_copy_msghdr+0x160/0x160 [ 1840.842460] ? __fget_files+0x2cf/0x520 [ 1840.842952] ? lock_downgrade+0x6d0/0x6d0 [ 1840.843466] ? find_held_lock+0x2c/0x110 [ 1840.843979] ? __fget_files+0x2f8/0x520 [ 1840.844479] ? __fget_light+0xea/0x290 [ 1840.844973] __sys_sendmsg+0xe5/0x1b0 [ 1840.845441] ? __sys_sendmsg_sock+0x40/0x40 [ 1840.845972] ? rcu_read_lock_any_held+0x75/0xa0 [ 1840.846555] ? fput_many+0x2f/0x1a0 [ 1840.847005] ? ksys_write+0x1a9/0x260 [ 1840.847479] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1840.848118] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1840.848744] ? trace_hardirqs_on+0x5b/0x180 [ 1840.849276] do_syscall_64+0x33/0x40 [ 1840.849735] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1840.850369] RIP: 0033:0x7f7e9f951b19 [ 1840.850824] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1840.853064] RSP: 002b:00007f7e9cec7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1840.853998] RAX: ffffffffffffffda RBX: 00007f7e9fa64f60 RCX: 00007f7e9f951b19 [ 1840.854870] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000005 [ 1840.855739] RBP: 00007f7e9cec71d0 R08: 0000000000000000 R09: 0000000000000000 [ 1840.856607] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1840.857486] R13: 00007ffd49bc8f6f R14: 00007f7e9cec7300 R15: 0000000000022000 00:16:50 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1840.880644] FAULT_INJECTION: forcing a failure. [ 1840.880644] name failslab, interval 1, probability 0, space 0, times 0 [ 1840.883717] CPU: 0 PID: 20637 Comm: syz-executor.1 Not tainted 5.10.232 #1 [ 1840.885447] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1840.887536] Call Trace: [ 1840.888208] dump_stack+0x107/0x167 [ 1840.889123] should_fail.cold+0x5/0xa [ 1840.890098] ? create_object.isra.0+0x3a/0xa20 [ 1840.891232] should_failslab+0x5/0x20 [ 1840.892174] kmem_cache_alloc+0x5b/0x310 [ 1840.893192] create_object.isra.0+0x3a/0xa20 [ 1840.894292] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1840.895564] kmem_cache_alloc_node+0x169/0x330 [ 1840.896725] __alloc_skb+0x6d/0x5b0 [ 1840.897622] netlink_sendmsg+0x998/0xdf0 [ 1840.898667] ? netlink_unicast+0x7f0/0x7f0 [ 1840.899759] ? netlink_unicast+0x7f0/0x7f0 [ 1840.900812] __sock_sendmsg+0x154/0x190 [ 1840.901815] ____sys_sendmsg+0x70d/0x870 [ 1840.902848] ? sock_write_iter+0x3d0/0x3d0 [ 1840.903893] ? do_recvmmsg+0x6d0/0x6d0 [ 1840.904866] ? perf_trace_lock+0x2bd/0x490 [ 1840.905932] ? __lockdep_reset_lock+0x180/0x180 [ 1840.907125] ___sys_sendmsg+0xf3/0x170 [ 1840.908095] ? sendmsg_copy_msghdr+0x160/0x160 [ 1840.909233] ? __fget_files+0x2cf/0x520 [ 1840.910239] ? lock_downgrade+0x6d0/0x6d0 [ 1840.911280] ? find_held_lock+0x2c/0x110 [ 1840.912304] ? __fget_files+0x2f8/0x520 [ 1840.913304] ? __fget_light+0xea/0x290 [ 1840.914318] __sys_sendmsg+0xe5/0x1b0 [ 1840.915255] ? __sys_sendmsg_sock+0x40/0x40 [ 1840.916316] ? rcu_read_lock_any_held+0x75/0xa0 [ 1840.917501] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1840.918845] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1840.920122] ? trace_hardirqs_on+0x5b/0x180 [ 1840.921188] do_syscall_64+0x33/0x40 [ 1840.922189] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1840.923474] RIP: 0033:0x7f6b601a6b19 [ 1840.924392] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1840.928959] RSP: 002b:00007f6b5d71c188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1840.930901] RAX: ffffffffffffffda RBX: 00007f6b602b9f60 RCX: 00007f6b601a6b19 [ 1840.932894] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000005 [ 1840.935022] RBP: 00007f6b5d71c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1840.937121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1840.939230] R13: 00007ffdf1ab221f R14: 00007f6b5d71c300 R15: 0000000000022000 00:16:50 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:16:50 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) (fail_nth: 3) 00:16:50 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 56) 00:16:50 executing program 4: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1840.984269] FAULT_INJECTION: forcing a failure. [ 1840.984269] name failslab, interval 1, probability 0, space 0, times 0 [ 1840.985644] CPU: 1 PID: 20707 Comm: syz-executor.2 Not tainted 5.10.232 #1 [ 1840.986449] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1840.987401] Call Trace: [ 1840.987724] dump_stack+0x107/0x167 [ 1840.988170] should_fail.cold+0x5/0xa [ 1840.988629] ? __alloc_skb+0x6d/0x5b0 [ 1840.989089] should_failslab+0x5/0x20 [ 1840.989547] kmem_cache_alloc_node+0x55/0x330 [ 1840.990100] __alloc_skb+0x6d/0x5b0 [ 1840.990547] netlink_sendmsg+0x998/0xdf0 [ 1840.991038] ? netlink_unicast+0x7f0/0x7f0 [ 1840.991556] ? netlink_unicast+0x7f0/0x7f0 [ 1840.992062] __sock_sendmsg+0x154/0x190 [ 1840.992538] ____sys_sendmsg+0x70d/0x870 [ 1840.993026] ? sock_write_iter+0x3d0/0x3d0 [ 1840.993533] ? do_recvmmsg+0x6d0/0x6d0 [ 1840.993748] FAULT_INJECTION: forcing a failure. [ 1840.993748] name failslab, interval 1, probability 0, space 0, times 0 [ 1840.994026] ? perf_trace_lock+0x2bd/0x490 [ 1840.997286] ? __lockdep_reset_lock+0x180/0x180 [ 1840.997849] ___sys_sendmsg+0xf3/0x170 [ 1840.998321] ? sendmsg_copy_msghdr+0x160/0x160 [ 1840.998872] ? __fget_files+0x2cf/0x520 [ 1840.999349] ? lock_downgrade+0x6d0/0x6d0 [ 1840.999846] ? find_held_lock+0x2c/0x110 [ 1841.000343] ? __fget_files+0x2f8/0x520 [ 1841.000826] ? __fget_light+0xea/0x290 [ 1841.001301] __sys_sendmsg+0xe5/0x1b0 [ 1841.001758] ? __sys_sendmsg_sock+0x40/0x40 [ 1841.002277] ? rcu_read_lock_any_held+0x75/0xa0 [ 1841.002850] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1841.003478] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1841.004089] ? trace_hardirqs_on+0x5b/0x180 [ 1841.004606] do_syscall_64+0x33/0x40 [ 1841.005052] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1841.005661] RIP: 0033:0x7f7e9f951b19 [ 1841.006112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1841.008280] RSP: 002b:00007f7e9cec7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1841.009184] RAX: ffffffffffffffda RBX: 00007f7e9fa64f60 RCX: 00007f7e9f951b19 [ 1841.010033] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000005 [ 1841.010873] RBP: 00007f7e9cec71d0 R08: 0000000000000000 R09: 0000000000000000 [ 1841.011712] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1841.012555] R13: 00007ffd49bc8f6f R14: 00007f7e9cec7300 R15: 0000000000022000 [ 1841.013437] CPU: 0 PID: 20708 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1841.015204] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1841.017271] Call Trace: [ 1841.017947] dump_stack+0x107/0x167 [ 1841.018873] should_fail.cold+0x5/0xa [ 1841.019826] ? create_object.isra.0+0x3a/0xa20 [ 1841.020964] should_failslab+0x5/0x20 [ 1841.021923] kmem_cache_alloc+0x5b/0x310 [ 1841.022951] ? mark_held_locks+0x9e/0xe0 [ 1841.023965] create_object.isra.0+0x3a/0xa20 [ 1841.025056] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1841.026337] kmem_cache_alloc+0x159/0x310 [ 1841.027373] xas_alloc+0x336/0x440 [ 1841.028264] xas_create+0x34a/0x10d0 [ 1841.029202] ? kernel_text_address+0xf2/0x120 [ 1841.030344] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1841.031639] xas_store+0x8c/0x1c40 [ 1841.032539] __xa_store+0x164/0x2d0 [ 1841.033450] ? xa_delete_node+0x280/0x280 [ 1841.034514] ? trace_hardirqs_on+0x5b/0x180 [ 1841.035687] xa_store+0x31/0x50 [ 1841.036708] __io_uring_add_tctx_node+0x1cf/0x520 [ 1841.038200] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1841.039792] ? alloc_fd+0x2e7/0x670 [ 1841.040831] io_uring_setup+0x1fbb/0x2980 [ 1841.041923] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1841.043313] ? wait_for_completion_io+0x270/0x270 [ 1841.044537] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1841.045853] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1841.047143] do_syscall_64+0x33/0x40 [ 1841.048065] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1841.049346] RIP: 0033:0x7f347623eb19 [ 1841.050282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1841.054856] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1841.056757] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1841.058547] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1841.060313] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1841.062106] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1841.063878] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:16:50 executing program 1: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) (fail_nth: 5) 00:16:50 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{0x0}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:16:50 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000000)={0x0, 0x3, 0x8, 0x9}) ioctl$MON_IOCT_RING_SIZE(r2, 0x9204, 0x2a6b0) 00:16:50 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:16:50 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) (fail_nth: 4) [ 1841.140290] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1841.172308] FAULT_INJECTION: forcing a failure. [ 1841.172308] name failslab, interval 1, probability 0, space 0, times 0 [ 1841.173643] CPU: 1 PID: 20761 Comm: syz-executor.1 Not tainted 5.10.232 #1 [ 1841.174450] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1841.175387] Call Trace: [ 1841.175697] dump_stack+0x107/0x167 [ 1841.176127] should_fail.cold+0x5/0xa [ 1841.176577] should_failslab+0x5/0x20 [ 1841.177025] __kmalloc_node_track_caller+0x74/0x3b0 [ 1841.177612] ? netlink_sendmsg+0x998/0xdf0 [ 1841.178120] __alloc_skb+0xb1/0x5b0 [ 1841.178542] netlink_sendmsg+0x998/0xdf0 [ 1841.179014] ? netlink_unicast+0x7f0/0x7f0 [ 1841.179511] ? netlink_unicast+0x7f0/0x7f0 [ 1841.180004] __sock_sendmsg+0x154/0x190 [ 1841.180465] ____sys_sendmsg+0x70d/0x870 [ 1841.180939] ? sock_write_iter+0x3d0/0x3d0 [ 1841.181431] ? do_recvmmsg+0x6d0/0x6d0 [ 1841.181887] ? lock_downgrade+0x6d0/0x6d0 [ 1841.182379] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1841.182991] ___sys_sendmsg+0xf3/0x170 [ 1841.183445] ? sendmsg_copy_msghdr+0x160/0x160 [ 1841.183975] ? __fget_files+0x2cf/0x520 [ 1841.184436] ? lock_downgrade+0x6d0/0x6d0 [ 1841.184916] ? find_held_lock+0x2c/0x110 [ 1841.185395] ? __fget_files+0x2f8/0x520 [ 1841.185863] ? __fget_light+0xea/0x290 [ 1841.186387] __sys_sendmsg+0xe5/0x1b0 [ 1841.186898] ? __sys_sendmsg_sock+0x40/0x40 [ 1841.187401] ? rcu_read_lock_any_held+0x75/0xa0 [ 1841.187953] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1841.188571] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1841.189172] ? trace_hardirqs_on+0x5b/0x180 [ 1841.189671] do_syscall_64+0x33/0x40 [ 1841.190114] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1841.190713] RIP: 0033:0x7f6b601a6b19 [ 1841.191144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1841.193278] RSP: 002b:00007f6b5d6fb188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1841.194172] RAX: ffffffffffffffda RBX: 00007f6b602ba020 RCX: 00007f6b601a6b19 [ 1841.195019] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004 [ 1841.195864] RBP: 00007f6b5d6fb1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1841.196710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1841.197556] R13: 00007ffdf1ab221f R14: 00007f6b5d6fb300 R15: 0000000000022000 [ 1841.209039] FAULT_INJECTION: forcing a failure. [ 1841.209039] name failslab, interval 1, probability 0, space 0, times 0 [ 1841.211911] CPU: 0 PID: 20765 Comm: syz-executor.2 Not tainted 5.10.232 #1 [ 1841.213644] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1841.215720] Call Trace: [ 1841.216384] dump_stack+0x107/0x167 [ 1841.217322] should_fail.cold+0x5/0xa [ 1841.218296] ? create_object.isra.0+0x3a/0xa20 [ 1841.219445] should_failslab+0x5/0x20 [ 1841.220403] kmem_cache_alloc+0x5b/0x310 [ 1841.221448] create_object.isra.0+0x3a/0xa20 [ 1841.222552] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1841.223841] kmem_cache_alloc_node+0x169/0x330 [ 1841.225012] __alloc_skb+0x6d/0x5b0 [ 1841.225937] netlink_sendmsg+0x998/0xdf0 [ 1841.226994] ? netlink_unicast+0x7f0/0x7f0 [ 1841.228079] ? netlink_unicast+0x7f0/0x7f0 [ 1841.229160] __sock_sendmsg+0x154/0x190 [ 1841.230173] ____sys_sendmsg+0x70d/0x870 [ 1841.231195] ? sock_write_iter+0x3d0/0x3d0 [ 1841.232248] ? do_recvmmsg+0x6d0/0x6d0 [ 1841.233241] ? perf_trace_lock+0x2bd/0x490 [ 1841.234332] ? __lockdep_reset_lock+0x180/0x180 [ 1841.235515] ___sys_sendmsg+0xf3/0x170 [ 1841.236499] ? sendmsg_copy_msghdr+0x160/0x160 [ 1841.237666] ? __fget_files+0x2cf/0x520 [ 1841.238677] ? lock_downgrade+0x6d0/0x6d0 [ 1841.239734] ? find_held_lock+0x2c/0x110 [ 1841.240976] ? __fget_files+0x2f8/0x520 [ 1841.242263] ? __fget_light+0xea/0x290 [ 1841.243517] __sys_sendmsg+0xe5/0x1b0 [ 1841.244705] ? __sys_sendmsg_sock+0x40/0x40 [ 1841.245968] ? rcu_read_lock_any_held+0x75/0xa0 [ 1841.247212] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1841.248701] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1841.249995] ? trace_hardirqs_on+0x5b/0x180 [ 1841.251116] do_syscall_64+0x33/0x40 [ 1841.252053] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1841.253327] RIP: 0033:0x7f7e9f951b19 [ 1841.254271] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1841.258887] RSP: 002b:00007f7e9cec7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1841.260787] RAX: ffffffffffffffda RBX: 00007f7e9fa64f60 RCX: 00007f7e9f951b19 [ 1841.262570] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000005 [ 1841.264372] RBP: 00007f7e9cec71d0 R08: 0000000000000000 R09: 0000000000000000 [ 1841.266169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1841.267941] R13: 00007ffd49bc8f6f R14: 00007f7e9cec7300 R15: 0000000000022000 [ 1841.457969] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1841.458925] print_req_error: 38 callbacks suppressed [ 1841.458936] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1841.460830] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1841.460836] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1841.460860] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1841.463529] buffer_io_error: 14 callbacks suppressed [ 1841.463542] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1841.464152] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1841.466791] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1841.466807] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1841.467471] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1841.473208] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1841.473423] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1841.475810] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1841.476424] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1841.479483] blk_update_request: I/O error, dev loop4, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1841.479501] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1841.482123] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1841.482688] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1841.485724] blk_update_request: I/O error, dev loop4, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1841.485758] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1841.488324] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1841.488947] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1841.490796] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1841.491490] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1841.493197] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1841.495721] Buffer I/O error on dev loop4, logical block 2096903, async page read [ 1841.522430] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1841.523202] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1841.523211] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1841.523277] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1841.525205] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1841.525738] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1841.528501] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1841.529208] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1841.529870] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1841.530568] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 00:17:06 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 57) 00:17:06 executing program 5: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:17:06 executing program 1: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) (fail_nth: 6) 00:17:06 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) r1 = syz_io_uring_complete(0x0) ioctl$MON_IOCT_RING_SIZE(r1, 0x9204, 0x2a694) pipe(&(0x7f0000000ac0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$MON_IOCX_GET(r2, 0x40189206, &(0x7f0000000c00)={&(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000b40)=""/130, 0x82}) 00:17:06 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:17:06 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) (fail_nth: 5) 00:17:06 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(0xffffffffffffffff, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) [ 1857.250177] FAULT_INJECTION: forcing a failure. [ 1857.250177] name failslab, interval 1, probability 0, space 0, times 0 [ 1857.251464] CPU: 1 PID: 20882 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1857.251779] FAULT_INJECTION: forcing a failure. [ 1857.251779] name failslab, interval 1, probability 0, space 0, times 0 [ 1857.252203] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1857.252208] Call Trace: [ 1857.252225] dump_stack+0x107/0x167 [ 1857.252238] should_fail.cold+0x5/0xa [ 1857.252251] ? xas_alloc+0x336/0x440 [ 1857.252265] should_failslab+0x5/0x20 [ 1857.252289] kmem_cache_alloc+0x5b/0x310 [ 1857.257884] xas_alloc+0x336/0x440 [ 1857.258265] xas_create+0x34a/0x10d0 [ 1857.258687] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1857.259252] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 1857.259832] xas_store+0x8c/0x1c40 [ 1857.260223] ? lock_acquire+0x1b9/0x470 [ 1857.260649] __xa_store+0x164/0x2d0 [ 1857.261039] ? xa_delete_node+0x280/0x280 [ 1857.261489] ? trace_hardirqs_on+0x5b/0x180 [ 1857.261953] xa_store+0x31/0x50 [ 1857.262310] __io_uring_add_tctx_node+0x1cf/0x520 [ 1857.262842] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1857.263403] ? alloc_fd+0x2e7/0x670 [ 1857.263799] io_uring_setup+0x1fbb/0x2980 [ 1857.264246] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1857.264788] ? wait_for_completion_io+0x270/0x270 [ 1857.265316] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1857.265872] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1857.266423] do_syscall_64+0x33/0x40 [ 1857.266842] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1857.267388] RIP: 0033:0x7f347623eb19 [ 1857.267791] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1857.269748] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1857.270579] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1857.271345] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1857.272103] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1857.272860] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1857.273629] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 [ 1857.274418] CPU: 0 PID: 20883 Comm: syz-executor.1 Not tainted 5.10.232 #1 [ 1857.276002] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1857.277867] Call Trace: [ 1857.278471] dump_stack+0x107/0x167 [ 1857.279313] should_fail.cold+0x5/0xa [ 1857.280350] ? create_object.isra.0+0x3a/0xa20 [ 1857.281391] should_failslab+0x5/0x20 [ 1857.282254] kmem_cache_alloc+0x5b/0x310 [ 1857.283226] create_object.isra.0+0x3a/0xa20 [ 1857.284219] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1857.285375] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 1857.286525] ? netlink_sendmsg+0x998/0xdf0 [ 1857.287497] __alloc_skb+0xb1/0x5b0 [ 1857.288335] netlink_sendmsg+0x998/0xdf0 [ 1857.289271] ? netlink_unicast+0x7f0/0x7f0 [ 1857.290257] ? netlink_unicast+0x7f0/0x7f0 [ 1857.291223] __sock_sendmsg+0x154/0x190 [ 1857.292124] ____sys_sendmsg+0x70d/0x870 [ 1857.293049] ? sock_write_iter+0x3d0/0x3d0 [ 1857.294000] ? do_recvmmsg+0x6d0/0x6d0 [ 1857.294894] ? perf_trace_lock+0x2bd/0x490 [ 1857.295864] ? __lockdep_reset_lock+0x180/0x180 [ 1857.296925] ___sys_sendmsg+0xf3/0x170 [ 1857.297810] ? sendmsg_copy_msghdr+0x160/0x160 [ 1857.298858] ? __fget_files+0x2cf/0x520 [ 1857.299758] ? lock_downgrade+0x6d0/0x6d0 [ 1857.300697] ? find_held_lock+0x2c/0x110 [ 1857.301671] ? __fget_files+0x2f8/0x520 [ 1857.302814] ? __fget_light+0xea/0x290 [ 1857.303924] __sys_sendmsg+0xe5/0x1b0 [ 1857.304986] ? __sys_sendmsg_sock+0x40/0x40 [ 1857.306191] ? rcu_read_lock_any_held+0x75/0xa0 [ 1857.307521] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1857.308944] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1857.310322] ? trace_hardirqs_on+0x5b/0x180 [ 1857.311517] do_syscall_64+0x33/0x40 [ 1857.312515] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1857.313909] RIP: 0033:0x7f6b601a6b19 [ 1857.314967] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1857.319846] RSP: 002b:00007f6b5d71c188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1857.321879] RAX: ffffffffffffffda RBX: 00007f6b602b9f60 RCX: 00007f6b601a6b19 [ 1857.323792] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000005 [ 1857.325694] RBP: 00007f6b5d71c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1857.327600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1857.329512] R13: 00007ffdf1ab221f R14: 00007f6b5d71c300 R15: 0000000000022000 [ 1857.338832] FAULT_INJECTION: forcing a failure. [ 1857.338832] name failslab, interval 1, probability 0, space 0, times 0 [ 1857.340085] CPU: 1 PID: 20887 Comm: syz-executor.2 Not tainted 5.10.232 #1 [ 1857.340821] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1857.341703] Call Trace: [ 1857.341994] dump_stack+0x107/0x167 [ 1857.342390] should_fail.cold+0x5/0xa [ 1857.342826] should_failslab+0x5/0x20 [ 1857.343241] __kmalloc_node_track_caller+0x74/0x3b0 [ 1857.343784] ? netlink_sendmsg+0x998/0xdf0 [ 1857.344256] __alloc_skb+0xb1/0x5b0 [ 1857.344660] netlink_sendmsg+0x998/0xdf0 [ 1857.345106] ? netlink_unicast+0x7f0/0x7f0 [ 1857.345574] ? netlink_unicast+0x7f0/0x7f0 [ 1857.346034] __sock_sendmsg+0x154/0x190 [ 1857.346465] ____sys_sendmsg+0x70d/0x870 [ 1857.346923] ? sock_write_iter+0x3d0/0x3d0 [ 1857.347378] ? do_recvmmsg+0x6d0/0x6d0 [ 1857.347798] ? perf_trace_lock+0x2bd/0x490 [ 1857.348262] ? __lockdep_reset_lock+0x180/0x180 [ 1857.348769] ___sys_sendmsg+0xf3/0x170 [ 1857.349192] ? sendmsg_copy_msghdr+0x160/0x160 [ 1857.349691] ? __fget_files+0x2cf/0x520 [ 1857.350121] ? lock_downgrade+0x6d0/0x6d0 [ 1857.350587] ? find_held_lock+0x2c/0x110 [ 1857.351037] ? __fget_files+0x2f8/0x520 [ 1857.351476] ? __fget_light+0xea/0x290 [ 1857.351905] __sys_sendmsg+0xe5/0x1b0 [ 1857.352318] ? __sys_sendmsg_sock+0x40/0x40 [ 1857.352784] ? rcu_read_lock_any_held+0x75/0xa0 00:17:06 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 58) 00:17:06 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:17:06 executing program 5: mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x2000000000000000}, 0x11010}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) r0 = pkey_alloc(0x0, 0x0) r1 = pkey_alloc(0x0, 0x5) pkey_mprotect(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, r1) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, 0x0) pkey_mprotect(&(0x7f0000fed000/0x13000)=nil, 0x13000, 0x0, r0) pkey_mprotect(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1000004, r0) mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x3) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x45800) pkey_mprotect(&(0x7f0000fed000/0x13000)=nil, 0x13000, 0x0, 0xffffffffffffffff) sigaltstack(&(0x7f0000ffa000/0x1000)=nil, 0x0) r2 = creat(&(0x7f0000000000)='./file1\x00', 0x0) fallocate(r2, 0x0, 0x0, 0x8800000) setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000040)=0x5d91, 0x4) [ 1857.353510] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1857.354197] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1857.354826] ? trace_hardirqs_on+0x5b/0x180 [ 1857.355297] do_syscall_64+0x33/0x40 [ 1857.355861] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1857.356448] RIP: 0033:0x7f7e9f951b19 [ 1857.356878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1857.359017] RSP: 002b:00007f7e9cec7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1857.359909] RAX: ffffffffffffffda RBX: 00007f7e9fa64f60 RCX: 00007f7e9f951b19 [ 1857.360806] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000005 [ 1857.361627] RBP: 00007f7e9cec71d0 R08: 0000000000000000 R09: 0000000000000000 [ 1857.362458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1857.363309] R13: 00007ffd49bc8f6f R14: 00007f7e9cec7300 R15: 0000000000022000 [ 1857.379143] FAULT_INJECTION: forcing a failure. [ 1857.379143] name failslab, interval 1, probability 0, space 0, times 0 [ 1857.381972] CPU: 0 PID: 20910 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1857.383563] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1857.385471] Call Trace: [ 1857.386088] dump_stack+0x107/0x167 [ 1857.386939] should_fail.cold+0x5/0xa [ 1857.387828] ? create_object.isra.0+0x3a/0xa20 [ 1857.388885] should_failslab+0x5/0x20 [ 1857.389760] kmem_cache_alloc+0x5b/0x310 [ 1857.390708] ? mark_held_locks+0x9e/0xe0 [ 1857.391648] create_object.isra.0+0x3a/0xa20 [ 1857.392656] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1857.393825] kmem_cache_alloc+0x159/0x310 [ 1857.394814] xas_alloc+0x336/0x440 [ 1857.395640] xas_create+0x34a/0x10d0 [ 1857.396503] ? kernel_text_address+0xf2/0x120 [ 1857.397542] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1857.398757] xas_store+0x8c/0x1c40 [ 1857.399590] __xa_store+0x164/0x2d0 [ 1857.400429] ? xa_delete_node+0x280/0x280 [ 1857.401392] ? trace_hardirqs_on+0x5b/0x180 [ 1857.402393] xa_store+0x31/0x50 [ 1857.403161] __io_uring_add_tctx_node+0x1cf/0x520 [ 1857.404259] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1857.405436] ? alloc_fd+0x2e7/0x670 [ 1857.406270] io_uring_setup+0x1fbb/0x2980 [ 1857.407214] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1857.408345] ? wait_for_completion_io+0x270/0x270 [ 1857.409455] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1857.410639] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1857.411802] do_syscall_64+0x33/0x40 [ 1857.412642] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1857.413785] RIP: 0033:0x7f347623eb19 [ 1857.414628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1857.418735] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1857.420441] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1857.422030] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1857.423650] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1857.425258] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1857.426862] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 [ 1857.444420] FAULT_INJECTION: forcing a failure. [ 1857.444420] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1857.447103] CPU: 0 PID: 20998 Comm: syz-executor.4 Not tainted 5.10.232 #1 [ 1857.448654] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1857.450518] Call Trace: [ 1857.451112] dump_stack+0x107/0x167 [ 1857.451932] should_fail.cold+0x5/0xa [ 1857.452797] _copy_from_user+0x2e/0x1b0 [ 1857.453701] perf_copy_attr+0x11a/0x8a0 [ 1857.454611] __do_sys_perf_event_open+0xb9/0x2e60 00:17:06 executing program 4: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x2}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 1) 00:17:07 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) ioctl$MON_IOCX_GET(r0, 0x40189206, &(0x7f0000000040)={&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000100)=""/4096, 0x1000}) 00:17:07 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(0xffffffffffffffff, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) [ 1857.455701] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1857.456959] ? perf_event_set_output+0x5b0/0x5b0 [ 1857.458024] ? wait_for_completion_io+0x270/0x270 [ 1857.459147] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1857.460320] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1857.461475] do_syscall_64+0x33/0x40 [ 1857.462312] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1857.463487] RIP: 0033:0x7f7d67265b19 [ 1857.464321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1857.468450] RSP: 002b:00007f7d647db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1857.470153] RAX: ffffffffffffffda RBX: 00007f7d67378f60 RCX: 00007f7d67265b19 [ 1857.471762] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020001d80 [ 1857.473364] RBP: 00007f7d647db1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1857.474967] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 1857.476563] R13: 00007ffe6ab3f07f R14: 00007f7d647db300 R15: 0000000000022000 00:17:07 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:17:07 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) (fail_nth: 6) 00:17:07 executing program 5: r0 = syz_io_uring_setup(0x21, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000180), &(0x7f0000002a40)) socket$inet(0x2, 0x1, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f00000000c0)=ANY=[], 0x108) setsockopt$inet6_opts(r1, 0x29, 0x6, 0x0, 0x0) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x2) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000380)={'mangle\x00', 0x0, [0x7, 0x4, 0x1, 0x1d, 0x1]}, &(0x7f0000000000)=0x54) r3 = fcntl$dupfd(r2, 0x0, r2) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000200)={0x0, 0x0, 0x0, 'queue1\x00'}) syz_io_uring_setup(0x1, &(0x7f0000000140)={0x0, 0x0, 0x10, 0x80000, 0x97}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000000480), &(0x7f0000000100)) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) write$sndseq(r2, &(0x7f0000000400)=[{0xb6, 0xc1, 0x1, 0x0, @time={0x100, 0xeb}, {0x0, 0x1}, {0x59, 0xbc}, @addr={0x6, 0x7}}], 0x1c) ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(0xffffffffffffffff, 0x408c5333, &(0x7f00000002c0)={0x10000, 0x8, 0x0, 'queue0\x00', 0x200}) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) fork() r4 = fork() r5 = fork() kcmp(r4, r5, 0x1, 0xffffffffffffffff, 0xffffffffffffffff) [ 1857.521891] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. 00:17:07 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1857.559155] FAULT_INJECTION: forcing a failure. [ 1857.559155] name failslab, interval 1, probability 0, space 0, times 0 [ 1857.560494] CPU: 1 PID: 21011 Comm: syz-executor.2 Not tainted 5.10.232 #1 [ 1857.561291] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1857.562243] Call Trace: [ 1857.562563] dump_stack+0x107/0x167 [ 1857.562983] should_fail.cold+0x5/0xa [ 1857.563428] ? create_object.isra.0+0x3a/0xa20 [ 1857.563962] should_failslab+0x5/0x20 [ 1857.564413] kmem_cache_alloc+0x5b/0x310 [ 1857.564889] create_object.isra.0+0x3a/0xa20 [ 1857.565393] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1857.565983] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 1857.566595] ? netlink_sendmsg+0x998/0xdf0 [ 1857.567091] __alloc_skb+0xb1/0x5b0 [ 1857.567492] netlink_sendmsg+0x998/0xdf0 [ 1857.567969] ? netlink_unicast+0x7f0/0x7f0 [ 1857.568476] ? netlink_unicast+0x7f0/0x7f0 [ 1857.568969] __sock_sendmsg+0x154/0x190 [ 1857.569429] ____sys_sendmsg+0x70d/0x870 [ 1857.569906] ? sock_write_iter+0x3d0/0x3d0 [ 1857.570396] ? do_recvmmsg+0x6d0/0x6d0 [ 1857.570840] ? perf_trace_lock+0x2bd/0x490 [ 1857.571338] ? __lockdep_reset_lock+0x180/0x180 [ 1857.571887] ___sys_sendmsg+0xf3/0x170 [ 1857.572349] ? sendmsg_copy_msghdr+0x160/0x160 [ 1857.572885] ? __fget_files+0x2cf/0x520 [ 1857.573351] ? lock_downgrade+0x6d0/0x6d0 [ 1857.573835] ? finish_task_switch+0x126/0x5d0 [ 1857.574355] ? lock_downgrade+0x6d0/0x6d0 [ 1857.574859] ? __fget_files+0x2f8/0x520 [ 1857.575334] ? __fget_light+0xea/0x290 [ 1857.575797] __sys_sendmsg+0xe5/0x1b0 [ 1857.576240] ? __sys_sendmsg_sock+0x40/0x40 [ 1857.576741] ? io_schedule_timeout+0x140/0x140 [ 1857.577285] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1857.577895] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1857.578494] ? trace_hardirqs_on+0x5b/0x180 [ 1857.579023] do_syscall_64+0x33/0x40 [ 1857.579452] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1857.580046] RIP: 0033:0x7f7e9f951b19 [ 1857.580479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1857.582638] RSP: 002b:00007f7e9cec7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1857.583529] RAX: ffffffffffffffda RBX: 00007f7e9fa64f60 RCX: 00007f7e9f951b19 [ 1857.584357] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000005 [ 1857.585181] RBP: 00007f7e9cec71d0 R08: 0000000000000000 R09: 0000000000000000 [ 1857.586004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1857.586840] R13: 00007ffd49bc8f6f R14: 00007f7e9cec7300 R15: 0000000000022000 [ 1857.859928] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1857.860617] print_req_error: 22 callbacks suppressed [ 1857.860628] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1857.862748] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1857.862755] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1857.862778] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1857.865223] buffer_io_error: 6 callbacks suppressed [ 1857.865236] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1857.865825] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1857.868242] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1857.868681] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1857.870383] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1857.871011] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1857.873382] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1857.874472] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1857.874591] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1857.876210] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1857.876780] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1857.879205] blk_update_request: I/O error, dev loop4, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1857.880900] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1857.881503] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1857.882351] blk_update_request: I/O error, dev sr0, sector 2096901 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1857.882416] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1857.886995] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1857.887711] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1857.889712] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1857.897126] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1857.898882] Buffer I/O error on dev loop4, logical block 2096903, async page read 00:17:23 executing program 4: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x2}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 2) 00:17:23 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 59) 00:17:23 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:17:23 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) (fail_nth: 7) 00:17:23 executing program 1: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) (fail_nth: 7) 00:17:23 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(0xffffffffffffffff, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:17:23 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)={0x28, 0x1a, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x0, 0x0, 0x0, @fd}, @nested={0xc, 0x1c, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid=0xee01}]}]}, 0x28}}, 0x0) r1 = pidfd_getfd(0xffffffffffffffff, r0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) syz_genetlink_get_family_id$ipvs(&(0x7f0000000480), r2) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r7, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) sendmsg$NL80211_CMD_NEW_INTERFACE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000004c0)=ANY=[@ANYRES16, @ANYRESOCT=r5, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r4, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) sendmsg$NL80211_CMD_EXTERNAL_AUTH(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0xa0, r3, 0x100, 0x70bd2b, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_PMKID={0x14, 0x55, "7a5027893d40b7ce60e9a318048c6823"}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x4}, @NL80211_ATTR_SSID={0x24, 0x34, @random="24ecceb024dc6d61d395df4033ee37ae59471e8328907c82c0bb26cca7562029"}, @NL80211_ATTR_PMKID={0x14, 0x55, "1b0b105717d1731a75524681c78e1703"}, @NL80211_ATTR_PMKID={0x14, 0x55, "f68a2fe45836eabf8b90eb802bfd3297"}, @NL80211_ATTR_BSSID={0xa, 0xf5, @from_mac=@device_b}, @NL80211_ATTR_BSSID={0xa}]}, 0xa0}, 0x1, 0x0, 0x0, 0x40004}, 0x4000044) r8 = socket$netlink(0x10, 0x3, 0x0) r9 = fcntl$dupfd(r8, 0x0, r8) sendmsg$nl_generic(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff}) r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r8) sendmsg$NL80211_CMD_DEL_TX_TS(r10, &(0x7f0000000440)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x70, r11, 0x400, 0x70bd2c, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x400, 0x66}}}}, [@NL80211_ATTR_TSID={0x5, 0xd2, 0x2}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_TSID={0x5, 0xd2, 0xa}, @NL80211_ATTR_TSID={0x5, 0xd2, 0xa}, @NL80211_ATTR_TSID={0x5, 0xd2, 0xc}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x70}, 0x1, 0x0, 0x0, 0x81}, 0x20000004) openat(r9, &(0x7f00000001c0)='./file0\x00', 0x208000, 0x102) 00:17:23 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x3e, 0x109301) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000001, 0x1010, r0, 0xfe7c7000) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x1101802, &(0x7f0000000100)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@posixacl}], [{@smackfsfloor={'smackfsfloor', 0x3d, '/dev/vcs#\x00'}}, {@obj_type={'obj_type', 0x3d, '/dev/usbmon#\x00'}}, {@obj_role={'obj_role', 0x3d, '/dev/vcs#\x00'}}, {@subj_type={'subj_type', 0x3d, '/dev/vcs#\x00'}}, {@euid_lt={'euid<', 0xee00}}]}}) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r3, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) ioctl$BTRFS_IOC_GET_FEATURES(r1, 0x80189439, &(0x7f00000001c0)) syz_open_dev$vcsn(&(0x7f0000000000), 0x100, 0x101100) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010200000000000000000700000008000300", @ANYRES32=r6, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) fcntl$dupfd(r4, 0x0, r0) [ 1873.670889] FAULT_INJECTION: forcing a failure. [ 1873.670889] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1873.673618] CPU: 1 PID: 21137 Comm: syz-executor.2 Not tainted 5.10.232 #1 [ 1873.675081] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1873.676837] Call Trace: [ 1873.677400] dump_stack+0x107/0x167 [ 1873.678178] should_fail.cold+0x5/0xa [ 1873.678994] _copy_from_iter_full+0x201/0xa60 [ 1873.679958] ? __virt_addr_valid+0x170/0x5d0 [ 1873.680890] ? __check_object_size+0x319/0x440 [ 1873.681064] FAULT_INJECTION: forcing a failure. [ 1873.681064] name failslab, interval 1, probability 0, space 0, times 0 [ 1873.681859] netlink_sendmsg+0x879/0xdf0 [ 1873.681898] ? netlink_unicast+0x7f0/0x7f0 [ 1873.686091] ? netlink_unicast+0x7f0/0x7f0 [ 1873.686989] __sock_sendmsg+0x154/0x190 [ 1873.687844] ____sys_sendmsg+0x70d/0x870 [ 1873.688711] ? sock_write_iter+0x3d0/0x3d0 [ 1873.689596] ? do_recvmmsg+0x6d0/0x6d0 [ 1873.690419] ? perf_trace_lock+0x2bd/0x490 [ 1873.691346] ? __lockdep_reset_lock+0x180/0x180 [ 1873.692337] ___sys_sendmsg+0xf3/0x170 [ 1873.693168] ? sendmsg_copy_msghdr+0x160/0x160 [ 1873.694137] ? __fget_files+0x2cf/0x520 [ 1873.694974] ? lock_downgrade+0x6d0/0x6d0 [ 1873.695867] ? find_held_lock+0x2c/0x110 [ 1873.696753] ? __fget_files+0x2f8/0x520 [ 1873.697612] ? __fget_light+0xea/0x290 [ 1873.698450] __sys_sendmsg+0xe5/0x1b0 [ 1873.699265] ? __sys_sendmsg_sock+0x40/0x40 [ 1873.700172] ? rcu_read_lock_any_held+0x75/0xa0 [ 1873.701185] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1873.702291] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1873.703380] ? trace_hardirqs_on+0x5b/0x180 [ 1873.704296] do_syscall_64+0x33/0x40 [ 1873.705080] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1873.706157] RIP: 0033:0x7f7e9f951b19 [ 1873.706940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1873.710805] RSP: 002b:00007f7e9cec7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1873.712416] RAX: ffffffffffffffda RBX: 00007f7e9fa64f60 RCX: 00007f7e9f951b19 [ 1873.713915] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000005 [ 1873.715411] RBP: 00007f7e9cec71d0 R08: 0000000000000000 R09: 0000000000000000 [ 1873.716900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1873.718392] R13: 00007ffd49bc8f6f R14: 00007f7e9cec7300 R15: 0000000000022000 [ 1873.719942] CPU: 0 PID: 21142 Comm: syz-executor.4 Not tainted 5.10.232 #1 [ 1873.721490] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1873.723350] Call Trace: [ 1873.723939] dump_stack+0x107/0x167 [ 1873.724754] should_fail.cold+0x5/0xa [ 1873.725606] ? perf_event_alloc.part.0+0x5b/0x2b70 [ 1873.726703] should_failslab+0x5/0x20 [ 1873.727578] kmem_cache_alloc_trace+0x55/0x320 [ 1873.728605] perf_event_alloc.part.0+0x5b/0x2b70 [ 1873.729660] ? alloc_fd+0x2e7/0x670 [ 1873.730484] __do_sys_perf_event_open+0x579/0x2e60 [ 1873.731596] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1873.732673] ? perf_event_set_output+0x5b0/0x5b0 [ 1873.733730] ? wait_for_completion_io+0x270/0x270 [ 1873.734828] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1873.736000] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1873.737153] do_syscall_64+0x33/0x40 [ 1873.737985] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1873.738502] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. [ 1873.739134] RIP: 0033:0x7f7d67265b19 [ 1873.739154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1873.739165] RSP: 002b:00007f7d647db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1873.741493] FAULT_INJECTION: forcing a failure. [ 1873.741493] name failslab, interval 1, probability 0, space 0, times 0 [ 1873.741752] RAX: ffffffffffffffda RBX: 00007f7d67378f60 RCX: 00007f7d67265b19 [ 1873.741770] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020001d80 [ 1873.752876] RBP: 00007f7d647db1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1873.754474] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 1873.756082] R13: 00007ffe6ab3f07f R14: 00007f7d647db300 R15: 0000000000022000 [ 1873.757705] CPU: 1 PID: 21138 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1873.759155] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1873.759887] FAULT_INJECTION: forcing a failure. [ 1873.759887] name failslab, interval 1, probability 0, space 0, times 0 [ 1873.760873] Call Trace: [ 1873.760895] dump_stack+0x107/0x167 [ 1873.760916] should_fail.cold+0x5/0xa [ 1873.760941] ? xas_alloc+0x336/0x440 [ 1873.766186] should_failslab+0x5/0x20 [ 1873.766975] kmem_cache_alloc+0x5b/0x310 [ 1873.767848] xas_alloc+0x336/0x440 [ 1873.768591] xas_create+0x34a/0x10d0 [ 1873.769374] ? kernel_text_address+0xf2/0x120 [ 1873.770315] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1873.771418] xas_store+0x8c/0x1c40 [ 1873.772174] __xa_store+0x164/0x2d0 [ 1873.772933] ? xa_delete_node+0x280/0x280 [ 1873.773800] ? trace_hardirqs_on+0x5b/0x180 [ 1873.774705] xa_store+0x31/0x50 [ 1873.775424] __io_uring_add_tctx_node+0x1cf/0x520 [ 1873.776430] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1873.777511] ? alloc_fd+0x2e7/0x670 [ 1873.778281] io_uring_setup+0x1fbb/0x2980 [ 1873.779189] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1873.780252] ? wait_for_completion_io+0x270/0x270 [ 1873.781280] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1873.782382] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1873.783467] do_syscall_64+0x33/0x40 [ 1873.784241] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1873.785312] RIP: 0033:0x7f347623eb19 [ 1873.786086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1873.789932] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1873.791533] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1873.793023] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1873.794512] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1873.796008] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1873.797496] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 [ 1873.799022] CPU: 0 PID: 21136 Comm: syz-executor.1 Not tainted 5.10.232 #1 [ 1873.800584] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1873.800669] netlink: 'syz-executor.5': attribute type 28 has an invalid length. [ 1873.802438] Call Trace: [ 1873.802462] dump_stack+0x107/0x167 [ 1873.802490] should_fail.cold+0x5/0xa [ 1873.806232] ? create_object.isra.0+0x3a/0xa20 [ 1873.807280] should_failslab+0x5/0x20 [ 1873.808136] kmem_cache_alloc+0x5b/0x310 [ 1873.809067] create_object.isra.0+0x3a/0xa20 [ 1873.810051] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1873.811207] __kmalloc_node_track_caller+0x1a6/0x3b0 [ 1873.812344] ? netlink_sendmsg+0x998/0xdf0 [ 1873.813313] __alloc_skb+0xb1/0x5b0 [ 1873.814157] netlink_sendmsg+0x998/0xdf0 [ 1873.814196] ? netlink_unicast+0x7f0/0x7f0 [ 1873.815995] ? netlink_unicast+0x7f0/0x7f0 [ 1873.816941] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. [ 1873.816969] __sock_sendmsg+0x154/0x190 [ 1873.819604] ____sys_sendmsg+0x70d/0x870 [ 1873.820532] ? sock_write_iter+0x3d0/0x3d0 [ 1873.821483] ? do_recvmmsg+0x6d0/0x6d0 [ 1873.822361] ? perf_trace_lock+0x2bd/0x490 [ 1873.823346] ? __lockdep_reset_lock+0x180/0x180 [ 1873.824403] ___sys_sendmsg+0xf3/0x170 [ 1873.825291] ? sendmsg_copy_msghdr+0x160/0x160 [ 1873.826330] ? __fget_files+0x2cf/0x520 [ 1873.827235] ? lock_downgrade+0x6d0/0x6d0 [ 1873.828173] ? find_held_lock+0x2c/0x110 [ 1873.829113] ? __fget_files+0x2f8/0x520 [ 1873.829645] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. [ 1873.830024] ? __fget_light+0xea/0x290 [ 1873.832638] __sys_sendmsg+0xe5/0x1b0 [ 1873.833499] ? __sys_sendmsg_sock+0x40/0x40 [ 1873.834468] ? rcu_read_lock_any_held+0x75/0xa0 [ 1873.835570] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1873.836748] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1873.837902] ? trace_hardirqs_on+0x5b/0x180 [ 1873.838223] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.6'. [ 1873.838873] do_syscall_64+0x33/0x40 [ 1873.838896] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1873.838915] RIP: 0033:0x7f6b601a6b19 [ 1873.843444] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1873.847561] RSP: 002b:00007f6b5d71c188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1873.849271] RAX: ffffffffffffffda RBX: 00007f6b602b9f60 RCX: 00007f6b601a6b19 [ 1873.850874] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000005 [ 1873.852478] RBP: 00007f6b5d71c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1873.854084] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1873.855691] R13: 00007ffdf1ab221f R14: 00007f6b5d71c300 R15: 0000000000022000 [ 1873.870526] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. 00:17:23 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1873.941850] netlink: 'syz-executor.5': attribute type 28 has an invalid length. 00:17:23 executing program 6: ioctl$sock_inet_SIOCSIFNETMASK(0xffffffffffffffff, 0x891c, &(0x7f0000000000)={'veth1_to_bond\x00', {0x2, 0x0, @dev}}) r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) ioctl$MON_IOCQ_RING_SIZE(r2, 0x9205) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:17:23 executing program 4: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x2}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 3) 00:17:23 executing program 1: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) (fail_nth: 8) 00:17:23 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) (fail_nth: 8) 00:17:23 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, 0xffffffffffffffff) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:17:23 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1874.006264] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1874.041865] FAULT_INJECTION: forcing a failure. [ 1874.041865] name failslab, interval 1, probability 0, space 0, times 0 [ 1874.044533] CPU: 0 PID: 21258 Comm: syz-executor.1 Not tainted 5.10.232 #1 [ 1874.046091] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1874.047977] Call Trace: [ 1874.048582] dump_stack+0x107/0x167 [ 1874.049413] should_fail.cold+0x5/0xa [ 1874.050286] ? fib_create_info+0x769/0x4a30 [ 1874.051274] should_failslab+0x5/0x20 [ 1874.052133] __kmalloc+0x72/0x390 [ 1874.052916] ? perf_tp_event+0x5ce/0xc00 [ 1874.053847] fib_create_info+0x769/0x4a30 [ 1874.054841] ? fib_result_prefsrc+0x4a0/0x4a0 [ 1874.055873] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1874.057052] ? tracing_generic_entry_update+0x1ed/0x270 [ 1874.058266] fib_table_insert+0x1ca/0x1af0 [ 1874.059255] ? nla_get_range_signed+0x520/0x520 [ 1874.060306] ? lock_release+0x680/0x680 [ 1874.061203] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 1874.062323] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 1874.063462] ? fib_route_seq_show+0xeb0/0xeb0 [ 1874.064488] ? __nla_validate+0x3c/0x50 [ 1874.065386] ? memset+0x20/0x50 [ 1874.066138] ? rtm_to_fib_config+0x6f3/0x10b0 [ 1874.067156] ? fib_new_table+0xfb/0x460 [ 1874.068067] inet_rtm_newroute+0x109/0x1f0 [ 1874.069024] ? inet_rtm_delroute+0x350/0x350 [ 1874.070077] ? inet_rtm_delroute+0x350/0x350 [ 1874.071085] rtnetlink_rcv_msg+0x41e/0xbb0 [ 1874.072048] ? rtnl_fdb_dump+0x9d0/0x9d0 [ 1874.072969] ? perf_trace_lock+0x2bd/0x490 [ 1874.073947] ? __lockdep_reset_lock+0x180/0x180 [ 1874.075023] netlink_rcv_skb+0x14b/0x430 [ 1874.075943] ? rtnl_fdb_dump+0x9d0/0x9d0 [ 1874.076866] ? netlink_ack+0xab0/0xab0 [ 1874.077740] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1874.078784] ? netlink_deliver_tap+0x1c4/0xcc0 [ 1874.079829] ? is_vmalloc_addr+0x7b/0xb0 [ 1874.080759] netlink_unicast+0x549/0x7f0 [ 1874.081690] ? netlink_attachskb+0x870/0x870 [ 1874.082709] netlink_sendmsg+0x90f/0xdf0 [ 1874.083653] ? netlink_unicast+0x7f0/0x7f0 [ 1874.084640] ? netlink_unicast+0x7f0/0x7f0 [ 1874.085733] __sock_sendmsg+0x154/0x190 [ 1874.086639] ____sys_sendmsg+0x70d/0x870 [ 1874.087578] ? sock_write_iter+0x3d0/0x3d0 [ 1874.088531] ? do_recvmmsg+0x6d0/0x6d0 [ 1874.089412] ? perf_trace_lock+0x2bd/0x490 [ 1874.090386] ? __lockdep_reset_lock+0x180/0x180 [ 1874.091466] ___sys_sendmsg+0xf3/0x170 [ 1874.092355] ? sendmsg_copy_msghdr+0x160/0x160 [ 1874.093438] ? __fget_files+0x2cf/0x520 [ 1874.094401] ? lock_downgrade+0x6d0/0x6d0 [ 1874.095354] ? find_held_lock+0x2c/0x110 [ 1874.096298] ? __fget_files+0x2f8/0x520 [ 1874.097218] ? __fget_light+0xea/0x290 [ 1874.098120] __sys_sendmsg+0xe5/0x1b0 [ 1874.098983] ? __sys_sendmsg_sock+0x40/0x40 [ 1874.099967] ? rcu_read_lock_any_held+0x75/0xa0 [ 1874.101058] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1874.102242] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1874.103429] ? trace_hardirqs_on+0x5b/0x180 [ 1874.104411] do_syscall_64+0x33/0x40 [ 1874.105254] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1874.106409] RIP: 0033:0x7f6b601a6b19 [ 1874.107262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1874.111412] RSP: 002b:00007f6b5d71c188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1874.113126] RAX: ffffffffffffffda RBX: 00007f6b602b9f60 RCX: 00007f6b601a6b19 [ 1874.114730] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000005 [ 1874.116340] RBP: 00007f6b5d71c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1874.117945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1874.119557] R13: 00007ffdf1ab221f R14: 00007f6b5d71c300 R15: 0000000000022000 [ 1874.126177] FAULT_INJECTION: forcing a failure. [ 1874.126177] name failslab, interval 1, probability 0, space 0, times 0 [ 1874.128576] CPU: 1 PID: 21264 Comm: syz-executor.2 Not tainted 5.10.232 #1 [ 1874.130021] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1874.131762] Call Trace: [ 1874.132321] dump_stack+0x107/0x167 [ 1874.133103] should_fail.cold+0x5/0xa [ 1874.133906] ? fib_create_info+0x769/0x4a30 [ 1874.134819] should_failslab+0x5/0x20 [ 1874.135634] __kmalloc+0x72/0x390 [ 1874.136381] fib_create_info+0x769/0x4a30 [ 1874.136908] FAULT_INJECTION: forcing a failure. [ 1874.136908] name failslab, interval 1, probability 0, space 0, times 0 [ 1874.137301] ? fib_result_prefsrc+0x4a0/0x4a0 [ 1874.140676] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1874.141799] fib_table_insert+0x1ca/0x1af0 [ 1874.142714] ? nla_get_range_signed+0x520/0x520 [ 1874.143716] ? __mutex_lock+0x5af/0x10b0 [ 1874.144575] ? lock_downgrade+0x6d0/0x6d0 [ 1874.145450] ? fib_route_seq_show+0xeb0/0xeb0 [ 1874.146396] ? __nla_validate+0x3c/0x50 [ 1874.147238] ? memset+0x20/0x50 [ 1874.147938] ? rtm_to_fib_config+0x6f3/0x10b0 [ 1874.148877] ? fib_new_table+0xfb/0x460 [ 1874.149724] inet_rtm_newroute+0x109/0x1f0 [ 1874.150637] ? inet_rtm_delroute+0x350/0x350 [ 1874.151627] ? inet_rtm_delroute+0x350/0x350 [ 1874.152552] rtnetlink_rcv_msg+0x41e/0xbb0 [ 1874.153440] ? rtnl_fdb_dump+0x9d0/0x9d0 [ 1874.154280] ? perf_trace_lock+0x2bd/0x490 [ 1874.155182] ? __lockdep_reset_lock+0x180/0x180 [ 1874.156168] netlink_rcv_skb+0x14b/0x430 [ 1874.157015] ? rtnl_fdb_dump+0x9d0/0x9d0 [ 1874.157862] ? netlink_ack+0xab0/0xab0 [ 1874.158668] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1874.159641] ? netlink_deliver_tap+0x1c4/0xcc0 [ 1874.160593] ? is_vmalloc_addr+0x7b/0xb0 [ 1874.161448] netlink_unicast+0x549/0x7f0 [ 1874.162305] ? netlink_attachskb+0x870/0x870 [ 1874.163253] netlink_sendmsg+0x90f/0xdf0 [ 1874.164108] ? netlink_unicast+0x7f0/0x7f0 [ 1874.165008] ? netlink_unicast+0x7f0/0x7f0 [ 1874.165890] __sock_sendmsg+0x154/0x190 [ 1874.166718] ____sys_sendmsg+0x70d/0x870 [ 1874.167582] ? sock_write_iter+0x3d0/0x3d0 [ 1874.168455] ? do_recvmmsg+0x6d0/0x6d0 [ 1874.169266] ? perf_trace_lock+0x2bd/0x490 [ 1874.170159] ? __lockdep_reset_lock+0x180/0x180 [ 1874.171158] ___sys_sendmsg+0xf3/0x170 [ 1874.171971] ? sendmsg_copy_msghdr+0x160/0x160 [ 1874.172931] ? __fget_files+0x2cf/0x520 [ 1874.173760] ? lock_downgrade+0x6d0/0x6d0 [ 1874.174628] ? find_held_lock+0x2c/0x110 [ 1874.175501] ? __fget_files+0x2f8/0x520 [ 1874.176351] ? __fget_light+0xea/0x290 [ 1874.177179] __sys_sendmsg+0xe5/0x1b0 [ 1874.177970] ? __sys_sendmsg_sock+0x40/0x40 [ 1874.178867] ? rcu_read_lock_any_held+0x75/0xa0 [ 1874.179876] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1874.180969] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1874.182032] ? trace_hardirqs_on+0x5b/0x180 [ 1874.182931] do_syscall_64+0x33/0x40 [ 1874.183724] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1874.184794] RIP: 0033:0x7f7e9f951b19 [ 1874.185571] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1874.189378] RSP: 002b:00007f7e9cec7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1874.190962] RAX: ffffffffffffffda RBX: 00007f7e9fa64f60 RCX: 00007f7e9f951b19 [ 1874.192447] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000005 [ 1874.193933] RBP: 00007f7e9cec71d0 R08: 0000000000000000 R09: 0000000000000000 [ 1874.195425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1874.196905] R13: 00007ffd49bc8f6f R14: 00007f7e9cec7300 R15: 0000000000022000 [ 1874.198439] CPU: 0 PID: 21260 Comm: syz-executor.4 Not tainted 5.10.232 #1 [ 1874.200015] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1874.201863] Call Trace: [ 1874.202451] dump_stack+0x107/0x167 [ 1874.203276] should_fail.cold+0x5/0xa [ 1874.204125] ? create_object.isra.0+0x3a/0xa20 [ 1874.205141] should_failslab+0x5/0x20 [ 1874.205992] kmem_cache_alloc+0x5b/0x310 [ 1874.206894] ? __lockdep_reset_lock+0x180/0x180 [ 1874.207948] create_object.isra.0+0x3a/0xa20 [ 1874.208927] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1874.210063] kmem_cache_alloc_trace+0x151/0x320 [ 1874.211114] perf_event_alloc.part.0+0x5b/0x2b70 [ 1874.212158] ? alloc_fd+0x2e7/0x670 [ 1874.212975] __do_sys_perf_event_open+0x579/0x2e60 [ 1874.214077] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1874.215173] ? perf_event_set_output+0x5b0/0x5b0 [ 1874.216219] ? wait_for_completion_io+0x270/0x270 [ 1874.217313] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 00:17:23 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 60) 00:17:23 executing program 5: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open_tree(0xffffffffffffffff, &(0x7f0000000080)='./file1\x00', 0x80000) r1 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0) readv(r1, &(0x7f0000001ac0)=[{&(0x7f0000001680)=""/186, 0xba}], 0x1) pread64(0xffffffffffffffff, 0x0, 0xfffffffffffffdda, 0x0) ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f0000000100)={0x38, 0x22, 0x0, 0x0, 0x8, 0xc, 0x2, 0x95, 0x1}) mq_open(&(0x7f0000000600)='\x01*+\x0e\xaa\xdc\x84\x97\xa72\xb9v\x93\b5\x84\x83\x86\xce\x9c\x00\xcb\x0f\x87f\x90\x06\xf9{\xa6\xa6VK\xe9\x1c\xdb?*>/\x04\xe9C\xd6\xbd\x1e\x11\v%\xdbB\xaf\xc7\x81\xb8\xa2\x00p\\\x9c\xe5\x9a>\x8d\x9c\xc7\xee\x9c\xe6\x9f\xe3<\xa6\xfb\xbe\x914\xe0\x99\xfa\xef\xea\xbf\x1aH>\x83\xe3\x88G\xc7\xfe\x16\xe9!w\xfa\xc4\x1e\xfaN\xfdc[\xc7\xaf_\xc1\xba\xc0\xf8\xf7\xe4\xbf\xd7\x18\t\xec\xa2C\xd9\r\x83\x19\xb9\x85\xa7\r\xd0\r\xa3v\x97\x910\xdc\v%n\x97.g=\xd0oYF\xfa\x0e\x0f\xf7\xfe\xa2', 0x80, 0x24, &(0x7f0000000340)={0x2, 0x1000000, 0x0, 0xffff}) ioctl$TIOCMIWAIT(0xffffffffffffffff, 0x545c, 0x0) setsockopt$inet_group_source_req(r0, 0x0, 0x2b, &(0x7f0000000180)={0x1000, {{0x2, 0x4e22, @multicast2}}, {{0x2, 0x4e23, @multicast1}}}, 0x108) clock_gettime(0x0, &(0x7f00000002c0)={0x0, 0x0}) mq_timedsend(r0, &(0x7f00000000c0)="c123", 0x2, 0x7fffffff, &(0x7f0000000300)={r2, r3+60000000}) ioctl$sock_bt_hci(0xffffffffffffffff, 0x800448f0, &(0x7f0000000380)="0a2d2da2ef9ee479574e35e3ba64f870fe3898f364eddd8079caf5ae0616dffb698891ce445201982337c5a5bfa42703a314a7f82c9295b30351c6a696d1a7e173ab9cc9af1c5006e0044025e8868a8d1a199d7ed9857476d24dd0f9aa64d4fd35d60e125a3fe8970087fa53f87140bc6771deee3d032144161692536e78de9d5e7ea9018b4c8a352844ade27c0b847b013a69fb35e31382d99427d343e6b914ae7bca84796baedf2aa518fd74886f04d6f48ec7fdc5a1dcb9f193b46a2095f9b8c382aad5ae8afebdc22c157d85110db667e0c10dc6eabec0331261c3337731c637") r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000000)={0x6, 0xb, 0x16, 0xf, 0xa, 0x81, 0x6, 0x14a}) ioctl$SG_IO(r4, 0x127f, &(0x7f00000003c0)={0xe00, 0x0, 0x0, 0xfe, @buffer={0x300, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x13, 0x0, 0x0}) r5 = openat(r4, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, r5) [ 1874.218734] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1874.219913] do_syscall_64+0x33/0x40 [ 1874.220744] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1874.221880] RIP: 0033:0x7f7d67265b19 [ 1874.222708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1874.226805] RSP: 002b:00007f7d647db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1874.228521] RAX: ffffffffffffffda RBX: 00007f7d67378f60 RCX: 00007f7d67265b19 [ 1874.230106] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020001d80 [ 1874.231715] RBP: 00007f7d647db1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1874.233305] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 1874.234893] R13: 00007ffe6ab3f07f R14: 00007f7d647db300 R15: 0000000000022000 [ 1874.285550] FAULT_INJECTION: forcing a failure. [ 1874.285550] name failslab, interval 1, probability 0, space 0, times 0 [ 1874.287972] CPU: 1 PID: 21335 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1874.289406] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1874.291178] Call Trace: [ 1874.291732] dump_stack+0x107/0x167 [ 1874.292488] should_fail.cold+0x5/0xa [ 1874.293277] ? create_object.isra.0+0x3a/0xa20 [ 1874.294219] should_failslab+0x5/0x20 [ 1874.295011] kmem_cache_alloc+0x5b/0x310 [ 1874.295858] ? mark_held_locks+0x9e/0xe0 [ 1874.296698] create_object.isra.0+0x3a/0xa20 [ 1874.297607] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1874.298663] kmem_cache_alloc+0x159/0x310 [ 1874.299539] xas_alloc+0x336/0x440 [ 1874.300281] xas_create+0x34a/0x10d0 [ 1874.301073] ? kernel_text_address+0xf2/0x120 [ 1874.301998] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1874.303104] xas_store+0x8c/0x1c40 [ 1874.303869] __xa_store+0x164/0x2d0 [ 1874.304629] ? xa_delete_node+0x280/0x280 [ 1874.305496] ? trace_hardirqs_on+0x5b/0x180 [ 1874.306397] xa_store+0x31/0x50 [ 1874.307095] __io_uring_add_tctx_node+0x1cf/0x520 [ 1874.308090] ? io_uring_alloc_task_context+0x6a0/0x6a0 [ 1874.309165] ? alloc_fd+0x2e7/0x670 [ 1874.309934] io_uring_setup+0x1fbb/0x2980 [ 1874.310796] ? __do_sys_io_uring_enter+0x1890/0x1890 [ 1874.311853] ? wait_for_completion_io+0x270/0x270 [ 1874.312870] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1874.313960] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1874.315033] do_syscall_64+0x33/0x40 [ 1874.315813] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1874.316870] RIP: 0033:0x7f347623eb19 [ 1874.317637] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1874.321440] RSP: 002b:00007f34737b4108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9 [ 1874.323013] RAX: ffffffffffffffda RBX: 00007f3476351f60 RCX: 00007f347623eb19 [ 1874.324491] RDX: 0000000020ffc000 RSI: 0000000020000140 RDI: 0000000000007f65 [ 1874.325959] RBP: 0000000020000140 R08: 0000000020000200 R09: 0000000020000200 [ 1874.327445] R10: 00000000200001c0 R11: 0000000000000202 R12: 0000000020000200 [ 1874.328917] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 [ 1874.378447] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.380338] print_req_error: 6 callbacks suppressed [ 1874.380362] blk_update_request: I/O error, dev sr0, sector 7 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1874.408621] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.410458] blk_update_request: I/O error, dev sr0, sector 263 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1874.421654] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.424452] blk_update_request: I/O error, dev sr0, sector 519 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1874.430377] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.431892] blk_update_request: I/O error, dev sr0, sector 775 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1874.435555] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.437046] blk_update_request: I/O error, dev sr0, sector 1031 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1874.443031] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.444625] blk_update_request: I/O error, dev sr0, sector 1287 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1874.447549] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.449420] blk_update_request: I/O error, dev sr0, sector 1543 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1874.455259] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.456808] blk_update_request: I/O error, dev sr0, sector 1799 op 0x1:(WRITE) flags 0x0 phys_seg 32 prio class 0 [ 1874.460673] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.462427] blk_update_request: I/O error, dev sr0, sector 2055 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1874.466524] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.467968] blk_update_request: I/O error, dev sr0, sector 2311 op 0x1:(WRITE) flags 0x4000 phys_seg 32 prio class 0 [ 1874.470554] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.472594] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.475521] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.478626] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.480535] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.483554] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.485676] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.488500] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.490724] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.492577] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.495411] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.497614] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.499500] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.502948] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.504722] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.506481] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.509005] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.511793] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.513728] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.515555] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.517628] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.520413] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.529039] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.531497] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.534996] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.537645] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.539948] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.550380] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.552035] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.555322] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.557396] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.567499] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.578404] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.580405] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.582775] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.587021] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.588750] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.591539] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.593623] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.596493] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.598842] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.601418] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.604522] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.606555] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.608437] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.614680] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.620830] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.622915] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.624397] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.626380] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.628816] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.630908] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.632466] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.634527] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.636020] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.637919] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.640054] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.642405] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.643808] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.646812] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.648461] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.650546] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.652806] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.654604] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.656714] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.658912] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.660383] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.662480] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.663989] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.665971] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.667916] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.669957] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.672373] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.674430] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.675831] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.677886] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.679402] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.681436] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.682862] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.684988] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.686988] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.688981] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.690956] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.693061] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.694724] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.696830] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.698488] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.699862] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.701371] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.703341] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.704816] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.706825] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.708519] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.709953] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.711378] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.713380] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.714843] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.716385] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.717718] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.719496] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.720979] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.722454] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.723823] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.725333] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.726641] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.727986] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.729353] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.730671] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.731999] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.733448] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.734800] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.736322] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.737636] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.738982] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.740371] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.741692] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.742985] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.744445] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.745781] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.748342] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.749748] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.751280] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.752585] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.753893] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.755367] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.756750] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.758274] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.759584] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.760880] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.762364] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.763667] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.764951] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.766345] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.767719] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.769328] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.771435] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.772724] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.774037] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.775367] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.777039] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.778342] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.780363] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.781791] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.783254] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.784523] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.785820] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.787283] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.788560] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.789826] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.791375] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.792646] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.793943] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.795343] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.796609] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.797864] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.799304] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.800553] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.801913] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.803371] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.804638] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.805904] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.807373] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.808629] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.809897] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.811289] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.812640] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.813910] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.815349] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.816600] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.817870] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.819298] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.820547] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.821788] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.823324] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.824580] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.825829] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.827237] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.828447] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.829703] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.830935] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.832322] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.833635] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.834889] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.836303] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.837542] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.838777] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.840037] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.841332] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.842540] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.843860] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.845276] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.846505] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.847728] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.850011] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.851395] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.852614] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.853824] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.855280] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.856500] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.857710] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.858920] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.860331] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.861527] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.862731] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.863943] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.865398] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.866625] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.867843] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.869056] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.870568] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.871790] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.874283] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.875475] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.877344] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.878605] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.879813] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.881004] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.882309] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.883518] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.884707] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.885874] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.887288] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.888488] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.889703] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.890876] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.892217] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.893409] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.894602] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.895793] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.897059] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.898327] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.899510] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.900698] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.901875] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.903219] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.904386] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.905565] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.906832] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.908026] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.909315] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.910482] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.914000] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.915214] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.917136] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.918271] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.919457] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.920570] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1874.920617] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.922978] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.924125] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.925237] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.926359] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.927676] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.929212] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.930386] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.931575] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.932875] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.934034] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.935201] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.936338] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.937481] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.938578] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1874.938620] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.941277] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.942393] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.943513] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.944634] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.945781] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.946923] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.948809] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.949939] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.951107] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.952199] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1874.952660] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.954717] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.955837] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.956955] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.958090] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.959248] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.960386] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.961648] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.962763] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.963890] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.964996] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.966136] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1874.966152] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.968609] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.969703] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.970791] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.971903] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.973022] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.974153] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.975387] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.976487] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.977589] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.978703] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.979787] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1874.979825] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.982235] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.983338] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.984422] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.985493] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.986606] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.987720] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.988947] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.990048] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.991181] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.992278] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.993340] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1874.993379] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.995770] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.996848] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.997918] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1874.998992] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.000147] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.001374] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.002458] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.003547] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.004626] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.005705] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.006754] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1875.006798] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.009169] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.010235] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.011327] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.012384] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.013459] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.014558] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.015758] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.016835] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.017909] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.018983] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.020083] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.021142] Buffer I/O error on dev loop4, logical block 2096903, async page read [ 1875.021176] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.023538] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.024598] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.025642] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.026688] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.027777] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.028841] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.030023] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.031139] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.032179] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.033231] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.034276] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.035335] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.036385] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.037444] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.038491] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.039549] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.040626] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.041676] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.042801] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.043861] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.044898] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.045936] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.046993] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.048045] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.049114] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.050194] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.051247] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.052553] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.053591] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.054892] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.055951] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.056973] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1875.057027] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.059353] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.059502] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1875.060549] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.062482] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.063537] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.064588] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.065647] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.066711] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.067817] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.068945] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.070121] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.071161] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.072179] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.073197] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.074228] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.075260] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.076270] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.077280] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.078294] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.079321] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.080339] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.081351] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.082385] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.083411] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.084432] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.085444] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.086460] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.087485] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.088497] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.089506] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1875.090514] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 00:17:38 executing program 1: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) (fail_nth: 9) 00:17:38 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2007edd4) 00:17:38 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x38, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @generic="05c08436ae2a43824d072b988147c87e132e11abe28bfc304c"]}, 0x38}}, 0x0) openat(r1, &(0x7f0000000000)='./file0\x00', 0x0, 0x60) 00:17:38 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) (fail_nth: 9) [ 1888.451873] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.5'. 00:17:38 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, 0xffffffffffffffff) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:17:38 executing program 4: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x2}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 4) 00:17:38 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 61) 00:17:38 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1888.465514] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.5'. [ 1888.481199] FAULT_INJECTION: forcing a failure. [ 1888.481199] name failslab, interval 1, probability 0, space 0, times 0 [ 1888.481394] FAULT_INJECTION: forcing a failure. [ 1888.481394] name failslab, interval 1, probability 0, space 0, times 0 [ 1888.484118] CPU: 1 PID: 21384 Comm: syz-executor.1 Not tainted 5.10.232 #1 [ 1888.487076] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1888.489165] Call Trace: [ 1888.489838] dump_stack+0x107/0x167 [ 1888.490765] should_fail.cold+0x5/0xa [ 1888.491741] ? create_object.isra.0+0x3a/0xa20 [ 1888.492897] should_failslab+0x5/0x20 [ 1888.493861] kmem_cache_alloc+0x5b/0x310 [ 1888.494902] create_object.isra.0+0x3a/0xa20 [ 1888.496018] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1888.497319] __kmalloc+0x16e/0x390 [ 1888.498243] fib_create_info+0x769/0x4a30 [ 1888.499361] ? fib_result_prefsrc+0x4a0/0x4a0 [ 1888.500516] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1888.501870] fib_table_insert+0x1ca/0x1af0 [ 1888.502962] ? nla_get_range_signed+0x520/0x520 [ 1888.504147] ? __mutex_lock+0x5af/0x10b0 [ 1888.505169] ? lock_downgrade+0x6d0/0x6d0 [ 1888.506217] ? fib_route_seq_show+0xeb0/0xeb0 [ 1888.507357] ? __nla_validate+0x3c/0x50 [ 1888.508309] ? memset+0x20/0x50 [ 1888.509061] ? rtm_to_fib_config+0x6f3/0x10b0 [ 1888.510065] ? fib_new_table+0xfb/0x460 [ 1888.510973] inet_rtm_newroute+0x109/0x1f0 [ 1888.511933] ? inet_rtm_delroute+0x350/0x350 [ 1888.512978] ? inet_rtm_delroute+0x350/0x350 [ 1888.513973] rtnetlink_rcv_msg+0x41e/0xbb0 [ 1888.514929] ? rtnl_fdb_dump+0x9d0/0x9d0 [ 1888.515846] ? perf_trace_lock+0x2bd/0x490 [ 1888.516819] ? __lockdep_reset_lock+0x180/0x180 [ 1888.517889] netlink_rcv_skb+0x14b/0x430 [ 1888.518807] ? rtnl_fdb_dump+0x9d0/0x9d0 [ 1888.519741] ? netlink_ack+0xab0/0xab0 [ 1888.520610] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1888.521660] ? netlink_deliver_tap+0x1c4/0xcc0 [ 1888.522683] ? is_vmalloc_addr+0x7b/0xb0 [ 1888.523632] netlink_unicast+0x549/0x7f0 [ 1888.524565] ? netlink_attachskb+0x870/0x870 [ 1888.525585] netlink_sendmsg+0x90f/0xdf0 [ 1888.526517] ? netlink_unicast+0x7f0/0x7f0 [ 1888.527509] ? netlink_unicast+0x7f0/0x7f0 [ 1888.528467] __sock_sendmsg+0x154/0x190 [ 1888.529377] ____sys_sendmsg+0x70d/0x870 [ 1888.530297] ? sock_write_iter+0x3d0/0x3d0 [ 1888.531246] ? do_recvmmsg+0x6d0/0x6d0 [ 1888.532127] ? perf_trace_lock+0x2bd/0x490 [ 1888.533095] ? __lockdep_reset_lock+0x180/0x180 [ 1888.534160] ___sys_sendmsg+0xf3/0x170 [ 1888.535044] ? sendmsg_copy_msghdr+0x160/0x160 [ 1888.536091] ? __fget_files+0x2cf/0x520 [ 1888.536995] ? lock_downgrade+0x6d0/0x6d0 [ 1888.537929] ? find_held_lock+0x2c/0x110 [ 1888.538871] ? __fget_files+0x2f8/0x520 [ 1888.539792] ? __fget_light+0xea/0x290 [ 1888.540693] __sys_sendmsg+0xe5/0x1b0 [ 1888.541551] ? __sys_sendmsg_sock+0x40/0x40 [ 1888.542515] ? rcu_read_lock_any_held+0x75/0xa0 [ 1888.543610] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1888.544788] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1888.545945] ? trace_hardirqs_on+0x5b/0x180 [ 1888.546921] do_syscall_64+0x33/0x40 [ 1888.547775] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1888.548927] RIP: 0033:0x7f6b601a6b19 [ 1888.549761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1888.553872] RSP: 002b:00007f6b5d71c188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1888.555584] RAX: ffffffffffffffda RBX: 00007f6b602b9f60 RCX: 00007f6b601a6b19 [ 1888.557180] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000005 [ 1888.558775] RBP: 00007f6b5d71c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1888.560380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1888.561980] R13: 00007ffdf1ab221f R14: 00007f6b5d71c300 R15: 0000000000022000 [ 1888.563640] CPU: 0 PID: 21392 Comm: syz-executor.4 Not tainted 5.10.232 #1 [ 1888.564475] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1888.565465] Call Trace: [ 1888.565784] dump_stack+0x107/0x167 [ 1888.566219] should_fail.cold+0x5/0xa [ 1888.566677] ? selinux_perf_event_alloc+0x43/0x190 [ 1888.567266] should_failslab+0x5/0x20 [ 1888.567728] kmem_cache_alloc_trace+0x55/0x320 [ 1888.568274] ? lockdep_init_map_type+0x2c7/0x780 [ 1888.568846] selinux_perf_event_alloc+0x43/0x190 [ 1888.569418] security_perf_event_alloc+0x46/0xa0 [ 1888.569985] perf_event_alloc.part.0+0x18b3/0x2b70 [ 1888.570576] __do_sys_perf_event_open+0x579/0x2e60 [ 1888.571169] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1888.571752] ? perf_event_set_output+0x5b0/0x5b0 [ 1888.572315] ? wait_for_completion_io+0x270/0x270 [ 1888.572902] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1888.573526] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1888.574145] do_syscall_64+0x33/0x40 [ 1888.574592] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1888.575204] RIP: 0033:0x7f7d67265b19 [ 1888.575656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1888.577853] RSP: 002b:00007f7d647db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1888.578767] RAX: ffffffffffffffda RBX: 00007f7d67378f60 RCX: 00007f7d67265b19 [ 1888.579626] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020001d80 [ 1888.580480] RBP: 00007f7d647db1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1888.581324] FAULT_INJECTION: forcing a failure. [ 1888.581324] name failslab, interval 1, probability 0, space 0, times 0 [ 1888.582628] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 1888.582635] R13: 00007ffe6ab3f07f R14: 00007f7d647db300 R15: 0000000000022000 [ 1888.586187] CPU: 1 PID: 21395 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1888.587731] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1888.589575] Call Trace: [ 1888.590162] dump_stack+0x107/0x167 [ 1888.590977] should_fail.cold+0x5/0xa [ 1888.591837] ? vm_area_dup+0x78/0x290 [ 1888.592717] should_failslab+0x5/0x20 00:17:38 executing program 5: r0 = syz_open_dev$loop(&(0x7f00000000c0), 0x0, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f00000001c0)) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) r1 = mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000) mremap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x3000, 0x2, &(0x7f0000ffb000/0x3000)=nil) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) fallocate(0xffffffffffffffff, 0x4b, 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) syz_io_uring_submit(0x0, r1, &(0x7f0000000180)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0xa, &(0x7f0000000140)={r3, r4+60000000}, 0x1, 0x1}, 0x1f) syz_mount_image$nfs(0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0) mlock2(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/crypto\x00', 0x0, 0x0) mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0) faccessat2(0xffffffffffffffff, 0x0, 0x10d, 0x1200) faccessat2(r5, &(0x7f00000003c0)='./file1\x00', 0x1, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r6 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x4840, 0x0) sendfile(r2, r6, 0x0, 0x100000001) [ 1888.593566] kmem_cache_alloc+0x5b/0x310 [ 1888.594714] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1888.595939] vm_area_dup+0x78/0x290 [ 1888.596773] ? perf_trace_lock+0xac/0x490 [ 1888.597733] ? mark_lock+0xf5/0x2df0 [ 1888.598604] ? lock_chain_count+0x20/0x20 [ 1888.599562] ? mark_lock+0xf5/0x2df0 [ 1888.600425] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1888.601629] ? lock_chain_count+0x20/0x20 [ 1888.602579] ? _raw_spin_unlock_irq+0x1f/0x30 [ 1888.603615] ? trace_hardirqs_on+0x5b/0x180 [ 1888.604611] ? mark_lock+0xf5/0x2df0 [ 1888.605467] ? vm_area_alloc+0x110/0x110 [ 1888.606403] ? __lock_acquire+0x1657/0x5b00 [ 1888.607410] ? memset+0x20/0x50 [ 1888.608170] ? vmacache_find+0x55/0x2a0 [ 1888.609082] ? file_has_perm+0x183/0x280 [ 1888.610014] __split_vma+0xa8/0x4e0 [ 1888.610855] __do_munmap+0x365/0x1260 [ 1888.611743] ? arch_get_unmapped_area+0x450/0x450 [ 1888.612850] ? lock_release+0x680/0x680 [ 1888.613839] mmap_region+0x7c8/0x1500 [ 1888.614824] do_mmap+0xcdb/0x11e0 [ 1888.615640] vm_mmap_pgoff+0x198/0x1f0 [ 1888.616539] ? randomize_page+0xb0/0xb0 [ 1888.617470] ksys_mmap_pgoff+0x41c/0x560 [ 1888.618566] ? find_mergeable_anon_vma+0x250/0x250 [ 1888.619706] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1888.621043] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1888.622390] do_syscall_64+0x33/0x40 [ 1888.623389] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1888.624658] RIP: 0033:0x7f347623eb62 [ 1888.625520] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1888.630173] RSP: 002b:00007f34737b40f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1888.632087] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f347623eb62 [ 1888.633981] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffd000 [ 1888.635765] RBP: 0000000020ffd000 R08: 0000000000000005 R09: 0000000000000000 [ 1888.637657] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000200 [ 1888.639515] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:17:38 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1888.695515] FAULT_INJECTION: forcing a failure. [ 1888.695515] name failslab, interval 1, probability 0, space 0, times 0 [ 1888.698136] CPU: 1 PID: 21382 Comm: syz-executor.2 Not tainted 5.10.232 #1 [ 1888.699742] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1888.701644] Call Trace: [ 1888.702259] dump_stack+0x107/0x167 [ 1888.703108] should_fail.cold+0x5/0xa [ 1888.703997] ? create_object.isra.0+0x3a/0xa20 [ 1888.705053] should_failslab+0x5/0x20 [ 1888.705933] kmem_cache_alloc+0x5b/0x310 [ 1888.706886] create_object.isra.0+0x3a/0xa20 [ 1888.707908] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1888.709090] __kmalloc+0x16e/0x390 [ 1888.709933] fib_create_info+0x769/0x4a30 [ 1888.710949] ? fib_result_prefsrc+0x4a0/0x4a0 [ 1888.711997] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1888.713224] fib_table_insert+0x1ca/0x1af0 00:17:38 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1888.714228] ? nla_get_range_signed+0x520/0x520 [ 1888.715492] ? __mutex_lock+0x5af/0x10b0 [ 1888.716435] ? lock_downgrade+0x6d0/0x6d0 00:17:38 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 62) [ 1888.717395] ? fib_route_seq_show+0xeb0/0xeb0 [ 1888.718525] ? __nla_validate+0x3c/0x50 [ 1888.719447] ? memset+0x20/0x50 [ 1888.720226] ? rtm_to_fib_config+0x6f3/0x10b0 [ 1888.721260] ? fib_new_table+0xfb/0x460 [ 1888.722189] inet_rtm_newroute+0x109/0x1f0 [ 1888.723170] ? inet_rtm_delroute+0x350/0x350 [ 1888.724253] ? inet_rtm_delroute+0x350/0x350 [ 1888.725275] rtnetlink_rcv_msg+0x41e/0xbb0 [ 1888.726262] ? rtnl_fdb_dump+0x9d0/0x9d0 [ 1888.727203] ? perf_trace_lock+0x2bd/0x490 [ 1888.728207] ? __lockdep_reset_lock+0x180/0x180 [ 1888.729300] netlink_rcv_skb+0x14b/0x430 [ 1888.730241] ? rtnl_fdb_dump+0x9d0/0x9d0 [ 1888.731185] ? netlink_ack+0xab0/0xab0 [ 1888.732088] ? netlink_deliver_tap+0x1ae/0xcc0 00:17:38 executing program 1: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) (fail_nth: 10) [ 1888.733157] ? netlink_deliver_tap+0x1c4/0xcc0 [ 1888.734285] ? is_vmalloc_addr+0x7b/0xb0 [ 1888.735241] netlink_unicast+0x549/0x7f0 [ 1888.736208] ? netlink_attachskb+0x870/0x870 [ 1888.737257] netlink_sendmsg+0x90f/0xdf0 [ 1888.738217] ? netlink_unicast+0x7f0/0x7f0 [ 1888.739225] ? netlink_unicast+0x7f0/0x7f0 [ 1888.740223] __sock_sendmsg+0x154/0x190 [ 1888.741153] ____sys_sendmsg+0x70d/0x870 [ 1888.742104] ? sock_write_iter+0x3d0/0x3d0 [ 1888.743075] ? do_recvmmsg+0x6d0/0x6d0 [ 1888.743985] ? perf_trace_lock+0x2bd/0x490 [ 1888.744985] ? __lockdep_reset_lock+0x180/0x180 [ 1888.746071] ___sys_sendmsg+0xf3/0x170 [ 1888.746984] ? sendmsg_copy_msghdr+0x160/0x160 [ 1888.748062] ? __fget_files+0x2cf/0x520 [ 1888.748984] ? lock_downgrade+0x6d0/0x6d0 [ 1888.749950] ? finish_task_switch+0x126/0x5d0 [ 1888.750988] ? lock_downgrade+0x6d0/0x6d0 [ 1888.751973] ? __fget_files+0x2f8/0x520 [ 1888.752915] ? __fget_light+0xea/0x290 [ 1888.753838] __sys_sendmsg+0xe5/0x1b0 [ 1888.754670] FAULT_INJECTION: forcing a failure. [ 1888.754670] name failslab, interval 1, probability 0, space 0, times 0 [ 1888.754719] ? __sys_sendmsg_sock+0x40/0x40 [ 1888.757101] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1888.758315] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1888.759512] ? trace_hardirqs_on+0x5b/0x180 [ 1888.760519] do_syscall_64+0x33/0x40 [ 1888.761383] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1888.762566] RIP: 0033:0x7f7e9f951b19 [ 1888.763427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1888.767676] RSP: 002b:00007f7e9cec7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1888.769437] RAX: ffffffffffffffda RBX: 00007f7e9fa64f60 RCX: 00007f7e9f951b19 [ 1888.771076] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000005 [ 1888.772728] RBP: 00007f7e9cec71d0 R08: 0000000000000000 R09: 0000000000000000 [ 1888.774372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1888.776026] R13: 00007ffd49bc8f6f R14: 00007f7e9cec7300 R15: 0000000000022000 [ 1888.777722] CPU: 0 PID: 21476 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1888.778584] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1888.779605] Call Trace: [ 1888.779933] dump_stack+0x107/0x167 [ 1888.780380] should_fail.cold+0x5/0xa [ 1888.780848] ? create_object.isra.0+0x3a/0xa20 [ 1888.781417] should_failslab+0x5/0x20 [ 1888.781888] kmem_cache_alloc+0x5b/0x310 [ 1888.782389] create_object.isra.0+0x3a/0xa20 [ 1888.782932] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1888.783568] kmem_cache_alloc+0x159/0x310 [ 1888.784079] vm_area_dup+0x78/0x290 [ 1888.784526] ? lock_release+0x680/0x680 [ 1888.785018] ? mark_lock+0xf5/0x2df0 [ 1888.785476] ? lock_chain_count+0x20/0x20 [ 1888.785988] ? mark_lock+0xf5/0x2df0 [ 1888.786453] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1888.787094] ? lock_chain_count+0x20/0x20 [ 1888.787618] ? mark_lock+0xf5/0x2df0 [ 1888.788080] ? vm_area_alloc+0x110/0x110 [ 1888.788584] ? __lock_acquire+0x1657/0x5b00 [ 1888.789129] ? memset+0x20/0x50 [ 1888.789536] ? vmacache_find+0x55/0x2a0 [ 1888.790026] ? file_has_perm+0x183/0x280 [ 1888.790528] __split_vma+0xa8/0x4e0 [ 1888.790974] __do_munmap+0x365/0x1260 [ 1888.791443] ? arch_get_unmapped_area+0x450/0x450 [ 1888.792048] ? lock_release+0x680/0x680 [ 1888.792545] mmap_region+0x7c8/0x1500 [ 1888.793029] do_mmap+0xcdb/0x11e0 [ 1888.793466] vm_mmap_pgoff+0x198/0x1f0 [ 1888.793954] ? randomize_page+0xb0/0xb0 [ 1888.794464] ksys_mmap_pgoff+0x41c/0x560 [ 1888.794972] ? find_mergeable_anon_vma+0x250/0x250 [ 1888.795595] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1888.796251] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1888.796896] do_syscall_64+0x33/0x40 [ 1888.797361] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1888.797998] RIP: 0033:0x7f347623eb62 [ 1888.798461] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1888.800763] RSP: 002b:00007f34737b40f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1888.801715] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f347623eb62 [ 1888.802606] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffd000 [ 1888.803507] RBP: 0000000020ffd000 R08: 0000000000000005 R09: 0000000000000000 [ 1888.804397] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000200 [ 1888.805286] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:17:38 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, 0xffffffffffffffff) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:17:38 executing program 4: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x2}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 5) [ 1888.817609] FAULT_INJECTION: forcing a failure. [ 1888.817609] name failslab, interval 1, probability 0, space 0, times 0 [ 1888.819028] CPU: 0 PID: 21507 Comm: syz-executor.1 Not tainted 5.10.232 #1 [ 1888.819911] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1888.821071] Call Trace: [ 1888.821408] dump_stack+0x107/0x167 [ 1888.821872] should_fail.cold+0x5/0xa [ 1888.822357] ? create_object.isra.0+0x3a/0xa20 [ 1888.822939] should_failslab+0x5/0x20 [ 1888.823419] kmem_cache_alloc+0x5b/0x310 [ 1888.823947] create_object.isra.0+0x3a/0xa20 [ 1888.824511] kmemleak_alloc_percpu+0xa0/0x100 [ 1888.825081] pcpu_alloc+0x4e2/0x1240 [ 1888.825581] fib_nh_init+0xc1/0x4d0 [ 1888.826052] fib_create_info+0x22b3/0x4a30 [ 1888.826616] ? fib_result_prefsrc+0x4a0/0x4a0 [ 1888.827184] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1888.827849] ? tracing_generic_entry_update+0x1ed/0x270 [ 1888.828526] fib_table_insert+0x1ca/0x1af0 [ 1888.829073] ? nla_get_range_signed+0x520/0x520 [ 1888.829664] ? lock_release+0x680/0x680 [ 1888.830166] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 1888.830791] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 1888.831420] ? fib_route_seq_show+0xeb0/0xeb0 [ 1888.831997] ? __nla_validate+0x3c/0x50 [ 1888.832499] ? memset+0x20/0x50 [ 1888.832918] ? rtm_to_fib_config+0x6f3/0x10b0 [ 1888.833482] ? fib_new_table+0xfb/0x460 [ 1888.833988] inet_rtm_newroute+0x109/0x1f0 [ 1888.834524] ? inet_rtm_delroute+0x350/0x350 [ 1888.835106] ? inet_rtm_delroute+0x350/0x350 [ 1888.835671] rtnetlink_rcv_msg+0x41e/0xbb0 [ 1888.836208] ? rtnl_fdb_dump+0x9d0/0x9d0 [ 1888.836725] ? perf_trace_lock+0x2bd/0x490 [ 1888.837266] ? __lockdep_reset_lock+0x180/0x180 [ 1888.837862] netlink_rcv_skb+0x14b/0x430 [ 1888.838374] ? rtnl_fdb_dump+0x9d0/0x9d0 [ 1888.838893] ? netlink_ack+0xab0/0xab0 [ 1888.839379] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1888.839967] ? netlink_deliver_tap+0x1c4/0xcc0 [ 1888.840543] ? is_vmalloc_addr+0x7b/0xb0 [ 1888.841063] netlink_unicast+0x549/0x7f0 [ 1888.841589] ? netlink_attachskb+0x870/0x870 [ 1888.842158] netlink_sendmsg+0x90f/0xdf0 [ 1888.842684] ? netlink_unicast+0x7f0/0x7f0 [ 1888.843230] ? netlink_unicast+0x7f0/0x7f0 [ 1888.843773] __sock_sendmsg+0x154/0x190 [ 1888.844276] ____sys_sendmsg+0x70d/0x870 [ 1888.844797] ? sock_write_iter+0x3d0/0x3d0 [ 1888.845329] ? do_recvmmsg+0x6d0/0x6d0 [ 1888.845819] ? perf_trace_lock+0x2bd/0x490 [ 1888.846359] ? __lockdep_reset_lock+0x180/0x180 [ 1888.846953] ___sys_sendmsg+0xf3/0x170 [ 1888.847449] ? sendmsg_copy_msghdr+0x160/0x160 [ 1888.848066] ? __fget_files+0x2cf/0x520 [ 1888.848572] ? lock_downgrade+0x6d0/0x6d0 [ 1888.849088] ? find_held_lock+0x2c/0x110 [ 1888.849594] ? __fget_files+0x2f8/0x520 [ 1888.850087] ? __fget_light+0xea/0x290 [ 1888.850572] __sys_sendmsg+0xe5/0x1b0 [ 1888.851036] ? __sys_sendmsg_sock+0x40/0x40 [ 1888.851569] ? rcu_read_lock_any_held+0x75/0xa0 [ 1888.852153] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1888.852792] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1888.853414] ? trace_hardirqs_on+0x5b/0x180 [ 1888.853946] do_syscall_64+0x33/0x40 [ 1888.854399] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1888.855019] RIP: 0033:0x7f6b601a6b19 [ 1888.855494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1888.857710] RSP: 002b:00007f6b5d71c188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1888.858634] RAX: ffffffffffffffda RBX: 00007f6b602b9f60 RCX: 00007f6b601a6b19 [ 1888.859501] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000005 [ 1888.860376] RBP: 00007f6b5d71c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1888.861248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1888.862110] R13: 00007ffdf1ab221f R14: 00007f6b5d71c300 R15: 0000000000022000 00:17:38 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1888.872626] FAULT_INJECTION: forcing a failure. [ 1888.872626] name failslab, interval 1, probability 0, space 0, times 0 [ 1888.874197] CPU: 0 PID: 21509 Comm: syz-executor.4 Not tainted 5.10.232 #1 [ 1888.875128] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1888.876128] Call Trace: [ 1888.876447] dump_stack+0x107/0x167 [ 1888.876893] should_fail.cold+0x5/0xa [ 1888.877355] ? create_object.isra.0+0x3a/0xa20 [ 1888.877906] should_failslab+0x5/0x20 [ 1888.878364] kmem_cache_alloc+0x5b/0x310 [ 1888.878861] create_object.isra.0+0x3a/0xa20 [ 1888.879399] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1888.880024] kmem_cache_alloc_trace+0x151/0x320 [ 1888.880589] ? lockdep_init_map_type+0x2c7/0x780 [ 1888.881169] selinux_perf_event_alloc+0x43/0x190 [ 1888.881735] security_perf_event_alloc+0x46/0xa0 [ 1888.882309] perf_event_alloc.part.0+0x18b3/0x2b70 [ 1888.882917] __do_sys_perf_event_open+0x579/0x2e60 [ 1888.883518] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1888.884096] ? perf_event_set_output+0x5b0/0x5b0 [ 1888.884666] ? wait_for_completion_io+0x270/0x270 [ 1888.885262] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1888.885895] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1888.886519] do_syscall_64+0x33/0x40 [ 1888.886969] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1888.887591] RIP: 0033:0x7f7d67265b19 [ 1888.888113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1888.890440] RSP: 002b:00007f7d647db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1888.891352] RAX: ffffffffffffffda RBX: 00007f7d67378f60 RCX: 00007f7d67265b19 [ 1888.892213] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020001d80 [ 1888.893072] RBP: 00007f7d647db1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1888.893928] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 1888.894788] R13: 00007ffe6ab3f07f R14: 00007f7d647db300 R15: 0000000000022000 00:17:38 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) (fail_nth: 10) [ 1888.977140] FAULT_INJECTION: forcing a failure. [ 1888.977140] name failslab, interval 1, probability 0, space 0, times 0 [ 1888.978608] CPU: 0 PID: 21515 Comm: syz-executor.2 Not tainted 5.10.232 #1 [ 1888.979438] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1888.980558] Call Trace: [ 1888.980884] dump_stack+0x107/0x167 [ 1888.981327] should_fail.cold+0x5/0xa [ 1888.981796] ? create_object.isra.0+0x3a/0xa20 [ 1888.982350] should_failslab+0x5/0x20 [ 1888.982810] kmem_cache_alloc+0x5b/0x310 [ 1888.983309] create_object.isra.0+0x3a/0xa20 [ 1888.983859] kmemleak_alloc_percpu+0xa0/0x100 [ 1888.984408] pcpu_alloc+0x4e2/0x1240 [ 1888.984883] fib_nh_init+0xc1/0x4d0 [ 1888.985341] fib_create_info+0x22b3/0x4a30 [ 1888.985890] ? fib_result_prefsrc+0x4a0/0x4a0 [ 1888.986441] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1888.987089] fib_table_insert+0x1ca/0x1af0 [ 1888.987620] ? nla_get_range_signed+0x520/0x520 [ 1888.988189] ? __mutex_lock+0x5af/0x10b0 [ 1888.988681] ? lock_downgrade+0x6d0/0x6d0 [ 1888.989188] ? fib_route_seq_show+0xeb0/0xeb0 [ 1888.989739] ? __nla_validate+0x3c/0x50 [ 1888.990221] ? memset+0x20/0x50 [ 1888.990622] ? rtm_to_fib_config+0x6f3/0x10b0 [ 1888.991169] ? fib_new_table+0xfb/0x460 [ 1888.991665] inet_rtm_newroute+0x109/0x1f0 [ 1888.992179] ? inet_rtm_delroute+0x350/0x350 [ 1888.992742] ? inet_rtm_delroute+0x350/0x350 [ 1888.993286] rtnetlink_rcv_msg+0x41e/0xbb0 [ 1888.993812] ? rtnl_fdb_dump+0x9d0/0x9d0 [ 1888.994306] ? perf_trace_lock+0x2bd/0x490 [ 1888.994827] ? __lockdep_reset_lock+0x180/0x180 [ 1888.995399] netlink_rcv_skb+0x14b/0x430 [ 1888.995898] ? rtnl_fdb_dump+0x9d0/0x9d0 [ 1888.996403] ? netlink_ack+0xab0/0xab0 [ 1888.996872] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1888.997430] ? netlink_deliver_tap+0x1c4/0xcc0 [ 1888.997983] ? is_vmalloc_addr+0x7b/0xb0 [ 1888.998482] netlink_unicast+0x549/0x7f0 [ 1888.998983] ? netlink_attachskb+0x870/0x870 [ 1888.999539] netlink_sendmsg+0x90f/0xdf0 [ 1889.000047] ? netlink_unicast+0x7f0/0x7f0 [ 1889.000574] ? netlink_unicast+0x7f0/0x7f0 [ 1889.001096] __sock_sendmsg+0x154/0x190 [ 1889.001580] ____sys_sendmsg+0x70d/0x870 [ 1889.002079] ? sock_write_iter+0x3d0/0x3d0 [ 1889.002588] ? do_recvmmsg+0x6d0/0x6d0 [ 1889.003059] ? perf_trace_lock+0x2bd/0x490 [ 1889.003590] ? __lockdep_reset_lock+0x180/0x180 [ 1889.004171] ___sys_sendmsg+0xf3/0x170 [ 1889.004647] ? sendmsg_copy_msghdr+0x160/0x160 [ 1889.005208] ? __fget_files+0x2cf/0x520 [ 1889.005693] ? lock_downgrade+0x6d0/0x6d0 [ 1889.006199] ? find_held_lock+0x2c/0x110 [ 1889.006706] ? __fget_files+0x2f8/0x520 [ 1889.007200] ? __fget_light+0xea/0x290 [ 1889.007695] __sys_sendmsg+0xe5/0x1b0 [ 1889.008157] ? __sys_sendmsg_sock+0x40/0x40 [ 1889.008678] ? rcu_read_lock_any_held+0x75/0xa0 [ 1889.009267] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1889.009903] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1889.010528] ? trace_hardirqs_on+0x5b/0x180 [ 1889.011057] do_syscall_64+0x33/0x40 [ 1889.011517] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1889.012140] RIP: 0033:0x7f7e9f951b19 [ 1889.012589] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1889.014808] RSP: 002b:00007f7e9cec7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1889.015738] RAX: ffffffffffffffda RBX: 00007f7e9fa64f60 RCX: 00007f7e9f951b19 [ 1889.016601] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000005 [ 1889.017461] RBP: 00007f7e9cec71d0 R08: 0000000000000000 R09: 0000000000000000 [ 1889.018327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1889.019185] R13: 00007ffd49bc8f6f R14: 00007f7e9cec7300 R15: 0000000000022000 00:17:38 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:17:38 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 63) 00:17:38 executing program 4: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x2}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 6) 00:17:38 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, 0xffffffffffffffff, 0x98e95000) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)=0x1c) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0xcb9be) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000240)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRESOCT=0x0, @ANYRES16=r0, @ANYRES32=r4, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01020000000000000000070000000a000300", @ANYRES32=r8, @ANYBLOB="14000400766574ec255f746f5f626f6e640000000800050009"], 0x40}}, 0x0) r9 = fspick(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1) poll(&(0x7f0000000180)=[{r1, 0x2038}, {r2}, {r3, 0xc}, {r5, 0x11}, {r6, 0x400}, {r9, 0x23a}, {r0, 0x4010}, {r0, 0x9500}, {r0, 0xa040}, {r0, 0x2000}], 0xa, 0x80000001) write$P9_RREADLINK(r6, &(0x7f0000000200)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0x10) [ 1889.074064] FAULT_INJECTION: forcing a failure. [ 1889.074064] name failslab, interval 1, probability 0, space 0, times 0 [ 1889.075543] CPU: 0 PID: 21579 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1889.076385] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1889.077389] Call Trace: [ 1889.077715] dump_stack+0x107/0x167 [ 1889.078154] should_fail.cold+0x5/0xa [ 1889.078618] ? vm_area_alloc+0x1c/0x110 [ 1889.079099] should_failslab+0x5/0x20 [ 1889.079567] kmem_cache_alloc+0x5b/0x310 [ 1889.080061] vm_area_alloc+0x1c/0x110 [ 1889.080520] mmap_region+0x97e/0x1500 [ 1889.080992] do_mmap+0xcdb/0x11e0 [ 1889.081414] vm_mmap_pgoff+0x198/0x1f0 [ 1889.081886] ? randomize_page+0xb0/0xb0 [ 1889.082380] ksys_mmap_pgoff+0x41c/0x560 [ 1889.082875] ? find_mergeable_anon_vma+0x250/0x250 [ 1889.083484] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1889.084119] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1889.084740] do_syscall_64+0x33/0x40 [ 1889.085193] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1889.085809] RIP: 0033:0x7f347623eb62 [ 1889.086261] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1889.088498] RSP: 002b:00007f34737b40f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1889.089426] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f347623eb62 [ 1889.090283] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffd000 [ 1889.091147] RBP: 0000000020ffd000 R08: 0000000000000005 R09: 0000000000000000 [ 1889.092013] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000200 [ 1889.092874] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 [ 1889.103617] FAULT_INJECTION: forcing a failure. [ 1889.103617] name failslab, interval 1, probability 0, space 0, times 0 [ 1889.106201] CPU: 1 PID: 21622 Comm: syz-executor.4 Not tainted 5.10.232 #1 [ 1889.107760] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 00:17:38 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1889.109616] Call Trace: [ 1889.110414] dump_stack+0x107/0x167 [ 1889.110993] netlink: 'syz-executor.6': attribute type 3 has an invalid length. [ 1889.111229] should_fail.cold+0x5/0xa [ 1889.111252] ? find_get_context+0x18d/0x9a0 [ 1889.112146] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.6'. [ 1889.112967] should_failslab+0x5/0x20 [ 1889.116185] kmem_cache_alloc_trace+0x55/0x320 [ 1889.117216] find_get_context+0x18d/0x9a0 [ 1889.118148] ? security_perf_event_alloc+0x79/0xa0 [ 1889.119248] ? ctx_sched_out+0xa00/0xa00 [ 1889.120181] __do_sys_perf_event_open+0xed1/0x2e60 [ 1889.121289] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1889.122370] ? perf_event_set_output+0x5b0/0x5b0 [ 1889.123424] ? wait_for_completion_io+0x270/0x270 [ 1889.124535] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1889.125705] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1889.126862] do_syscall_64+0x33/0x40 [ 1889.127701] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1889.128843] RIP: 0033:0x7f7d67265b19 [ 1889.129667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1889.133767] RSP: 002b:00007f7d647db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1889.135465] RAX: ffffffffffffffda RBX: 00007f7d67378f60 RCX: 00007f7d67265b19 [ 1889.137068] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020001d80 [ 1889.138663] RBP: 00007f7d647db1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1889.140264] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 1889.141856] R13: 00007ffe6ab3f07f R14: 00007f7d647db300 R15: 0000000000022000 [ 1889.164086] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1889.170895] netlink: 'syz-executor.6': attribute type 3 has an invalid length. [ 1889.171924] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.6'. [ 1889.303205] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1889.303926] print_req_error: 405 callbacks suppressed [ 1889.303936] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1889.305890] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1889.306560] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1889.307874] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1889.308538] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1889.309858] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1889.310523] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1889.311840] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1889.312503] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1889.313809] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1889.314473] blk_update_request: I/O error, dev sr0, sector 2096901 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1889.315779] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1889.317072] buffer_io_error: 6 callbacks suppressed [ 1889.317078] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1889.318622] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1889.319897] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1889.320831] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1889.322112] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1889.323024] blk_update_request: I/O error, dev loop4, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1889.324309] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1889.325239] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1889.326170] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1889.327158] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1889.327860] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1889.334100] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1889.335028] Buffer I/O error on dev loop4, logical block 2096903, async page read [ 1889.386580] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1889.387321] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1889.388619] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1889.389318] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1889.390970] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1889.391986] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1889.392992] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1889.393994] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1889.394995] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1889.396105] sr 1:0:0:0: [sr0] tag#0 unaligned transfer 00:17:50 executing program 4: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x2}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 7) 00:17:50 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x0, 0x40010, r0, 0x0) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000180), 0x8c0, 0x0) ioctl$MON_IOCX_MFETCH(r1, 0xc0109207, &(0x7f0000000200)={&(0x7f00000001c0)=[0x0], 0x1, 0x1}) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = fcntl$dupfd(r2, 0x0, r2) sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[@ANYBLOB="240000001800210c000000000000000002000000080000000400000008000500", @ANYRES32=0xee01, @ANYBLOB="c7b2b2517f6efc34fa9ee9c0c5"], 0x24}}, 0x0) perf_event_open(&(0x7f0000000100)={0x5, 0x80, 0x18, 0x5, 0xc9, 0xe1, 0x0, 0x7, 0x20, 0x274de5026b4355d2, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x714330b, 0x4, @perf_config_ext={0x7f, 0x65}, 0x4, 0x101, 0x7, 0x2, 0x1, 0x51f4, 0x101, 0x0, 0xffffffff, 0x0, 0x3}, 0xffffffffffffffff, 0xb, r3, 0x0) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) r5 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000240), 0x2080, 0x0) ioctl$VFAT_IOCTL_READDIR_BOTH(r5, 0x82307201, &(0x7f0000000300)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_CONNECT={0x10, 0x1, 0x0, 0xffffffffffffffff, 0x80, &(0x7f0000000000)=@nl=@kern={0x10, 0x0, 0x0, 0x80000000}, 0x0, 0x0, 0x1, {0x0, r4}}, 0x245daffe) 00:17:50 executing program 3: r0 = syz_open_procfs(0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3) readv(r3, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/213, 0xd5}], 0x1) dup2(r3, r2) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, 0x0, 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f00000011c0)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x1031, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)=0x0) r7 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000680)=ANY=[@ANYRESHEX=r3, @ANYRESDEC=r6, @ANYRESDEC, @ANYRES16=r0, @ANYRES32=r7, @ANYRESHEX=r0, @ANYRESHEX=r7, @ANYRESDEC=r2], 0xfffffffffffffe8a) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000340)={&(0x7f0000000500)=""/126, 0x7e}) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x2c, 0x13, 0x878c5bf8df414e27, 0x0, 0x0, {}, [@typed={0x4}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@empty}]}, 0x2c}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000000)={0x40000000, 0x0, 0x0, 0x5cb7c17, 0xffffffff}) fork() ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) 00:17:50 executing program 1: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) (fail_nth: 11) 00:17:51 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 00:17:51 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) (fail_nth: 11) 00:17:51 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 64) 00:17:51 executing program 5: r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x33}}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB="959a27290fe93adf69ef5513d722e92ace1e0d4ca9d02c75b81a", @ANYRES16=r3, @ANYBLOB="ff0200000000000000000600000008000300", @ANYRES32=r4, @ANYBLOB="0800050002000000"], 0x24}}, 0x0) syz_io_uring_setup(0x5ace, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) socket$nl_xfrm(0x10, 0x3, 0x6) sendmmsg$inet6(r1, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000080)='K', 0x1}], 0x1}}], 0x7ffff000, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000340)={0x0}, &(0x7f0000000380)=0xc) sendmsg$unix(r5, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r6}}}], 0x20}, 0x0) perf_event_open(&(0x7f0000000280)={0x3, 0x80, 0x0, 0x81, 0x2, 0x1, 0x0, 0x8000, 0x3fbed17ea395c2d6, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x4, @perf_bp={&(0x7f0000000040), 0x8}, 0x40630, 0x80, 0x5, 0x4, 0x5, 0x6, 0x9, 0x0, 0x5, 0x0, 0x80000001}, r6, 0xb, r0, 0xa) [ 1901.390296] FAULT_INJECTION: forcing a failure. [ 1901.390296] name failslab, interval 1, probability 0, space 0, times 0 [ 1901.393240] CPU: 0 PID: 21636 Comm: syz-executor.2 Not tainted 5.10.232 #1 [ 1901.394970] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1901.397052] Call Trace: [ 1901.397739] dump_stack+0x107/0x167 [ 1901.398679] should_fail.cold+0x5/0xa [ 1901.399641] ? create_object.isra.0+0x3a/0xa20 [ 1901.400816] should_failslab+0x5/0x20 [ 1901.401783] kmem_cache_alloc+0x5b/0x310 [ 1901.402809] ? mark_held_locks+0x9e/0xe0 [ 1901.403869] create_object.isra.0+0x3a/0xa20 00:17:51 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1901.405007] kmemleak_alloc_percpu+0xa0/0x100 [ 1901.406299] pcpu_alloc+0x4e2/0x1240 [ 1901.407289] fib_nh_init+0xc1/0x4d0 [ 1901.408258] fib_create_info+0x22b3/0x4a30 [ 1901.409384] ? fib_result_prefsrc+0x4a0/0x4a0 [ 1901.410517] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1901.411831] ? tracing_generic_entry_update+0x1ed/0x270 [ 1901.413198] fib_table_insert+0x1ca/0x1af0 [ 1901.414287] ? nla_get_range_signed+0x520/0x520 [ 1901.415458] ? lock_release+0x680/0x680 [ 1901.416328] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 1901.416955] ? perf_trace_run_bpf_submit+0xf5/0x190 [ 1901.417551] ? fib_route_seq_show+0xeb0/0xeb0 [ 1901.418110] ? __nla_validate+0x3c/0x50 [ 1901.418596] ? memset+0x20/0x50 [ 1901.419016] ? rtm_to_fib_config+0x6f3/0x10b0 [ 1901.419545] ? fib_new_table+0xfb/0x460 [ 1901.420056] inet_rtm_newroute+0x109/0x1f0 [ 1901.420570] ? inet_rtm_delroute+0x350/0x350 [ 1901.421147] ? inet_rtm_delroute+0x350/0x350 [ 1901.421680] rtnetlink_rcv_msg+0x41e/0xbb0 [ 1901.422199] ? rtnl_fdb_dump+0x9d0/0x9d0 [ 1901.422677] ? perf_trace_lock+0x2bd/0x490 [ 1901.423207] ? __lockdep_reset_lock+0x180/0x180 [ 1901.423785] netlink_rcv_skb+0x14b/0x430 [ 1901.424293] ? rtnl_fdb_dump+0x9d0/0x9d0 [ 1901.424788] ? netlink_ack+0xab0/0xab0 [ 1901.425263] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1901.425832] ? netlink_deliver_tap+0x1c4/0xcc0 [ 1901.426381] ? is_vmalloc_addr+0x7b/0xb0 [ 1901.426892] netlink_unicast+0x549/0x7f0 [ 1901.427393] ? netlink_attachskb+0x870/0x870 [ 1901.427960] netlink_sendmsg+0x90f/0xdf0 [ 1901.428455] ? netlink_unicast+0x7f0/0x7f0 [ 1901.428991] ? netlink_unicast+0x7f0/0x7f0 [ 1901.429499] __sock_sendmsg+0x154/0x190 [ 1901.429986] ____sys_sendmsg+0x70d/0x870 [ 1901.430485] ? sock_write_iter+0x3d0/0x3d0 [ 1901.431002] ? do_recvmmsg+0x6d0/0x6d0 [ 1901.431485] ? perf_trace_lock+0x2bd/0x490 [ 1901.432013] ? __lockdep_reset_lock+0x180/0x180 [ 1901.432573] ___sys_sendmsg+0xf3/0x170 [ 1901.433047] ? sendmsg_copy_msghdr+0x160/0x160 [ 1901.433595] ? __fget_files+0x2cf/0x520 [ 1901.434070] ? lock_downgrade+0x6d0/0x6d0 [ 1901.434564] ? find_held_lock+0x2c/0x110 [ 1901.435092] ? __fget_files+0x2f8/0x520 [ 1901.435588] ? __fget_light+0xea/0x290 [ 1901.436097] __sys_sendmsg+0xe5/0x1b0 [ 1901.436557] ? __sys_sendmsg_sock+0x40/0x40 [ 1901.437079] ? rcu_read_lock_any_held+0x75/0xa0 [ 1901.437665] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1901.438304] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1901.438930] ? trace_hardirqs_on+0x5b/0x180 [ 1901.439448] do_syscall_64+0x33/0x40 [ 1901.439912] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1901.440516] RIP: 0033:0x7f7e9f951b19 [ 1901.440974] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1901.443163] RSP: 002b:00007f7e9cec7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1901.444090] RAX: ffffffffffffffda RBX: 00007f7e9fa64f60 RCX: 00007f7e9f951b19 [ 1901.444945] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000005 [ 1901.445774] RBP: 00007f7e9cec71d0 R08: 0000000000000000 R09: 0000000000000000 [ 1901.446614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1901.447537] R13: 00007ffd49bc8f6f R14: 00007f7e9cec7300 R15: 0000000000022000 00:17:51 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1901.448934] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'. [ 1901.450462] FAULT_INJECTION: forcing a failure. [ 1901.450462] name failslab, interval 1, probability 0, space 0, times 0 [ 1901.451839] CPU: 0 PID: 21634 Comm: syz-executor.1 Not tainted 5.10.232 #1 [ 1901.452662] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1901.453652] Call Trace: [ 1901.453976] dump_stack+0x107/0x167 [ 1901.454415] should_fail.cold+0x5/0xa [ 1901.454903] ? create_object.isra.0+0x3a/0xa20 [ 1901.455450] should_failslab+0x5/0x20 [ 1901.455921] kmem_cache_alloc+0x5b/0x310 [ 1901.456400] ? mark_held_locks+0x9e/0xe0 00:17:51 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1901.456888] create_object.isra.0+0x3a/0xa20 [ 1901.457558] kmemleak_alloc_percpu+0xa0/0x100 [ 1901.458114] pcpu_alloc+0x4e2/0x1240 [ 1901.458586] fib_nh_init+0xc1/0x4d0 [ 1901.459046] fib_create_info+0x22b3/0x4a30 [ 1901.459581] ? fib_result_prefsrc+0x4a0/0x4a0 [ 1901.460134] ? __lockdep_reset_lock+0x180/0x180 [ 1901.460689] ? __lockdep_reset_lock+0x180/0x180 [ 1901.461262] fib_table_insert+0x1ca/0x1af0 [ 1901.461785] ? nla_get_range_signed+0x520/0x520 [ 1901.462362] ? lock_downgrade+0x6d0/0x6d0 [ 1901.462881] ? lock_downgrade+0x6d0/0x6d0 [ 1901.463400] ? fib_route_seq_show+0xeb0/0xeb0 [ 1901.463969] ? __nla_validate+0x3c/0x50 [ 1901.464450] ? memset+0x20/0x50 [ 1901.464870] ? rtm_to_fib_config+0x6f3/0x10b0 [ 1901.465412] ? fib_new_table+0xfb/0x460 [ 1901.465909] inet_rtm_newroute+0x109/0x1f0 [ 1901.466419] ? inet_rtm_delroute+0x350/0x350 [ 1901.467001] ? inet_rtm_delroute+0x350/0x350 [ 1901.467537] rtnetlink_rcv_msg+0x41e/0xbb0 [ 1901.468088] ? rtnl_fdb_dump+0x9d0/0x9d0 [ 1901.468575] ? perf_trace_lock+0x2bd/0x490 [ 1901.469114] ? __lockdep_reset_lock+0x180/0x180 [ 1901.469685] netlink_rcv_skb+0x14b/0x430 [ 1901.470191] ? rtnl_fdb_dump+0x9d0/0x9d0 [ 1901.470690] ? netlink_ack+0xab0/0xab0 [ 1901.471178] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1901.471740] ? netlink_deliver_tap+0x1c4/0xcc0 [ 1901.472315] ? is_vmalloc_addr+0x7b/0xb0 [ 1901.472821] netlink_unicast+0x549/0x7f0 [ 1901.473320] ? netlink_attachskb+0x870/0x870 [ 1901.473867] netlink_sendmsg+0x90f/0xdf0 [ 1901.474362] ? netlink_unicast+0x7f0/0x7f0 [ 1901.474908] ? netlink_unicast+0x7f0/0x7f0 [ 1901.475418] __sock_sendmsg+0x154/0x190 [ 1901.475931] ____sys_sendmsg+0x70d/0x870 [ 1901.476424] ? sock_write_iter+0x3d0/0x3d0 [ 1901.476946] ? do_recvmmsg+0x6d0/0x6d0 [ 1901.477414] ? perf_trace_lock+0x2bd/0x490 [ 1901.477948] ? __lockdep_reset_lock+0x180/0x180 [ 1901.478519] ___sys_sendmsg+0xf3/0x170 [ 1901.479006] ? sendmsg_copy_msghdr+0x160/0x160 [ 1901.479561] ? __fget_files+0x2cf/0x520 [ 1901.480054] ? lock_downgrade+0x6d0/0x6d0 [ 1901.480542] ? find_held_lock+0x2c/0x110 [ 1901.481048] ? __fget_files+0x2f8/0x520 [ 1901.481531] ? __fget_light+0xea/0x290 [ 1901.482016] __sys_sendmsg+0xe5/0x1b0 [ 1901.482463] ? __sys_sendmsg_sock+0x40/0x40 [ 1901.482983] ? rcu_read_lock_any_held+0x75/0xa0 [ 1901.483551] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1901.484178] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1901.484789] ? trace_hardirqs_on+0x5b/0x180 [ 1901.485300] do_syscall_64+0x33/0x40 [ 1901.485737] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1901.486345] RIP: 0033:0x7f6b601a6b19 [ 1901.486788] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1901.488977] RSP: 002b:00007f6b5d71c188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1901.489886] RAX: ffffffffffffffda RBX: 00007f6b602b9f60 RCX: 00007f6b601a6b19 [ 1901.490724] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000005 [ 1901.491574] RBP: 00007f6b5d71c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1901.492427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1901.493279] R13: 00007ffdf1ab221f R14: 00007f6b5d71c300 R15: 0000000000022000 [ 1901.499522] FAULT_INJECTION: forcing a failure. [ 1901.499522] name failslab, interval 1, probability 0, space 0, times 0 [ 1901.500921] CPU: 0 PID: 21647 Comm: syz-executor.4 Not tainted 5.10.232 #1 [ 1901.501720] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1901.502692] Call Trace: [ 1901.503020] dump_stack+0x107/0x167 [ 1901.503444] should_fail.cold+0x5/0xa [ 1901.503910] ? create_object.isra.0+0x3a/0xa20 [ 1901.504441] should_failslab+0x5/0x20 [ 1901.504915] kmem_cache_alloc+0x5b/0x310 [ 1901.505403] create_object.isra.0+0x3a/0xa20 [ 1901.505925] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1901.506519] kmem_cache_alloc_trace+0x151/0x320 [ 1901.507077] find_get_context+0x18d/0x9a0 [ 1901.507566] ? security_perf_event_alloc+0x79/0xa0 [ 1901.508158] ? ctx_sched_out+0xa00/0xa00 [ 1901.508640] __do_sys_perf_event_open+0xed1/0x2e60 [ 1901.509226] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1901.509797] ? perf_event_set_output+0x5b0/0x5b0 [ 1901.510353] ? wait_for_completion_io+0x270/0x270 [ 1901.510942] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1901.511553] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1901.512178] do_syscall_64+0x33/0x40 [ 1901.512618] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1901.513228] RIP: 0033:0x7f7d67265b19 [ 1901.513660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1901.515836] RSP: 002b:00007f7d647db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1901.516742] RAX: ffffffffffffffda RBX: 00007f7d67378f60 RCX: 00007f7d67265b19 [ 1901.517584] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020001d80 [ 1901.518434] RBP: 00007f7d647db1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1901.519289] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 1901.520141] R13: 00007ffe6ab3f07f R14: 00007f7d647db300 R15: 0000000000022000 [ 1901.526831] FAULT_INJECTION: forcing a failure. [ 1901.526831] name failslab, interval 1, probability 0, space 0, times 0 [ 1901.528191] CPU: 0 PID: 21681 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1901.529009] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1901.529985] Call Trace: [ 1901.530293] dump_stack+0x107/0x167 [ 1901.530717] should_fail.cold+0x5/0xa [ 1901.531182] ? create_object.isra.0+0x3a/0xa20 [ 1901.531721] should_failslab+0x5/0x20 [ 1901.532185] kmem_cache_alloc+0x5b/0x310 [ 1901.532662] create_object.isra.0+0x3a/0xa20 [ 1901.533184] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 1901.533787] kmem_cache_alloc+0x159/0x310 [ 1901.534286] vm_area_dup+0x78/0x290 [ 1901.534710] ? lock_release+0x680/0x680 [ 1901.535187] ? mark_lock+0xf5/0x2df0 [ 1901.535628] ? lock_chain_count+0x20/0x20 [ 1901.536133] ? mark_lock+0xf5/0x2df0 [ 1901.536577] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0 [ 1901.537201] ? lock_chain_count+0x20/0x20 [ 1901.537685] ? mark_lock+0xf5/0x2df0 [ 1901.538132] ? vm_area_alloc+0x110/0x110 00:17:51 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1901.538770] ? __lock_acquire+0x1657/0x5b00 [ 1901.539321] ? memset+0x20/0x50 [ 1901.539712] ? vmacache_find+0x55/0x2a0 [ 1901.540196] ? file_has_perm+0x183/0x280 [ 1901.540670] __split_vma+0xa8/0x4e0 [ 1901.541106] __do_munmap+0x365/0x1260 [ 1901.541557] ? arch_get_unmapped_area+0x450/0x450 [ 1901.542126] ? lock_release+0x680/0x680 [ 1901.542591] mmap_region+0x7c8/0x1500 [ 1901.543097] do_mmap+0xcdb/0x11e0 [ 1901.543599] vm_mmap_pgoff+0x198/0x1f0 [ 1901.544169] ? randomize_page+0xb0/0xb0 [ 1901.544716] ksys_mmap_pgoff+0x41c/0x560 [ 1901.545272] ? find_mergeable_anon_vma+0x250/0x250 [ 1901.545958] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1901.546584] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1901.547191] do_syscall_64+0x33/0x40 [ 1901.547617] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1901.548234] RIP: 0033:0x7f347623eb62 [ 1901.548670] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1901.550939] RSP: 002b:00007f34737b40f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1901.551837] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f347623eb62 [ 1901.552684] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffd000 [ 1901.553521] RBP: 0000000020ffd000 R08: 0000000000000005 R09: 0000000000000000 [ 1901.554365] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000200 [ 1901.555199] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:17:51 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0) syz_io_uring_setup(0x7f65, &(0x7f0000000140), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000001c0), &(0x7f0000000200)) (fail_nth: 65) 00:17:51 executing program 1: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) (fail_nth: 12) [ 1901.610772] FAULT_INJECTION: forcing a failure. [ 1901.610772] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1901.612222] CPU: 0 PID: 21761 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1901.613109] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1901.614099] Call Trace: [ 1901.614407] dump_stack+0x107/0x167 [ 1901.614838] should_fail.cold+0x5/0xa [ 1901.615282] __alloc_pages_nodemask+0x182/0x600 [ 1901.615833] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 1901.616535] ? walk_mem_res+0x170/0x170 [ 1901.617010] alloc_pages_current+0x187/0x280 [ 1901.617517] pte_alloc_one+0x16/0x1a0 [ 1901.617975] __pte_alloc+0x1d/0x330 [ 1901.618398] remap_pfn_range_internal+0x9a3/0xf60 [ 1901.618959] ? lookup_memtype+0x5b/0x200 [ 1901.619429] ? apply_to_existing_page_range+0x40/0x40 [ 1901.620038] remap_pfn_range+0xcd/0x160 [ 1901.620498] ? remap_pfn_range_notrack+0x70/0x70 [ 1901.621043] ? memcg_slab_post_alloc_hook+0x17a/0x430 [ 1901.621638] io_uring_mmap+0x398/0x530 [ 1901.622086] mmap_file+0x5e/0xe0 [ 1901.622471] mmap_region+0xc49/0x1500 [ 1901.622913] do_mmap+0xcdb/0x11e0 [ 1901.623314] vm_mmap_pgoff+0x198/0x1f0 [ 1901.623758] ? randomize_page+0xb0/0xb0 [ 1901.624228] ksys_mmap_pgoff+0x41c/0x560 [ 1901.624692] ? find_mergeable_anon_vma+0x250/0x250 [ 1901.625262] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1901.625863] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1901.626452] do_syscall_64+0x33/0x40 [ 1901.626879] entry_SYSCALL_64_after_hwframe+0x67/0xd1 00:17:51 executing program 4: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x2}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (fail_nth: 8) [ 1901.627462] RIP: 0033:0x7f347623eb62 [ 1901.628008] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1901.630122] RSP: 002b:00007f34737b40f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1901.631000] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f347623eb62 [ 1901.631823] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffd000 [ 1901.632654] RBP: 0000000020ffd000 R08: 0000000000000005 R09: 0000000000000000 [ 1901.633475] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000200 [ 1901.634319] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 00:17:51 executing program 6: r0 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x0, 0x0) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000002, 0x30, r0, 0xfffec000) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = fcntl$dupfd(r1, 0x0, r1) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x24, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0x5, 0x0, 0x0, @uid=0xee01}]}, 0x24}}, 0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_SET_BACKOFF_EXPONENT(r3, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, 0x0, 0x8, 0x70bd27, 0x25dfdbfe, {}, [@NL802154_ATTR_MAX_BE={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0xc001) getdents64(r2, &(0x7f0000000000)=""/50, 0x32) ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x2a6b4) 00:17:51 executing program 2: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)={0x1c, 0x18, 0xc21, 0x0, 0x0, {0x2}, [@typed={0x8, 0x500, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) (fail_nth: 12) [ 1901.657110] FAULT_INJECTION: forcing a failure. [ 1901.657110] name failslab, interval 1, probability 0, space 0, times 0 [ 1901.658384] CPU: 1 PID: 21768 Comm: syz-executor.4 Not tainted 5.10.232 #1 [ 1901.659117] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1901.660008] Call Trace: [ 1901.660295] dump_stack+0x107/0x167 [ 1901.660687] should_fail.cold+0x5/0xa [ 1901.661094] ? __d_alloc+0x2a/0x990 [ 1901.661483] should_failslab+0x5/0x20 [ 1901.661894] kmem_cache_alloc+0x5b/0x310 [ 1901.662328] __d_alloc+0x2a/0x990 [ 1901.662699] d_alloc_pseudo+0x19/0x70 [ 1901.663108] alloc_file_pseudo+0xce/0x250 [ 1901.663546] ? alloc_file+0x5a0/0x5a0 [ 1901.663959] ? ctx_sched_out+0xa00/0xa00 [ 1901.664393] anon_inode_getfile+0xc8/0x1f0 [ 1901.664843] __do_sys_perf_event_open+0xf59/0x2e60 [ 1901.665368] ? __mutex_unlock_slowpath+0xe1/0x600 [ 1901.665880] ? perf_event_set_output+0x5b0/0x5b0 [ 1901.666382] ? wait_for_completion_io+0x270/0x270 [ 1901.666910] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1901.667465] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1901.668018] do_syscall_64+0x33/0x40 [ 1901.668414] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1901.668962] RIP: 0033:0x7f7d67265b19 [ 1901.669358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1901.671304] RSP: 002b:00007f7d647db188 EFLAGS: 00000246 ORIG_RAX: 000000000000012a [ 1901.672120] RAX: ffffffffffffffda RBX: 00007f7d67378f60 RCX: 00007f7d67265b19 [ 1901.672877] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020001d80 [ 1901.673637] RBP: 00007f7d647db1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1901.674392] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 1901.675147] R13: 00007ffe6ab3f07f R14: 00007f7d647db300 R15: 0000000000022000 00:17:51 executing program 7: perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) [ 1901.688856] FAULT_INJECTION: forcing a failure. [ 1901.688856] name failslab, interval 1, probability 0, space 0, times 0 [ 1901.690280] CPU: 0 PID: 21770 Comm: syz-executor.1 Not tainted 5.10.232 #1 [ 1901.691094] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1901.692059] Call Trace: [ 1901.692370] dump_stack+0x107/0x167 [ 1901.692798] should_fail.cold+0x5/0xa [ 1901.693252] ? __alloc_skb+0x6d/0x5b0 [ 1901.693700] should_failslab+0x5/0x20 [ 1901.694144] kmem_cache_alloc_node+0x55/0x330 [ 1901.694671] __alloc_skb+0x6d/0x5b0 [ 1901.695108] netlink_ack+0x1ed/0xab0 [ 1901.695547] ? netlink_sendmsg+0xdf0/0xdf0 [ 1901.696051] ? __lockdep_reset_lock+0x180/0x180 [ 1901.696602] netlink_rcv_skb+0x348/0x430 [ 1901.697082] ? rtnl_fdb_dump+0x9d0/0x9d0 [ 1901.697554] ? netlink_ack+0xab0/0xab0 [ 1901.698008] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1901.698546] ? netlink_deliver_tap+0x1c4/0xcc0 [ 1901.699081] ? is_vmalloc_addr+0x7b/0xb0 [ 1901.699560] netlink_unicast+0x549/0x7f0 [ 1901.700052] ? netlink_attachskb+0x870/0x870 [ 1901.700574] netlink_sendmsg+0x90f/0xdf0 [ 1901.700994] FAULT_INJECTION: forcing a failure. [ 1901.700994] name failslab, interval 1, probability 0, space 0, times 0 [ 1901.701060] ? netlink_unicast+0x7f0/0x7f0 [ 1901.701088] ? netlink_unicast+0x7f0/0x7f0 [ 1901.701104] __sock_sendmsg+0x154/0x190 [ 1901.701121] ____sys_sendmsg+0x70d/0x870 [ 1901.704222] ? sock_write_iter+0x3d0/0x3d0 [ 1901.704715] ? do_recvmmsg+0x6d0/0x6d0 [ 1901.705166] ? perf_trace_lock+0x2bd/0x490 [ 1901.705665] ? __lockdep_reset_lock+0x180/0x180 [ 1901.706207] ___sys_sendmsg+0xf3/0x170 [ 1901.706661] ? sendmsg_copy_msghdr+0x160/0x160 [ 1901.707202] ? __fget_files+0x2cf/0x520 [ 1901.707659] ? lock_downgrade+0x6d0/0x6d0 [ 1901.708150] ? find_held_lock+0x2c/0x110 [ 1901.708640] ? __fget_files+0x2f8/0x520 [ 1901.709118] ? __fget_light+0xea/0x290 [ 1901.709583] __sys_sendmsg+0xe5/0x1b0 [ 1901.710032] ? __sys_sendmsg_sock+0x40/0x40 [ 1901.710538] ? rcu_read_lock_any_held+0x75/0xa0 [ 1901.711098] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1901.711709] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1901.712313] ? trace_hardirqs_on+0x5b/0x180 [ 1901.712810] do_syscall_64+0x33/0x40 [ 1901.713247] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1901.713844] RIP: 0033:0x7f6b601a6b19 [ 1901.714274] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1901.716405] RSP: 002b:00007f6b5d71c188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1901.717287] RAX: ffffffffffffffda RBX: 00007f6b602b9f60 RCX: 00007f6b601a6b19 [ 1901.718114] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000005 [ 1901.718935] RBP: 00007f6b5d71c1d0 R08: 0000000000000000 R09: 0000000000000000 [ 1901.719761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1901.720594] R13: 00007ffdf1ab221f R14: 00007f6b5d71c300 R15: 0000000000022000 [ 1901.721452] CPU: 1 PID: 21772 Comm: syz-executor.2 Not tainted 5.10.232 #1 [ 1901.722198] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1901.723076] Call Trace: [ 1901.723366] dump_stack+0x107/0x167 [ 1901.723762] should_fail.cold+0x5/0xa [ 1901.724182] ? __alloc_skb+0x6d/0x5b0 [ 1901.724596] should_failslab+0x5/0x20 [ 1901.725006] kmem_cache_alloc_node+0x55/0x330 [ 1901.725497] __alloc_skb+0x6d/0x5b0 [ 1901.725895] netlink_ack+0x1ed/0xab0 [ 1901.726303] ? netlink_sendmsg+0xdf0/0xdf0 [ 1901.726761] ? __lockdep_reset_lock+0x180/0x180 [ 1901.727297] netlink_rcv_skb+0x348/0x430 [ 1901.727735] ? rtnl_fdb_dump+0x9d0/0x9d0 [ 1901.728207] ? netlink_ack+0xab0/0xab0 [ 1901.728625] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1901.729126] ? netlink_deliver_tap+0x1c4/0xcc0 [ 1901.729616] ? is_vmalloc_addr+0x7b/0xb0 [ 1901.730057] netlink_unicast+0x549/0x7f0 [ 1901.730500] ? netlink_attachskb+0x870/0x870 [ 1901.730985] netlink_sendmsg+0x90f/0xdf0 [ 1901.731429] ? netlink_unicast+0x7f0/0x7f0 [ 1901.731902] ? netlink_unicast+0x7f0/0x7f0 [ 1901.732386] __sock_sendmsg+0x154/0x190 [ 1901.732816] ____sys_sendmsg+0x70d/0x870 [ 1901.733261] ? sock_write_iter+0x3d0/0x3d0 [ 1901.733714] ? do_recvmmsg+0x6d0/0x6d0 [ 1901.734132] ? perf_trace_lock+0x2bd/0x490 [ 1901.734595] ? __lockdep_reset_lock+0x180/0x180 [ 1901.735100] ___sys_sendmsg+0xf3/0x170 [ 1901.735548] ? sendmsg_copy_msghdr+0x160/0x160 [ 1901.736053] ? __fget_files+0x2cf/0x520 [ 1901.736479] ? lock_downgrade+0x6d0/0x6d0 [ 1901.736924] ? find_held_lock+0x2c/0x110 [ 1901.737371] ? __fget_files+0x2f8/0x520 [ 1901.737806] ? __fget_light+0xea/0x290 [ 1901.738233] __sys_sendmsg+0xe5/0x1b0 [ 1901.738641] ? __sys_sendmsg_sock+0x40/0x40 [ 1901.739108] ? rcu_read_lock_any_held+0x75/0xa0 [ 1901.739653] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1901.740222] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1901.740804] ? trace_hardirqs_on+0x5b/0x180 [ 1901.741271] do_syscall_64+0x33/0x40 [ 1901.741670] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1901.742215] RIP: 0033:0x7f7e9f951b19 [ 1901.742613] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 1901.744563] RSP: 002b:00007f7e9cec7188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1901.745376] RAX: ffffffffffffffda RBX: 00007f7e9fa64f60 RCX: 00007f7e9f951b19 [ 1901.746132] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000005 [ 1901.746886] RBP: 00007f7e9cec71d0 R08: 0000000000000000 R09: 0000000000000000 [ 1901.747646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1901.748412] R13: 00007ffd49bc8f6f R14: 00007f7e9cec7300 R15: 0000000000022000 [ 1901.763126] ------------[ cut here ]------------ [ 1901.763723] WARNING: CPU: 0 PID: 21761 at arch/x86/mm/pat/memtype.c:1019 get_pat_info+0x216/0x270 [ 1901.764840] Modules linked in: [ 1901.765255] CPU: 0 PID: 21761 Comm: syz-executor.0 Not tainted 5.10.232 #1 [ 1901.766032] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1901.766998] RIP: 0010:get_pat_info+0x216/0x270 [ 1901.767568] Code: c1 ea 03 80 3c 02 00 75 71 49 89 1e eb 8e e8 61 82 2e 00 0f 0b e9 97 fe ff ff 41 bc ea ff ff ff e9 77 ff ff ff e8 4a 82 2e 00 <0f> 0b 41 bc ea ff ff ff e9 65 ff ff ff 4c 89 ff e8 05 78 5a 00 e9 [ 1901.769686] RSP: 0018:ffff88804a72f898 EFLAGS: 00010216 [ 1901.770309] RAX: 00000000000135cd RBX: ffff88804aa49200 RCX: ffffc900007f3000 [ 1901.771131] RDX: 0000000000040000 RSI: ffffffff81123696 RDI: 0000000000000007 [ 1901.771942] RBP: ffff88804a72f950 R08: 0000000000000000 R09: ffff88804a72f820 [ 1901.772776] R10: 0000000000000020 R11: 0000000000000001 R12: 0000000000000028 [ 1901.773615] R13: 1ffff110094e5f13 R14: 0000000000000000 R15: ffff88804aa49250 [ 1901.774459] FS: 00007f34737b4700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000 [ 1901.775397] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1901.776121] CR2: 00007ffd1ecceef8 CR3: 0000000049a62000 CR4: 0000000000350ef0 [ 1901.778441] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1901.783169] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 000000000ddd062a [ 1901.784446] Call Trace: [ 1901.784755] ? __warn+0xe2/0x1f0 [ 1901.785180] ? get_pat_info+0x216/0x270 [ 1901.785645] ? report_bug+0x1c1/0x210 [ 1901.786119] ? handle_bug+0x41/0x90 [ 1901.786548] ? exc_invalid_op+0x14/0x50 [ 1901.787009] ? asm_exc_invalid_op+0x12/0x20 [ 1901.787542] ? get_pat_info+0x216/0x270 [ 1901.788014] ? get_pat_info+0x216/0x270 [ 1901.788504] ? get_pat_info+0x216/0x270 [ 1901.788967] ? pgprot_writethrough+0xc0/0xc0 [ 1901.789529] untrack_pfn+0xdc/0x240 [ 1901.789958] ? track_pfn_insert+0x150/0x150 [ 1901.790486] ? lock_downgrade+0x6d0/0x6d0 [ 1901.790970] ? uprobe_munmap+0x95/0x560 [ 1901.791463] unmap_single_vma+0x1bc/0x300 [ 1901.791958] zap_page_range_single+0x2ce/0x450 [ 1901.792523] ? unmap_single_vma+0x300/0x300 [ 1901.793022] ? remap_pfn_range_internal+0xc56/0xf60 [ 1901.793634] ? lookup_memtype+0x5b/0x200 [ 1901.794144] ? apply_to_existing_page_range+0x40/0x40 [ 1901.794748] remap_pfn_range+0x139/0x160 [ 1901.795248] ? remap_pfn_range_notrack+0x70/0x70 [ 1901.795798] ? memcg_slab_post_alloc_hook+0x17a/0x430 [ 1901.796432] io_uring_mmap+0x398/0x530 [ 1901.796888] mmap_file+0x5e/0xe0 [ 1901.797308] mmap_region+0xc49/0x1500 [ 1901.797762] do_mmap+0xcdb/0x11e0 [ 1901.798212] vm_mmap_pgoff+0x198/0x1f0 [ 1901.798665] ? randomize_page+0xb0/0xb0 [ 1901.799166] ksys_mmap_pgoff+0x41c/0x560 [ 1901.799643] ? find_mergeable_anon_vma+0x250/0x250 [ 1901.800244] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 1901.800852] ? syscall_enter_from_user_mode+0x1d/0x50 [ 1901.801481] do_syscall_64+0x33/0x40 [ 1901.801913] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 1901.802536] RIP: 0033:0x7f347623eb62 [ 1901.802970] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64 [ 1901.805132] RSP: 002b:00007f34737b40f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009 [ 1901.806012] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f347623eb62 [ 1901.806863] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffd000 [ 1901.807723] RBP: 0000000020ffd000 R08: 0000000000000005 R09: 0000000000000000 [ 1901.808587] R10: 0000000000008011 R11: 0000000000000206 R12: 0000000020000200 [ 1901.809436] R13: 0000000020ffc000 R14: 00000000200001c0 R15: 0000000020ffd000 [ 1901.810306] irq event stamp: 1417 [ 1901.810721] hardirqs last enabled at (1425): [] console_unlock+0x92d/0xb40 [ 1901.811736] hardirqs last disabled at (1434): [] console_unlock+0x839/0xb40 [ 1901.812761] softirqs last enabled at (834): [] asm_call_irq_on_stack+0x12/0x20 [ 1901.813817] softirqs last disabled at (781): [] asm_call_irq_on_stack+0x12/0x20 [ 1901.814857] ---[ end trace 0cd2519db3ed061a ]--- [ 1901.940179] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1901.940837] print_req_error: 22 callbacks suppressed [ 1901.940848] blk_update_request: I/O error, dev sr0, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1901.942676] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1901.943301] blk_update_request: I/O error, dev sr0, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1901.944534] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1901.945152] blk_update_request: I/O error, dev sr0, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1901.946383] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1901.946988] blk_update_request: I/O error, dev sr0, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1901.948229] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1901.948835] blk_update_request: I/O error, dev sr0, sector 2096900 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1901.950077] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1901.950683] blk_update_request: I/O error, dev sr0, sector 2096901 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1901.951905] blk_update_request: I/O error, dev loop4, sector 2096896 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1901.953105] buffer_io_error: 6 callbacks suppressed [ 1901.953112] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1901.954538] blk_update_request: I/O error, dev loop4, sector 2096897 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1901.955733] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1901.956612] blk_update_request: I/O error, dev loop4, sector 2096898 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1901.957800] Buffer I/O error on dev loop4, logical block 2096898, async page read [ 1901.958673] blk_update_request: I/O error, dev loop4, sector 2096899 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 1901.959862] Buffer I/O error on dev loop4, logical block 2096899, async page read [ 1901.960741] Buffer I/O error on dev loop4, logical block 2096900, async page read [ 1901.961604] Buffer I/O error on dev loop4, logical block 2096901, async page read [ 1901.962544] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1901.963216] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1901.969798] Buffer I/O error on dev loop4, logical block 2096902, async page read [ 1901.970684] Buffer I/O error on dev loop4, logical block 2096903, async page read [ 1902.003480] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1902.004169] Buffer I/O error on dev loop4, logical block 2096896, async page read [ 1902.005115] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1902.005743] Buffer I/O error on dev loop4, logical block 2096897, async page read [ 1902.006771] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1902.007545] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1902.008326] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1902.009015] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1902.009786] sr 1:0:0:0: [sr0] tag#0 unaligned transfer [ 1902.010576] sr 1:0:0:0: [sr0] tag#0 unaligned transfer VM DIAGNOSIS: 00:17:51 Registers: info registers vcpu 0 RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff822ddad1 RDI=ffffffff879f1140 RBP=ffffffff879f1100 RSP=ffff88804a72f2a8 R8 =0000000000000001 R9 =0000000000000003 R10=0000000000000000 R11=0000000000000001 R12=0000000000000030 R13=0000000000000030 R14=ffffffff879f1100 R15=dffffc0000000000 RIP=ffffffff822ddb28 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007f34737b4700 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe2700000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffd1ecceef8 CR3=0000000049a62000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=000000000ddd062a EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=2c2c2c2c2c2c2c2c2c2c2c2c2c2c2c2c XMM01=00000000ff0000000000000000000000 XMM02=00000000ff0000000000000000000000 XMM03=747269762f736563697665642f737973 XMM04=2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f2f XMM05=343d4d554e514553006b7369643d4550 XMM06=3d454d414e56454400303d444955555f XMM07=00000000000000000000000000000000 XMM08=703e2d73004c414954494e495f544e45 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=1ffff11003016f9a RBX=dffffc0000000000 RCX=ffffffff814d2466 RDX=0000000000000001 RSI=ffffffff814d1083 RDI=ffffc9000065e071 RBP=ffff8880180b7cd0 RSP=ffff8880180b7c08 R8 =0000000000000001 R9 =0000000000000001 R10=00000000c000003e R11=0000000000000001 R12=ffff8880180b7cd0 R13=ffffed1003016f9c R14=ffff8880180b7cd0 R15=ffffc9000065e070 RIP=ffffffff814d10b8 RFL=00000216 [----AP-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 00007ff88a0a2900 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe1000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ff88894a000 CR3=000000000e908000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=ffffffffffffffffffffffffffffffff XMM01=30306234386136303638616663356134 XMM02=38303062343861363036386166633561 XMM03=2f6c616e72756f6a2f676f6c2f6e7572 XMM04=6f09ee202533d3c700000000003b4930 XMM05=d3fdd5f48436fbd700000000000aeab0 XMM06=365bc33abe7b1f7400000000000ae968 XMM07=00000000000000000000000000000000 XMM08=44495f474f4c5359530069253d595449 XMM09=00000000000000000000000000000000 XMM10=00002020000000000000200000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000