f_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, 0x0, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0))

[ 2939.858693] FAULT_INJECTION: forcing a failure.
[ 2939.858693] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2939.861468] CPU: 1 PID: 15306 Comm: syz-executor.6 Not tainted 5.10.253 #1
[ 2939.862938] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2939.864716] Call Trace:
[ 2939.865294]  dump_stack+0x107/0x167
[ 2939.866062]  should_fail.cold+0x5/0xa
[ 2939.866894]  _copy_from_iter_full+0x319/0xa60
[ 2939.867856]  rawv6_sendmsg+0x210a/0x3b90
[ 2939.868727]  ? rawv6_bind+0xa70/0xa70
[ 2939.869520]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2939.870624]  ? SOFTIRQ_verbose+0x10/0x10
[ 2939.871503]  ? lock_acquire+0x197/0x470
[ 2939.872337]  ? find_held_lock+0x2c/0x110
[ 2939.873218]  ? __might_fault+0xd3/0x180
[ 2939.874066]  ? lock_downgrade+0x6d0/0x6d0
[ 2939.874933]  ? lock_downgrade+0x6d0/0x6d0
[ 2939.875838]  ? sock_has_perm+0x1ea/0x280
[ 2939.876707]  ? selinux_socket_post_create+0x7f0/0x7f0
[ 2939.877814]  ? iovec_from_user+0x104/0x400
[ 2939.878708]  ? move_addr_to_kernel.part.0+0xc8/0x110
[ 2939.879799]  ? rawv6_bind+0xa70/0xa70
[ 2939.880616]  inet_sendmsg+0x11d/0x140
[ 2939.881427]  ? inet_send_prepare+0x540/0x540
[ 2939.882360]  __sock_sendmsg+0x13c/0x190
[ 2939.883208]  ____sys_sendmsg+0x70d/0x870
[ 2939.884093]  ? sock_write_iter+0x3d0/0x3d0
[ 2939.884985]  ? sendmsg_copy_msghdr+0xba/0x160
[ 2939.885934]  ? do_recvmmsg+0x6d0/0x6d0
[ 2939.886764]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2939.887933]  __sys_sendmsg_sock+0x26/0x40
04:24:55 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x449}}, 0x0, 0x7, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

[ 2939.888818]  io_sendmsg+0x1e6/0x830
[ 2939.889770]  ? io_setup_async_msg+0x2d0/0x2d0
[ 2939.890800]  ? __lock_acquire+0xbb1/0x5b00
[ 2939.891718]  io_issue_sqe+0x3b3/0x7850
[ 2939.892557]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2939.893662]  ? SOFTIRQ_verbose+0x10/0x10
[ 2939.894522]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2939.895667]  ? trace_hardirqs_on+0x5b/0x180
[ 2939.896588]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 2939.897737]  ? io_connect+0x610/0x610
[ 2939.898557]  ? lock_acquire+0x197/0x470
[ 2939.899411]  ? find_held_lock+0x2c/0x110
[ 2939.900280]  ? __fget_files+0x2cf/0x520
[ 2939.901121]  ? lock_downgrade+0x6d0/0x6d0
[ 2939.902013]  __io_queue_sqe+0x90/0x9d0
[ 2939.902846]  ? io_issue_sqe+0x7850/0x7850
[ 2939.903731]  ? __fget_files+0x2f8/0x520
[ 2939.904590]  io_submit_sqes+0x44a8/0x8610
[ 2939.905500]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2939.906558]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2939.907590]  ? find_held_lock+0x2c/0x110
[ 2939.908454]  ? io_submit_sqes+0x8610/0x8610
[ 2939.909376]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2939.910409]  ? wait_for_completion_io+0x270/0x270
[ 2939.911440]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2939.912418]  ? vfs_write+0x354/0xb10
[ 2939.913209]  ? fput_many+0x2f/0x1a0
[ 2939.913977]  ? ksys_write+0x1a9/0x260
[ 2939.914780]  ? __ia32_sys_read+0xb0/0xb0
[ 2939.915658]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2939.916768]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2939.917869]  do_syscall_64+0x33/0x40
[ 2939.918655]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2939.919748] RIP: 0033:0x7fa49f703b19
[ 2939.920536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2939.924425] RSP: 002b:00007fa49cc79188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2939.926027] RAX: ffffffffffffffda RBX: 00007fa49f816f60 RCX: 00007fa49f703b19
[ 2939.927541] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2939.929045] RBP: 00007fa49cc791d0 R08: 0000000000000000 R09: 0000000000000000
[ 2939.930549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2939.932066] R13: 00007fffb615a22f R14: 00007fa49cc79300 R15: 0000000000022000
04:25:08 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 39)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:25:08 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, 0x0, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0))

04:25:08 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pipe(&(0x7f00000000c0))
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f0000000040)={0x3, 0x80, 0x0, 0x7, 0x3f, 0x9, 0x0, 0x1, 0x2040, 0x6, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x3, 0x4, @perf_config_ext={0x3, 0x10000}, 0x4080, 0x6ee0, 0x15b3, 0x2, 0xfffffffffffffc01, 0x2, 0x8, 0x0, 0x20, 0x0, 0xb885})
syz_io_uring_setup(0x34c9, &(0x7f00000002c0)={0x0, 0x4}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, &(0x7f0000000000))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:25:08 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x3f000000)

04:25:08 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x408, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:25:08 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000004, 0x30, r0, 0x3000)
r1 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r2 = fcntl$dupfd(r1, 0x406, r0)
r3 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, 0xffffffff}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
r6 = socket$unix(0x1, 0x2, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r6, 0x80, &(0x7f0000000340)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}}, 0x0)
r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r3, 0x0)
syz_io_uring_submit(r7, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r8 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x10000, 0x0, 0x0, 0x2df, 0x0, r1})
r9 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r8, 0x13, &(0x7f0000000100)=[r9, r9], 0x2)
r10 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f00000002c0)=@IORING_OP_READ_FIXED={0x4, 0x1, 0x2004, @fd_index=0x9, 0x0, 0xff, 0x30000, 0xa, 0x1, {0x2, r10}}, 0x0)
syz_io_uring_submit(r7, 0x0, &(0x7f0000000480)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r9, 0x0, &(0x7f0000000440)={&(0x7f0000000080)=@vsock, 0x80, &(0x7f0000000400)=[{&(0x7f0000000100)=""/36, 0x24}, {&(0x7f0000000140)=""/217, 0xd9}, {&(0x7f0000000240)=""/123, 0x7b}, {&(0x7f0000000340)=""/154, 0x9a}], 0x4}, 0x0, 0x2121, 0x1, {0x1, r10}}, 0xfffffffb)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f00000004c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x1, 0x0, @fd=r0, 0xffffffff, 0x0, 0x0, 0x0, 0x1}, 0xef)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0xfe, 0x0, 0x2, 0x70, 0x0, 0x9, 0x10010, 0x2, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x2, 0x4, @perf_config_ext={0x7, 0x40}, 0x50004, 0x8, 0x4, 0x0, 0xfff, 0x80000001, 0x7f, 0x0, 0x8000, 0x0, 0x89}, 0xffffffffffffffff, 0x9, r2, 0xb)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:25:08 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0x0, 0x8, 0x0, 0x208}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0))

04:25:08 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x7400000000000000)

04:25:08 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, 0x0, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0))

[ 2952.800361] FAULT_INJECTION: forcing a failure.
[ 2952.800361] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2952.803194] CPU: 1 PID: 15339 Comm: syz-executor.6 Not tainted 5.10.253 #1
[ 2952.804707] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2952.806505] Call Trace:
[ 2952.807080]  dump_stack+0x107/0x167
[ 2952.807882]  should_fail.cold+0x5/0xa
[ 2952.808715]  _copy_from_user+0x2e/0x1b0
[ 2952.809582]  __copy_msghdr_from_user+0x91/0x4b0
[ 2952.810588]  ? __ia32_sys_shutdown+0x80/0x80
[ 2952.811552]  ? inet_sendmsg+0xbd/0x140
[ 2952.812393]  ? inet_send_prepare+0x540/0x540
[ 2952.813342]  ? __sock_sendmsg+0x55/0x190
[ 2952.814226]  ? ____sys_sendmsg+0x426/0x870
[ 2952.815145]  sendmsg_copy_msghdr+0xa1/0x160
[ 2952.816080]  ? do_recvmmsg+0x6d0/0x6d0
[ 2952.816929]  ? lock_chain_count+0x20/0x20
[ 2952.817834]  ? lock_downgrade+0x6d0/0x6d0
[ 2952.818747]  io_sendmsg+0x62c/0x830
[ 2952.819547]  ? io_setup_async_msg+0x2d0/0x2d0
[ 2952.820532]  ? mark_lock+0xf5/0x2df0
[ 2952.821350]  ? lock_chain_count+0x20/0x20
[ 2952.822286]  ? __lock_acquire+0xbb1/0x5b00
[ 2952.823214]  io_issue_sqe+0x3b3/0x7850
[ 2952.824078]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2952.825212]  ? SOFTIRQ_verbose+0x10/0x10
[ 2952.826093]  ? lock_chain_count+0x20/0x20
[ 2952.826995]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2952.828136]  ? io_connect+0x610/0x610
[ 2952.828969]  ? lock_acquire+0x197/0x470
[ 2952.829832]  ? find_held_lock+0x2c/0x110
[ 2952.830720]  ? __fget_files+0x2cf/0x520
[ 2952.831597]  ? lock_downgrade+0x6d0/0x6d0
[ 2952.832499]  __io_queue_sqe+0x90/0x9d0
[ 2952.833351]  ? io_issue_sqe+0x7850/0x7850
[ 2952.834253]  ? __fget_files+0x2f8/0x520
[ 2952.835136]  io_submit_sqes+0x44a8/0x8610
[ 2952.836094]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2952.837178]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2952.838232]  ? find_held_lock+0x2c/0x110
[ 2952.839128]  ? io_submit_sqes+0x8610/0x8610
[ 2952.840084]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2952.841139]  ? wait_for_completion_io+0x270/0x270
[ 2952.842187]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2952.843189]  ? vfs_write+0x354/0xb10
[ 2952.844002]  ? fput_many+0x2f/0x1a0
[ 2952.844788]  ? ksys_write+0x1a9/0x260
[ 2952.845610]  ? __ia32_sys_read+0xb0/0xb0
[ 2952.846498]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2952.847649]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2952.848775]  do_syscall_64+0x33/0x40
[ 2952.849585]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2952.850702] RIP: 0033:0x7fa49f703b19
[ 2952.851520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2952.855569] RSP: 002b:00007fa49cc79188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2952.857231] RAX: ffffffffffffffda RBX: 00007fa49f816f60 RCX: 00007fa49f703b19
[ 2952.858778] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2952.860333] RBP: 00007fa49cc791d0 R08: 0000000000000000 R09: 0000000000000000
[ 2952.861882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2952.863435] R13: 00007fffb615a22f R14: 00007fa49cc79300 R15: 0000000000022000
04:25:08 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:25:08 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1, 0x0, 0x0, 0x208}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0))

04:25:08 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0x0, 0x8, 0x0, 0x208}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0))

04:25:08 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
r1 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
r4 = socket$unix(0x1, 0x2, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000340)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}}, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
syz_io_uring_submit(r5, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1, {0x0, r6}}, 0x0)
syz_io_uring_submit(r5, 0x0, &(0x7f0000000080)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000)={0x400, 0x48}, &(0x7f0000000040)='./file0\x00', 0x18, 0x0, 0x12345, {0x0, r6}}, 0x7)

04:25:09 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x7a00000000000000)

04:25:09 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x40000000)

04:25:09 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0))

[ 2967.481003] FAULT_INJECTION: forcing a failure.
[ 2967.481003] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2967.483798] CPU: 0 PID: 15379 Comm: syz-executor.6 Not tainted 5.10.253 #1
[ 2967.485241] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2967.486967] Call Trace:
[ 2967.487523]  dump_stack+0x107/0x167
[ 2967.488297]  should_fail.cold+0x5/0xa
[ 2967.489111]  _copy_from_user+0x2e/0x1b0
[ 2967.489954]  move_addr_to_kernel.part.0+0x31/0x110
[ 2967.490986]  __copy_msghdr_from_user+0x3e1/0x4b0
[ 2967.491986]  ? __ia32_sys_shutdown+0x80/0x80
[ 2967.492925]  ? __sock_sendmsg+0x55/0x190
[ 2967.493785]  ? ____sys_sendmsg+0x426/0x870
[ 2967.494673]  sendmsg_copy_msghdr+0xa1/0x160
[ 2967.495584]  ? do_recvmmsg+0x6d0/0x6d0
[ 2967.496405]  ? lock_chain_count+0x20/0x20
[ 2967.497281]  ? lock_downgrade+0x6d0/0x6d0
[ 2967.498170]  io_sendmsg+0x62c/0x830
[ 2967.498941]  ? io_setup_async_msg+0x2d0/0x2d0
[ 2967.499901]  ? mark_lock+0xf5/0x2df0
[ 2967.500745]  ? __lock_acquire+0xbb1/0x5b00
[ 2967.501649]  io_issue_sqe+0x3b3/0x7850
[ 2967.502475]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2967.503817]  ? SOFTIRQ_verbose+0x10/0x10
[ 2967.504673]  ? lock_chain_count+0x20/0x20
[ 2967.505546]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2967.506645]  ? io_connect+0x610/0x610
[ 2967.507454]  ? lock_acquire+0x197/0x470
[ 2967.508294]  ? find_held_lock+0x2c/0x110
[ 2967.509155]  ? __fget_files+0x2cf/0x520
[ 2967.509991]  ? lock_downgrade+0x6d0/0x6d0
[ 2967.510864]  __io_queue_sqe+0x90/0x9d0
[ 2967.511695]  ? io_issue_sqe+0x7850/0x7850
[ 2967.512564]  ? __fget_files+0x2f8/0x520
[ 2967.513417]  io_submit_sqes+0x44a8/0x8610
[ 2967.514326]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2967.515376]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2967.516402]  ? find_held_lock+0x2c/0x110
[ 2967.517263]  ? io_submit_sqes+0x8610/0x8610
[ 2967.518178]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2967.519194]  ? wait_for_completion_io+0x270/0x270
[ 2967.520226]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2967.521194]  ? vfs_write+0x354/0xb10
[ 2967.521982]  ? fput_many+0x2f/0x1a0
[ 2967.522749]  ? ksys_write+0x1a9/0x260
[ 2967.523554]  ? __ia32_sys_read+0xb0/0xb0
[ 2967.524423]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2967.525533]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2967.526624]  do_syscall_64+0x33/0x40
[ 2967.527412]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2967.528492] RIP: 0033:0x7fa49f703b19
[ 2967.529274] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2967.533129] RSP: 002b:00007fa49cc79188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2967.534720] RAX: ffffffffffffffda RBX: 00007fa49f816f60 RCX: 00007fa49f703b19
[ 2967.536216] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2967.537710] RBP: 00007fa49cc791d0 R08: 0000000000000000 R09: 0000000000000000
[ 2967.539200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2967.540711] R13: 00007fffb615a22f R14: 00007fa49cc79300 R15: 0000000000022000
04:25:23 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 40)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:25:23 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x48000000)

04:25:23 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x7, 0x47015, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x12}, 0x0, 0x800000000000a, 0x0, 0x0, 0x3f}, 0x0, 0xb, 0xffffffffffffffff, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r2, 0xc0189373, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r0, {0x43}}, './file0\x00'})
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0x8c000, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0)={0x0, 0x0, 0x4, 0x0, 0x0, 0x0, r3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
ftruncate(r1, 0x33080)
r4 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r4, 0x13, &(0x7f0000000100)=[r5, r5], 0x2)
syz_io_uring_setup(0x297b, &(0x7f00000000c0)={0x0, 0x2b7b, 0x4, 0x3, 0x1ca, 0x0, r4}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000140), &(0x7f0000000180))
ioctl$CDROM_GET_MCN(0xffffffffffffffff, 0x5311, &(0x7f0000000040))

04:25:23 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0x0, 0x8, 0x0, 0x208}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0))

04:25:23 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
mmap(&(0x7f0000234000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x1a2c5000)

04:25:23 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0))

04:25:23 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f0000000240), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
readv(r1, &(0x7f0000000400)=[{&(0x7f0000000040)=""/14, 0xe}, {&(0x7f00000002c0)=""/16, 0x10}, {&(0x7f0000000300)}, {&(0x7f0000000340)=""/173, 0xad}], 0x4)
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x3d9f, &(0x7f0000000140)={0x0, 0x5ad2, 0x10, 0x0, 0x1ef, 0x0, r1}, &(0x7f0000233000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f00000001c0), &(0x7f0000000200))

04:25:23 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0xfeffffff00000000)

04:25:23 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0x0, 0x8, 0x0, 0x208}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0))

04:25:23 executing program 2:
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x8, 0xbc, 0x20, 0x8f0d}]}, 0x10)
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x2000002, 0x11, r0, 0x0)
r1 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000000)={0x0, r1, 0x8001, 0x5, 0xf37, 0x3})

04:25:23 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 41)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:25:23 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0xffffffff00000000)

04:25:23 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f00000000c0))

04:25:23 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = syz_io_uring_setup(0x34ca, &(0x7f00000002c0)={0x0, 0x200, 0x2}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000080)=<r2=>0x0)
r3 = openat$incfs(0xffffffffffffffff, &(0x7f00000000c0)='.pending_reads\x00', 0x400, 0x160)
r4 = perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x1, 0x1, 0x1, 0x81, 0x0, 0xfff, 0x4000, 0xc, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x3, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0xd774, 0x0, @perf_config_ext={0x0, 0x8}, 0x1011a, 0x2, 0xfff, 0x3, 0xfffffffffffffffd, 0x1, 0xfffa, 0x0, 0x7ce, 0x0, 0x4}, r2, 0x2, r3, 0xa)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x200000c, 0x11, r0, 0x0)
r5 = io_uring_setup(0x6efd, &(0x7f0000000180)={0x0, 0x6196, 0x10, 0x2, 0x283, 0x0, r1})
tee(r4, r5, 0x100000001, 0x0)

04:25:23 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1, 0x0, 0x0, 0x208}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0))

04:25:23 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x4c000000)

04:25:23 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x1, &(0x7f00000002c0)={0x0, 0xfffffffe}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
io_uring_enter(r1, 0x252c, 0xd36a, 0x0, &(0x7f0000000000)={[0x72]}, 0x8)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:25:23 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f00000000c0))

04:25:23 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
r4 = socket$unix(0x1, 0x2, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000340)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}}, 0x0)
r5 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r6=>0x0, &(0x7f0000000140)=<r7=>0x0)
r8 = socket$unix(0x1, 0x2, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r8, 0x80, &(0x7f0000000340)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}}, 0x0)
r9 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0)
syz_io_uring_submit(r9, r7, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r10 = pidfd_getfd(0xffffffffffffffff, r0, 0x0)
r11 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r7, &(0x7f0000000280)=@IORING_OP_POLL_ADD={0x6, 0x4, 0x0, @fd=r10, 0x0, 0x0, 0x0, {0xa400}, 0x0, {0x0, r11}}, 0xfffffffc)

04:25:23 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$BTRFS_IOC_SYNC(r0, 0x9408, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)=<r3=>0x0)
fcntl$lock(r1, 0x5, &(0x7f0000000040)={0x0, 0x2, 0x9, 0x6, r3})

[ 2967.891982] FAULT_INJECTION: forcing a failure.
[ 2967.891982] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2967.894735] CPU: 0 PID: 15438 Comm: syz-executor.6 Not tainted 5.10.253 #1
[ 2967.896232] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2967.898010] Call Trace:
[ 2967.898585]  dump_stack+0x107/0x167
[ 2967.899369]  should_fail.cold+0x5/0xa
[ 2967.900203]  _copy_from_user+0x2e/0x1b0
[ 2967.901058]  iovec_from_user+0x141/0x400
[ 2967.901934]  ? move_addr_to_kernel.part.0+0xc8/0x110
[ 2967.903031]  __import_iovec+0x67/0x590
[ 2967.903871]  ? __ia32_sys_shutdown+0x80/0x80
[ 2967.904829]  import_iovec+0x83/0xb0
[ 2967.905616]  sendmsg_copy_msghdr+0x131/0x160
[ 2967.906559]  ? do_recvmmsg+0x6d0/0x6d0
[ 2967.907398]  ? lock_chain_count+0x20/0x20
[ 2967.908306]  ? lock_downgrade+0x6d0/0x6d0
[ 2967.909211]  io_sendmsg+0x62c/0x830
[ 2967.909997]  ? io_setup_async_msg+0x2d0/0x2d0
[ 2967.910971]  ? mark_lock+0xf5/0x2df0
[ 2967.911834]  ? __lock_acquire+0xbb1/0x5b00
[ 2967.912750]  io_issue_sqe+0x3b3/0x7850
[ 2967.913600]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2967.914730]  ? SOFTIRQ_verbose+0x10/0x10
[ 2967.915607]  ? lock_chain_count+0x20/0x20
[ 2967.916502]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2967.917629]  ? io_connect+0x610/0x610
[ 2967.918454]  ? lock_acquire+0x197/0x470
[ 2967.919311]  ? find_held_lock+0x2c/0x110
[ 2967.920197]  ? __fget_files+0x2cf/0x520
[ 2967.921051]  ? lock_downgrade+0x6d0/0x6d0
[ 2967.921947]  __io_queue_sqe+0x90/0x9d0
[ 2967.922791]  ? io_issue_sqe+0x7850/0x7850
[ 2967.923692]  ? __fget_files+0x2f8/0x520
[ 2967.924565]  io_submit_sqes+0x44a8/0x8610
[ 2967.925485]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2967.926557]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2967.927604]  ? find_held_lock+0x2c/0x110
[ 2967.928483]  ? io_submit_sqes+0x8610/0x8610
[ 2967.929422]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2967.930466]  ? wait_for_completion_io+0x270/0x270
[ 2967.931505]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2967.932501]  ? vfs_write+0x354/0xb10
[ 2967.933300]  ? fput_many+0x2f/0x1a0
[ 2967.934081]  ? ksys_write+0x1a9/0x260
[ 2967.934897]  ? __ia32_sys_read+0xb0/0xb0
[ 2967.935786]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2967.936915]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2967.938029]  do_syscall_64+0x33/0x40
[ 2967.938831]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2967.939941] RIP: 0033:0x7fa49f703b19
[ 2967.940739] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2967.944700] RSP: 002b:00007fa49cc79188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2967.946338] RAX: ffffffffffffffda RBX: 00007fa49f816f60 RCX: 00007fa49f703b19
[ 2967.947875] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2967.949405] RBP: 00007fa49cc791d0 R08: 0000000000000000 R09: 0000000000000000
[ 2967.950937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2967.952486] R13: 00007fffb615a22f R14: 00007fa49cc79300 R15: 0000000000022000
04:25:40 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0))

04:25:40 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 42)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:25:40 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x2f8a, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2, 0x241}, &(0x7f0000234000/0x4000)=nil, &(0x7f0000235000/0x3000)=nil, &(0x7f0000000080), &(0x7f00000000c0))

04:25:40 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
r3 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r3, 0x13, &(0x7f0000000100)=[r4, r4], 0x2)
r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x13, &(0x7f0000000100)=[r5, r5], 0x2)
r6 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r7 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r6, 0x13, &(0x7f0000000180)=[r7, r7], 0x2)
r8 = syz_io_uring_complete(0x0)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000140)=[r4, r4, r0, r6, r2, r4, r3, r2, r8], 0x9)
ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000040)={0x0, r4, 0x401, 0xfffffffffffffffa, 0x5, 0x81})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r9 = socket$inet(0x2, 0xa, 0x0)
dup3(r9, r0, 0x0)

04:25:40 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f00000000c0))

04:25:40 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x68000000)

04:25:40 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x24001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r2 = dup(r1)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r2, 0xc0189378, &(0x7f0000000000)={{0x1, 0x1, 0x18, r2, {<r3=>r0}}, './file0\x00'})
r4 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r4, 0x13, &(0x7f0000000100)=[r5, r5], 0x2)
r6 = accept$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @initdev}, &(0x7f0000000080)=0x1c)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r3, &(0x7f00000000c0)={r5, r6, 0xffff})
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x3000000, 0x12, r2, 0x4d580000)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:25:40 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r2 = signalfd4(r1, &(0x7f0000000000)={[0x7fffffff]}, 0x8, 0x80000)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x1, 0x2, 0x9, 0x1f, 0x0, 0x8, 0x208, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x2, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x3, 0x2, @perf_config_ext={0x40, 0x3f}, 0x34, 0x0, 0x3, 0x8, 0x81, 0x2, 0x8, 0x0, 0x3, 0x0, 0x29}, 0x0, 0x9, 0xffffffffffffffff, 0x8)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
fcntl$setsig(r2, 0xa, 0x30)

[ 2984.431806] FAULT_INJECTION: forcing a failure.
[ 2984.431806] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2984.434609] CPU: 1 PID: 15455 Comm: syz-executor.6 Not tainted 5.10.253 #1
[ 2984.436113] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2984.437902] Call Trace:
[ 2984.438476]  dump_stack+0x107/0x167
[ 2984.439262]  should_fail.cold+0x5/0xa
[ 2984.440097]  _copy_from_iter_full+0x319/0xa60
[ 2984.441076]  rawv6_sendmsg+0x210a/0x3b90
[ 2984.441959]  ? rawv6_bind+0xa70/0xa70
[ 2984.442784]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2984.443911]  ? SOFTIRQ_verbose+0x10/0x10
[ 2984.444798]  ? lock_acquire+0x197/0x470
[ 2984.445647]  ? find_held_lock+0x2c/0x110
[ 2984.446535]  ? __might_fault+0xd3/0x180
[ 2984.447393]  ? lock_downgrade+0x6d0/0x6d0
[ 2984.448280]  ? lock_downgrade+0x6d0/0x6d0
[ 2984.449178]  ? sock_has_perm+0x1ea/0x280
[ 2984.450059]  ? selinux_socket_post_create+0x7f0/0x7f0
[ 2984.451188]  ? iovec_from_user+0x104/0x400
[ 2984.452110]  ? move_addr_to_kernel.part.0+0xc8/0x110
[ 2984.453209]  ? rawv6_bind+0xa70/0xa70
[ 2984.454038]  inet_sendmsg+0x11d/0x140
[ 2984.454864]  ? inet_send_prepare+0x540/0x540
[ 2984.455822]  __sock_sendmsg+0x13c/0x190
[ 2984.456685]  ____sys_sendmsg+0x70d/0x870
[ 2984.457569]  ? sock_write_iter+0x3d0/0x3d0
[ 2984.458482]  ? sendmsg_copy_msghdr+0xba/0x160
[ 2984.459454]  ? do_recvmmsg+0x6d0/0x6d0
[ 2984.460302]  ? lock_chain_count+0x20/0x20
[ 2984.461202]  ? lock_downgrade+0x6d0/0x6d0
[ 2984.462102]  __sys_sendmsg_sock+0x26/0x40
[ 2984.463000]  io_sendmsg+0x1e6/0x830
[ 2984.463797]  ? io_setup_async_msg+0x2d0/0x2d0
[ 2984.464828]  ? __lock_acquire+0xbb1/0x5b00
[ 2984.465741]  io_issue_sqe+0x3b3/0x7850
[ 2984.466602]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2984.467743]  ? SOFTIRQ_verbose+0x10/0x10
[ 2984.468626]  ? lock_chain_count+0x20/0x20
[ 2984.469524]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2984.470657]  ? io_connect+0x610/0x610
[ 2984.471467]  ? lock_acquire+0x197/0x470
[ 2984.472328]  ? find_held_lock+0x2c/0x110
[ 2984.473214]  ? __fget_files+0x2cf/0x520
[ 2984.474080]  ? lock_downgrade+0x6d0/0x6d0
[ 2984.474980]  __io_queue_sqe+0x90/0x9d0
[ 2984.475839]  ? io_issue_sqe+0x7850/0x7850
[ 2984.476732]  ? __fget_files+0x2f8/0x520
[ 2984.477607]  io_submit_sqes+0x44a8/0x8610
[ 2984.478537]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 2984.479621]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 2984.480673]  ? find_held_lock+0x2c/0x110
[ 2984.481561]  ? io_submit_sqes+0x8610/0x8610
[ 2984.482503]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 2984.483547]  ? wait_for_completion_io+0x270/0x270
[ 2984.484600]  ? rcu_read_lock_any_held+0x75/0xa0
[ 2984.485601]  ? vfs_write+0x354/0xb10
[ 2984.486406]  ? fput_many+0x2f/0x1a0
[ 2984.487190]  ? ksys_write+0x1a9/0x260
[ 2984.488018]  ? __ia32_sys_read+0xb0/0xb0
[ 2984.488904]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2984.490047]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 2984.491171]  do_syscall_64+0x33/0x40
[ 2984.491983]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2984.493089] RIP: 0033:0x7fa49f703b19
[ 2984.493893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2984.497873] RSP: 002b:00007fa49cc79188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 2984.499512] RAX: ffffffffffffffda RBX: 00007fa49f816f60 RCX: 00007fa49f703b19
[ 2984.501064] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 2984.502591] RBP: 00007fa49cc791d0 R08: 0000000000000000 R09: 0000000000000000
[ 2984.504142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2984.505694] R13: 00007fffb615a22f R14: 00007fa49cc79300 R15: 0000000000022000
04:25:40 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f00000000c0))

04:25:40 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f00000000c0))

04:25:40 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), 0x0)

04:25:40 executing program 0:
r0 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r0, 0x13, &(0x7f0000000240)=[r1, r0], 0x2)
write$eventfd(0xffffffffffffffff, &(0x7f0000000080)=0x400009, 0x8)
io_uring_setup(0x1b8, &(0x7f0000000080)={0x0, 0x0, 0x1})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x13, &(0x7f0000000100)=[r2, r1], 0x2)
r3 = accept$inet6(r1, 0x0, &(0x7f0000000180))
r4 = syz_open_dev$char_usb(0xc, 0xb4, 0x6)
r5 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r5, 0x13, &(0x7f0000000100)=[r6, r6], 0x2)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r6, 0x6, &(0x7f0000000200)={0x1, 0x0, &(0x7f00000001c0)=[r3, r0, r1, 0xffffffffffffffff, r0, r4, r0, r6, r0, r0]}, 0xa)
r7 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r7, 0x0)
r8 = syz_io_uring_setup(0x3cf, &(0x7f0000000000)={0x0, 0x0, 0x4, 0x0, 0x26e}, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r7, 0x7748f000)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
dup2(r8, r9)

04:25:40 executing program 7:
r0 = fsmount(0xffffffffffffffff, 0x1, 0x1)
r1 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, r0, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r1, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r2 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r2, 0x13, &(0x7f0000000100)=[r3, r3], 0x2)
mmap(&(0x7f0000234000/0x2000)=nil, 0x2000, 0x6, 0x10, r2, 0x6329c000)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r1, 0x0)

04:25:56 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_START_AP(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)={0x5c, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x30, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x0, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @val={0x72, 0x6}, @void, @void}}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x5c}}, 0x0)
sendmsg$NL80211_CMD_LEAVE_MESH(r2, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x14400000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x20, r4, 0x20, 0x70bd2b, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x3000, 0x23}}}}, ["", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x10}, 0x20040051)
r6 = signalfd4(r0, &(0x7f0000000000)={[0xffffffffffff0001]}, 0x8, 0x800)
syz_io_uring_setup(0x3b1f, &(0x7f0000000040)={0x0, 0x1efd, 0x10, 0x2, 0x209, 0x0, r6}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f00000000c0), &(0x7f0000000100))

04:25:56 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), 0x0)

04:25:56 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 43)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:25:56 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x80, 0x0, 0x5d9, 0x0, 0x68}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x94338000)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x3, 0x0, r0, 0x0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/186, 0xba}, {&(0x7f0000000340)=""/4096, 0x1000}], 0x2, &(0x7f0000000100)=""/124, 0x7c}, 0x0, 0x12000, 0x1, {0x2}}, 0x9)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:25:56 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f00000000c0))

04:25:56 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
ioctl$TUNDETACHFILTER(r2, 0x401054d6, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r3 = socket$inet(0x2, 0xa, 0x0)
dup3(r3, r0, 0x0)

04:25:56 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000009e40), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r1, &(0x7f000000a600)={0x0, 0x0, &(0x7f000000a5c0)={&(0x7f0000000b80)={0x1c, r2, 0x31, 0x0, 0x0, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}]}]}, 0x1c}}, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
r3 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r3, 0x13, &(0x7f0000000100)=[r4, r4], 0x2)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r4, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000080)={&(0x7f0000001e00)={0x1300, r2, 0x200, 0x70bd26, 0x25dfdbfd, {}, [@ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0x1}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x8}, @ETHTOOL_A_LINKMODES_DUPLEX={0x5, 0x6, 0x3}, @ETHTOOL_A_LINKMODES_DUPLEX={0x5, 0x6, 0x9}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x4}, @ETHTOOL_A_LINKMODES_OURS={0x178, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_MASK={0xcf, 0x5, "8305314f34f2d2499c1ee2c41422e50918e0609cf68a959c1debccf99d4bcd073c3c441bfe75dadfa117ab4a93ba691eaf862521badced102bbb987b79cb7a300040042b07c35e3c76b757da99276598d45bb4d1fdbcd62ec33698079233b8153ca90fc8aaa5936ce4f86fff83648bc01c4e49706720da5690dbcb617b11613c9c7a1e414499bb3f35b50ccb9bc06ffc4cd4acf15d79b792ef5e6556b2b8b7ba1023641bf163797de1bc6a386b855d15b7a098c9e4dff615152458c9cdb4ed9c3b605cfa6a71a51b2030fe"}, @ETHTOOL_A_BITSET_BITS={0xa4, 0x3, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, ')&,\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x80000001}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfffffffc}]}, {0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xd6bd}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '}\x00'}]}, {0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '-\x83\\-\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xffff}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5ec}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '-\x00'}]}]}]}, @ETHTOOL_A_LINKMODES_DUPLEX={0x5, 0x6, 0x2}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x5}, @ETHTOOL_A_LINKMODES_OURS={0x113c, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x78, 0x3, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x101}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '\xae%\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2f40}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '\\#\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6e0}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}]}]}, @ETHTOOL_A_BITSET_BITS={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x7}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x7}, @ETHTOOL_A_BITSET_MASK={0x1004, 0x5, "d9bb35eb414dff3e6f6db2c242e82087fde9f1235297ff817fcf7a02500372986b587ffbed25c96a7cece67777446f36d40c2c05d5d9e0c93c206bed2262f92741920584f5c1e4e57ab89d9428109519a00a44317e8b162b79da79416acdf0e7cfb55dce5705fa14940582cf959cce3fd2aebe73a3688ce82e15f86900a860dccb8f36626eda3467db611677a51cf48954b0fdd481c307ec09f48ec554d26a5be4073df81ec5b6fe44a15b26d6cf5e8c96b871026fc127c22fe9b578f8e2fc16f628a0295a6a8bfc94c6afe94d3fe401b371cd47a577f1ec487ea94910eccaf2f09c2cbe5457b8d2524465c32906e2a0da6f72c649b446f3bffcc98b2382f3cebe42736b2490be326bb3a80a822028fe50e1cb9c8aff7e7cb39dc6f265b10b057fb6a8776cc167b75685d8e143f1161b871ac7f841fb04a36402e4298dc0f3261af3c5f4fe1cc155f8735b0cfe3c183452d27be63b7953236850d6a48f664022aa1291572acdbbb1b3a8e0e09420743444e5996ab861e5f17076dfa953ff773d200a7b5b162889aede4257b94b7c9e5f27e66647bf2e333228827afb51264085030bfe89aba810d9a2ed23e5fee4c786914dc66d977e89bec33d0834be7c9b7a1752469de547289114057d78e065af08e8cdd65e0f78d685f131143a020c3219ed26b6f4d4743fa0e2529446fd5f06366f79bea6a0a6aafdb5c18844c35047e759252523caa6c83d45be77c9cbcf41b0e98b862657885ca0025eecd3ca2b09cc17aaea082d1b4d92b35792928c598debb65a3167e0a3b5d0bbe2f956f00a226bbca4f776f9e80a0c4d59abd2757e30e8dee8a0bf7e8c4a7d2f2c59516b537bf1ef87bebc333bb7c3911b13198db0ee3e0b9b35e3ef294e3a802dab31e306b8df8cc4e0879082cc62dd56ee57edc3354b4a4d105035f6f2c6cf4930791b44a3dff12d6b5c09a314aeeac516a30be63fe190473c7c15c1d489b31c2e8eb2efcb963bee1c1d7391931ec3450d9dd18dbb6d28d5c6e905723056a70c6e7d2040427a971e2f453844e0b2e708a9b956f79586caebfb38b8dc6049957017e81967baeb3ead71dc6c56a4ee9e10e85f1421dddea0ca2894e5f168f826fa3770acc7e537d889b4e191e284f066b2473a12ae2cbd3ee5f1907f1e0795115da0a27f564b7e87e31886bf9976071420a6235dd2aafddb2f6b402a40dcc90916e4cf55694def2a5154c5503cbeb631d836dc729452ccd2bb2449bcb1b86b60570d78ca99b56df4b413a2a457e1a5bf590eee22f9223ff954bc218295263164c2807c18e0e94f3f0f410f6df74cea3a2b562eb63378f5b26c13a7d55cc77cffc16aa60a4c08eaf4219f6749d073873294fcc2ae2723107cd559d57f58830395a3ef619c49cbdc78a431dd128f200e99fec6bafabf9f6961fd66ef746c7608346203fadf977c9992c874a6e1c8b60336b85616cde0ed4c38041b085bf515682ca744a6dcaf9cf430e6670ddc0d837dfda47218d65bd0ce05afe7c45a686876227aed4a4645c81ae3f5d9c604bebfe9e8a5a39e02858cbbf74689b82c69962bc99d656973a4ba0323005336e7f37e218880dfaf9e9619367ab178ab4eacddc0141dab00087c616976bdc351640a446bc3f2ea99d158846bc8261cf44659279d88b9affef94564dee4f1cbb50a8da1738a1095f6fa48c9c738dfcfc09bb7747b17947cc1813125687c702947e28d1f589713daf856f98a14862a048e91980bf4b4ddc6dfc96606b0d45c5de9584cbb605a83fbdc24d294152a89f566d30456f057c977e1fe9d9f9096cc5a6f93891b61cd4b060fe11f790de0cf448a68b6526a1f644709059977293b55228e9aee14d9ae39451634981dc4caf6cf6c800c642a8a6c22935818d667ec35f520083a1a507ecc344441dccc9205de2d92a26508555a008ebc06bd70cb686822f60ed058353bb1fc798b50825ace4b94382850eba51bc0f18c7784cef2c02f930a8dd39d43725c57beaf35399f4f684d43706c9f56c8649569ef1dd60c4ee0acdb8dbd613cbe2edc0cd1a442400e5031f6f6e657aa8a6edfea5f4838f4188ca51ffc596ea6544e70ef55d3fdf824a0bae6f89af980afa58ba5910c677fc999cda9e6723ecb4dc3cce9d9eba60005907edf7f7e7d2023dbff13bd0d22d3256b98635d20ef901badf82e15779351fda97330cb5a051a2238f2115be90a6e2e7f368e5adc3e85ff1c27f53029a9f3fe942ba2e71df2a97d9d9ae15fff749569fbd3e1fca01afd2950271c52f88137655224698d7f424fb382c713dcbe755e5a7a850f5a59683e0eb1165b9df409a9cf83717deb243884dd8058d8282745b24136597146abcee9498ed8c7e74752d3a1a8f3ed72f649c0be60a69d03774f1c94292f5201305688fc6c0298ef7cd9ce53d898d94424e82ad923984fb08ba86540618719e97407e02b6a1d7e81797fb3a69137f3cbd91a83c3ff4e786bb63d74b5e8f21ff03d06bc73993e5dfe16772fa6e58e13030e0fc684fcc2c52e3eca8bf1d046886d21f20730b8d1fa5c87d55ab3f42b331bd29c0624986f7a5f3ae010c226f056bdebb39d2dfd30490ae5fe9098330ec72666d0f263c5fcf15c37d97e505b7e83eea27e4d2c787abfb4f4149e1f5e62a7e6529172c7a13225baf1891804bfc2b8f3a8e0109bb991a83355cb552e9e04edc6adc388a355bb1bf5151d44fff1120b6cfffde6bd22978c7145ec0fa911a3d97dabd658566b2131e0beae3f0896c8fc278d46c88cf2a4e879cf0955fbc2bbd2b70a85b1888a2908555f47423775cea7a99c5a24dbd69d23a032e676b1d49aaf69d41923a01df695024f6b3fe2399bc4c6681d8ddf1bbdfeada4568cdd032b638b9093cf2008032e7bd522c60f53c01cd1644acdf460089369717ed9dc23c63c6ec4cc7c7610a33142957bede65914288d8978f0559587c44e5d3304b17c0ce9f1b76b6343b9a3c1557164c72a65dcf43a65311db62faed5dc0338de0ece3bfd026bc2a2282b8c37ccd6c83a0ab7c1c0c7d5e3ac1fbfcf489d4d4386c178ef8d13f8c303488dcaec923dc3fad4642d5fc90432c2a4cb4bec459f091cd92a93f9295fa87a835804f68be5db560a7cf29f7a98a8ffa97d88742a62f514922d00567b6adcfa4b540680a7ee2e64cf80d2162b1f4893629ee6c7fd5f0917c5a8f3bacbe22137a533afc64be5e527ac0a45e15a38be62b179e5dedc55230ce7d6270dbb1028dced86b9c076fdc0eab50c552d93e1188f3c22a1f2ab54a3769fa82c0540ba8f24f18cb0b91f11d7be3a633db0b076a4f7e7948e24aac148227e1d4de002a70c3cefa40df27b8cd2e8eca49bfc27f773defd8117a1d7cca00bacb879df02492bb51a78f5dc14a78f29af5557a91ff573f35afa26e9bfa1307c2f36ebdc9264dc08448f3a2e837d5e05adb2cead79c696f10078d6d5d290cd5c2de32c54c59af79688a0bca7231e1d597858ae829ba8acd5f3fe17b8eaa084fab56d24d9f20b0b70a1dba34265b37afad454e5f3ff5c7a77b3dcfd3ad673445c03d46e98c3efa7ebe91dbadbdc1aa40808d8b460bac9c8de593dc0200c38f48e384fe3c38c319014ced2abc59c8b952ca3b0d24e9a01d9b5cf916f33907f52bcac71de0d371992a01a652bf752f397daeb6d50d5a29bdf6afb8eb050ec05888893d512a685ca994515dd29917416002b5b1ae214492035ec58ada2bb96d118afec1707278cbac793e700b09377fa93b05e6dd44a444d172016230c5f4e92806b4d7591c66deb72ea03fd2c687e3a8f16d5435f79660b54319dcb54888cb6810f82b99cc065e429d9aba33a2c463757f8c20ad866b9f6b8adc5367699aa5bfd2c28b456b0ee5e4ad5017f35e48eb2da8fb2762decafd5b82a2f7024408fa8393c72c3e2f8ecc25fc2057ec98f77996d19c13033389cf6b14cb63409ff7ae5377e339cd1debf63444c375e334c06e88eff0b2bee5e5c353039915646d527919f285aa4074db877fc240ad6121722bfe4223c7e87092d7fadf53f002c29565b0a5d83df271cb8c4d2849eaa55fb36d22c3492d8b66ddf432d4abefabb05e79722e80183279d2572fc2272116e18b957bccebc42449b08a44a03b688f25be71a7032588a731504d37108acc7dc2b702551bbcf8a26423c12e3597e9222d729c75c0e3323236221724744d5abbecf145e9f6eb31eb6c3b8d8c2265bc24512f8e74204b03beadab0e4acd226bb138b403a85ac817f5d75a56252a4d02768f486be2e09c69e53bf508cddfdba6a9fa7bdeeaee6ee41715cbf83b35f3bdc549c1f45f69bfcee84f9d2938c3aed73db2d1e983fafd6e11f6d866b38374a4e161eec8be3436c3004e06967a5d2153498ac88a28c737d3f9706a933efb0000710e88a661ce7f7aa164af8d56b9613f9dc0944fb641335383fe2e581a32cc25ecb61332a606584769c439e6f57fb1d69c057917dc4c699d3d1c29ffe27cbb4e245fe980b13693f9a4f7cb49b456569e27f444f7ff55c9fa86016b0e33e6d975c18c831f8ade491e131ab0cd657f836a72496ed2af2b82816376c82565e9ff1786654a12d0e8b85bb45437e7f6ca9270c55bd0c8c97a07184862f28c704c3f5321a611dc1a5d3221345ca60174c55a2fc8fe72f15d5044d2517bacba5bd7ac90ef22c5d3ffe30a08a01d640e85d5f0375089bd3773eb8a6d4543df08a415271640c86891bc467642c910dccd04139b68033a4d1c71b95ba991cb4b62191d54239752854c2defe375f3884c809f5f42fca968882f87fde172be3b341aa2122ca1df957ef7b7997b00616ff4529ceda8bf5aad249c22a6c9073d4f878cfa9e952643fe8e930a51e6aa0218a399b2231a1c6f967be7c2e4fe7c7a47cfc62918466960bd6a059dc793bc7c418da8368dd17ed584e9a5e2d40bd474e10ee3a2015f3f2ad0b2e1012f33b50b35cde7e78d1b15f911fab5efccacdca564ee7c98323321a683dd87dbef02be4998b0299d0b18ad15e8b866f7c745d485681dc4371cae8c5d3b9ae8c2409277188382c12e9932587dd068afcadb14e574ebaaf030fb82149870182167beef491af05229c5d670e84ef4cc00fc846e6c1a1376f1e7511611f75b963ffd1e1340e596c40931e4b3fe2e0321702a9cc40a9bbf7077c6931d18366b6ce78947ccc9c24b646cee50e95a64b18ef2e2b4f79cf749d6b7d601929a113975e2d05969c95533e5f1ea1be1eeb10c78a75a4225d02a6cbbd284b2338b2af83cedb6425fafe119d5167f8a47e429f4fd1056d11b27ba9aa997db02a3be34f8c79fbc3b1b75a8bed7f46363e7fb3493e88f2d6acc70d12525b064a2cb4f65e292bbfc73c651d460bea2d2eec05b15fb7bcced95e998bfb4a6f4106680ea29a8f8434540e568ef36258343ca7710c5bc1e3a1454c1f5fde0a8e8bb2db0c8cdc7f349988336d949acc391bad37c47706948d1ab7ec737bc0d7cd275f529a28e60d0e66e2ea592c8c024fbb73180ef007a5ce39041e074cc82412fe0ee75a310e3e7215334a574280fce064db6ca6d91e392d0c303a5021da144188215673a12dd433b4968f7c0bdc406dacb717995c46e45f79c2bf2fb9490a60f1f3e4f79314658a6874dc8296866fd4b31d7aedcf3a317c4db97c50deb25348738ac3c2779a8fcb4a9d1d18c87aeed367573b20e6b6994ea36854248b5204bc293088a2be9c336f2e10414ce8984bee7d38ecf3ad5e1ca6590fae030999436d7bb194831187ff11994715255da3d5cdd81e1e5566f135edb17411"}, @ETHTOOL_A_BITSET_MASK={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_BITS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}]}]}, @ETHTOOL_A_BITSET_MASK={0x86, 0x5, "95bd3edf512db5de114b0ae2d10c06c3719ed8ea24f8b36d7c8bdb3f33afae6945c0865cdde1a9b531f3422c8f8f84f537fb92336f3738993b1fc782a1a5fc2fffef1dfdb62edaa050a8fa25ccff26fcb09eef2fdb62eeeee3fcfa7d501e424b5ee3bd18370f15aae4305af7cd89268a9d7e3d33c6d8c62b683435b4853e8d8eeb3d"}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x68}]}]}, 0x1300}, 0x1, 0x0, 0x0, 0x4801}, 0xc030)
ioctl$BTRFS_IOC_QGROUP_CREATE(r0, 0x4010942a, &(0x7f0000000000)={0x0, 0xff})

04:25:56 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x6c000000)

[ 3000.285851] FAULT_INJECTION: forcing a failure.
[ 3000.285851] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3000.287609] CPU: 0 PID: 15508 Comm: syz-executor.6 Not tainted 5.10.253 #1
[ 3000.288576] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3000.289729] Call Trace:
[ 3000.290098]  dump_stack+0x107/0x167
[ 3000.290606]  should_fail.cold+0x5/0xa
[ 3000.291139]  _copy_from_user+0x2e/0x1b0
[ 3000.291689]  __copy_msghdr_from_user+0x91/0x4b0
[ 3000.292343]  ? __ia32_sys_shutdown+0x80/0x80
[ 3000.292977]  ? inet_sendmsg+0xbd/0x140
[ 3000.293555]  ? inet_send_prepare+0x540/0x540
[ 3000.294204]  ? __sock_sendmsg+0x55/0x190
[ 3000.294779]  ? ____sys_sendmsg+0x426/0x870
[ 3000.295378]  sendmsg_copy_msghdr+0xa1/0x160
[ 3000.295977]  ? do_recvmmsg+0x6d0/0x6d0
[ 3000.296523]  ? lock_chain_count+0x20/0x20
[ 3000.297114]  ? lock_downgrade+0x6d0/0x6d0
[ 3000.297708]  io_sendmsg+0x62c/0x830
[ 3000.298230]  ? io_setup_async_msg+0x2d0/0x2d0
[ 3000.298856]  ? mark_lock+0xf5/0x2df0
[ 3000.299388]  ? lock_chain_count+0x20/0x20
[ 3000.299997]  ? __lock_acquire+0xbb1/0x5b00
[ 3000.300600]  io_issue_sqe+0x3b3/0x7850
[ 3000.301154]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3000.301889]  ? SOFTIRQ_verbose+0x10/0x10
[ 3000.302454]  ? lock_chain_count+0x20/0x20
[ 3000.303034]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3000.303750]  ? io_connect+0x610/0x610
[ 3000.304292]  ? lock_acquire+0x197/0x470
[ 3000.304836]  ? find_held_lock+0x2c/0x110
[ 3000.305392]  ? __fget_files+0x2cf/0x520
[ 3000.305938]  ? lock_downgrade+0x6d0/0x6d0
[ 3000.306513]  __io_queue_sqe+0x90/0x9d0
[ 3000.307053]  ? io_issue_sqe+0x7850/0x7850
[ 3000.307630]  ? __fget_files+0x2f8/0x520
[ 3000.308210]  io_submit_sqes+0x44a8/0x8610
[ 3000.308814]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3000.309530]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3000.310210]  ? find_held_lock+0x2c/0x110
[ 3000.310788]  ? io_submit_sqes+0x8610/0x8610
[ 3000.311399]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3000.312093]  ? wait_for_completion_io+0x270/0x270
[ 3000.312773]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3000.313434]  ? vfs_write+0x354/0xb10
[ 3000.313944]  ? fput_many+0x2f/0x1a0
[ 3000.314454]  ? ksys_write+0x1a9/0x260
[ 3000.314989]  ? __ia32_sys_read+0xb0/0xb0
[ 3000.315565]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3000.316303]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3000.317034]  do_syscall_64+0x33/0x40
[ 3000.317553]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3000.318266] RIP: 0033:0x7fa49f703b19
[ 3000.318785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3000.321375] RSP: 002b:00007fa49cc79188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3000.322448] RAX: ffffffffffffffda RBX: 00007fa49f816f60 RCX: 00007fa49f703b19
[ 3000.323435] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 3000.324436] RBP: 00007fa49cc791d0 R08: 0000000000000000 R09: 0000000000000000
[ 3000.325419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3000.326413] R13: 00007fffb615a22f R14: 00007fa49cc79300 R15: 0000000000022000
04:25:56 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), 0x0)

04:25:56 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x40082, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
r2 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r2, 0x13, &(0x7f0000000100)=[r3, r3], 0x2)
perf_event_open(&(0x7f00000001c0)={0x5, 0x80, 0x7, 0x1, 0x81, 0x9, 0x0, 0x4, 0x0, 0xa, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0xfffffffe, 0x4, @perf_bp={&(0x7f0000000080), 0x3}, 0x200, 0x7, 0x7fff, 0xf, 0x4, 0x9, 0xbed, 0x0, 0x1, 0x0, 0x68}, 0x0, 0x8, r3, 0xb)
r4 = io_uring_setup(0x2501, &(0x7f0000000140)={0x0, 0x0, 0x2, 0x0, 0xfffffffc, 0x0, r1})
r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000001680)={<r6=>0x0, <r7=>0x0})
recvmmsg$unix(r5, &(0x7f0000001640)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000340)=""/4096, 0x1000}, {&(0x7f0000001340)=""/66, 0x42}, {&(0x7f0000001700)=""/164, 0xa4}, {&(0x7f0000001480)=""/242, 0xf2}], 0x4, &(0x7f0000001980)=ANY=[@ANYBLOB="150000000000000000e5ffef61de6700", @ANYRES32=<r8=>0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00d26cd669a16d23ec41a6cb8e00460000008000010070bb5b9df11de4813d28b27bcc9fdcd167606f730647e2cea20fb921c4b71b70660d98486fd573d01db47ffaf303e604893a592ac429eeb8127020f1df3c2afd8ac4eeff425b", @ANYRES32, @ANYRES16=r5, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="0000000014000000000000000100000001000000a643a3bf936980cb4203e2ea9bb04034913ed19c510d8871a813b259a5ca2cfb57b8f20361f4e74af5531e44b68a13e9716e3bd8be6b6a1bc9e679", @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES16, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100f0ca699afcb2", @ANYRESDEC=r4, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="3f002eb8"], 0xb0}}], 0x1, 0x10041, &(0x7f00000016c0)={r6, r7+10000000})
r9 = fcntl$dupfd(r3, 0x0, r1)
r10 = io_uring_setup(0x2500, &(0x7f0000001580)={0x0, 0xd587, 0x4, 0x0, 0x0, 0x0, r2})
r11 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r10, 0x13, &(0x7f0000000100)=[r11, 0xffffffffffffffff], 0x2)
kcmp(0x0, r8, 0x2, r9, r11)
connect$inet6(r5, &(0x7f0000000040)={0xa, 0x4e23, 0x80, @private1={0xfc, 0x1, '\x00', 0x1}, 0xfffffff8}, 0x1c)
io_uring_register$IORING_REGISTER_FILES(r4, 0x13, &(0x7f0000000100)=[r5, r5], 0x2)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2, 0x4010, r4, 0x8000000)

04:25:56 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), 0x0)

04:25:56 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
ioctl$FS_IOC_GETFLAGS(r1, 0x80086601, &(0x7f0000000000))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:25:56 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000000, 0x810, r1, 0x10000000)
r4 = open$dir(&(0x7f0000000040)='./file0\x00', 0x60080, 0x103)
syz_io_uring_submit(0x0, r3, &(0x7f00000001c0)=@IORING_OP_STATX={0x15, 0x0, 0x0, r4, &(0x7f0000000080), &(0x7f0000000180)='./file0\x00', 0x80, 0x400}, 0x3b2b4b61)
ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x80049367, &(0x7f0000000200))
r5 = syz_open_dev$vcsu(&(0x7f0000000240), 0x6, 0x10080)
getsockopt$inet6_tcp_buf(r5, 0x6, 0xb, &(0x7f0000000340)=""/135, &(0x7f0000000280)=0x87)
mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x110, r2, 0x44e8f000)

04:25:56 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x74000000)

04:25:56 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x100010, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000000), 0x6e, &(0x7f00000001c0)=[{&(0x7f0000000080)=""/210, 0xd2}, {&(0x7f0000000180)=""/16, 0x10}], 0x2, &(0x7f0000000200)=[@cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r1=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r2=>0xffffffffffffffff]}}], 0x50}, 0x1)
connect$inet6(r1, &(0x7f0000000340)={0xa, 0x4e24, 0x1f, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x9}, 0x1c)
getpeername(r2, &(0x7f0000000380)=@phonet, &(0x7f0000000400)=0x80)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:25:56 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x230000, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, &(0x7f0000000040))
dup3(r1, r0, 0x0)

04:25:56 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), 0x0)

04:25:56 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0)={0x0, 0x4, 0x0, 0xffffffff}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:25:56 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 44)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:25:56 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x4, 0x80, 0x73, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xc3, 0x2}, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:25:56 executing program 4:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0xffffffff00000000)

04:25:56 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}}, 0x0, 0xd, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
sendmsg$NL80211_CMD_SET_BSS(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="fb200039b200", @ANYRES16=0x0, @ANYBLOB="000127bd7000ffdbdf251900000005001d000200000006006d000800000005001e000600000005001c000700000005001e000700000005001e000500000005001c00fb000000"], 0x4c}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x1eb52000)

04:25:56 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
io_uring_enter(r1, 0x505f, 0x8593, 0x0, &(0x7f0000000000)={[0x8]}, 0x8)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:25:56 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), 0x0)

04:25:56 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x2, 0x20, 0x2, 0x1, 0x0, 0x5a60, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x6, 0x2, @perf_config_ext={0x1ff, 0x7}, 0x10000, 0x0, 0x3000000, 0x5, 0x0, 0xaf, 0x9, 0x0, 0x5, 0x0, 0x1f}, 0x0, 0xa, 0xffffffffffffffff, 0x2)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r3=>r1, @ANYBLOB="02000000000000002e2f66696c653013"])
io_uring_enter(r3, 0x627d, 0xee7c, 0x1, &(0x7f00000001c0)={[0x6]}, 0x8)
syz_io_uring_setup(0x34c8, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x2b8, 0x0, r2}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x100000f, 0x11, r0, 0x0)

[ 3000.723164] FAULT_INJECTION: forcing a failure.
[ 3000.723164] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3000.725764] CPU: 1 PID: 15580 Comm: syz-executor.6 Not tainted 5.10.253 #1
[ 3000.727170] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3000.728933] Call Trace:
[ 3000.729488]  dump_stack+0x107/0x167
[ 3000.730261]  should_fail.cold+0x5/0xa
[ 3000.731080]  _copy_from_user+0x2e/0x1b0
[ 3000.731942]  move_addr_to_kernel.part.0+0x31/0x110
[ 3000.733022]  __copy_msghdr_from_user+0x3e1/0x4b0
[ 3000.734044]  ? __ia32_sys_shutdown+0x80/0x80
04:25:56 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x2000000000000, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0)={0x0, 0x0, 0x20}, &(0x7f0000234000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
munmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000)

[ 3000.734975]  ? __sock_sendmsg+0x55/0x190
[ 3000.735991]  ? ____sys_sendmsg+0x426/0x870
[ 3000.736861]  sendmsg_copy_msghdr+0xa1/0x160
[ 3000.737741]  ? do_recvmmsg+0x6d0/0x6d0
[ 3000.738535]  ? lock_chain_count+0x20/0x20
[ 3000.739425]  ? lock_downgrade+0x6d0/0x6d0
[ 3000.740303]  io_sendmsg+0x62c/0x830
[ 3000.741053]  ? io_setup_async_msg+0x2d0/0x2d0
[ 3000.742046]  ? mark_lock+0xf5/0x2df0
[ 3000.742864]  ? __lock_acquire+0xbb1/0x5b00
[ 3000.743737]  io_issue_sqe+0x3b3/0x7850
[ 3000.744587]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3000.745714]  ? SOFTIRQ_verbose+0x10/0x10
[ 3000.746542]  ? lock_chain_count+0x20/0x20
[ 3000.747425]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3000.748498]  ? io_connect+0x610/0x610
[ 3000.749285]  ? lock_acquire+0x197/0x470
[ 3000.750087]  ? find_held_lock+0x2c/0x110
[ 3000.750920]  ? __fget_files+0x2cf/0x520
[ 3000.751733]  ? lock_downgrade+0x6d0/0x6d0
[ 3000.752613]  __io_queue_sqe+0x90/0x9d0
[ 3000.753457]  ? io_issue_sqe+0x7850/0x7850
[ 3000.754378]  ? __fget_files+0x2f8/0x520
[ 3000.755283]  io_submit_sqes+0x44a8/0x8610
[ 3000.756309]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3000.757382]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3000.758380]  ? find_held_lock+0x2c/0x110
[ 3000.759304]  ? io_submit_sqes+0x8610/0x8610
[ 3000.760236]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3000.761243]  ? wait_for_completion_io+0x270/0x270
[ 3000.762238]  ? rcu_read_lock_any_held+0x75/0xa0
04:25:56 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0)={0x0, 0x460f, 0x4, 0x0, 0x254}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

[ 3000.763205]  ? vfs_write+0x354/0xb10
[ 3000.764308]  ? fput_many+0x2f/0x1a0
[ 3000.765114]  ? ksys_write+0x1a9/0x260
[ 3000.766091]  ? __ia32_sys_read+0xb0/0xb0
[ 3000.766948]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3000.768243]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3000.769556]  do_syscall_64+0x33/0x40
[ 3000.770370]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3000.771460] RIP: 0033:0x7fa49f703b19
[ 3000.772266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3000.776242] RSP: 002b:00007fa49cc79188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3000.777899] RAX: ffffffffffffffda RBX: 00007fa49f816f60 RCX: 00007fa49f703b19
[ 3000.779468] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 3000.781060] RBP: 00007fa49cc791d0 R08: 0000000000000000 R09: 0000000000000000
[ 3000.782604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3000.784158] R13: 00007fffb615a22f R14: 00007fa49cc79300 R15: 0000000000022000
04:25:56 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x4, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = dup(r0)
perf_event_open(&(0x7f0000000080)={0x5, 0x80, 0x1, 0x49, 0x5, 0x7, 0x0, 0xc2, 0x0, 0x8, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x3, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000040), 0xc}, 0x28, 0x25ee, 0x400, 0x5, 0x0, 0x5, 0x6, 0x0, 0x3, 0x0, 0x7}, 0x0, 0x8, r3, 0x1)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000007c0)=@IORING_OP_FALLOCATE={0x11, 0x2, 0x0, @fd_index=0x7, 0x2335daf62, 0x0, 0x3, 0x0, 0x1, {0x0, r4}}, 0x3)
r5 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r5, 0x13, &(0x7f0000000100)=[r6, r6], 0x2)
syz_io_uring_submit(0x0, r2, &(0x7f0000000780)=@IORING_OP_RECVMSG={0xa, 0x1, 0x0, r6, 0x0, &(0x7f0000000740)={&(0x7f0000000180)=@nfc, 0x80, &(0x7f0000000600)=[{&(0x7f0000000340)=""/221, 0xdd}, {&(0x7f0000000440)=""/211, 0xd3}, {&(0x7f0000000200)=""/175, 0xaf}, {&(0x7f0000000100)=""/50, 0x32}, {&(0x7f0000000540)=""/126, 0x7e}, {&(0x7f00000005c0)=""/64, 0x40}], 0x6, &(0x7f0000000680)=""/146, 0x92}, 0x0, 0x10002, 0x1, {0x2}}, 0x20b8)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:26:14 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 45)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:26:14 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x7a000000)

[ 3018.513860] FAULT_INJECTION: forcing a failure.
[ 3018.513860] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3018.515732] CPU: 1 PID: 15615 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3018.516801] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3018.518054] Call Trace:
[ 3018.518457]  dump_stack+0x107/0x167
[ 3018.519005]  should_fail.cold+0x5/0xa
[ 3018.519587]  _copy_from_user+0x2e/0x1b0
[ 3018.520223]  io_uring_setup+0x9b/0x2980
[ 3018.520833]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3018.521556]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3018.522313]  ? wait_for_completion_io+0x270/0x270
[ 3018.523042]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3018.523717]  ? vfs_write+0x354/0xb10
[ 3018.524285]  ? fput_many+0x2f/0x1a0
[ 3018.524823]  ? ksys_write+0x1a9/0x260
[ 3018.525377]  ? __ia32_sys_read+0xb0/0xb0
[ 3018.525497] FAULT_INJECTION: forcing a failure.
[ 3018.525497] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3018.525982]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3018.529364]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3018.530124]  do_syscall_64+0x33/0x40
[ 3018.530666]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3018.531430] RIP: 0033:0x7f4cd02cab19
[ 3018.531984] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3018.534687] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3018.535785] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3018.536832] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3018.537860] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3018.538886] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3018.539922] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3018.541005] CPU: 0 PID: 15612 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3018.542584] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3018.544468] Call Trace:
[ 3018.545081]  dump_stack+0x107/0x167
[ 3018.545920]  should_fail.cold+0x5/0xa
[ 3018.546805]  _copy_from_user+0x2e/0x1b0
[ 3018.547870]  io_uring_setup+0x9b/0x2980
[ 3018.548801]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3018.549921]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3018.551079]  ? wait_for_completion_io+0x270/0x270
[ 3018.552216]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3018.553276]  ? vfs_write+0x354/0xb10
[ 3018.554141]  ? fput_many+0x2f/0x1a0
[ 3018.554983]  ? ksys_write+0x1a9/0x260
[ 3018.555858]  ? __ia32_sys_read+0xb0/0xb0
[ 3018.556815]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3018.558012]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3018.559197]  do_syscall_64+0x33/0x40
[ 3018.560067]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3018.561237] RIP: 0033:0x7f3b78954b19
[ 3018.562097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3018.566277] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3018.568033] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3018.569668] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3018.571309] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3018.572963] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3018.574605] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:26:14 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 1)

04:26:14 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x5c81, &(0x7f0000000000)={0x0, 0xf0d2, 0x1, 0x2, 0x394}, &(0x7f0000ff6000/0xa000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000000c0))
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:26:14 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 1)

04:26:14 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x5bf, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600", 0x0, 0x80000000})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000040)={'macvlan0\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
pipe(&(0x7f0000000440)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000004c0)={0x0, 0x0, <r2=>0x0}, &(0x7f0000000540)=0xc)
chown(&(0x7f0000000040)='./file0\x00', 0x0, r2)
ioctl$TUNSETGROUP(r0, 0x400454ce, r2)
ioctl$VT_DISALLOCATE(0xffffffffffffffff, 0x5608)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x322)
r3 = socket$inet(0x2, 0xa, 0x5)
dup3(r3, r0, 0x0)

04:26:14 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
sendmsg$NFT_MSG_GETTABLE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, 0x1, 0xa, 0x801, 0x0, 0x0, {0x7, 0x0, 0x1}, [@NFTA_TABLE_FLAGS={0x8}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x2}]}, 0x34}, 0x1, 0x0, 0x0, 0x20004840}, 0x4040040)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
r2 = io_uring_setup(0x6347, &(0x7f0000000080)={0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r1})
r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r2, 0x13, &(0x7f0000000100)=[r3, r3], 0x2)
r4 = dup3(r1, r0, 0x80000)
dup2(r2, r4)
r5 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
ioctl$BTRFS_IOC_LOGICAL_INO(r5, 0xc0389424, &(0x7f00000001c0)={0x1, 0x28, '\x00', 0x1, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0]})
r6 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r7 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r6, 0x13, &(0x7f0000000100)=[r7, r7], 0x2)
r8 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x13, &(0x7f0000000100)=[r8, r8], 0x2)
recvmsg(r8, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000240)=""/110, 0x6e}, {&(0x7f0000000340)=""/244, 0xf4}], 0x2, &(0x7f0000000480)=""/37, 0x25}, 0x2020)
fcntl$lock(r6, 0x7, &(0x7f0000000200)={0x1, 0x0, 0x7, 0x7, 0xffffffffffffffff})
ioctl$TIOCL_SETSEL(0xffffffffffffffff, 0x541c, &(0x7f0000000000)={0x2, {0x2, 0x5fc, 0xb0, 0xff, 0x8a, 0x1}})

04:26:14 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xa, 0x30, r2, 0x0)

[ 3018.607038] FAULT_INJECTION: forcing a failure.
[ 3018.607038] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3018.609929] CPU: 0 PID: 15616 Comm: syz-executor.6 Not tainted 5.10.253 #1
[ 3018.611539] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3018.613467] Call Trace:
[ 3018.614090]  dump_stack+0x107/0x167
[ 3018.614934]  should_fail.cold+0x5/0xa
[ 3018.615826]  _copy_from_user+0x2e/0x1b0
[ 3018.616759]  iovec_from_user+0x141/0x400
[ 3018.617704]  ? move_addr_to_kernel.part.0+0xc8/0x110
[ 3018.618888]  __import_iovec+0x67/0x590
[ 3018.619796]  ? __ia32_sys_shutdown+0x80/0x80
[ 3018.620850]  import_iovec+0x83/0xb0
[ 3018.621707]  sendmsg_copy_msghdr+0x131/0x160
[ 3018.622727]  ? do_recvmmsg+0x6d0/0x6d0
[ 3018.623635]  ? lock_chain_count+0x20/0x20
[ 3018.624613]  ? lock_downgrade+0x6d0/0x6d0
[ 3018.625618]  ? mark_lock+0xf5/0x2df0
[ 3018.626538]  io_sendmsg+0x62c/0x830
[ 3018.627401]  ? io_setup_async_msg+0x2d0/0x2d0
[ 3018.628465]  ? mark_lock+0xf5/0x2df0
[ 3018.629389]  ? __lock_acquire+0xbb1/0x5b00
[ 3018.630379]  io_issue_sqe+0x3b3/0x7850
[ 3018.631301]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3018.632526]  ? SOFTIRQ_verbose+0x10/0x10
[ 3018.633473]  ? lock_chain_count+0x20/0x20
[ 3018.634441]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3018.635661]  ? io_connect+0x610/0x610
[ 3018.636562]  ? lock_acquire+0x197/0x470
[ 3018.637503]  ? find_held_lock+0x2c/0x110
[ 3018.638472]  ? __fget_files+0x2cf/0x520
[ 3018.639408]  ? lock_downgrade+0x6d0/0x6d0
[ 3018.640410]  __io_queue_sqe+0x90/0x9d0
[ 3018.641334]  ? io_issue_sqe+0x7850/0x7850
[ 3018.642314]  ? __fget_files+0x2f8/0x520
[ 3018.643293]  io_submit_sqes+0x44a8/0x8610
[ 3018.644343]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3018.645520]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3018.646688]  ? find_held_lock+0x2c/0x110
[ 3018.647655]  ? io_submit_sqes+0x8610/0x8610
[ 3018.648717]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3018.649865]  ? wait_for_completion_io+0x270/0x270
[ 3018.651049]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3018.652189]  ? vfs_write+0x354/0xb10
[ 3018.653101]  ? fput_many+0x2f/0x1a0
[ 3018.653986]  ? ksys_write+0x1a9/0x260
[ 3018.654912]  ? __ia32_sys_read+0xb0/0xb0
[ 3018.655911]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3018.657214]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3018.658482]  do_syscall_64+0x33/0x40
[ 3018.659394]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3018.660660] RIP: 0033:0x7fa49f703b19
[ 3018.661468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3018.665389] RSP: 002b:00007fa49cc79188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3018.667007] RAX: ffffffffffffffda RBX: 00007fa49f816f60 RCX: 00007fa49f703b19
[ 3018.668534] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 3018.670048] RBP: 00007fa49cc791d0 R08: 0000000000000000 R09: 0000000000000000
[ 3018.671569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3018.673116] R13: 00007fffb615a22f R14: 00007fa49cc79300 R15: 0000000000022000
04:26:14 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = accept$unix(0xffffffffffffffff, &(0x7f0000000000)=@abs, &(0x7f0000000080)=0x6e)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x7fff, 0xffffffffffff9b8b})
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140), 0xa}, 0x0, 0x0, 0x0, 0x8, 0x0, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x3)
connect$unix(r1, &(0x7f0000000200)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
r2 = socket$inet(0x2, 0x3, 0x6)
connect$inet(r2, &(0x7f0000000140)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r2, &(0x7f0000000000), 0x400000d, 0x7fffeffe)
r3 = socket$inet(0x2, 0x3, 0x6)
connect$inet(r3, &(0x7f0000000140)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r3, &(0x7f0000000000), 0x400000d, 0x7fffeffe)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_TIMESTAMP(r4, 0x1, 0x3f, &(0x7f00000001c0)=0xa, 0x1c)
syz_open_dev$char_usb(0xc, 0xb4, 0x6e5)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
write$binfmt_misc(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="73799aa98a48c62f5edd3a93bc46719dba2043cc2bcb000000000018ee9dd906c44515221933ffa0d7a629ff3d86d3471c1bf9c776336f7ed92e022b106bb7122825b6e72371918a185afd59cf059f5cf48ac6b702620e31dc5e4ab6c3aed8faeb21e450153d82dc9a58fd78cef9060342bfb323ed0310712dce88c626b19953ad6e40e4b7408f973b55af6345d5836dbf859bc51c51940767b096"], 0x12)

04:26:14 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 2)

04:26:14 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 2)

[ 3018.702907] FAULT_INJECTION: forcing a failure.
[ 3018.702907] name failslab, interval 1, probability 0, space 0, times 0
04:26:14 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r2, 0x40042409, 0x0)

[ 3018.705548] CPU: 0 PID: 15637 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3018.707160] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3018.709013] Call Trace:
[ 3018.709602]  dump_stack+0x107/0x167
[ 3018.710426]  should_fail.cold+0x5/0xa
[ 3018.711270]  ? io_uring_setup+0x258/0x2980
[ 3018.712229]  should_failslab+0x5/0x20
[ 3018.713091]  kmem_cache_alloc_trace+0x55/0x320
[ 3018.714142]  io_uring_setup+0x258/0x2980
[ 3018.715069]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3018.716181]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3018.717326]  ? wait_for_completion_io+0x270/0x270
[ 3018.718469]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3018.719656]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3018.720866]  do_syscall_64+0x33/0x40
[ 3018.721713]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3018.722882] RIP: 0033:0x7f4cd02cab19
[ 3018.723713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3018.727897] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3018.729622] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3018.731224] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3018.732832] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3018.734447] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3018.736100] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3018.745690] FAULT_INJECTION: forcing a failure.
[ 3018.745690] name failslab, interval 1, probability 0, space 0, times 0
[ 3018.748267] CPU: 0 PID: 15639 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3018.749864] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3018.751747] Call Trace:
[ 3018.752364]  dump_stack+0x107/0x167
[ 3018.753203]  should_fail.cold+0x5/0xa
[ 3018.754084]  ? io_uring_setup+0x258/0x2980
[ 3018.755049]  should_failslab+0x5/0x20
[ 3018.755919]  kmem_cache_alloc_trace+0x55/0x320
[ 3018.756987]  io_uring_setup+0x258/0x2980
04:26:14 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
r1 = getpgrp(0x0)
pidfd_open(r1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r2=>0xffffffffffffffff, {0x1}}, './file0\x00'})
perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x4, 0x0, 0x5, 0x63, 0x0, 0x5, 0x38, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x4, 0x4, @perf_bp={&(0x7f0000000000), 0x4}, 0x400, 0x5, 0x8, 0x9, 0x7ff, 0x1, 0x1, 0x0, 0x2, 0x0, 0x5}, r1, 0x6, r2, 0x0)

[ 3018.757923]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3018.759160]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3018.760333]  ? wait_for_completion_io+0x270/0x270
[ 3018.761497]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3018.762704]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3018.763895]  do_syscall_64+0x33/0x40
[ 3018.764765]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3018.765939] RIP: 0033:0x7f3b78954b19
[ 3018.766799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3018.771028] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3018.772793] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3018.774436] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3018.776108] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3018.777776] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3018.779441] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:26:14 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'wg0\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

[ 3034.080852] FAULT_INJECTION: forcing a failure.
[ 3034.080852] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3034.083598] CPU: 1 PID: 15664 Comm: syz-executor.6 Not tainted 5.10.253 #1
[ 3034.085099] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3034.086883] Call Trace:
[ 3034.087447]  dump_stack+0x107/0x167
[ 3034.088263]  should_fail.cold+0x5/0xa
[ 3034.089097]  _copy_from_iter_full+0x319/0xa60
[ 3034.090081]  rawv6_sendmsg+0x210a/0x3b90
[ 3034.090971]  ? rawv6_bind+0xa70/0xa70
[ 3034.091811]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3034.092943]  ? SOFTIRQ_verbose+0x10/0x10
[ 3034.093838]  ? lock_acquire+0x197/0x470
[ 3034.094693]  ? find_held_lock+0x2c/0x110
[ 3034.095574]  ? __might_fault+0xd3/0x180
[ 3034.096445]  ? lock_downgrade+0x6d0/0x6d0
[ 3034.097337]  ? lock_downgrade+0x6d0/0x6d0
[ 3034.098253]  ? sock_has_perm+0x1ea/0x280
[ 3034.099127]  ? selinux_socket_post_create+0x7f0/0x7f0
[ 3034.100263]  ? iovec_from_user+0x104/0x400
[ 3034.101403]  ? move_addr_to_kernel.part.0+0xc8/0x110
[ 3034.102781]  ? rawv6_bind+0xa70/0xa70
[ 3034.103606]  inet_sendmsg+0x11d/0x140
[ 3034.104436]  ? inet_send_prepare+0x540/0x540
[ 3034.105387]  __sock_sendmsg+0x13c/0x190
[ 3034.106243]  ____sys_sendmsg+0x70d/0x870
[ 3034.107135]  ? sock_write_iter+0x3d0/0x3d0
[ 3034.108038]  ? sendmsg_copy_msghdr+0xba/0x160
[ 3034.109015]  ? do_recvmmsg+0x6d0/0x6d0
[ 3034.110086]  ? lock_chain_count+0x20/0x20
04:26:30 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='cmdline\x00')
pread64(r4, 0x0, 0x0, 0x13e)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r2, 0xc0189377, &(0x7f0000000040)={{0x1, 0x1, 0x18, r3, {0x0, 0x1}}, './file0\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r5 = socket$inet(0x2, 0xa, 0x0)
ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f0000000200)="ccac36f8890ddd39b624e83e4f48e13ddc809f6a6034fa9d5c215cef309e3f9b543cc8e1979472917d4d872d6a7a40714dd3ca69f56f51333b0f7c67c795051456973dbeba0ad5aa951e74e8652b65ab81b3f43781b2db36861889eac7fd7c25e3fd3162c502dbc0ce2d7827c187f827c6d06d296112cbdf717ac54a220d2049b58d4a96bdd8bcf0360b1ecb31586695b39f3a4045c1428dc8e41db9b044f50a675061daae0ddbe52059940e744f9a99ccc1399ff19683af7474a4545cb078efc25c4cda0c1cbe9915f1bc12fc7b847b2d7d56650ec62b89455f16fd2192d7eaba8d05a842eee3549785810cbec9183cc4ab631925c69b0250af7238ecef3a84")
r6 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r7 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r6, 0x13, &(0x7f0000000100)=[r7, r7], 0x2)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000140)=ANY=[@ANYBLOB="01e1d46b485188517ec10000000000000000", @ANYRES32=r6, @ANYBLOB='\x00\x00\x00\x00\t\x00\x00\x00./file0\x00'])
dup3(r5, r0, 0x0)
ioctl$GIO_FONT(0xffffffffffffffff, 0x4b60, &(0x7f0000000300)=""/71)

04:26:30 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0xdacafe05)

04:26:30 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 46)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:26:30 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x6f36, &(0x7f0000000000)={0x0, 0x3eae, 0x0, 0x1, 0x301}, &(0x7f00007ff000/0x800000)=nil, &(0x7f0000941000/0x4000)=nil, &(0x7f0000000080)=<r2=>0x0, &(0x7f00000000c0))
r3 = mmap$IORING_OFF_SQES(&(0x7f0000d73000/0x2000)=nil, 0x2000, 0x1000006, 0x10, r1, 0x10000000)
r4 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r4, 0x13, &(0x7f0000000100)=[r5, r5], 0x2)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_ACCEPT={0xd, 0x4, 0x0, r5, &(0x7f0000000100)=0x80, &(0x7f0000000140)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x0, 0x0, 0x1}, 0x6)

04:26:30 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 3)

04:26:30 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 3)

04:26:30 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
io_uring_enter(r1, 0x2450, 0x96e2, 0x2, &(0x7f0000000000)={[0x1]}, 0x8)

04:26:30 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r1, 0xd000943e, &(0x7f0000058c80)={<r2=>0x0, 0x0, "3740588e9e2f7404441d949d6ba42ee2d54d4dc0e0357f26bb128c432ef6bbf2ae34a3c23b319cdc208b6309a40c22de6747fbb845ed16af3e83ffc2aa7a8d27a8aaa92bb6ab4795d8556d8934f5fabea45327b86b75d8a47d326745029b5aa42f8022f28a439152dd744f4b5aebc1fa97d33caa7754fbef1c44e9009c93a090e93cae85751bbe47aa96cc6cb8dc06a63b6e338ad22becb5214fd5a8e35cc1fb28f01088253e52860a8780f02549def2eb3ef20d73f5e68be9df74f76efeca5f00debd18bd0277ce6f6525c44b7c8551b77d6e2524602048b42ae9cebf157eafdd00c26889d04e05fab5183ca94b333eb911316127b207c0cb89ac33c516a963", "71406c2cea647afdb5343062c6e8907b868fb95c78a9b5fc2be272cfb108d86bcb724844ba616c99c76b7439f11d8908f353f33ea76124b1c3b039eaa59115015624cb76a5b99f5460cba98ac01b501245e2774138ea0619ef2d45b04c4d30a08c30fc882214a58a37351f972cc28eeea3769fa99721b2529871ae4d15c3300a0d753c0358cd195ecf066058d4eb7431194cdb1ef66495aec892c3c6d4adc8dcbb6821f06f4353f411799048707d945757c224ade1ffd5b13d73e7c935f22ec0881cf539c1af3a1c150e0a91208a02bce9505e864f972bf1704158543634c4dc3396d02ab0236ebc21fc8bd60a11f508bf92a47494edac91e1dbd3e9c912bb173c2fc1785030dcfe77b322aaa7c0ed0947c022ee6a6f32f663095b39f22527c64b49181e908128529cb416434e02886861bc18ba8214d02e6e9d99e330673769e5eff65981b16047c15938c20416a1f9816177fb454a5279186d5b84c20174deb174577b85567ea484945c28859a9bf081c1b0234435a1e9b92ef0124660665029d4127bca2385bcf7a5948cb45dbfe94ffa8ceb42dbcddb08499488017e94a0e8c59371f64bd21fe2be8d826b27d480473140c66da2aa99f6add43477f0a087e19b54768a564f200b2834e260092fd837dd18e45606983bb9a9af9a7b5d388731050ea630e56498a94d47fe8fa5684eae5f83854bfff9169f7ebe87fefb217e2efee52a7f1c6e9cb62bb9c6d50805c88b31164c6230a5d36d767d82aa867d05c64a38f15ed095f642df8eacf070944debac6961d2bb6bf611b132c5214fc4f1f1310b1db5372d0cd7b9d1d89c4299989197f7b6250b5d930dd8039c25b9531239ee8d625fbf4807ad48d0216d527cfb6e6bd1cf253a52a986f7630e305e056663ca056a84b0ce68542d67e130cf6959a31d13badceed4486d31903a1dca5f150d1b7132a5e2302ea7b2d455a45191d9835f06cc5bfc65c24c276edad09bc861b044b963da132de1cf164500f706df43fd8044eb983da8e892b9764aa691143c4e73e070b26f6467411a018385ef8f52d40d23050bc5942c2b6d131cab588223b7d04ff3c89ff40a9030c62e049352784052acc62a54cdab0f9ef4efb803c88ee5806bd7fb9c4cbae277089e0cac42665625d0878989c106379a34c5e1b54cc7e4bbd61a8540778cf39d883dd61658848395a5a00a61c90fe8aba39bea5759d6c7521047e7010ad4473082aa5c13c39bd35cddf7d291b6ac100982c3479419c844878962514d8cef5e9d3bb210b9c767237b84887f54de3c06ed10974967394e499977956b3d3696a2a6f49451bec3e0768416b67cf75b489c023696561930424edadb8b22daa0ea56a84ff3756b8c49226067fe987bfce60fbf288b615d5709180ffc0f0f1dfaa08d27452ba8657a6437db5f224c804b6db1d6a203021a907717677f1a50dde576eab9f07e4480d8ca54f896bd957239eab764643e1fa51b331494c9361d7974d8d4448055f8e8dc006bfe65c1de94d70564911283fb4534746b65cc016ded216b537f99c46b4904fa266740221a7e57170ab2248638f895868268c025bc78fe7f3aa17178a3f020e507dd9e72778cd5774bc5b22c31d91889e50b4d3bc76888f98c9fb67233dbe20474aee85b1dbc449ea090625c02d4aab8982e993abfad61b6f6d7c5addae3ffcae640509da1c8d1436ea542194ea5d1fdcf04e67576c4fe09916d23a3e8d3149fae20aa00c5758427e1bab680517ad2ef1328cbecae66e4501377a0585acab7fb272bcad9fde36667d21d6162f5077b877fa90d04047caff21f852b465594f313d61e34db16b69f319e5893c0190ce1890e0e5c71d0c3540801fc645c44fee818b459806174c56206914b8f26e60d252b744c6e183043fb181f651597738b9708828f6ad8c701194dd9669b441cee6dbccb765b09c20e89e747d1e1291a8a70d5d92e2fea7989240e1e2f912a7b6b7f066572b59a0ec447b7ef5363bed9743f6fafb692d6c5896ec094c065972880a3c6bf4bc96d9c9549383b28ce38735a592e4e3ecea39c88bc49619972b00533b9c71cf788379eab9d1873f0509e2c1140a459acfcb8072d710f1214316a38019b59263782fb4d5264e2c41d6cc73a19e2f66b98b04b418da3ea3e240feac0931900959ec13516347a080ec6b2b221b9e8f20c965f8afb60c54cf5561b826085d742edb1a957b5b7a1f6daee4b082ca65603e9760df4edcda963c72a87c6b99b070128b0688f7f6e66ef2ed776378c60715d06d36ebb997cb1acefc26918b10302af7001a9bbb5ac780306c9e5dfc4f4b8c1b46133f17bfbf9404bac0f00ce35bd856aa2654c64ee61f9529f848a12586beb04cb34942ee6caab4901d75f030de8abd57cb7ffc3e6f5c23f2d85d0e12c7bca2e006ee4ecf3ac54ea5faf063008e1db960e638b1c9a08f7ebd31116a12518c1a4ba6900c47322e8dd251d8177459b26b0a6e7c3209027fdaec98765461a0610080e939fb892f0057327796f9be5d17a2504d26ff8a24399c203d1e9cdbf5e0041e53c62fde777e9ad50df0057f3b6b7f6f20bd64efa6957b918fa04557425856297b26fcc39df83b0916f9d83fe956a2bb562bb5bd21dbdda6883e29171962f2cf2896673e5d5380d8f3a6c3f08e8f00613d77337486ed1321b09beaca516d9cda5dcc07255de165c998affeca67ec6d011d204b4cf04fa3db00853ffb64e72deeb03d912c6f4f344e1c56b973883df3773e365d82afeea115f994aea9b166b3a40547e01dd34ce29db72a1bf4ee946408a0930f275dbf425cb88ca91a1debb0ac6f9dc1441a827267cfd8d81202c7e335a5578c50c2b113c41e4f6f5b7b54adc427dac4d8f50bcbd1361afe5e9e1c55bd27c2f3502ca2b2e4160eccaf51320b8f3a86ff8b5eba53235b4d61d87867af7ca1dda0d9b00ebd9fdef0c1198980f64f2ab1304c0097c6bea833306f1ce4bbce593ffc1301ba4a01d58a9b665f40103dc01a449febc5be1e9524376aa722bceee279f9aeeede4ffbf425c2527faf486669dd3d3fd9563274e9d694484e8048a76fc9178134bb805a7a2b6a543aa683cdd05c0d15e33cc24c576c2ef07b77722467b834778b622cabb1952cc089589b3a62e7ce189d7eeac7a774b4eed4a866ce3fb0a2a79e13a970ebb379677109ea8737b852cecb626a035cb56004f27485d6f125dca763bfbc6ab0610e5ed0b314968ee835e8fb8741213a1e703de638ac794424193425190e943e442dc61b30fc6cab66923e156b48ade4791f4abd0aa2f1c7fc50901acd678444b55fc36482b3561cbe24e2f84de11f77f6751acbf48b64cb6cca32bbdb845f350ca4d0c01d75a4f854c92b1368ecb198cf48f88e01906d64cf9468c987f5fb3d22003d4abb3100a50258711d79b34debf9a4fdcdff1e7923ceccd3d554e7c2252f3de69094b9c3ce6c8cb5796fc4a754525b53badd61d9f996092ef1b0d34a7a807338536e46aabacee681db1c3b20428585ab5f89b9d8a1a66c5505a0909b53924f165c6172b49a46e6008903dd4220da8dd143ee0af7b782f5430e7f4d7a888cb0d4fc1053361492524bf697fdc8c179d4968cd43a42dcdc6ad5d79cad4ac5e8b8219499dca1b12431ec8107a6c5ce4a390c5a7f399cffba8defed67c7f13a8d832d266da7028f99306b129d35376d1cd7629b47c858ad990ee7a41c01ff5ed741e07f79b8b33f9045bf4e77bcba6a235b32fd25da9d67fba4e5cdc64d02b0556e9a2a9990dae4544ae3232cab5138aefa7894ea27e2ee45dc087fdb19923ebd032e8ec43e493a641acd7b9c039005558e4acb4c530303ca7f9e7fb3719a21efc8baa3cb1b21e44e25f4f4bfdf787eb1eb2a5b104d2924b46dd5601b082f4604e7f55aa7f013b5eee645ab48257a71f7da8d969508e28db1c81abc195e576d9b3ec877c7bbeb43b498d88fd0bba4e6b78d2c5c6e34baee4919ddae2343bf5dee3a5def280e9d3a9af50844b26454bf7ad78cda0b581c6253dbdff02a88928937b1ba163506715542794952576b14b69a9275a1bc44a8286c40a41acef7e5987b6bb825afee4740e3820a7ef54d4c0dcf1528191be2fce748c46ad84d1beb0e97f96673f98275f40a29ba511674218bcfa02ba4cd8b58c734e465b09ab0f00698626efb583034910338d44650ea8188b3d7df130a28f9b5f4a6c6a8ffeb389caa364e6830e15b57cce592f76c650a697ae856bc44287fe188a6ff7ceaab0caa8eef35e59c20e22b7d358b4f1368f428eb02a5f4791123e272c2bb9a930a5a99afde6b125068d75f0a67318a80c0b2a9c8eee9a5d9a1b5815cd39a99532b362569efe08a9318ef89d4dae4f9e9539634e39989e798f0b033a6fffaa8e55dc7e70e8123fe5ccff253486464d3cd6cb97d07190598112cbe044a9587c89fc1f3a1677f8e95f4f2693a7ab8474c1897c95f7d01f89c5ff2bb23abb959a71c300324c5f0b9b1f5bda421293545728f12da2547a443e5bd96722081ea17222907aebf0efcd6995bc01ae207a00702e5c22e0cedfafda6b3b0eddd9ffadce058504958daa44748dbcd6889fba3e54e55ba556bf7dd236432de5946fcb2b359446f156fd81502e04d2f1cc43c7bda1c283be3aba4f784100d7f0f380785b56658b5a7b13c19916a32b24b87fd403e47ae330fa027faa9a775636ca1cea8e6f50c1af2a2727392b4b10b95f3a751c84a78db99f810844af0d7cc3da3f7aa3b00020899ab1ce8e421e7bca6af19ec9b32de5fcfbfb18c27c9073f4da41b63107e3214ca44abcf90cd440c7072ad2315587434b8ab2e93cbfccabfe0b24458667a8fd7f5b799daf1109afd2d5618a40e1c0b70ef7dfc52cac51a022007fcf9257ffb119c11e701ba88ec3eebb4a9db3c6e8d3dce4951849e82edf3f88732bbcad60acb5aa9789610ad950af1c15faa79c23d945e087df2bd533bd8a4b15e668c326a30c8fd556e511ce6a8c25370b713c9dd75eae50ff3b9d07ba5f651a8922c64dd18428c1e03f2dc5042101260dbdc0640da3e5b890b2c9b932c78403ec3e93e32e6dfb9e66662ea98d0cb399751a0435a06846d8ac93fd6dd20ed1eaa96ceb2f5757628d74679d721b9f7bad982f95e79063184adc2dd5d431b9f2961d5772e4d28f97f9e1cae7821de9e580b4cfda14ee4ce833385657a7ef98ddd4637cc7873ba5a129b1f2e6f05ba39c59d39524fce260cd94123b29a115b30c446135cf369d357ee0f204117850c65686c51dcf2dca48ea33aec99dbb5aa33365a2193dc3080ef35b8e01a8375572e733f79f7e37dc42ad7bb61227090402ead8aa94185f230c9240927b4b310dff9dde6a3d90b4544660091a9440eb368d9444d87e93cd17c24f9d1d69d05a09"})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000900)={<r4=>0x0})
[ 3034.111190]  ? lock_downgrade+0x6d0/0x6d0
[ 3034.112208]  __sys_sendmsg_sock+0x26/0x40
[ 3034.113107]  io_sendmsg+0x1e6/0x830
[ 3034.113899]  ? io_setup_async_msg+0x2d0/0x2d0
[ 3034.114939]  ? __lock_acquire+0xbb1/0x5b00
[ 3034.115854]  io_issue_sqe+0x3b3/0x7850
[ 3034.116179] FAULT_INJECTION: forcing a failure.
[ 3034.116179] name failslab, interval 1, probability 0, space 0, times 0
[ 3034.116721]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3034.116741]  ? SOFTIRQ_verbose+0x10/0x10
[ 3034.116760]  ? lock_chain_count+0x20/0x20
[ 3034.116784]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3034.116809]  ? io_connect+0x610/0x610
[ 3034.124502]  ? lock_acquire+0x197/0x470
[ 3034.125554]  ? find_held_lock+0x2c/0x110
[ 3034.126642]  ? __fget_files+0x2cf/0x520
[ 3034.127703]  ? lock_downgrade+0x6d0/0x6d0
[ 3034.128724]  __io_queue_sqe+0x90/0x9d0
[ 3034.129568]  ? io_issue_sqe+0x7850/0x7850
[ 3034.130455]  ? __fget_files+0x2f8/0x520
[ 3034.131322]  io_submit_sqes+0x44a8/0x8610
[ 3034.132270]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3034.133340]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3034.134372]  ? find_held_lock+0x2c/0x110
[ 3034.135250]  ? io_submit_sqes+0x8610/0x8610
[ 3034.136206]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3034.137247]  ? wait_for_completion_io+0x270/0x270
[ 3034.138284]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3034.139265]  ? vfs_write+0x354/0xb10
[ 3034.140079]  ? fput_many+0x2f/0x1a0
[ 3034.140878]  ? ksys_write+0x1a9/0x260
[ 3034.141689]  ? __ia32_sys_read+0xb0/0xb0
[ 3034.142542]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3034.143668]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3034.144796]  do_syscall_64+0x33/0x40
[ 3034.145590]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3034.146697] RIP: 0033:0x7fa49f703b19
[ 3034.147479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3034.151411] RSP: 002b:00007fa49cc79188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3034.153046] RAX: ffffffffffffffda RBX: 00007fa49f816f60 RCX: 00007fa49f703b19
[ 3034.154572] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 3034.156113] RBP: 00007fa49cc791d0 R08: 0000000000000000 R09: 0000000000000000
[ 3034.157650] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3034.159167] R13: 00007fffb615a22f R14: 00007fa49cc79300 R15: 0000000000022000
[ 3034.160745] CPU: 0 PID: 15672 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3034.162313] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3034.164168] Call Trace:
[ 3034.164772]  dump_stack+0x107/0x167
[ 3034.165605]  should_fail.cold+0x5/0xa
[ 3034.166474]  ? create_object.isra.0+0x3a/0xa30
[ 3034.167509]  should_failslab+0x5/0x20
[ 3034.168380]  kmem_cache_alloc+0x5b/0x310
[ 3034.169307]  create_object.isra.0+0x3a/0xa30
[ 3034.170307]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3034.171463]  kmem_cache_alloc_trace+0x151/0x320
[ 3034.172713]  io_uring_setup+0x258/0x2980
[ 3034.173665]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3034.174765]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3034.175899]  ? wait_for_completion_io+0x270/0x270
[ 3034.177059]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3034.178247]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3034.179425]  do_syscall_64+0x33/0x40
[ 3034.180289]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3034.181444] RIP: 0033:0x7f3b78954b19
[ 3034.182285] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3034.186403] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3034.187366] FAULT_INJECTION: forcing a failure.
[ 3034.187366] name failslab, interval 1, probability 0, space 0, times 0
[ 3034.188054] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3034.188068] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3034.188103] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3034.194910] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3034.196422] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3034.197981] CPU: 1 PID: 15675 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3034.199509] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3034.201306] Call Trace:
[ 3034.201900]  dump_stack+0x107/0x167
[ 3034.202693]  should_fail.cold+0x5/0xa
[ 3034.203502]  ? create_object.isra.0+0x3a/0xa30
[ 3034.204489]  should_failslab+0x5/0x20
[ 3034.205318]  kmem_cache_alloc+0x5b/0x310
[ 3034.206212]  create_object.isra.0+0x3a/0xa30
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, &(0x7f000004cbc0)={0xfff, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r5=>0x0}], 0x7, "9cc3d2f815816e"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000900)={<r6=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000055580)={0xffffffffffffffe1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}], 0xd8, "c3b057e37f7fda"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000900)={0x0, ""/256, 0x0, <r7=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004dbc0)={0x2, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r4, r5}, {r6, r7}], 0x1, "bd96b5f67f5e17"})
r8 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000900)={<r9=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r8, 0xd000943d, &(0x7f000004cbc0)={0xfff, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r10=>0x0}], 0x7, "9cc3d2f815816e"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000900)={<r11=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000055580)={0xffffffffffffffe1, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r11}], 0xd8, "c3b057e37f7fda"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000900)={0x0, ""/256, 0x0, <r12=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004dbc0)={0x2, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9, r10}, {r11, r12}], 0x1, "bd96b5f67f5e17"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000059c80)={0xfffffffffffffe01, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r2}, {}, {r6, r12}], 0xff, "729b4e14541f2d"})

[ 3034.207360]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3034.208681]  kmem_cache_alloc_trace+0x151/0x320
[ 3034.209805]  io_uring_setup+0x258/0x2980
[ 3034.210677]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3034.211710]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3034.212811]  ? wait_for_completion_io+0x270/0x270
[ 3034.213866]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3034.215002]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3034.216121]  do_syscall_64+0x33/0x40
[ 3034.216927]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3034.218028] RIP: 0033:0x7f4cd02cab19
[ 3034.218843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3034.222804] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3034.224599] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3034.226506] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3034.228422] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3034.230308] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3034.231896] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:26:30 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 4)

04:26:30 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x5, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:26:30 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = signalfd(r0, &(0x7f0000000000)={[0x3]}, 0x8)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000040)={'\x00', 0x8001, 0x0, 0x6019, 0x8, 0x100000001, 0xffffffffffffffff})
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

[ 3034.351698] FAULT_INJECTION: forcing a failure.
[ 3034.351698] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3034.354290] CPU: 1 PID: 15691 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3034.355784] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3034.357583] Call Trace:
[ 3034.358156]  dump_stack+0x107/0x167
[ 3034.358953]  should_fail.cold+0x5/0xa
[ 3034.359782]  __alloc_pages_nodemask+0x182/0x600
[ 3034.360794]  ? lock_release+0x680/0x680
[ 3034.361650]  ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320
[ 3034.362954]  ? lock_downgrade+0x6d0/0x6d0
[ 3034.363863]  alloc_pages_current+0x187/0x280
[ 3034.364827]  kmalloc_order+0x35/0x160
[ 3034.365659]  kmalloc_order_trace+0x14/0xa0
[ 3034.366571]  io_uring_setup+0x33c/0x2980
[ 3034.367457]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3034.368516]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3034.369610]  ? wait_for_completion_io+0x270/0x270
[ 3034.370680]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3034.371812]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3034.372929]  do_syscall_64+0x33/0x40
[ 3034.373737]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3034.374849] RIP: 0033:0x7f3b78954b19
[ 3034.375654] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3034.379710] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3034.381346] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3034.383069] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3034.384667] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3034.386221] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3034.387792] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3052.377870] FAULT_INJECTION: forcing a failure.
[ 3052.377870] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3052.380598] CPU: 1 PID: 15710 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3052.382151] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3052.384008] Call Trace:
[ 3052.384616]  dump_stack+0x107/0x167
[ 3052.385438]  should_fail.cold+0x5/0xa
[ 3052.386299]  __alloc_pages_nodemask+0x182/0x600
[ 3052.387344]  ? lock_release+0x680/0x680
[ 3052.388234]  ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320
[ 3052.389600]  ? lock_downgrade+0x6d0/0x6d0
[ 3052.390543]  alloc_pages_current+0x187/0x280
[ 3052.391532]  kmalloc_order+0x35/0x160
[ 3052.392401]  kmalloc_order_trace+0x14/0xa0
[ 3052.393358]  io_uring_setup+0x33c/0x2980
[ 3052.394271]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3052.395353]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3052.396500]  ? wait_for_completion_io+0x270/0x270
04:26:48 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 5)

04:26:48 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
r4 = socket$unix(0x1, 0x2, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000340)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}}, 0x0)
r5 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r6=>0x0, &(0x7f0000000140)=<r7=>0x0)
r8 = socket$unix(0x1, 0x2, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r8, 0x80, &(0x7f0000000340)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}}, 0x0)
r9 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r5, 0x0)
syz_io_uring_submit(r9, r7, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r10 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r11 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r10, 0x13, &(0x7f0000000100)=[r11, r11], 0x2)
r12 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r2, r7, &(0x7f0000000000)=@IORING_OP_WRITE_FIXED={0x5, 0x1, 0x2007, @fd=r10, 0x8, 0x1, 0x10000000, 0xa, 0x1, {0x1, r12}}, 0xffffffba)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:26:48 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 47)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:26:48 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 4)

[ 3052.397602]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3052.398945]  ? syscall_enter_from_user_mode+0x1d/0x50
04:26:48 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0xfeffffff)

04:26:48 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600", 0x0, 0xa79})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:26:48 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000000)={@in={{0x2, 0x4e24, @loopback}}, 0x0, 0x0, 0x37, 0x0, "907f96c0e7d07780c4ea083cb96bc2d834a0d5ddc83afc25bc0acf479432bb14db990c28186737a32e17cc25ee18df30a15a33e275bc1e6c27164d10093a445fc3a718f224776f061c9fe6e9c51c5cdf"}, 0xd8)
r2 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
r5 = socket$unix(0x1, 0x2, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r5, 0x80, &(0x7f0000000340)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}}, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r2, 0x0)
syz_io_uring_submit(r6, r4, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1, {0x0, r7}}, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000140)=@IORING_OP_ACCEPT={0xd, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x0, 0x80000, 0x1, {0x0, r7}}, 0xb1e)
mmap$IORING_OFF_SQ_RING(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x1, 0x50, r1, 0x0)

04:26:48 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bond_slave_1\x00', <r1=>0x0})
syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='map_files\x00')
ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, &(0x7f0000000180)={'ip6tnl0\x00', &(0x7f00000000c0)={'syztnl2\x00', r1, 0x29, 0x40, 0x3f, 0x8000, 0x20, @ipv4={'\x00', '\xff\xff', @broadcast}, @rand_addr=' \x01\x00', 0x10, 0x7800, 0x8, 0x3}})
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
perf_event_open(&(0x7f0000000000)={0x4, 0x80, 0x0, 0x2, 0x40, 0x8, 0x0, 0x2, 0x40004, 0xa, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x2, 0x4, @perf_config_ext={0x9, 0xfffffffffffffffc}, 0x80, 0x6, 0x10f2, 0x8, 0xff, 0xfffffbff, 0x8, 0x0, 0x10000, 0x0, 0x6}, 0xffffffffffffffff, 0xc, 0xffffffffffffffff, 0x1)

[ 3052.400277]  do_syscall_64+0x33/0x40
[ 3052.401255]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3052.402406] RIP: 0033:0x7f4cd02cab19
[ 3052.403241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3052.407371] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3052.409086] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3052.410681] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3052.412287] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3052.413886] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3052.415478] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3052.444555] FAULT_INJECTION: forcing a failure.
[ 3052.444555] name failslab, interval 1, probability 0, space 0, times 0
[ 3052.447119] CPU: 0 PID: 15720 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3052.448622] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3052.450412] Call Trace:
[ 3052.450981]  dump_stack+0x107/0x167
[ 3052.452003]  should_fail.cold+0x5/0xa
[ 3052.453103]  ? create_object.isra.0+0x3a/0xa30
[ 3052.454397]  should_failslab+0x5/0x20
[ 3052.455344]  kmem_cache_alloc+0x5b/0x310
[ 3052.456291]  create_object.isra.0+0x3a/0xa30
[ 3052.457296]  ? kasan_unpoison_shadow+0x33/0x50
[ 3052.458325]  kmalloc_order+0xfe/0x160
[ 3052.459231]  kmalloc_order_trace+0x14/0xa0
[ 3052.460221]  io_uring_setup+0x33c/0x2980
[ 3052.461184]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3052.462301]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3052.463475]  ? wait_for_completion_io+0x270/0x270
[ 3052.464666]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3052.465879]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3052.467095]  do_syscall_64+0x33/0x40
[ 3052.467971]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3052.469144] RIP: 0033:0x7f3b78954b19
[ 3052.470000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3052.473842] FAULT_INJECTION: forcing a failure.
[ 3052.473842] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3052.474242] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3052.478706] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3052.480344] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3052.482023] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3052.483655] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3052.485338] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3052.487050] CPU: 1 PID: 15709 Comm: syz-executor.6 Not tainted 5.10.253 #1
[ 3052.488678] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3052.490599] Call Trace:
[ 3052.491217]  dump_stack+0x107/0x167
[ 3052.492066]  should_fail.cold+0x5/0xa
[ 3052.492965]  _copy_from_user+0x2e/0x1b0
[ 3052.493893]  move_addr_to_kernel.part.0+0x31/0x110
[ 3052.495029]  __copy_msghdr_from_user+0x3e1/0x4b0
[ 3052.496124]  ? __ia32_sys_shutdown+0x80/0x80
[ 3052.497176]  ? __sock_sendmsg+0x55/0x190
[ 3052.498124]  ? ____sys_sendmsg+0x426/0x870
[ 3052.499106]  sendmsg_copy_msghdr+0xa1/0x160
[ 3052.500102]  ? do_recvmmsg+0x6d0/0x6d0
[ 3052.501018]  ? __is_insn_slot_addr+0x123/0x290
[ 3052.502075]  ? lock_downgrade+0x6d0/0x6d0
[ 3052.503043]  io_sendmsg+0x62c/0x830
04:26:48 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 5)

[ 3052.503891]  ? io_setup_async_msg+0x2d0/0x2d0
[ 3052.505134]  ? __is_insn_slot_addr+0x14c/0x290
[ 3052.506207]  ? mark_lock+0xf5/0x2df0
[ 3052.507070]  ? register_lock_class+0xbb/0x17b0
[ 3052.508119]  ? arch_stack_walk+0x99/0xf0
[ 3052.509115]  ? __lock_acquire+0xbb1/0x5b00
[ 3052.510102]  io_issue_sqe+0x3b3/0x7850
[ 3052.511017]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3052.512231]  ? SOFTIRQ_verbose+0x10/0x10
[ 3052.513185]  ? lock_chain_count+0x20/0x20
[ 3052.514153]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3052.515370]  ? io_connect+0x610/0x610
[ 3052.516274]  ? lock_acquire+0x197/0x470
[ 3052.517199]  ? find_held_lock+0x2c/0x110
[ 3052.518151]  ? __fget_files+0x2cf/0x520
[ 3052.519076]  ? lock_downgrade+0x6d0/0x6d0
[ 3052.520046]  __io_queue_sqe+0x90/0x9d0
[ 3052.520967]  ? io_issue_sqe+0x7850/0x7850
[ 3052.521928]  ? __fget_files+0x2f8/0x520
[ 3052.522720] FAULT_INJECTION: forcing a failure.
[ 3052.522720] name failslab, interval 1, probability 0, space 0, times 0
[ 3052.522870]  io_submit_sqes+0x44a8/0x8610
[ 3052.526534]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3052.527691]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3052.528822]  ? find_held_lock+0x2c/0x110
[ 3052.529773]  ? io_submit_sqes+0x8610/0x8610
[ 3052.530783]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3052.531905]  ? wait_for_completion_io+0x270/0x270
[ 3052.533034]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3052.534108]  ? vfs_write+0x354/0xb10
[ 3052.534973]  ? fput_many+0x2f/0x1a0
[ 3052.535816]  ? ksys_write+0x1a9/0x260
[ 3052.536698]  ? __ia32_sys_read+0xb0/0xb0
[ 3052.537642]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3052.538854]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3052.540053]  do_syscall_64+0x33/0x40
[ 3052.540925]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3052.542114] RIP: 0033:0x7fa49f703b19
[ 3052.542976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3052.547228] RSP: 002b:00007fa49cc79188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3052.549000] RAX: ffffffffffffffda RBX: 00007fa49f816f60 RCX: 00007fa49f703b19
[ 3052.550653] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 3052.552309] RBP: 00007fa49cc791d0 R08: 0000000000000000 R09: 0000000000000000
[ 3052.553960] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3052.555611] R13: 00007fffb615a22f R14: 00007fa49cc79300 R15: 0000000000022000
[ 3052.557315] CPU: 0 PID: 15725 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3052.558919] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3052.560786] Call Trace:
[ 3052.561385]  dump_stack+0x107/0x167
[ 3052.562232]  should_fail.cold+0x5/0xa
[ 3052.563108]  ? create_object.isra.0+0x3a/0xa30
[ 3052.564140]  should_failslab+0x5/0x20
[ 3052.565034]  kmem_cache_alloc+0x5b/0x310
[ 3052.565981]  create_object.isra.0+0x3a/0xa30
[ 3052.566981]  ? kasan_unpoison_shadow+0x33/0x50
[ 3052.568035]  kmalloc_order+0xfe/0x160
[ 3052.568946]  kmalloc_order_trace+0x14/0xa0
[ 3052.569928]  io_uring_setup+0x33c/0x2980
[ 3052.570867]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3052.571945]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3052.573128]  ? wait_for_completion_io+0x270/0x270
[ 3052.574300]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3052.575520]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3052.576711]  do_syscall_64+0x33/0x40
[ 3052.577569]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3052.578774] RIP: 0033:0x7f4cd02cab19
[ 3052.579643] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3052.583862] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3052.585645] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3052.587294] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3052.588985] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3052.590668] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3052.592342] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:26:48 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 6)

04:26:48 executing program 7:
r0 = getpgrp(0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x8}, r0, 0x8, r1, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r2, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r3 = getpgrp(0x0)
pidfd_open(r3, 0x0)
r4 = syz_open_dev$vcsa(&(0x7f0000000100), 0x81, 0xa2bad5a608657f23)
perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x81, 0x9, 0x3, 0x1, 0x0, 0x0, 0x10500, 0xc, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, @perf_config_ext={0x0, 0x9}, 0x400, 0x9, 0xe79, 0xb, 0x80000000, 0x7, 0x0, 0x0, 0x80000000, 0x0, 0x3}, r3, 0xc, r4, 0xa)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r2, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000000)='\x00')

[ 3052.756881] FAULT_INJECTION: forcing a failure.
[ 3052.756881] name failslab, interval 1, probability 0, space 0, times 0
[ 3052.759268] CPU: 1 PID: 15736 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3052.760644] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3052.762285] Call Trace:
[ 3052.762806]  dump_stack+0x107/0x167
[ 3052.763531]  should_fail.cold+0x5/0xa
[ 3052.764292]  ? io_uring_setup+0x40b/0x2980
[ 3052.765122]  should_failslab+0x5/0x20
[ 3052.765884]  kmem_cache_alloc_trace+0x55/0x320
[ 3052.766788]  io_uring_setup+0x40b/0x2980
[ 3052.767589]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3052.768561]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3052.769571]  ? wait_for_completion_io+0x270/0x270
[ 3052.770543]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3052.771577]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3052.772625]  do_syscall_64+0x33/0x40
[ 3052.773361]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3052.774375] RIP: 0033:0x7f3b78954b19
[ 3052.775104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3052.778732] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3052.780229] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3052.781648] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3052.783054] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3052.784468] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3052.785866] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:27:05 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 6)

04:27:05 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 48)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:27:05 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 7)

04:27:05 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x107002, 0x16)
r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000840), 0x400000, 0x0)
ioctl$TUNSETCARRIER(r2, 0x400454e2, &(0x7f0000000880)=0x1)
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f00000000c0)={'macvtap0\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r3 = socket$inet(0x2, 0xa, 0x0)
dup3(r3, r0, 0x0)
r4 = io_uring_setup(0x42502, &(0x7f0000000140)={0x0, 0xe90b})
r5 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r5, 0x13, &(0x7f0000000100)=[r6, r6], 0x2)
ioctl$FS_IOC_MEASURE_VERITY(r6, 0xc0046686, &(0x7f0000000200)={0x0, 0x61, "641de90322e73b5b3e2e01922bc348816eff4b82f4bb4d34ace38b109d6ec6ef07906ef9c6c5e2826a33788ef1a7a603c9b75e183e0cc8ddc1498598fced2958bf64614e35ba9114ca0b37a2c82ee6b36844dfef13bb6d7561957836b19175754a"})
r7 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r4, 0x13, &(0x7f0000000100)=[r7, r7], 0x2)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r7, 0x8982, &(0x7f0000000040)={0x3, 'ip6_vti0\x00', {0x88}, 0x2})

04:27:05 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = io_uring_setup(0x3fef, &(0x7f0000000040)={0x0, 0x9f59, 0x10, 0x2, 0x26d})
r2 = syz_io_uring_setup(0x6680, &(0x7f00000002c0)={0x0, 0xffffffff, 0x0, 0x3, 0x0, 0x0, r1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
io_uring_enter(r2, 0x41d, 0xb602, 0x3, &(0x7f0000000000)={[0x1]}, 0x8)

04:27:05 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0xfffffffe)

04:27:05 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0)={0x0, 0xa3e5, 0x20}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:27:05 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

[ 3069.575899] FAULT_INJECTION: forcing a failure.
[ 3069.575899] name failslab, interval 1, probability 0, space 0, times 0
[ 3069.578892] CPU: 1 PID: 15748 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3069.580685] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3069.582815] Call Trace:
[ 3069.583499]  dump_stack+0x107/0x167
[ 3069.584454]  should_fail.cold+0x5/0xa
[ 3069.585438]  ? io_uring_setup+0x40b/0x2980
[ 3069.586527]  should_failslab+0x5/0x20
[ 3069.587505]  kmem_cache_alloc_trace+0x55/0x320
[ 3069.588698]  io_uring_setup+0x40b/0x2980
[ 3069.589743]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3069.590985]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3069.592284]  ? wait_for_completion_io+0x270/0x270
[ 3069.593572]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3069.594927]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3069.596256]  do_syscall_64+0x33/0x40
[ 3069.597223]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3069.598537] RIP: 0033:0x7f4cd02cab19
[ 3069.599491] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3069.604219] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3069.606185] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3069.608020] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3069.609746] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3069.611389] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3069.613035] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3069.634486] FAULT_INJECTION: forcing a failure.
[ 3069.634486] name failslab, interval 1, probability 0, space 0, times 0
[ 3069.637206] CPU: 1 PID: 15760 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3069.638803] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3069.640725] Call Trace:
[ 3069.641337]  dump_stack+0x107/0x167
[ 3069.642179]  should_fail.cold+0x5/0xa
[ 3069.643057]  ? create_object.isra.0+0x3a/0xa30
[ 3069.644110]  should_failslab+0x5/0x20
[ 3069.644999]  kmem_cache_alloc+0x5b/0x310
[ 3069.645945]  create_object.isra.0+0x3a/0xa30
[ 3069.646953]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3069.648126]  kmem_cache_alloc_trace+0x151/0x320
[ 3069.649216]  io_uring_setup+0x40b/0x2980
[ 3069.650154]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3069.651266]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3069.652448]  ? wait_for_completion_io+0x270/0x270
[ 3069.653585]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3069.654794]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3069.655984]  do_syscall_64+0x33/0x40
[ 3069.656851]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3069.658031] RIP: 0033:0x7f3b78954b19
[ 3069.658886] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3069.663120] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3069.664882] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3069.666524] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3069.668161] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3069.669811] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3069.671456] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3069.676413] FAULT_INJECTION: forcing a failure.
[ 3069.676413] name failslab, interval 1, probability 0, space 0, times 0
[ 3069.678917] CPU: 0 PID: 15761 Comm: syz-executor.6 Not tainted 5.10.253 #1
[ 3069.680245] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3069.681858] Call Trace:
[ 3069.682375]  dump_stack+0x107/0x167
[ 3069.683076]  should_fail.cold+0x5/0xa
[ 3069.683814]  ? create_object.isra.0+0x3a/0xa30
[ 3069.684724]  should_failslab+0x5/0x20
[ 3069.685466]  kmem_cache_alloc+0x5b/0x310
[ 3069.686248]  create_object.isra.0+0x3a/0xa30
[ 3069.687089]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3069.688066]  kmem_cache_alloc_bulk+0x168/0x320
[ 3069.688976]  io_submit_sqes+0x6fe4/0x8610
[ 3069.689800]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3069.690778]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3069.691709]  ? find_held_lock+0x2c/0x110
[ 3069.692527]  ? io_submit_sqes+0x8610/0x8610
[ 3069.693364]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3069.694289]  ? wait_for_completion_io+0x270/0x270
[ 3069.695216]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3069.696077]  ? vfs_write+0x354/0xb10
[ 3069.696819]  ? fput_many+0x2f/0x1a0
[ 3069.697515]  ? ksys_write+0x1a9/0x260
[ 3069.698241]  ? __ia32_sys_read+0xb0/0xb0
04:27:05 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0x0, 0x1, 0x70bd2c, 0x25dfdbfb, {{}, {}, {0xc, 0x14, 'syz0\x00'}}, ["", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x20040000}, 0x82)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:27:05 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x4, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xaf7, 0x2}, 0x42004}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000040)={r1, 0x1, 0x7ff})
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r3 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
io_uring_enter(r3, 0x36f, 0xd8cc, 0x1, &(0x7f0000000000)={[0x611]}, 0x8)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x1, 0x11, r0, 0x3000)

[ 3069.699015]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3069.700236]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3069.701240]  do_syscall_64+0x33/0x40
[ 3069.701928]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3069.702863] RIP: 0033:0x7fa49f703b19
[ 3069.703545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3069.706962] RSP: 002b:00007fa49cc79188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3069.708360] RAX: ffffffffffffffda RBX: 00007fa49f816f60 RCX: 00007fa49f703b19
[ 3069.709699] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 3069.711058] RBP: 00007fa49cc791d0 R08: 0000000000000000 R09: 0000000000000000
[ 3069.712370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3069.713703] R13: 00007fffb615a22f R14: 00007fa49cc79300 R15: 0000000000022000
04:27:05 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f0000000000)={0x0, 0x7668, 0x1, 0x0, 0x100}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:27:05 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 7)

04:27:05 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x800}, 0x0, 0x9, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.events\x00', 0x0, 0x0)
ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f0000000040)="2ec14c5b11c8e50887aa92a4b43b5cfa847e5e9285cb6ba2cfea20902f28d7f3444890f0bb75f30430883e1daf993c124f382e22de9a3fcdece30c9d99a015035cc614b84174ac7cc98cc7806b30b0b41b993cac89504af29649b27c3834fdd983319a8be206d668878774b9e6eb53b98e0ee5f9fc2a0d538627250855e2ac45d8b1a5e3ab337a13b264a0e66ce187e27db2ee6a765533")

[ 3069.826334] FAULT_INJECTION: forcing a failure.
[ 3069.826334] name failslab, interval 1, probability 0, space 0, times 0
[ 3069.828429] CPU: 0 PID: 15777 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3069.829678] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3069.831151] Call Trace:
[ 3069.831628]  dump_stack+0x107/0x167
[ 3069.832288]  should_fail.cold+0x5/0xa
[ 3069.833007]  ? create_object.isra.0+0x3a/0xa30
[ 3069.833820]  should_failslab+0x5/0x20
[ 3069.834504]  kmem_cache_alloc+0x5b/0x310
[ 3069.835245]  create_object.isra.0+0x3a/0xa30
[ 3069.836023]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3069.836955]  kmem_cache_alloc_trace+0x151/0x320
[ 3069.837802]  io_uring_setup+0x40b/0x2980
[ 3069.838539]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3069.839410]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3069.840310]  ? wait_for_completion_io+0x270/0x270
[ 3069.841242]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3069.842176]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3069.843108]  do_syscall_64+0x33/0x40
[ 3069.843774]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3069.844698] RIP: 0033:0x7f4cd02cab19
[ 3069.845355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3069.848603] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3069.849931] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3069.851180] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3069.852466] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3069.853726] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3069.854982] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:27:05 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:27:05 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 8)

04:27:05 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x1000000000000)

[ 3069.969388] FAULT_INJECTION: forcing a failure.
[ 3069.969388] name failslab, interval 1, probability 0, space 0, times 0
[ 3069.971856] CPU: 1 PID: 15792 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3069.973333] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3069.975087] Call Trace:
[ 3069.975658]  dump_stack+0x107/0x167
[ 3069.976442]  should_fail.cold+0x5/0xa
[ 3069.977260]  ? create_object.isra.0+0x3a/0xa30
[ 3069.978229]  should_failslab+0x5/0x20
[ 3069.979034]  kmem_cache_alloc+0x5b/0x310
[ 3069.979908]  create_object.isra.0+0x3a/0xa30
[ 3069.980862]  kmemleak_alloc_percpu+0xa0/0x100
[ 3069.981820]  pcpu_alloc+0x4e2/0x1240
[ 3069.982625]  ? io_tctx_exit_cb+0xf0/0xf0
[ 3069.983498]  percpu_ref_init+0x31/0x3d0
[ 3069.984350]  io_uring_setup+0x47a/0x2980
[ 3069.985229]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3069.986256]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3069.987326]  ? wait_for_completion_io+0x270/0x270
[ 3069.988374]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3069.989496]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3069.990591]  do_syscall_64+0x33/0x40
[ 3069.991387]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3069.992485] RIP: 0033:0x7f3b78954b19
[ 3069.993270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3069.997171] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3069.998779] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3070.000290] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3070.001800] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3070.003319] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3070.004834] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:27:19 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x4000000000000)

04:27:19 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 9)

04:27:19 executing program 7:
r0 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r0, 0x13, &(0x7f0000000100)=[r1, r1], 0x2)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r1)
r2 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r2, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r2, 0x0)

[ 3083.907081] FAULT_INJECTION: forcing a failure.
[ 3083.907081] name failslab, interval 1, probability 0, space 0, times 0
[ 3083.909568] CPU: 1 PID: 15803 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3083.911005] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3083.912728] Call Trace:
[ 3083.913283]  dump_stack+0x107/0x167
[ 3083.914042]  should_fail.cold+0x5/0xa
[ 3083.914839]  ? create_object.isra.0+0x3a/0xa30
[ 3083.915771]  should_failslab+0x5/0x20
[ 3083.916577]  kmem_cache_alloc+0x5b/0x310
[ 3083.917430]  create_object.isra.0+0x3a/0xa30
[ 3083.918350]  kmemleak_alloc_percpu+0xa0/0x100
[ 3083.919280]  pcpu_alloc+0x4e2/0x1240
[ 3083.920076]  ? io_tctx_exit_cb+0xf0/0xf0
[ 3083.920919]  percpu_ref_init+0x31/0x3d0
[ 3083.921749]  io_uring_setup+0x47a/0x2980
[ 3083.922590]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3083.923581]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3083.924620]  ? wait_for_completion_io+0x270/0x270
[ 3083.925641]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3083.926713]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3083.927774]  do_syscall_64+0x33/0x40
[ 3083.928565]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3083.929903] RIP: 0033:0x7f3b78954b19
[ 3083.930677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3083.935383] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3083.937333] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3083.939151] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3083.940986] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3083.942819] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3083.944640] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:27:20 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000000)='devices.deny\x00', 0x2, 0x0)
dup2(r1, 0xffffffffffffffff)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
r2 = io_uring_setup(0x24ff, &(0x7f0000000080)={0x0, 0x0, 0x2})
r3 = getpgrp(0x0)
pidfd_open(r3, 0x0)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000001a00)=[{{&(0x7f0000000180), 0x6e, &(0x7f0000000280)=[{&(0x7f0000000200)=""/85, 0x55}, {&(0x7f0000000340)=""/122, 0x7a}], 0x2}}, {{&(0x7f00000003c0)=@abs, 0x6e, &(0x7f0000000640)=[{&(0x7f0000000440)=""/144, 0x90}, {&(0x7f0000000500)=""/37, 0x25}, {&(0x7f0000000540)=""/66, 0x42}, {&(0x7f00000005c0)=""/19, 0x13}, {&(0x7f0000000600)=""/40, 0x28}], 0x5, &(0x7f00000006c0)=[@cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r4=>0x0}}}], 0x60}}, {{&(0x7f0000000740)=@abs, 0x6e, &(0x7f0000000b40)=[{&(0x7f00000007c0)=""/231, 0xe7}, {&(0x7f00000008c0)=""/254, 0xfe}, {&(0x7f00000009c0)}, {&(0x7f0000000a00)=""/93, 0x5d}, {&(0x7f0000000a80)=""/138, 0x8a}], 0x5, &(0x7f0000000bc0)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x150}}, {{&(0x7f0000000d40), 0x6e, &(0x7f0000000dc0), 0x0, &(0x7f0000000e00)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xa0}}, {{&(0x7f0000000ec0)=@abs, 0x6e, &(0x7f0000000fc0)=[{&(0x7f0000000f40)=""/127, 0x7f}], 0x1}}, {{&(0x7f0000001000), 0x6e, &(0x7f0000001600)=[{&(0x7f0000001080)=""/73, 0x49}, {&(0x7f0000001100)=""/125, 0x7d}, {&(0x7f0000001180)=""/29, 0x1d}, {&(0x7f00000011c0)=""/162, 0xa2}, {&(0x7f0000001280)=""/220, 0xdc}, {&(0x7f0000001380)=""/84, 0x54}, {&(0x7f0000001400)=""/251, 0xfb}, {&(0x7f0000001500)=""/235, 0xeb}], 0x8}}, {{&(0x7f0000001680), 0x6e, &(0x7f0000001900)=[{&(0x7f0000001e00)=""/4096, 0x1000}, {&(0x7f0000001700)=""/20, 0x14}, {&(0x7f0000001740)=""/142, 0x8e}, {&(0x7f0000001800)=""/114, 0x72}, {&(0x7f0000001880)=""/56, 0x38}, {&(0x7f00000018c0)=""/5, 0x5}], 0x6, &(0x7f0000001980)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x60}}], 0x7, 0x10022, &(0x7f0000001bc0)={0x0, 0x989680})
kcmp(r3, r4, 0x7, r1, r0)
r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r2, 0x13, &(0x7f0000000100)=[r5, r5], 0x2)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r2, 0x4040942c, &(0x7f0000000040)={0x0, 0xfb, [0x4, 0x911a, 0xffff, 0xc34, 0xfff, 0x2]})
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:27:20 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
ioctl$TUNSETQUEUE(r2, 0x400454ca, &(0x7f0000000140)={'team_slave_1\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r3 = socket$inet(0x2, 0xa, 0x0)
dup3(r3, r0, 0x0)
r4 = open(&(0x7f0000000040)='./file0\x00', 0x20000, 0x116)
fsetxattr$security_evm(r4, &(0x7f0000000080), &(0x7f00000000c0)=@ng={0x4, 0x0, "243893b3457199b451b6b5031b4f73f294"}, 0x13, 0x0)

04:27:20 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 8)

04:27:20 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 49)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:27:20 executing program 2:
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vcan0\x00'})
r0 = getpgrp(0x0)
pidfd_open(r0, 0x0)
recvfrom(0xffffffffffffffff, &(0x7f0000000080)=""/79, 0x4f, 0x2120, &(0x7f0000000100)=@ax25={{0x3, @bcast, 0x1}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default]}, 0x80)
r1 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x5, 0x9}, 0x402, 0x0, 0x1f, 0x0, 0x0, 0xfffffffb}, r0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r1, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')
syz_io_uring_setup(0x34c9, &(0x7f00000002c0)={0x0, 0x54a8, 0x0, 0x0, 0x0, 0x0, r2}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000c00000/0x400000)=nil, 0x0, 0x0)
r3 = dup2(r1, r1)
ioctl$PERF_EVENT_IOC_RESET(r3, 0x2403, 0x1f)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r1, 0x0)

[ 3083.954535] FAULT_INJECTION: forcing a failure.
[ 3083.954535] name failslab, interval 1, probability 0, space 0, times 0
[ 3083.956524] CPU: 0 PID: 15810 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3083.957686] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3083.959040] Call Trace:
[ 3083.959485]  dump_stack+0x107/0x167
[ 3083.960088]  should_fail.cold+0x5/0xa
[ 3083.960755]  ? create_object.isra.0+0x3a/0xa30
[ 3083.961509]  should_failslab+0x5/0x20
[ 3083.962129]  kmem_cache_alloc+0x5b/0x310
[ 3083.962808]  create_object.isra.0+0x3a/0xa30
[ 3083.963530]  kmemleak_alloc_percpu+0xa0/0x100
[ 3083.964280]  pcpu_alloc+0x4e2/0x1240
[ 3083.964936]  ? io_tctx_exit_cb+0xf0/0xf0
[ 3083.965613]  percpu_ref_init+0x31/0x3d0
[ 3083.966268]  io_uring_setup+0x47a/0x2980
[ 3083.966924]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3083.967698]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3083.968524]  ? wait_for_completion_io+0x270/0x270
[ 3083.969349]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3083.970185]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3083.971028]  do_syscall_64+0x33/0x40
[ 3083.971641]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3083.972485] RIP: 0033:0x7f4cd02cab19
[ 3083.973121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3083.976123] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3083.977391] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3083.978562] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3083.979744] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3083.980941] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3083.982106] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3084.023182] FAULT_INJECTION: forcing a failure.
[ 3084.023182] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3084.026626] CPU: 1 PID: 15815 Comm: syz-executor.6 Not tainted 5.10.253 #1
[ 3084.028385] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3084.030486] Call Trace:
[ 3084.031166]  dump_stack+0x107/0x167
[ 3084.032088]  should_fail.cold+0x5/0xa
[ 3084.033063]  _copy_from_iter_full+0x319/0xa60
[ 3084.034204]  rawv6_sendmsg+0x210a/0x3b90
[ 3084.035243]  ? rawv6_bind+0xa70/0xa70
[ 3084.036209]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3084.037544]  ? SOFTIRQ_verbose+0x10/0x10
[ 3084.038572]  ? lock_acquire+0x197/0x470
[ 3084.039585]  ? find_held_lock+0x2c/0x110
[ 3084.040460]  ? __might_fault+0xd3/0x180
[ 3084.041480]  ? lock_downgrade+0x6d0/0x6d0
[ 3084.042531]  ? lock_downgrade+0x6d0/0x6d0
[ 3084.043595]  ? sock_has_perm+0x1ea/0x280
[ 3084.044639]  ? selinux_socket_post_create+0x7f0/0x7f0
[ 3084.045971]  ? iovec_from_user+0x104/0x400
[ 3084.047042]  ? move_addr_to_kernel.part.0+0xc8/0x110
[ 3084.048337]  ? rawv6_bind+0xa70/0xa70
[ 3084.049174]  inet_sendmsg+0x11d/0x140
[ 3084.050139]  ? inet_send_prepare+0x540/0x540
[ 3084.051240]  __sock_sendmsg+0x13c/0x190
[ 3084.052140]  ____sys_sendmsg+0x70d/0x870
[ 3084.053181]  ? sock_write_iter+0x3d0/0x3d0
[ 3084.054251]  ? sendmsg_copy_msghdr+0xba/0x160
[ 3084.055379]  ? do_recvmmsg+0x6d0/0x6d0
[ 3084.056369]  ? __is_insn_slot_addr+0x123/0x290
[ 3084.057523]  ? lock_downgrade+0x6d0/0x6d0
[ 3084.058580]  __sys_sendmsg_sock+0x26/0x40
[ 3084.059454]  io_sendmsg+0x1e6/0x830
[ 3084.060378]  ? io_setup_async_msg+0x2d0/0x2d0
[ 3084.061347]  ? __is_insn_slot_addr+0x14c/0x290
[ 3084.062532]  ? register_lock_class+0xbb/0x17b0
[ 3084.063478]  ? arch_stack_walk+0x99/0xf0
[ 3084.064557]  ? __lock_acquire+0xbb1/0x5b00
[ 3084.065460]  io_issue_sqe+0x3b3/0x7850
[ 3084.066455]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3084.067782]  ? SOFTIRQ_verbose+0x10/0x10
[ 3084.068652]  ? lock_chain_count+0x20/0x20
[ 3084.069692]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3084.071006]  ? io_connect+0x610/0x610
[ 3084.071983]  ? lock_acquire+0x197/0x470
[ 3084.073000]  ? find_held_lock+0x2c/0x110
[ 3084.074040]  ? __fget_files+0x2cf/0x520
[ 3084.075032]  ? lock_downgrade+0x6d0/0x6d0
[ 3084.076078]  __io_queue_sqe+0x90/0x9d0
[ 3084.077063]  ? io_issue_sqe+0x7850/0x7850
[ 3084.078107]  ? __fget_files+0x2f8/0x520
[ 3084.079124]  io_submit_sqes+0x44a8/0x8610
[ 3084.080188]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3084.081450]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3084.082669]  ? find_held_lock+0x2c/0x110
[ 3084.083529]  ? io_submit_sqes+0x8610/0x8610
[ 3084.084625]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3084.085839]  ? wait_for_completion_io+0x270/0x270
[ 3084.087042]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3084.088208]  ? vfs_write+0x354/0xb10
[ 3084.089153]  ? fput_many+0x2f/0x1a0
[ 3084.090066]  ? ksys_write+0x1a9/0x260
[ 3084.091019]  ? __ia32_sys_read+0xb0/0xb0
[ 3084.092041]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3084.093362]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3084.094653]  do_syscall_64+0x33/0x40
[ 3084.095597]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3084.096893] RIP: 0033:0x7fa49f703b19
[ 3084.097821] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3084.102422] RSP: 002b:00007fa49cc79188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3084.104316] RAX: ffffffffffffffda RBX: 00007fa49f816f60 RCX: 00007fa49f703b19
[ 3084.106108] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 3084.107899] RBP: 00007fa49cc791d0 R08: 0000000000000000 R09: 0000000000000000
[ 3084.109677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3084.111444] R13: 00007fffb615a22f R14: 00007fa49cc79300 R15: 0000000000022000
04:27:20 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 9)

04:27:20 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 10)

04:27:20 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0xf5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1f, 0xffdffffffffffffe}}, 0x0, 0x0, 0xffffffffffffffff, 0x2)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:27:20 executing program 2:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000040), 0x109d02, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000000c0)={0x5, &(0x7f0000000080)=[{0x1, 0xc8, 0x2, 0x9}, {0x8000, 0xdd, 0x6, 0x10000}, {0x7, 0xff, 0x80, 0x750}, {0xf801, 0x3f, 0x1, 0x7}, {0x7f, 0xe1, 0x5, 0x2}]}, 0x10)
r1 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r1, 0x0)
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r1, 0x8008f511, &(0x7f0000000000))
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r1, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)={0x1ac, 0x23, 0x400, 0x70bd2d, 0x25dfdbfc, {0xe}, [@generic="6b0c4e8e00", @typed={0xe, 0x35, 0x0, 0x0, @str='/dev/null\x00'}, @typed={0x8, 0x51, 0x0, 0x0, @ipv4=@private=0xa010102}, @generic="9c585d03ffc64fe4a617d442b5ef0f2bb5beae8e5fb222cc22fb583835ed8ca68b06f7e084be3cb30630b68515b1f4088b5f11f7e177f09305a74be6ea11c3908b1ac5ee9f5505e7428478304663ea9ecdb5156f4fe9196967d9de7437c9787e02d3013019449e3dd5be540f07a7c2135fbc6aa8629b8d46f79f219a1a0d5fa45d440d14b3ce56dee9bb1d9de229fe88e82a701b78a978d403a43c4149f25e904fe8", @nested={0xb, 0x54, 0x0, 0x1, [@generic="ce99105cbdca65"]}, @nested={0x24, 0x6e, 0x0, 0x1, [@generic="4c2cf52d5bfcdfc8a6cb69f153c292e99324eafe91ff261900abcf975e470c06"]}, @generic="8941176320e05d23addbffa9e63f9fac6464cc5f0ad41be130f7d95f627b47f78e0ac16ccfe5d13d93a1cd8793897c22d873540ba7ecf8e246222ec6cc729e1dd492e1f5632a04020539e6e87a110e1f59b7c51fe7afa72a6f695860ba5b17aceaa216e479cbe1166615a0c2533fb7097ddd7b3ba00112033f76544eb3f2b65e99736aed47f10986287a202e1945030f84844ea6bfce3ab4cc2387a29a151eb3b8d14338d2e8"]}, 0x1ac}, 0x1, 0x0, 0x0, 0x80c5}, 0x20040)

[ 3084.158579] FAULT_INJECTION: forcing a failure.
[ 3084.158579] name failslab, interval 1, probability 0, space 0, times 0
[ 3084.160370] CPU: 0 PID: 15834 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3084.161447] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3084.162692] Call Trace:
[ 3084.163097]  dump_stack+0x107/0x167
[ 3084.163651]  should_fail.cold+0x5/0xa
[ 3084.164225]  ? create_object.isra.0+0x3a/0xa30
[ 3084.164935]  should_failslab+0x5/0x20
[ 3084.165503]  kmem_cache_alloc+0x5b/0x310
[ 3084.166152]  create_object.isra.0+0x3a/0xa30
[ 3084.166833]  kmemleak_alloc_percpu+0xa0/0x100
[ 3084.167544]  pcpu_alloc+0x4e2/0x1240
[ 3084.168150]  ? io_tctx_exit_cb+0xf0/0xf0
[ 3084.168809]  percpu_ref_init+0x31/0x3d0
[ 3084.169431]  io_uring_setup+0x47a/0x2980
[ 3084.170076]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3084.170839]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3084.171636]  ? wait_for_completion_io+0x270/0x270
[ 3084.172423]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3084.173274]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3084.174085]  do_syscall_64+0x33/0x40
[ 3084.174659]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3084.175449] RIP: 0033:0x7f4cd02cab19
[ 3084.176025] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3084.178867] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3084.179975] FAULT_INJECTION: forcing a failure.
[ 3084.179975] name failslab, interval 1, probability 0, space 0, times 0
[ 3084.180030] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3084.180049] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3084.184461] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3084.185587] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3084.186682] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3084.187817] CPU: 1 PID: 15836 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3084.189249] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3084.190913] Call Trace:
[ 3084.191465]  dump_stack+0x107/0x167
[ 3084.192203]  should_fail.cold+0x5/0xa
[ 3084.192990]  ? percpu_ref_init+0xd8/0x3d0
[ 3084.193829]  should_failslab+0x5/0x20
[ 3084.194601]  kmem_cache_alloc_trace+0x55/0x320
[ 3084.195528]  ? io_tctx_exit_cb+0xf0/0xf0
[ 3084.196349]  percpu_ref_init+0xd8/0x3d0
[ 3084.197170]  io_uring_setup+0x47a/0x2980
[ 3084.197996]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3084.198975]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3084.200000]  ? wait_for_completion_io+0x270/0x270
[ 3084.201018]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3084.202084]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3084.203126]  do_syscall_64+0x33/0x40
[ 3084.203881]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3084.204931] RIP: 0033:0x7f3b78954b19
[ 3084.205683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3084.209378] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3084.210918] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3084.212356] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3084.213781] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3084.215207] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3084.216638] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:27:20 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x100000000000000)

04:27:20 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r1=>r0, {0x8}}, './file0\x00'})
write$tun(r1, &(0x7f0000000080)={@void, @void, @mpls={[{0xc2da, 0x0, 0x1}, {0x7f, 0x0, 0x1}, {0x1f, 0x0, 0x1}, {0x7}], @generic="3a978fce1ea6ee5ac4f203366f72e4426880edc8420f4da6715af2bb242ab82f74a5c9994b0dc626dff6dff76d6cc3c8a43e6c5de73a2b1233b5973c9e639325255c2208481d87339fb9b74e0e3d930a069ab80c79e207b095310774e65846ec63ba78e7d1f596581863cdc720a19a5c33fac5475eb82b099f3dd6ce8dc108ebd247fc928250dbaa5c8279a15819b2d82b90d9db1b3e4c573f3f52f74312b6a11ac0e23463819608add8032836f95fbe38bbf6b4a5cdcbda02f396063381e0198005445e7617ae4503c21337e5d9a30c92"}}, 0xe1)
r2 = socket$inet(0x2, 0xa, 0x0)
dup3(r2, r0, 0x0)

04:27:20 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 10)

04:27:20 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
r2 = mmap$IORING_OFF_SQES(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000004, 0x4000010, r1, 0x10000000)
syz_io_uring_submit(0x0, r2, &(0x7f0000000000)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x4, 0x0, 0x0, 0x0, 0x1}, 0xf6f)

04:27:20 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
syz_io_uring_setup(0x34cc, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x10000001, 0x0, 0x0, r2}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0)
r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x20381, 0x0)
io_uring_enter(r3, 0x27ff, 0x2c5f, 0x3, &(0x7f0000000040)={[0x8]}, 0x8)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

[ 3084.325746] FAULT_INJECTION: forcing a failure.
[ 3084.325746] name failslab, interval 1, probability 0, space 0, times 0
[ 3084.328105] CPU: 1 PID: 15849 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3084.329648] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3084.331491] Call Trace:
[ 3084.332084]  dump_stack+0x107/0x167
[ 3084.332957]  should_fail.cold+0x5/0xa
[ 3084.333828]  ? percpu_ref_init+0xd8/0x3d0
[ 3084.334763]  should_failslab+0x5/0x20
[ 3084.335613]  kmem_cache_alloc_trace+0x55/0x320
[ 3084.336633]  ? io_tctx_exit_cb+0xf0/0xf0
[ 3084.337543]  percpu_ref_init+0xd8/0x3d0
[ 3084.338440]  io_uring_setup+0x47a/0x2980
[ 3084.339351]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3084.340305]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3084.341433]  ? wait_for_completion_io+0x270/0x270
[ 3084.342540]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3084.343701]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3084.344852]  do_syscall_64+0x33/0x40
[ 3084.345680]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3084.346808] RIP: 0033:0x7f4cd02cab19
[ 3084.347640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3084.351720] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3084.353657] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3084.355547] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
04:27:20 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x400, 0xfffffffffffffffd, 0x800000, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = io_uring_setup(0xb77, &(0x7f0000000440)={0x0, 0x1005002, 0x8, 0xa, 0x2a1})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = accept(r2, &(0x7f0000000140)=@in6={0xa, 0x0, 0x0, @private1}, &(0x7f0000000040)=0x80)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[0xffffffffffffffff, r0, r3], 0x3)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4, 0x10, r2, 0x517000)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r4 = openat2(r2, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)={0x404002, 0x8, 0x4}, 0x18)
r5 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r5, 0x13, &(0x7f0000000100)=[r6, r6], 0x2)
accept$packet(r3, &(0x7f0000000240), &(0x7f0000000280)=0x14)
r7 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x3, 0x2, 0x0, 0x2})
r8 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r7, 0x13, &(0x7f0000000100)=[r8, r8], 0x2)
perf_event_open(&(0x7f00000003c0)={0x5, 0x80, 0x2, 0x5, 0x3, 0xff, 0x0, 0x6, 0x8, 0xe, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1f, 0x1, @perf_bp={&(0x7f0000000380), 0x5}, 0xa001, 0x6, 0x1000, 0x2, 0x100, 0x1, 0x3126, 0x0, 0x0, 0x0, 0xdbac}, 0x0, 0x3, r8, 0x8)
socket$inet6_tcp(0xa, 0x1, 0x0)
io_uring_register$IORING_REGISTER_FILES(r4, 0x2, &(0x7f0000000340), 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x18c38000)

[ 3084.357465] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
04:27:20 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
openat(r2, &(0x7f0000000000)='./file0\x00', 0x480a02, 0x1)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

[ 3084.357480] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3084.357494] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:27:20 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x200000000000000)

04:27:36 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 50)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:27:36 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x300000000000000)

04:27:36 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 11)

04:27:36 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
ioctl$TUNSETSNDBUF(r0, 0x400454d4, &(0x7f0000000100)=0x7)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x7, &(0x7f0000000040)=[{0x8, 0x3, 0x7, 0x40}, {0x1, 0x33, 0x8, 0x6}, {0xffff, 0x8, 0x3f, 0x7}, {0x0, 0x0, 0x0, 0xd8}, {0x1ff, 0x1, 0x1a, 0x101}, {0x5, 0x8, 0x84, 0x1b09}, {0x9, 0x4b, 0x4, 0x40}]})
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r2=>r0, {0x2a}}, './file0\x00'})
dup3(r1, r2, 0x0)
r3 = socket$inet(0x2, 0xa, 0x0)
dup3(r3, r0, 0x0)

04:27:36 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r1=>r0, {0x6e13}}, './file0\x00'})
ioctl$BTRFS_IOC_BALANCE_CTL(r1, 0x40049421, 0x2)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:27:36 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000080)={0x0, <r1=>0x0})
r2 = signalfd4(r0, &(0x7f0000000100)={[0x7]}, 0x8, 0x0)
perf_event_open(&(0x7f0000000000)={0x4, 0x80, 0x2, 0x6, 0x3, 0x7f, 0x0, 0x200, 0x1000, 0xc, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x9, 0x4, @perf_config_ext={0x0, 0x3f}, 0x10a0e, 0x3, 0x2, 0x5, 0x80000000, 0x7f, 0x7ff, 0x0, 0x0, 0x0, 0x8}, r1, 0xf, r2, 0x3)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:27:36 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r2, 0x13, &(0x7f0000000100)=[r3, r3], 0x2)
io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f0000000140)=[r3], 0x1)
r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r4, r4], 0x2)
perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x1, 0x18, 0x3, 0x1, 0x0, 0x20, 0x8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xca6c, 0x0, @perf_config_ext={0x8, 0x43d}, 0x10010, 0xfff, 0x3f, 0x7c40ffa118121db8, 0xc66, 0x2, 0x0, 0x0, 0x43, 0x0, 0x7fffffff}, 0xffffffffffffffff, 0x9, r4, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:27:36 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 11)

[ 3100.044701] FAULT_INJECTION: forcing a failure.
[ 3100.044701] name failslab, interval 1, probability 0, space 0, times 0
[ 3100.047199] CPU: 0 PID: 15885 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3100.047669] FAULT_INJECTION: forcing a failure.
[ 3100.047669] name failslab, interval 1, probability 0, space 0, times 0
[ 3100.048702] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3100.048711] Call Trace:
[ 3100.048740]  dump_stack+0x107/0x167
[ 3100.048770]  should_fail.cold+0x5/0xa
[ 3100.055057]  ? create_object.isra.0+0x3a/0xa30
[ 3100.056046]  should_failslab+0x5/0x20
[ 3100.056882]  kmem_cache_alloc+0x5b/0x310
[ 3100.057777]  create_object.isra.0+0x3a/0xa30
[ 3100.058729]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3100.059839]  kmem_cache_alloc_trace+0x151/0x320
[ 3100.060866]  ? io_tctx_exit_cb+0xf0/0xf0
[ 3100.061751]  percpu_ref_init+0xd8/0x3d0
[ 3100.062629]  io_uring_setup+0x47a/0x2980
[ 3100.063520]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3100.064575]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3100.065678]  ? wait_for_completion_io+0x270/0x270
[ 3100.066766]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3100.067900]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3100.069035]  do_syscall_64+0x33/0x40
[ 3100.069843]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3100.070945] RIP: 0033:0x7f4cd02cab19
[ 3100.071749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3100.075713] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3100.077359] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3100.078892] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3100.080427] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3100.081966] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3100.083495] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3100.085087] CPU: 1 PID: 15892 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3100.086588] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3100.088364] Call Trace:
[ 3100.088942]  dump_stack+0x107/0x167
[ 3100.089726]  should_fail.cold+0x5/0xa
[ 3100.090547]  ? create_object.isra.0+0x3a/0xa30
[ 3100.091527]  should_failslab+0x5/0x20
[ 3100.092346]  kmem_cache_alloc+0x5b/0x310
[ 3100.093232]  create_object.isra.0+0x3a/0xa30
[ 3100.094173]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3100.095267]  kmem_cache_alloc_trace+0x151/0x320
[ 3100.096269]  ? io_tctx_exit_cb+0xf0/0xf0
[ 3100.097152]  percpu_ref_init+0xd8/0x3d0
[ 3100.098009]  io_uring_setup+0x47a/0x2980
[ 3100.098882]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3100.099920]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3100.101019]  ? wait_for_completion_io+0x270/0x270
[ 3100.102085]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3100.103208]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3100.104317]  do_syscall_64+0x33/0x40
[ 3100.105126]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3100.106224] RIP: 0033:0x7f3b78954b19
[ 3100.107019] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3100.107298] FAULT_INJECTION: forcing a failure.
[ 3100.107298] name failslab, interval 1, probability 0, space 0, times 0
[ 3100.110963] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3100.110984] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3100.110996] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3100.111007] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3100.111018] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3100.111030] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3100.124920] CPU: 0 PID: 15895 Comm: syz-executor.6 Not tainted 5.10.253 #1
[ 3100.126412] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3100.128191] Call Trace:
[ 3100.128777]  dump_stack+0x107/0x167
[ 3100.129560]  should_fail.cold+0x5/0xa
[ 3100.130380]  ? create_object.isra.0+0x3a/0xa30
[ 3100.131356]  should_failslab+0x5/0x20
[ 3100.132169]  kmem_cache_alloc+0x5b/0x310
[ 3100.133051]  ? mark_held_locks+0x9e/0xe0
[ 3100.133925]  create_object.isra.0+0x3a/0xa30
[ 3100.134863]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3100.135954]  kmem_cache_alloc_bulk+0x168/0x320
[ 3100.136949]  io_submit_sqes+0x6fe4/0x8610
[ 3100.137871]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3100.138937]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3100.139974]  ? find_held_lock+0x2c/0x110
[ 3100.140860]  ? io_submit_sqes+0x8610/0x8610
[ 3100.141793]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3100.142828]  ? wait_for_completion_io+0x270/0x270
[ 3100.143861]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3100.144867]  ? vfs_write+0x354/0xb10
[ 3100.145668]  ? fput_many+0x2f/0x1a0
[ 3100.146449]  ? ksys_write+0x1a9/0x260
[ 3100.147262]  ? __ia32_sys_read+0xb0/0xb0
[ 3100.148137]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3100.149272]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3100.150380]  do_syscall_64+0x33/0x40
[ 3100.151178]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3100.152276] RIP: 0033:0x7fa49f703b19
[ 3100.153082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3100.157026] RSP: 002b:00007fa49cc79188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3100.158666] RAX: ffffffffffffffda RBX: 00007fa49f816f60 RCX: 00007fa49f703b19
[ 3100.160194] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 3100.161729] RBP: 00007fa49cc791d0 R08: 0000000000000000 R09: 0000000000000000
[ 3100.163257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3100.164796] R13: 00007fffb615a22f R14: 00007fa49cc79300 R15: 0000000000022000
04:27:36 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 12)

04:27:36 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 12)

[ 3100.237577] FAULT_INJECTION: forcing a failure.
[ 3100.237577] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3100.240261] CPU: 0 PID: 15907 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3100.241764] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3100.243544] Call Trace:
[ 3100.244123]  dump_stack+0x107/0x167
[ 3100.244926]  should_fail.cold+0x5/0xa
[ 3100.245762]  __alloc_pages_nodemask+0x182/0x600
[ 3100.246773]  ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320
[ 3100.248083]  ? cap_capable+0x1cd/0x230
[ 3100.248956]  alloc_pages_current+0x187/0x280
[ 3100.249911]  __get_free_pages+0xc/0xa0
[ 3100.250753]  io_uring_setup+0xe27/0x2980
[ 3100.251647]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3100.252749]  ? wait_for_completion_io+0x270/0x270
[ 3100.253837]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3100.254966]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3100.256084]  do_syscall_64+0x33/0x40
[ 3100.256899]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3100.258001] RIP: 0033:0x7f3b78954b19
[ 3100.258804] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3100.262765] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3100.264402] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3100.265947] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3100.267480] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3100.269031] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3100.270569] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:27:36 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x0, 0x8000000000000000, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0)
io_uring_enter(r2, 0x1ea8, 0x43aa, 0x0, &(0x7f0000000080), 0x8)
r3 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r3, 0x13, &(0x7f0000000100)=[r4, r4], 0x2)
ioctl$SNDRV_TIMER_IOCTL_TREAD(r4, 0x40045402, &(0x7f00000000c0)=0x1)
r5 = pidfd_getfd(0xffffffffffffffff, r1, 0x0)
io_uring_enter(r5, 0x582f, 0x519b, 0x0, &(0x7f0000000000)={[0x4]}, 0x8)

04:27:36 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x400000000000000)

04:27:36 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000140)={0x4, 0x0, &(0x7f0000000040)=[@enter_looper], 0xaa, 0x0, &(0x7f0000000080)="5eabbe46fcd8102eee2197f5dcb06fd388b36563594e976612d5dfe5ce532aecc699146673c47ecfa02e3048090d7165ceee52e8f1995f40ec69b7f90ffd1d2afe78afb8deb07c007dc78d20fee8a92a242d8ae1b678148f1f424972525e4fb5b673ada894ee9226f07ee2ff6ae48c6c46476b0e40d93fed001d012d01986ecabe71b8b302b375d92d2c16b04c73efbb5793f61f8836943709c5759fee19dc549c400ab9e8c4b40b8bf0"})
r2 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x800, 0x0, 0x8}, 0x18)
ioctl$EXT4_IOC_GROUP_EXTEND(r2, 0x40086607, &(0x7f0000000200)=0x9675)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc0189379, &(0x7f0000000240)={{0x1, 0x1, 0x18, <r3=>r0}, './file0\x00'})
openat(r3, &(0x7f0000000280)='./file0\x00', 0x6900, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

[ 3100.310563] FAULT_INJECTION: forcing a failure.
[ 3100.310563] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3100.313183] CPU: 1 PID: 15909 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3100.313194] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3100.313208] Call Trace:
[ 3100.317049]  dump_stack+0x107/0x167
[ 3100.317833]  should_fail.cold+0x5/0xa
[ 3100.318636]  __alloc_pages_nodemask+0x182/0x600
[ 3100.319597]  ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320
[ 3100.320849]  ? cap_capable+0x1cd/0x230
[ 3100.321663]  alloc_pages_current+0x187/0x280
[ 3100.322567]  __get_free_pages+0xc/0xa0
[ 3100.323369]  io_uring_setup+0xe27/0x2980
[ 3100.324252]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3100.324269]  ? wait_for_completion_io+0x270/0x270
[ 3100.324315]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3100.324335]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3100.324358]  do_syscall_64+0x33/0x40
[ 3100.324378]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
04:27:36 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x9, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0xfffe}, 0x0, 0x40, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0)={0x0, 0x4d48, 0x0, 0x0, 0x389}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r1, 0x400c6615, &(0x7f0000000000)={0x0, @aes128})
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0xff, 0x7, 0x1f, 0x9, 0x0, 0x6, 0x8, 0x6, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x7, @perf_bp={&(0x7f0000000040), 0x3}, 0xc0, 0x1, 0x7fffffff, 0x2, 0x1000, 0x2, 0x4, 0x0, 0x8, 0x0, 0x200}, 0xffffffffffffffff, 0x6, r0, 0xb)

[ 3100.324390] RIP: 0033:0x7f4cd02cab19
[ 3100.324408] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
04:27:36 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
ioctl$AUTOFS_IOC_FAIL(0xffffffffffffffff, 0x9361, 0x6488)
r0 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r0, 0x13, &(0x7f0000000100)=[r1, r1], 0x2)
ioctl$PIO_FONT(r1, 0x4b61, &(0x7f0000000200)="dd0a746180c2672a0222f4ac55a25a017853c5677a753b02a3e08ea57626880d9213edefb5cefa362e745c9a35acdc45e45bba9214acc8a223d794928a1dd1f1eb4c2289f22ad0b3844bf18281a1ef580231a3649e6729c31614935fe63d38e505dcf43c30c74d9d00f34176c6edc1804f1bf23d479035195fb0f8929d93c70bb13424637d030ae0f79106fc4ee7bc68780b4dcb0938e73347a028bf2c04e020cf2406934371dc68c13045628103e1d85f311ab9c78c2a5e6d1038a42c863c91a3398707")
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r2, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r2, 0x400454cd, 0x0)
r3 = socket$inet(0x2, 0xa, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x80, 0x5, 0x0, 0x50, 0xe1, 0x0, 0x7, 0x10200, 0xf, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0xb8, 0x0, @perf_bp={&(0x7f0000000040), 0x3}, 0x2, 0x7, 0x401, 0x3, 0x7, 0xf1f, 0x81, 0x0, 0x6d25, 0x0, 0x9}, 0xffffffffffffffff, 0xc, 0xffffffffffffffff, 0x2)
dup3(r3, r2, 0x0)

04:27:36 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 13)

[ 3100.324419] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3100.324439] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3100.324451] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3100.324462] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3100.324473] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3100.324485] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3100.371031] EXT4-fs warning (device sda): ext4_group_extend:1805: can't shrink FS - resize aborted
[ 3100.415469] EXT4-fs warning (device sda): ext4_group_extend:1805: can't shrink FS - resize aborted
[ 3100.537431] FAULT_INJECTION: forcing a failure.
[ 3100.537431] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3100.540146] CPU: 1 PID: 15931 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3100.541613] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3100.543351] Call Trace:
[ 3100.543911]  dump_stack+0x107/0x167
[ 3100.544688]  should_fail.cold+0x5/0xa
[ 3100.545495]  __alloc_pages_nodemask+0x182/0x600
[ 3100.546484]  ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320
[ 3100.547754]  ? cap_capable+0x1cd/0x230
[ 3100.548588]  alloc_pages_current+0x187/0x280
[ 3100.549527]  __get_free_pages+0xc/0xa0
[ 3100.550347]  io_uring_setup+0xf9a/0x2980
[ 3100.551219]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3100.552288]  ? wait_for_completion_io+0x270/0x270
[ 3100.553335]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3100.554437]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3100.555542]  do_syscall_64+0x33/0x40
[ 3100.556330]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3100.557415] RIP: 0033:0x7f3b78954b19
[ 3100.558202] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3100.562083] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3100.563695] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3100.565206] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3100.566702] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3100.568211] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3100.569713] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:27:52 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 13)

04:27:52 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETCARRIER(r0, 0x400454e2, &(0x7f0000000100)=0x1)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0xfff, 0xeb, 0x0, 0x5}, {0x4, 0x4, 0x1, 0x3f}]})
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:27:52 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 14)

04:27:52 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x10})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f0000000000))
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
openat(r2, &(0x7f0000000040)='./file0\x00', 0x400000, 0x18c)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:27:52 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 51)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:27:52 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x500000000000000)

04:27:52 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x73, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x400, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x3, 0x80, 0x3, 0x8, 0x6, 0x8, 0x0, 0x3f, 0x84404, 0x6, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x7fffffff, 0x0, @perf_config_ext={0xd965, 0x8001}, 0x32108, 0x4, 0xc6, 0x2, 0x8, 0x2, 0x0, 0x0, 0x6, 0x0, 0x567}, 0xffffffffffffffff, 0xd, 0xffffffffffffffff, 0x3)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0)={0x0, 0x0, 0x4}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x20, 0x8, 0xc9, 0x4, 0x0, 0x3, 0x2000, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3f, 0x1, @perf_config_ext={0xff, 0x7}, 0x2, 0xeb, 0x0, 0xe, 0x6, 0x2, 0x731, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0xd, r2, 0x2)

[ 3116.160709] FAULT_INJECTION: forcing a failure.
[ 3116.160709] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3116.164108] CPU: 1 PID: 15944 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3116.165881] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3116.167611] Call Trace:
[ 3116.168179]  dump_stack+0x107/0x167
[ 3116.168959]  should_fail.cold+0x5/0xa
[ 3116.169768]  __alloc_pages_nodemask+0x182/0x600
[ 3116.170743]  ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320
[ 3116.172017]  ? cap_capable+0x1cd/0x230
[ 3116.172856]  alloc_pages_current+0x187/0x280
[ 3116.173789]  __get_free_pages+0xc/0xa0
[ 3116.174610]  io_uring_setup+0xf9a/0x2980
[ 3116.175479]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3116.176545]  ? wait_for_completion_io+0x270/0x270
[ 3116.177594]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3116.178699]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3116.179790]  do_syscall_64+0x33/0x40
[ 3116.180576]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3116.181660] RIP: 0033:0x7f4cd02cab19
[ 3116.182446] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3116.186374] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3116.188004] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3116.189535] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3116.191066] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3116.192583] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3116.194130] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:27:52 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clock_gettime(0x0, &(0x7f0000001b00)={<r1=>0x0, <r2=>0x0})
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000001a00)=[{{&(0x7f0000000080)=@abs, 0x6e, &(0x7f0000000100)=[{&(0x7f0000000180)=""/87, 0x57}], 0x1, &(0x7f0000000340)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x118}}, {{&(0x7f0000000200), 0x6e, &(0x7f0000000280)=[{&(0x7f0000000480)=""/94, 0x5e}], 0x1, &(0x7f0000000500)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {<r3=>0x0}}}], 0x58}}, {{&(0x7f0000000580), 0x6e, &(0x7f00000016c0)=[{&(0x7f0000000600)=""/64, 0x40}, {&(0x7f0000000640)=""/72, 0x48}, {&(0x7f00000006c0)=""/4096, 0x1000}], 0x3, &(0x7f0000001700)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x48}}, {{&(0x7f0000001780), 0x6e, &(0x7f00000019c0)=[{&(0x7f0000001800)=""/58, 0x3a}, {&(0x7f0000001840)=""/126, 0x7e}, {&(0x7f00000018c0)=""/242, 0xf2}], 0x3}}], 0x4, 0x10100, &(0x7f0000001b40)={r1, r2+60000000})
perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x40, 0x7, 0x46, 0x7f, 0x0, 0x7d7b, 0x20020, 0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x100, 0x2, @perf_config_ext={0x1, 0x20}, 0x15050, 0x866, 0x81, 0x5, 0x100000001, 0x3, 0x0, 0x0, 0x8, 0x0, 0x1}, r3, 0x1, 0xffffffffffffffff, 0x2)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

[ 3116.218731] FAULT_INJECTION: forcing a failure.
[ 3116.218731] name failslab, interval 1, probability 0, space 0, times 0
[ 3116.221139] FAULT_INJECTION: forcing a failure.
[ 3116.221139] name failslab, interval 1, probability 0, space 0, times 0
[ 3116.221161] CPU: 1 PID: 15945 Comm: syz-executor.6 Not tainted 5.10.253 #1
[ 3116.221172] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3116.221178] Call Trace:
[ 3116.221201]  dump_stack+0x107/0x167
[ 3116.221224]  should_fail.cold+0x5/0xa
[ 3116.221254]  ? create_object.isra.0+0x3a/0xa30
[ 3116.230064]  should_failslab+0x5/0x20
[ 3116.230915]  kmem_cache_alloc+0x5b/0x310
[ 3116.231820]  ? mark_held_locks+0x9e/0xe0
[ 3116.232738]  create_object.isra.0+0x3a/0xa30
[ 3116.233723]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3116.234866]  kmem_cache_alloc_bulk+0x168/0x320
[ 3116.235891]  io_submit_sqes+0x6fe4/0x8610
[ 3116.236857]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3116.237970]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3116.239047]  ? find_held_lock+0x2c/0x110
[ 3116.239968]  ? io_submit_sqes+0x8610/0x8610
[ 3116.240955]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3116.242044]  ? wait_for_completion_io+0x270/0x270
[ 3116.243131]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3116.244175]  ? vfs_write+0x354/0xb10
[ 3116.245022]  ? fput_many+0x2f/0x1a0
[ 3116.245836]  ? ksys_write+0x1a9/0x260
[ 3116.246686]  ? __ia32_sys_read+0xb0/0xb0
[ 3116.247605]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3116.248809]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3116.249980]  do_syscall_64+0x33/0x40
[ 3116.250824]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3116.251990] RIP: 0033:0x7fa49f703b19
[ 3116.252838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3116.256994] RSP: 002b:00007fa49cc79188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3116.258731] RAX: ffffffffffffffda RBX: 00007fa49f816f60 RCX: 00007fa49f703b19
[ 3116.260360] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 3116.261993] RBP: 00007fa49cc791d0 R08: 0000000000000000 R09: 0000000000000000
[ 3116.263617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3116.265267] R13: 00007fffb615a22f R14: 00007fa49cc79300 R15: 0000000000022000
[ 3116.266956] CPU: 0 PID: 15951 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3116.268467] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3116.270232] Call Trace:
[ 3116.270808]  dump_stack+0x107/0x167
[ 3116.271590]  should_fail.cold+0x5/0xa
[ 3116.272411]  ? io_rsrc_node_switch_start.part.0+0x43/0x250
[ 3116.273604]  should_failslab+0x5/0x20
[ 3116.274418]  kmem_cache_alloc_trace+0x55/0x320
[ 3116.275401]  io_rsrc_node_switch_start.part.0+0x43/0x250
[ 3116.276551]  io_uring_setup+0x14f6/0x2980
[ 3116.277469]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3116.278547]  ? wait_for_completion_io+0x270/0x270
[ 3116.279620]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3116.280742]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3116.281854]  do_syscall_64+0x33/0x40
[ 3116.282651]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3116.283735] RIP: 0033:0x7f3b78954b19
[ 3116.284525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3116.288411] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3116.290031] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3116.291541] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3116.293056] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3116.294572] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3116.296083] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:27:52 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x9d79, 0x2, 0x1})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = syz_open_dev$mouse(&(0x7f0000000200), 0xfffffffffffffc01, 0x30d081)
ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r3, 0x8008f512, &(0x7f0000000240))
r4 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r4, 0x13, &(0x7f0000000100)=[r5, r5], 0x2)
r6 = fork()
fcntl$lock(r4, 0x26, &(0x7f00000001c0)={0x0, 0x3, 0x8000, 0x7, r6})
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
r7 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r8 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r7, 0x13, &(0x7f0000000100)=[r8, r8], 0x2)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r8, 0x402c5342, &(0x7f0000000140)={0x7e00, 0x1f, 0x2, {0x7fffffff, 0x2}, 0x7, 0x401})
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x10081, 0x0)

04:27:52 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x2, 0x9, 0xfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x200, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0)={0x0, 0x0, 0x10, 0x0, 0x32e}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2, 0x11, r1, 0xe9264000)

04:27:52 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 14)

04:27:52 executing program 2:
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f0000000080)={0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$AUTOFS_IOC_CATATONIC(0xffffffffffffffff, 0x9362, 0x0)
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x8, 0x3, 0x5c, 0x1f, 0x0, 0x9, 0x2002, 0xf, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x3, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x7, 0x0, @perf_config_ext={0x0, 0xeafb}, 0x140, 0x7, 0x7a400000, 0x4, 0x101, 0x8, 0x1, 0x0, 0x800, 0x0, 0x8}, 0xffffffffffffffff, 0xb, r0, 0x1)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:27:52 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x5fecada00000000)

[ 3116.448392] FAULT_INJECTION: forcing a failure.
[ 3116.448392] name failslab, interval 1, probability 0, space 0, times 0
[ 3116.450994] CPU: 1 PID: 15973 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3116.452468] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3116.454226] Call Trace:
[ 3116.454790]  dump_stack+0x107/0x167
[ 3116.455563]  should_fail.cold+0x5/0xa
[ 3116.456380]  ? io_rsrc_node_switch_start.part.0+0x43/0x250
[ 3116.457566]  should_failslab+0x5/0x20
[ 3116.458370]  kmem_cache_alloc_trace+0x55/0x320
[ 3116.459348]  io_rsrc_node_switch_start.part.0+0x43/0x250
[ 3116.460500]  io_uring_setup+0x14f6/0x2980
[ 3116.461411]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3116.462486]  ? wait_for_completion_io+0x270/0x270
[ 3116.463537]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3116.464658]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3116.465764]  do_syscall_64+0x33/0x40
[ 3116.466557]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3116.467643] RIP: 0033:0x7f4cd02cab19
[ 3116.468431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3116.472300] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3116.473905] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3116.475404] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3116.476916] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3116.478419] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3116.479923] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:27:52 executing program 3:
r0 = io_uring_setup(0x2501, &(0x7f0000000140)={0x0, 0x0, 0x2})
r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r0, 0x13, &(0x7f0000000100)=[r1, r1], 0x2)
ioctl$TCSETSF2(r1, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "0000008000", 0x800})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TIOCL_PASTESEL(r1, 0x541c, &(0x7f00000000c0))
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000040)=<r3=>0x0)
fcntl$setownex(r2, 0xf, &(0x7f0000000080)={0x1, r3})
ioctl$TUNSETQUEUE(r2, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r2, 0x400454cd, 0x0)
r4 = socket$inet(0x2, 0xa, 0x0)
r5 = dup3(r4, r2, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r5, 0xc0189379, &(0x7f0000000200)={{0x1, 0x1, 0x18, <r7=>r0}, './file0\x00'})
r8 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x3, 0x2, 0x0, 0x1b6})
r9 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r8, 0x13, &(0x7f0000000100)=[r9, r9], 0x2)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x4000)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r7, 0x6, &(0x7f00000002c0)={0x7, 0x0, &(0x7f0000000280)=[r0, r9, r1, r10]}, 0x4)
ftruncate(r6, 0x2)

04:28:07 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:28:07 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x200, 0x2, "77004a6efda09a8093d279c5e300c036008600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = open_tree(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x800)
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000080)={'vxcan1\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r2 = socket$inet(0x2, 0xa, 0x0)
dup3(r2, r0, 0x0)

04:28:07 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x600000000000000)

04:28:07 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x40802}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000ff2000/0xc000)=nil, 0xc000, 0xc, 0x11, r0, 0x6264f000)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r2, 0x89f0, &(0x7f00000000c0)={'syztnl1\x00', &(0x7f0000000040)={'syztnl2\x00', 0x0, 0x0, 0x28, 0xb4, 0x6e, 0x12, @private0={0xfc, 0x0, '\x00', 0x1}, @private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x7800, 0x1, 0xfffffe01}})
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000234000/0x4000)=nil, 0x4000, 0x8, 0x11, r3, 0x8000000)

04:28:07 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000004, 0x10, r1, 0x60f1d000)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:28:07 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 52)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:28:07 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 15)

04:28:07 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 15)

[ 3131.496534] FAULT_INJECTION: forcing a failure.
[ 3131.496534] name failslab, interval 1, probability 0, space 0, times 0
[ 3131.498086] CPU: 1 PID: 16007 Comm: syz-executor.6 Not tainted 5.10.253 #1
[ 3131.498960] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3131.500024] Call Trace:
[ 3131.500369]  dump_stack+0x107/0x167
[ 3131.500845]  should_fail.cold+0x5/0xa
[ 3131.501339]  ? create_object.isra.0+0x3a/0xa30
[ 3131.501919]  should_failslab+0x5/0x20
[ 3131.502400]  kmem_cache_alloc+0x5b/0x310
[ 3131.502912]  ? mark_held_locks+0x9e/0xe0
[ 3131.503424]  create_object.isra.0+0x3a/0xa30
[ 3131.503988]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3131.504628]  kmem_cache_alloc_bulk+0x168/0x320
[ 3131.505223]  io_submit_sqes+0x6fe4/0x8610
[ 3131.505763]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3131.506396]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3131.507004]  ? find_held_lock+0x2c/0x110
[ 3131.507519]  ? io_submit_sqes+0x8610/0x8610
[ 3131.508069]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3131.508686]  ? wait_for_completion_io+0x270/0x270
[ 3131.509330]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3131.509919]  ? vfs_write+0x354/0xb10
[ 3131.510424]  ? fput_many+0x2f/0x1a0
[ 3131.510906]  ? ksys_write+0x1a9/0x260
[ 3131.511391]  ? __ia32_sys_read+0xb0/0xb0
[ 3131.511886]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3131.512560]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3131.513230]  do_syscall_64+0x33/0x40
[ 3131.513709]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3131.514363] RIP: 0033:0x7fa49f703b19
[ 3131.514813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3131.517176] RSP: 002b:00007fa49cc79188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3131.518142] RAX: ffffffffffffffda RBX: 00007fa49f816f60 RCX: 00007fa49f703b19
[ 3131.518992] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 3131.519888] RBP: 00007fa49cc791d0 R08: 0000000000000000 R09: 0000000000000000
[ 3131.520793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3131.521693] R13: 00007fffb615a22f R14: 00007fa49cc79300 R15: 0000000000022000
[ 3131.528815] FAULT_INJECTION: forcing a failure.
[ 3131.528815] name failslab, interval 1, probability 0, space 0, times 0
[ 3131.531355] CPU: 0 PID: 16010 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3131.532873] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3131.534705] Call Trace:
[ 3131.535293]  dump_stack+0x107/0x167
[ 3131.536102]  should_fail.cold+0x5/0xa
[ 3131.537013]  ? create_object.isra.0+0x3a/0xa30
[ 3131.538029]  should_failslab+0x5/0x20
[ 3131.538867]  kmem_cache_alloc+0x5b/0x310
[ 3131.539761]  ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320
[ 3131.541100]  create_object.isra.0+0x3a/0xa30
[ 3131.542067]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3131.543194]  kmem_cache_alloc_trace+0x151/0x320
[ 3131.544229]  io_rsrc_node_switch_start.part.0+0x43/0x250
[ 3131.545421]  io_uring_setup+0x14f6/0x2980
[ 3131.546349]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3131.547451]  ? wait_for_completion_io+0x270/0x270
[ 3131.548557]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3131.549714]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3131.550851]  do_syscall_64+0x33/0x40
[ 3131.551676]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3131.552796] RIP: 0033:0x7f4cd02cab19
[ 3131.553618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3131.556716] FAULT_INJECTION: forcing a failure.
[ 3131.556716] name failslab, interval 1, probability 0, space 0, times 0
[ 3131.557627] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3131.560664] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3131.562220] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3131.563775] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3131.565329] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3131.566865] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3131.568447] CPU: 1 PID: 16018 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3131.569320] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3131.570294] Call Trace:
[ 3131.570609]  dump_stack+0x107/0x167
[ 3131.571057]  should_fail.cold+0x5/0xa
[ 3131.571530]  ? create_object.isra.0+0x3a/0xa30
[ 3131.572090]  should_failslab+0x5/0x20
[ 3131.572557]  kmem_cache_alloc+0x5b/0x310
[ 3131.573064]  ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320
[ 3131.573772]  create_object.isra.0+0x3a/0xa30
[ 3131.574325]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3131.574929]  kmem_cache_alloc_trace+0x151/0x320
[ 3131.575504]  io_rsrc_node_switch_start.part.0+0x43/0x250
[ 3131.576184]  io_uring_setup+0x14f6/0x2980
[ 3131.576703]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3131.577384]  ? wait_for_completion_io+0x270/0x270
[ 3131.577966]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3131.578606]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3131.579216]  do_syscall_64+0x33/0x40
[ 3131.579683]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3131.580321] RIP: 0033:0x7f3b78954b19
[ 3131.580776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3131.583048] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3131.583938] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3131.584809] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3131.585682] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3131.586549] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3131.587422] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:28:07 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 53)
socket$inet6_udplite(0xa, 0x2, 0x88)

[ 3131.651781] FAULT_INJECTION: forcing a failure.
[ 3131.651781] name failslab, interval 1, probability 0, space 0, times 0
[ 3131.653188] CPU: 1 PID: 16032 Comm: syz-executor.6 Not tainted 5.10.253 #1
[ 3131.654014] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3131.654956] Call Trace:
[ 3131.655277]  dump_stack+0x107/0x167
[ 3131.655713]  should_fail.cold+0x5/0xa
[ 3131.656154]  ? create_object.isra.0+0x3a/0xa30
[ 3131.656700]  should_failslab+0x5/0x20
[ 3131.657166]  kmem_cache_alloc+0x5b/0x310
[ 3131.657664]  ? mark_held_locks+0x9e/0xe0
[ 3131.658154]  create_object.isra.0+0x3a/0xa30
[ 3131.658669]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3131.659271]  kmem_cache_alloc_bulk+0x168/0x320
[ 3131.659814]  io_submit_sqes+0x6fe4/0x8610
[ 3131.660321]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3131.660922]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3131.661494]  ? find_held_lock+0x2c/0x110
[ 3131.661981]  ? io_submit_sqes+0x8610/0x8610
[ 3131.662494]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3131.663063]  ? wait_for_completion_io+0x270/0x270
[ 3131.663636]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3131.664187]  ? vfs_write+0x354/0xb10
[ 3131.664632]  ? copy_kernel_to_fpregs+0x9e/0xe0
[ 3131.665178]  ? trace_event_raw_event_x86_fpu+0x390/0x390
[ 3131.665813]  ? ksys_write+0x1a9/0x260
[ 3131.666261]  ? __ia32_sys_read+0xb0/0xb0
[ 3131.666748]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3131.667363]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3131.667972]  do_syscall_64+0x33/0x40
[ 3131.668411]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3131.669007] RIP: 0033:0x7fa49f703b19
[ 3131.669447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3131.671687] RSP: 002b:00007fa49cc79188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3131.672585] RAX: ffffffffffffffda RBX: 00007fa49f816f60 RCX: 00007fa49f703b19
[ 3131.673441] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 3131.674282] RBP: 00007fa49cc791d0 R08: 0000000000000000 R09: 0000000000000000
[ 3131.675119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3131.675953] R13: 00007fffb615a22f R14: 00007fa49cc79300 R15: 0000000000022000
04:28:07 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
r2 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_OPENAT={0x12, 0x5, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000000)='./file0\x00', 0x8, 0x8001, 0x12345, {0x0, r2}}, 0x2)

04:28:07 executing program 2:
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000080)={0xec5, 0x10000, 0x6, 0x8, 0x3f})
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x0, 0x80, 0x81, 0x3b, 0x9, 0x6, 0x0, 0x0, 0x80040, 0x6, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x9, 0x4, @perf_config_ext={0x7fffffff, 0xb}, 0x10008, 0xfffffffffffff000, 0x2, 0x5, 0x1f, 0x0, 0x0, 0x0, 0x80, 0x0, 0x1}, 0xffffffffffffffff, 0x6, 0xffffffffffffffff, 0x2)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x234f, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:28:07 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x603000000000000)

04:28:07 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r0, 0x8008f513, &(0x7f0000000040))
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff}, './file0\x00'})
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r1, 0x40042409, 0x1)

04:28:07 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 16)

04:28:07 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 54)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:28:07 executing program 3:
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000000)={0x6, 0x20000003, 0x0, 0x4, 0x4, "77004a6efdff0000000008002600", 0x81})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r1, 0x400454cd, 0x0)
r2 = socket$inet(0x2, 0xa, 0x0)
dup3(r2, r1, 0x0)

[ 3131.846867] FAULT_INJECTION: forcing a failure.
[ 3131.846867] name failslab, interval 1, probability 0, space 0, times 0
[ 3131.848159] FAULT_INJECTION: forcing a failure.
[ 3131.848159] name failslab, interval 1, probability 0, space 0, times 0
[ 3131.849545] CPU: 0 PID: 16049 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3131.852248] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3131.854125] Call Trace:
[ 3131.854746]  dump_stack+0x107/0x167
[ 3131.855593]  should_fail.cold+0x5/0xa
[ 3131.856471]  ? create_object.isra.0+0x3a/0xa30
[ 3131.857531]  should_failslab+0x5/0x20
[ 3131.858410]  kmem_cache_alloc+0x5b/0x310
[ 3131.859357]  create_object.isra.0+0x3a/0xa30
[ 3131.860383]  kmemleak_alloc_percpu+0xa0/0x100
[ 3131.861439]  pcpu_alloc+0x4e2/0x1240
[ 3131.862327]  ? io_async_queue_proc+0x80/0x80
[ 3131.863338]  percpu_ref_init+0x31/0x3d0
[ 3131.864260]  io_rsrc_node_switch_start.part.0+0x6a/0x250
[ 3131.865516]  io_uring_setup+0x14f6/0x2980
[ 3131.866491]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3131.867656]  ? wait_for_completion_io+0x270/0x270
[ 3131.868808]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3131.870014]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3131.871210]  do_syscall_64+0x33/0x40
[ 3131.872065]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3131.873262] RIP: 0033:0x7f3b78954b19
[ 3131.874114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3131.878266] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3131.880010] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3131.881644] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3131.883268] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3131.884884] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3131.886524] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3131.888192] CPU: 1 PID: 16051 Comm: syz-executor.6 Not tainted 5.10.253 #1
[ 3131.888999] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3131.889943] Call Trace:
[ 3131.890244]  dump_stack+0x107/0x167
[ 3131.890659]  should_fail.cold+0x5/0xa
[ 3131.891090]  ? create_object.isra.0+0x3a/0xa30
[ 3131.891606]  should_failslab+0x5/0x20
[ 3131.892039]  kmem_cache_alloc+0x5b/0x310
[ 3131.892509]  ? mark_held_locks+0x9e/0xe0
[ 3131.892983]  create_object.isra.0+0x3a/0xa30
[ 3131.893482]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3131.894063]  kmem_cache_alloc_bulk+0x168/0x320
[ 3131.894582]  io_submit_sqes+0x6fe4/0x8610
[ 3131.895070]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3131.895641]  __do_sys_io_uring_enter+0x6b2/0x1890
04:28:07 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 16)

[ 3131.896188]  ? find_held_lock+0x2c/0x110
[ 3131.896836]  ? io_submit_sqes+0x8610/0x8610
[ 3131.897338]  ? __mutex_unlock_slowpath+0xe1/0x600
04:28:07 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

[ 3131.897887]  ? wait_for_completion_io+0x270/0x270
[ 3131.898563]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3131.899058]  ? vfs_write+0x354/0xb10
[ 3131.899457]  ? fput_many+0x2f/0x1a0
[ 3131.899846]  ? ksys_write+0x1a9/0x260
[ 3131.900252]  ? __ia32_sys_read+0xb0/0xb0
[ 3131.900691]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3131.901259]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3131.901812]  do_syscall_64+0x33/0x40
[ 3131.902210]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3131.902757] RIP: 0033:0x7fa49f703b19
[ 3131.903155] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3131.905113] RSP: 002b:00007fa49cc79188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3131.905926] RAX: ffffffffffffffda RBX: 00007fa49f816f60 RCX: 00007fa49f703b19
[ 3131.906685] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 3131.907447] RBP: 00007fa49cc791d0 R08: 0000000000000000 R09: 0000000000000000
[ 3131.908206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3131.908972] R13: 00007fffb615a22f R14: 00007fa49cc79300 R15: 0000000000022000
04:28:08 executing program 0:
r0 = getpgrp(0x0)
pidfd_open(r0, 0x0)
kcmp$KCMP_EPOLL_TFD(r0, 0x0, 0x7, 0xffffffffffffffff, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x6})
r1 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r1, 0x0)
r2 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140)=<r3=>0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000100)=ANY=[@ANYBLOB="017b01000000000018000000", @ANYRES32=<r4=>r1, @ANYBLOB="01000100000000002e2f66696c653000"])
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r5=>0x0, &(0x7f0000000140)=<r6=>0x0)
r7 = socket$unix(0x1, 0x2, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r7, 0x80, &(0x7f0000000340)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}}, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1, {0x0, r8}}, 0x0)
syz_io_uring_submit(r5, r3, &(0x7f0000000180)=@IORING_OP_SPLICE={0x1e, 0xf0a26904156eb6bb, 0x0, @fd=r2, 0x4, {0x0, r1}, 0x0, 0x5, 0x0, {0x0, r8, r4}}, 0xffffffe0)
setns(r4, 0x80)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r1, 0x0)
r9 = getpgrp(0x0)
pidfd_open(r9, 0x0)
perf_event_open(&(0x7f0000000040)={0x4, 0x80, 0x9, 0x4, 0x81, 0x3, 0x0, 0xea6, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x7, 0x2, @perf_config_ext={0x1ff, 0x9}, 0x2402, 0x3fffc00, 0xffffffea, 0x8, 0x81, 0x7, 0x8, 0x0, 0xfffffff7, 0x0, 0x3}, r9, 0x8, r1, 0xa)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000000)={0x0, 0x0, 0x9, 0x4})

[ 3131.927960] FAULT_INJECTION: forcing a failure.
[ 3131.927960] name failslab, interval 1, probability 0, space 0, times 0
[ 3131.929210] CPU: 1 PID: 16057 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3131.930000] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3131.930945] Call Trace:
[ 3131.931252]  dump_stack+0x107/0x167
[ 3131.931667]  should_fail.cold+0x5/0xa
[ 3131.932105]  ? create_object.isra.0+0x3a/0xa30
[ 3131.932623]  should_failslab+0x5/0x20
[ 3131.933067]  kmem_cache_alloc+0x5b/0x310
[ 3131.933536]  create_object.isra.0+0x3a/0xa30
[ 3131.934039]  kmemleak_alloc_percpu+0xa0/0x100
[ 3131.934552]  pcpu_alloc+0x4e2/0x1240
[ 3131.934986]  ? io_async_queue_proc+0x80/0x80
[ 3131.935485]  percpu_ref_init+0x31/0x3d0
[ 3131.935941]  io_rsrc_node_switch_start.part.0+0x6a/0x250
[ 3131.936560]  io_uring_setup+0x14f6/0x2980
[ 3131.937046]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3131.937619]  ? wait_for_completion_io+0x270/0x270
[ 3131.938179]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3131.938772]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3131.939368]  do_syscall_64+0x33/0x40
[ 3131.939792]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3131.940376] RIP: 0033:0x7f4cd02cab19
[ 3131.940801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3131.942899] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3131.943762] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3131.944571] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3131.945393] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3131.946203] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3131.947013] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:28:25 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 55)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:28:25 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x700000000000000)

04:28:25 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x11, r1, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:28:25 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 17)

04:28:25 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)
r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000040), 0x34000, 0x0)
ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000080)={'team_slave_0\x00'})

04:28:25 executing program 2:
setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000000)={0xd02d, 0x401, 0x80, 0xba, 0x2, 0x95, 0x1000}, 0xc)
r0 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:28:25 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 17)

04:28:25 executing program 7:
r0 = fspick(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x1)
ioctl$BTRFS_IOC_GET_DEV_STATS(r0, 0xc4089434, &(0x7f0000000340)={0x0, 0x1, 0x1, [0x4, 0x8, 0x0, 0x3, 0x8], [0x76, 0x6, 0x40, 0x5400000000000000, 0x5, 0x100000001, 0x1, 0xffffffffffffff7f, 0xff, 0xa2, 0x4bc54ecf, 0x6, 0xff, 0x6, 0xbb, 0x3, 0x5, 0x7, 0x2, 0x7, 0x1f1f, 0x100000000, 0x7fffffff, 0x29e7, 0x1ff, 0x7fffffff, 0x9, 0x5, 0x1, 0xa2c5, 0xfffffffffffff801, 0x518, 0x3, 0x1307, 0x7f, 0x1f, 0x1ff, 0x8001, 0x5, 0x1, 0x2, 0x6, 0x7, 0x6, 0x400, 0x2, 0x2520, 0x7fff, 0x4, 0x9, 0x8, 0xd7ed, 0x800, 0x58, 0x80000001, 0x8, 0x8000, 0x21, 0x32d3, 0x80, 0x4, 0x200, 0x3, 0x4, 0x1, 0x1, 0x8, 0xe72, 0x7ff, 0x81, 0x2, 0x3, 0x4, 0xffff, 0x0, 0x101, 0x859, 0xfffffffffffffff9, 0x7, 0x3, 0x89bc, 0xeef2, 0x98, 0x5, 0x2, 0x9, 0x100, 0x8, 0x11, 0x3, 0xffffffffffffff31, 0xc85, 0x8, 0x2, 0x5, 0x5cd2, 0x0, 0x6, 0xa0, 0x3ff, 0x9, 0x1, 0x100000000, 0x5, 0x1ff, 0x7, 0x2, 0xff, 0xa652, 0x6, 0x9, 0x8, 0x1000, 0x5, 0x4, 0x8000, 0x80, 0x100, 0x100000001, 0x7ff, 0x5]})
r1 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r1, 0x0)
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000140)=<r2=>0x0)
r3 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r3, 0x13, &(0x7f0000000100)=[r4, r4], 0x2)
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x5, 0x5, 0x3, 0x9, 0x0, 0xffff, 0x10000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x5, 0x1, @perf_config_ext={0x81, 0x200}, 0x10065, 0x2, 0x1, 0x3, 0x5, 0x20, 0x7, 0x0, 0x4, 0x0, 0x6}, r2, 0x8, r4, 0x5)
r5 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r4, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r6=>r4, {0xffffffffffffffff, 0xee01}}, './file0\x00'})
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000002e00ff2d000000000000000000000000040000000c00008008000000", @ANYRES32=0x0, @ANYBLOB="b0b94df81e1d4196082734e3c4f2eda33c176acf1b488099d3d46c9b101e54dabd5cc000dee6439fd1a1ff8aea8f013f0ef3e70fd095cd810adafeba7b86fa8d954e8c40b441589bed82d3e2b9e4bc1ff9e9b34d34f623b8dd35080541d5bd978c3d879492d4ea543a0f7d4bb4fb63490db2b6efce365252cebde74b8af830ce8925db7bdb6277d9df3f4d81ee4f2c765c95b7de956db2b922a647625fec0b61a0303487d3c72dc7a34fe65f71e49c0cf529b2241cc109fc534d8a9f802e79dece0ced9bd983aa1b87658390"], 0x24}}, 0x0)
r8 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180), r7)
sendmsg$TIPC_CMD_SHOW_PORTS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000080), 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x1c, r8, 0x134d01bb93abec4, 0x70bd2b, 0x25dfdbff, {}, ["", "", "", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40804}, 0x4084)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r6, &(0x7f00000007c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000780)={&(0x7f0000000280)={0x30, r8, 0x20, 0x70bd2c, 0x25dfdbfd, {{}, {}, {0x14, 0x14, 'broadcast-link\x00'}}, ["", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x4040848}, 0x0)
write$binfmt_script(r5, &(0x7f0000000180)={'#! ', './file0', [{0x20, '\x00\x00\xf1-\x13\x82h\xf5\xe3\x00\xa85;\x16S\xfa\xc3u[\x18\xa9\x9b\xc9\x93\xabq\\9\x11\xea\x90Dw\xe1Fc\x97%\xda\xdfe\x7fc_7\xa1v\xd6'}, {0x20, '\x00\xef\x84\x1b\x9a\xfa|\x8a\x1e\x83jo'}, {}, {0x20, '\x00'}], 0xa, "b33187957db1be188df4a35d7a4c0f9676e6b129acf467417d3f683e70aa99408cb96492e8fc2deb039784210b5bd9a93394844e71246863e36e6414c3c87469bfd5dd18abfdd59b70c0682eb3ef7167557c39638790da44ce9d6d26b20000000093b865"}, 0xb0)

[ 3149.086031] FAULT_INJECTION: forcing a failure.
[ 3149.086031] name failslab, interval 1, probability 0, space 0, times 0
[ 3149.088578] CPU: 0 PID: 16080 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3149.089998] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3149.091673] Call Trace:
[ 3149.092229]  dump_stack+0x107/0x167
[ 3149.092994]  should_fail.cold+0x5/0xa
[ 3149.093805]  ? create_object.isra.0+0x3a/0xa30
[ 3149.094752]  should_failslab+0x5/0x20
[ 3149.095541]  kmem_cache_alloc+0x5b/0x310
[ 3149.096398]  create_object.isra.0+0x3a/0xa30
[ 3149.097344]  kmemleak_alloc_percpu+0xa0/0x100
[ 3149.098290]  pcpu_alloc+0x4e2/0x1240
[ 3149.099098]  ? io_async_queue_proc+0x80/0x80
[ 3149.100012]  percpu_ref_init+0x31/0x3d0
[ 3149.100852]  io_rsrc_node_switch_start.part.0+0x6a/0x250
[ 3149.101989]  io_uring_setup+0x14f6/0x2980
[ 3149.102871]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3149.103924]  ? wait_for_completion_io+0x270/0x270
[ 3149.104981]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3149.106077]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3149.107161]  do_syscall_64+0x33/0x40
[ 3149.107941]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3149.109008] RIP: 0033:0x7f3b78954b19
[ 3149.109853] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3149.113683] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3149.115269] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3149.116752] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3149.118248] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3149.119729] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3149.121216] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3149.136426] FAULT_INJECTION: forcing a failure.
[ 3149.136426] name failslab, interval 1, probability 0, space 0, times 0
[ 3149.137856] FAULT_INJECTION: forcing a failure.
[ 3149.137856] name failslab, interval 1, probability 0, space 0, times 0
[ 3149.139421] CPU: 0 PID: 16079 Comm: syz-executor.6 Not tainted 5.10.253 #1
[ 3149.143640] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3149.145610] Call Trace:
[ 3149.146236]  dump_stack+0x107/0x167
[ 3149.147098]  should_fail.cold+0x5/0xa
[ 3149.147997]  ? create_object.isra.0+0x3a/0xa30
[ 3149.149086]  should_failslab+0x5/0x20
[ 3149.149984]  kmem_cache_alloc+0x5b/0x310
[ 3149.150943]  ? mark_held_locks+0x9e/0xe0
[ 3149.151903]  create_object.isra.0+0x3a/0xa30
[ 3149.152934]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3149.154148]  kmem_cache_alloc_bulk+0x168/0x320
[ 3149.155232]  io_submit_sqes+0x6fe4/0x8610
[ 3149.156254]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3149.157437]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3149.158585]  ? _raw_spin_unlock_irq+0x1f/0x30
[ 3149.159651]  ? io_submit_sqes+0x8610/0x8610
[ 3149.160665]  ? finish_task_switch+0x126/0x5d0
[ 3149.161732]  ? finish_task_switch+0xef/0x5d0
[ 3149.162772]  ? __switch_to+0x572/0xf70
[ 3149.163686]  ? __switch_to_asm+0x3a/0x60
[ 3149.164632]  ? __switch_to_asm+0x34/0x60
[ 3149.165595]  ? __schedule+0x82c/0x1ea0
[ 3149.166520]  ? io_schedule_timeout+0x140/0x140
[ 3149.167593]  ? copy_kernel_to_fpregs+0x9e/0xe0
[ 3149.168668]  ? trace_event_raw_event_x86_fpu+0x390/0x390
[ 3149.169968]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3149.171204]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3149.172418]  do_syscall_64+0x33/0x40
[ 3149.173312]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3149.174514] RIP: 0033:0x7fa49f703b19
[ 3149.175390] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3149.179711] RSP: 002b:00007fa49cc79188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3149.181503] RAX: ffffffffffffffda RBX: 00007fa49f816f60 RCX: 00007fa49f703b19
[ 3149.183177] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 3149.184840] RBP: 00007fa49cc791d0 R08: 0000000000000000 R09: 0000000000000000
[ 3149.186531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3149.188209] R13: 00007fffb615a22f R14: 00007fa49cc79300 R15: 0000000000022000
[ 3149.189929] CPU: 1 PID: 16084 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3149.191725] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3149.193619] Call Trace:
[ 3149.194215]  dump_stack+0x107/0x167
[ 3149.195058]  should_fail.cold+0x5/0xa
[ 3149.195932]  ? create_object.isra.0+0x3a/0xa30
[ 3149.196970]  should_failslab+0x5/0x20
[ 3149.197845]  kmem_cache_alloc+0x5b/0x310
[ 3149.198784]  create_object.isra.0+0x3a/0xa30
[ 3149.199786]  kmemleak_alloc_percpu+0xa0/0x100
[ 3149.200821]  pcpu_alloc+0x4e2/0x1240
[ 3149.201704]  ? io_async_queue_proc+0x80/0x80
[ 3149.202706]  percpu_ref_init+0x31/0x3d0
[ 3149.203618]  io_rsrc_node_switch_start.part.0+0x6a/0x250
[ 3149.204850]  io_uring_setup+0x14f6/0x2980
[ 3149.205819]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3149.206965]  ? wait_for_completion_io+0x270/0x270
[ 3149.208098]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3149.209334]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3149.210534]  do_syscall_64+0x33/0x40
[ 3149.211388]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3149.212591] RIP: 0033:0x7f4cd02cab19
[ 3149.213450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3149.217678] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3149.219425] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3149.221092] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3149.222745] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3149.224357] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3149.226054] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:28:25 executing program 0:
r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x73, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x46, 0x0, 0x4, 0x0, 0x0, 0x0, 0x40000110}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = getpgrp(0x0)
pidfd_open(r1, 0x0)
perf_event_open(&(0x7f00000000c0)={0x4, 0x80, 0x1, 0x1, 0xa9, 0x3, 0x0, 0x8, 0x20020, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x10001, 0x2, @perf_bp={&(0x7f0000000080), 0xd}, 0x800, 0x6, 0x0, 0x6, 0x0, 0x0, 0x1, 0x0, 0x8, 0x0, 0x1}, r1, 0x10, 0xffffffffffffffff, 0x3)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(0x0, r2, &(0x7f00000003c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000380)='./file0\x00', 0x0, 0x0, 0x23456}, 0x7ff)
ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f0000000340)=0x7)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2e, &(0x7f0000000180)={0x9, {{0x2, 0x4e21, @rand_addr=0x64010102}}, {{0x2, 0x4e22, @private=0xa010101}}}, 0x108)

04:28:25 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
r4 = socket$unix(0x1, 0x2, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000340)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}}, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
syz_io_uring_submit(r5, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000000)=@IORING_OP_MADVISE={0x19, 0x3, 0x0, 0x0, 0x0, &(0x7f0000234000/0x3000)=nil, 0x3000, 0x9}, 0x7fffffff)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:28:25 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 18)

04:28:25 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x800000000000000)

04:28:25 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x6}, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:28:25 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000300), 0x30440, 0x0)
ioctl$TUNSETCARRIER(r1, 0x400454e2, &(0x7f0000000340))
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r2 = socket$inet(0x2, 0xa, 0x0)
dup3(r2, r0, 0x0)
sendmsg$IPVS_CMD_SET_SERVICE(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000200)={0xe0, 0x0, 0x10, 0x70bd25, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x10001}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8}, @IPVS_CMD_ATTR_DEST={0x24, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0xa76}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x2}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x7}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x2}]}, @IPVS_CMD_ATTR_SERVICE={0x6c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x8, 0x2}}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@mcast1}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x33}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x6c}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x2e}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x7ff}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x11, 0xc}}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x6}, @IPVS_CMD_ATTR_SERVICE={0x14, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x3}]}, 0xe0}, 0x1, 0x0, 0x0, 0x4048000}, 0x2400488b)
r3 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r3, 0x13, &(0x7f0000000100)=[r4, r4], 0x2)
ioctl$TIOCCBRK(r4, 0x5428)

[ 3149.422271] FAULT_INJECTION: forcing a failure.
[ 3149.422271] name failslab, interval 1, probability 0, space 0, times 0
[ 3149.424795] CPU: 1 PID: 16103 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3149.426328] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3149.428139] Call Trace:
[ 3149.428724]  dump_stack+0x107/0x167
[ 3149.429538]  should_fail.cold+0x5/0xa
[ 3149.430377]  ? percpu_ref_init+0xd8/0x3d0
[ 3149.431287]  should_failslab+0x5/0x20
[ 3149.432122]  kmem_cache_alloc_trace+0x55/0x320
[ 3149.433141]  ? io_async_queue_proc+0x80/0x80
[ 3149.434106]  percpu_ref_init+0xd8/0x3d0
[ 3149.434985]  io_rsrc_node_switch_start.part.0+0x6a/0x250
[ 3149.436186]  io_uring_setup+0x14f6/0x2980
[ 3149.437132]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3149.438254]  ? wait_for_completion_io+0x270/0x270
[ 3149.439346]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3149.440512]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3149.441669]  do_syscall_64+0x33/0x40
[ 3149.442499]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3149.443636] RIP: 0033:0x7f3b78954b19
[ 3149.444461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3149.448560] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3149.450290] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3149.451897] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3149.453516] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3149.455143] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3149.456759] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:28:40 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = memfd_create(&(0x7f0000000340)='\x00', 0x0)
pwritev2(r2, &(0x7f0000000080)=[{&(0x7f00000000c0)='Z', 0x1}], 0x1, 0x0, 0x0, 0x0)
r3 = clone3(&(0x7f0000000000)={0x1040100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
clone3(&(0x7f0000000380)={0x3001200, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180), {}, &(0x7f00000001c0)=""/48, 0x30, &(0x7f0000000200)=""/42, &(0x7f0000000240)=[r3], 0x1}, 0x58)
finit_module(r2, 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
r5 = perf_event_open$cgroup(&(0x7f00000004c0)={0x4, 0x80, 0x0, 0x80, 0x9, 0x8, 0x0, 0x40, 0x100, 0x4, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x5, 0x2, @perf_bp={&(0x7f0000000280), 0xf}, 0x4, 0x5, 0x8, 0x2, 0x4, 0xf56, 0xd13, 0x0, 0x1, 0x0, 0x7}, r4, 0x4, r1, 0x1)
ioctl$FIGETBSZ(r5, 0x2, &(0x7f0000000400))
r6 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000000, 0x12, r6, 0x25054000)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:28:40 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
ioctl$TIOCGPTLCK(r1, 0x80045439, &(0x7f00000000c0))
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r2=>r0, {0x3}}, './file0\x00'})
ioctl$FIONREAD(r2, 0x541b, &(0x7f0000000180))
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r3 = socket$inet(0x2, 0xa, 0x0)
r4 = io_uring_setup(0x2501, &(0x7f0000000200)={0x0, 0xffffffff, 0x1, 0x0, 0x20})
r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r4, 0x13, &(0x7f0000000100)=[r5, r5], 0x2)
ioctl$TUNSETQUEUE(r5, 0x400454d9, &(0x7f0000000140)={'netpci0\x00'})
dup3(r3, r0, 0x0)

04:28:40 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 19)

04:28:40 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 18)

04:28:40 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 56)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:28:40 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0xa00000000000000)

04:28:40 executing program 2:
r0 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r0, 0x13, &(0x7f0000000100)=[r1, r1], 0x2)
r2 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x100000001}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x0, 0x0, r1, 0x0)
r3 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r3, 0x13, &(0x7f0000000100)=[r4, r4], 0x2)
r5 = perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x40, 0x81, 0x2e, 0x0, 0x0, 0x6, 0x40, 0x2, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x4, 0x0, @perf_bp={&(0x7f0000000040), 0x4}, 0x401, 0x81, 0x9, 0x0, 0x7fff, 0x9, 0x8200, 0x0, 0x7fffffff}, 0xffffffffffffffff, 0xa, r4, 0x3)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r1, 0xc0189377, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r6=>r5, {0x9, 0x37e}}, './file0\x00'})
getsockname$unix(r6, &(0x7f0000000200), &(0x7f0000000280)=0x6e)
r7 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x13, &(0x7f0000000100)=[r7, r7], 0x2)
r8 = epoll_create1(0x0)
r9 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r10 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r9, 0x13, &(0x7f0000000100)=[r10, r10], 0x2)
r11 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x440002, 0x50)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000340)=[0xffffffffffffffff, 0xffffffffffffffff, r2, r8, r10, r11], 0x6)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r2, 0x0)

04:28:40 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, r1)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
r3 = getpgrp(0x0)
pidfd_open(r3, 0x0)
fcntl$lock(r2, 0x5, &(0x7f0000000040)={0x0, 0x0, 0x100, 0x1, r3})

[ 3164.111184] FAULT_INJECTION: forcing a failure.
[ 3164.111184] name failslab, interval 1, probability 0, space 0, times 0
[ 3164.113881] CPU: 1 PID: 16125 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3164.115489] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3164.117300] FAULT_INJECTION: forcing a failure.
[ 3164.117300] name failslab, interval 1, probability 0, space 0, times 0
[ 3164.117449] Call Trace:
[ 3164.117484]  dump_stack+0x107/0x167
[ 3164.117514]  should_fail.cold+0x5/0xa
[ 3164.122659]  ? percpu_ref_init+0xd8/0x3d0
[ 3164.123641]  should_failslab+0x5/0x20
[ 3164.124543]  kmem_cache_alloc_trace+0x55/0x320
[ 3164.125638]  ? io_async_queue_proc+0x80/0x80
[ 3164.126669]  percpu_ref_init+0xd8/0x3d0
[ 3164.127608]  io_rsrc_node_switch_start.part.0+0x6a/0x250
[ 3164.128892]  io_uring_setup+0x14f6/0x2980
[ 3164.129922]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3164.131123]  ? wait_for_completion_io+0x270/0x270
[ 3164.132312]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3164.133580]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3164.134817]  do_syscall_64+0x33/0x40
[ 3164.135723]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3164.136935] RIP: 0033:0x7f4cd02cab19
[ 3164.137832] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3164.142159] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3164.143975] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3164.145693] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3164.147403] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3164.149103] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3164.150824] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3164.152567] CPU: 0 PID: 16134 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3164.153713] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3164.155062] Call Trace:
[ 3164.155498]  dump_stack+0x107/0x167
[ 3164.156101]  should_fail.cold+0x5/0xa
[ 3164.156728]  ? create_object.isra.0+0x3a/0xa30
[ 3164.157493]  should_failslab+0x5/0x20
[ 3164.158119]  kmem_cache_alloc+0x5b/0x310
[ 3164.158797]  create_object.isra.0+0x3a/0xa30
[ 3164.159514]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3164.160359]  kmem_cache_alloc_trace+0x151/0x320
[ 3164.161121]  ? io_async_queue_proc+0x80/0x80
[ 3164.161837]  percpu_ref_init+0xd8/0x3d0
[ 3164.162492]  io_rsrc_node_switch_start.part.0+0x6a/0x250
[ 3164.163368]  io_uring_setup+0x14f6/0x2980
[ 3164.164058]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3164.164902]  ? wait_for_completion_io+0x270/0x270
[ 3164.165745]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3164.166620]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3164.167473]  do_syscall_64+0x33/0x40
[ 3164.167759] FAULT_INJECTION: forcing a failure.
[ 3164.167759] name failslab, interval 1, probability 0, space 0, times 0
[ 3164.168091]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3164.168104] RIP: 0033:0x7f3b78954b19
[ 3164.168129] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3164.174862] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3164.176119] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3164.177296] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3164.178464] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3164.179629] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3164.180788] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3164.181992] CPU: 1 PID: 16126 Comm: syz-executor.6 Not tainted 5.10.253 #1
[ 3164.183471] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3164.185226] Call Trace:
[ 3164.185785]  dump_stack+0x107/0x167
[ 3164.186556]  should_fail.cold+0x5/0xa
[ 3164.187366]  ? create_object.isra.0+0x3a/0xa30
[ 3164.188323]  should_failslab+0x5/0x20
[ 3164.189124]  kmem_cache_alloc+0x5b/0x310
[ 3164.189994]  ? mark_held_locks+0x9e/0xe0
[ 3164.190863]  create_object.isra.0+0x3a/0xa30
[ 3164.191794]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3164.191981] Module has invalid ELF structures
[ 3164.192872]  kmem_cache_alloc_bulk+0x168/0x320
[ 3164.192899]  io_submit_sqes+0x6fe4/0x8610
[ 3164.192954]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3164.196500]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3164.197536]  ? find_held_lock+0x2c/0x110
[ 3164.198404]  ? io_submit_sqes+0x8610/0x8610
[ 3164.199328]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3164.200352]  ? wait_for_completion_io+0x270/0x270
[ 3164.201392]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3164.202384]  ? vfs_write+0x354/0xb10
[ 3164.203181]  ? fput_many+0x2f/0x1a0
[ 3164.203958]  ? ksys_write+0x1a9/0x260
[ 3164.204769]  ? __ia32_sys_read+0xb0/0xb0
[ 3164.205655]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3164.206780]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3164.207886]  do_syscall_64+0x33/0x40
[ 3164.208683]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3164.209788] RIP: 0033:0x7fa49f703b19
[ 3164.210592] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3164.214551] RSP: 002b:00007fa49cc79188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3164.216188] RAX: ffffffffffffffda RBX: 00007fa49f816f60 RCX: 00007fa49f703b19
[ 3164.217727] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 3164.219258] RBP: 00007fa49cc791d0 R08: 0000000000000000 R09: 0000000000000000
[ 3164.220798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3164.222353] R13: 00007fffb615a22f R14: 00007fa49cc79300 R15: 0000000000022000
04:28:40 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 20)

[ 3164.285776] Module has invalid ELF structures
04:28:40 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
ioctl$EXT4_IOC_GROUP_ADD(r1, 0x40286608, &(0x7f0000000000)={0xffff, 0x2, 0x2, 0x3ff, 0x3, 0x2})
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:28:40 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
dup2(r0, r1)

04:28:40 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0xa03000000000000)

[ 3164.358587] FAULT_INJECTION: forcing a failure.
[ 3164.358587] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3164.360539] CPU: 0 PID: 16161 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3164.361636] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3164.362932] Call Trace:
[ 3164.363364]  dump_stack+0x107/0x167
[ 3164.363950]  should_fail.cold+0x5/0xa
[ 3164.364565]  _copy_to_user+0x2e/0x180
[ 3164.365170]  io_uring_setup+0x11b5/0x2980
[ 3164.365859]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3164.366670]  ? wait_for_completion_io+0x270/0x270
[ 3164.367462]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3164.368282]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3164.369103]  do_syscall_64+0x33/0x40
[ 3164.369721]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3164.370537] RIP: 0033:0x7f3b78954b19
[ 3164.371135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3164.374145] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3164.375332] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3164.376457] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3164.377591] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3164.378726] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3164.379848] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:28:40 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 19)

04:28:40 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000040)={'wlan0\x00'})

[ 3164.460933] FAULT_INJECTION: forcing a failure.
[ 3164.460933] name failslab, interval 1, probability 0, space 0, times 0
[ 3164.462852] CPU: 0 PID: 16176 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3164.463986] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3164.465362] Call Trace:
[ 3164.465806]  dump_stack+0x107/0x167
[ 3164.466393]  should_fail.cold+0x5/0xa
[ 3164.467016]  ? create_object.isra.0+0x3a/0xa30
[ 3164.467768]  should_failslab+0x5/0x20
[ 3164.468383]  kmem_cache_alloc+0x5b/0x310
[ 3164.469050]  create_object.isra.0+0x3a/0xa30
[ 3164.469773]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3164.470602]  kmem_cache_alloc_trace+0x151/0x320
[ 3164.471364]  ? io_async_queue_proc+0x80/0x80
[ 3164.472071]  percpu_ref_init+0xd8/0x3d0
[ 3164.472734]  io_rsrc_node_switch_start.part.0+0x6a/0x250
[ 3164.473624]  io_uring_setup+0x14f6/0x2980
[ 3164.474315]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3164.475140]  ? wait_for_completion_io+0x270/0x270
[ 3164.475951]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3164.476818]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3164.477685]  do_syscall_64+0x33/0x40
[ 3164.478294]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3164.479125] RIP: 0033:0x7f4cd02cab19
[ 3164.479731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3164.482640] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3164.483904] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3164.485065] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3164.486243] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3164.487402] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3164.488557] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:28:40 executing program 0:
r0 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r0, 0x13, &(0x7f0000000100)=[r1, r1], 0x2)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x50, r2, 0x200, 0x70bd29, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x3}, @MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @remote}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x7}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8}]}, 0x50}, 0x1, 0x0, 0x0, 0x2800}, 0x4000)
r3 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x8, 0x13, r3, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r3, 0x0)

04:28:58 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
r1 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000000)='.pending_reads\x00', 0x2, 0x1)
ftruncate(r0, 0x7f)
connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x1ff, @none, 0xcc, 0x2}, 0xe)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:28:58 executing program 2:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.bfq.time_recursive\x00', 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12d0385, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x3}, 0x0, 0x0, r0, 0x0)
openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x282080, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r1, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r1, 0x0)

04:28:58 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x1000000000000000)

04:28:58 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 20)

04:28:58 executing program 7:
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x141a00, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)={0x5c, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x30, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x0, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @val={0x72, 0x6}, @void, @void}}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x5c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r4=>0x0})
r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x13, &(0x7f0000000100)=[r5, r5], 0x2)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_START_AP(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)={0x5c, r7, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x30, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x0, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @val={0x72, 0x6}, @void, @void}}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x5c}}, 0x0)
sendmsg$NL80211_CMD_GET_REG(r5, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x20, r7, 0x20, 0x70bd2c, 0x25dfdbfd, {}, [@NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x840}, 0x40000)
sendmsg$NL80211_CMD_DEL_INTERFACE(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x28, r2, 0x8, 0x70bd26, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r4}, @val={0xc, 0x99, {0x5a43, 0x71}}}}, ["", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4000040}, 0x22040081)
r9 = getpgrp(0x0)
r10 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x1000000024abc8d1}, r9, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r10, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
fallocate(r10, 0x4d, 0x401, 0x200)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r10, 0x0)

04:28:58 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 21)

04:28:58 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 57)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:28:58 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "56e85f890025a456fc74c989100000000000dd", 0x80000001, 0x3})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

[ 3181.994579] FAULT_INJECTION: forcing a failure.
[ 3181.994579] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3181.995356] FAULT_INJECTION: forcing a failure.
[ 3181.995356] name failslab, interval 1, probability 0, space 0, times 0
[ 3181.997071] CPU: 0 PID: 16203 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3182.000771] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3182.002506] Call Trace:
[ 3182.003065]  dump_stack+0x107/0x167
[ 3182.003836]  should_fail.cold+0x5/0xa
[ 3182.004649]  _copy_to_user+0x2e/0x180
[ 3182.005472]  io_uring_setup+0x11b5/0x2980
[ 3182.006355]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3182.007409]  ? wait_for_completion_io+0x270/0x270
[ 3182.008470]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3182.009584]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3182.010690]  do_syscall_64+0x33/0x40
[ 3182.011482]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3182.012551] RIP: 0033:0x7f4cd02cab19
[ 3182.013331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3182.017178] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3182.018776] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3182.020258] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3182.021752] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3182.023241] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3182.024724] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3182.026288] CPU: 1 PID: 16207 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3182.027769] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3182.029569] Call Trace:
[ 3182.030140]  dump_stack+0x107/0x167
[ 3182.030919]  should_fail.cold+0x5/0xa
[ 3182.031739]  ? __d_alloc+0x2a/0x990
[ 3182.031851] FAULT_INJECTION: forcing a failure.
[ 3182.031851] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3182.032509]  should_failslab+0x5/0x20
[ 3182.032529]  kmem_cache_alloc+0x5b/0x310
[ 3182.032561]  __d_alloc+0x2a/0x990
[ 3182.037392]  ? find_held_lock+0x2c/0x110
[ 3182.038283]  d_alloc_pseudo+0x19/0x70
[ 3182.039093]  alloc_file_pseudo+0xce/0x250
[ 3182.039979]  ? trace_hardirqs_on+0x5b/0x180
[ 3182.040896]  ? alloc_file+0x5a0/0x5a0
[ 3182.041755]  anon_inode_getfile+0xc8/0x1f0
[ 3182.042661]  io_uring_setup+0x138b/0x2980
[ 3182.043554]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3182.044639]  ? wait_for_completion_io+0x270/0x270
[ 3182.045726]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3182.046854]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3182.047950]  do_syscall_64+0x33/0x40
[ 3182.048753]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3182.049865] RIP: 0033:0x7f3b78954b19
[ 3182.050655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3182.054594] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3182.056200] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3182.057738] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3182.059257] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3182.060768] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3182.062311] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3182.063869] CPU: 0 PID: 16201 Comm: syz-executor.6 Not tainted 5.10.253 #1
[ 3182.065382] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3182.067150] Call Trace:
[ 3182.067712]  dump_stack+0x107/0x167
[ 3182.068489]  should_fail.cold+0x5/0xa
[ 3182.069306]  _copy_from_user+0x2e/0x1b0
[ 3182.070174]  move_addr_to_kernel.part.0+0x31/0x110
[ 3182.071217]  __copy_msghdr_from_user+0x3e1/0x4b0
[ 3182.072222]  ? __ia32_sys_shutdown+0x80/0x80
[ 3182.073176]  sendmsg_copy_msghdr+0xa1/0x160
[ 3182.074106]  ? do_recvmmsg+0x6d0/0x6d0
[ 3182.074932]  ? lock_chain_count+0x20/0x20
[ 3182.075821]  ? __is_insn_slot_addr+0x123/0x290
[ 3182.076796]  ? lock_downgrade+0x6d0/0x6d0
[ 3182.077691]  ? unwind_next_frame+0x13ef/0x1a90
[ 3182.078674]  io_sendmsg+0x62c/0x830
[ 3182.079462]  ? io_setup_async_msg+0x2d0/0x2d0
[ 3182.080425]  ? mark_lock+0xf5/0x2df0
[ 3182.081243]  ? stack_trace_consume_entry+0x160/0x160
[ 3182.082341]  ? lock_acquire+0x197/0x470
[ 3182.083179]  ? __lock_acquire+0xbb1/0x5b00
[ 3182.084074]  io_issue_sqe+0x3b3/0x7850
[ 3182.084898]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3182.086000]  ? SOFTIRQ_verbose+0x10/0x10
[ 3182.086850]  ? lock_chain_count+0x20/0x20
[ 3182.087721]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3182.088815]  ? io_connect+0x610/0x610
[ 3182.089602]  ? lock_acquire+0x197/0x470
[ 3182.090434]  ? find_held_lock+0x2c/0x110
[ 3182.091290]  ? __fget_files+0x2cf/0x520
[ 3182.092121]  ? lock_downgrade+0x6d0/0x6d0
[ 3182.092996]  __io_queue_sqe+0x90/0x9d0
[ 3182.093824]  ? io_issue_sqe+0x7850/0x7850
[ 3182.094688]  ? __fget_files+0x2f8/0x520
[ 3182.095536]  io_submit_sqes+0x44a8/0x8610
[ 3182.096439]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3182.097489]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3182.098497]  ? find_held_lock+0x2c/0x110
[ 3182.099352]  ? io_submit_sqes+0x8610/0x8610
[ 3182.100260]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3182.101269]  ? wait_for_completion_io+0x270/0x270
[ 3182.102295]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3182.103260]  ? vfs_write+0x354/0xb10
[ 3182.104039]  ? fput_many+0x2f/0x1a0
[ 3182.104798]  ? ksys_write+0x1a9/0x260
[ 3182.105599]  ? __ia32_sys_read+0xb0/0xb0
[ 3182.106458]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3182.107551]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3182.108630]  do_syscall_64+0x33/0x40
[ 3182.109418]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3182.110487] RIP: 0033:0x7fa49f703b19
[ 3182.111264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3182.115113] RSP: 002b:00007fa49cc79188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3182.116701] RAX: ffffffffffffffda RBX: 00007fa49f816f60 RCX: 00007fa49f703b19
[ 3182.118188] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 3182.119666] RBP: 00007fa49cc791d0 R08: 0000000000000000 R09: 0000000000000000
[ 3182.121135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3182.122615] R13: 00007fffb615a22f R14: 00007fa49cc79300 R15: 0000000000022000
04:28:58 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 21)

[ 3182.250340] FAULT_INJECTION: forcing a failure.
[ 3182.250340] name failslab, interval 1, probability 0, space 0, times 0
[ 3182.252728] CPU: 1 PID: 16217 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3182.254211] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3182.255942] Call Trace:
[ 3182.256503]  dump_stack+0x107/0x167
[ 3182.257268]  should_fail.cold+0x5/0xa
[ 3182.258098]  ? __d_alloc+0x2a/0x990
[ 3182.258860]  should_failslab+0x5/0x20
[ 3182.259654]  kmem_cache_alloc+0x5b/0x310
[ 3182.260508]  __d_alloc+0x2a/0x990
[ 3182.261232]  ? find_held_lock+0x2c/0x110
[ 3182.262108]  d_alloc_pseudo+0x19/0x70
[ 3182.262894]  alloc_file_pseudo+0xce/0x250
[ 3182.263755]  ? trace_hardirqs_on+0x5b/0x180
[ 3182.264648]  ? alloc_file+0x5a0/0x5a0
[ 3182.265502]  anon_inode_getfile+0xc8/0x1f0
[ 3182.266389]  io_uring_setup+0x138b/0x2980
[ 3182.267260]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3182.268311]  ? wait_for_completion_io+0x270/0x270
[ 3182.269337]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3182.270456]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3182.271530]  do_syscall_64+0x33/0x40
[ 3182.272298]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3182.273378] RIP: 0033:0x7f4cd02cab19
[ 3182.274170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3182.278011] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3182.279599] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3182.281090] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3182.282602] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3182.284100] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3182.285628] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:28:58 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r1=>r0, {0x4}}, './file0\x00'})
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6, 0x87, 0x3, 0x4, 0x0, 0x8, 0x6000, 0xa, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0x0, @perf_bp={&(0x7f0000000000), 0x1}, 0x10208, 0x80000001, 0x0, 0x5, 0x2, 0x4, 0xe8, 0x0, 0xfffffffb, 0x0, 0x9}, 0xffffffffffffffff, 0x5, r1, 0xa)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r2 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x1f96, &(0x7f0000000100)={0x0, 0xf795, 0x20, 0x0, 0x3d2}, &(0x7f0000234000/0x1000)=nil, &(0x7f0000234000/0x2000)=nil, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0))
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
syz_io_uring_submit(r3, 0x0, &(0x7f0000000240)=@IORING_OP_WRITE={0x17, 0x2, 0x2000, @fd_index=0x8, 0x5, &(0x7f0000000200)="316e780042c20cd445685ed8a52141eb004858a822457720349adfca6c5a4d98fe8b605dbf4e9de3c958a5a1a5d6", 0x2e, 0x8, 0x0, {0x0, r4}}, 0xfff0)

04:28:58 executing program 7:
r0 = getpgrp(0x0)
pidfd_open(r0, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, r0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r1, 0xfffff000)
syz_io_uring_setup(0x211a, &(0x7f00000002c0)={0x0, 0x3fff, 0x20, 0x1, 0x1dc}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r1, 0x0)

04:28:58 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600", 0x0, 0xfffffffc})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:28:58 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0xce, 0x39, 0xf8, 0x6, 0x0, 0xdc, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x200, 0x2, @perf_bp={&(0x7f0000000040), 0x1a}, 0x0, 0x8, 0x3, 0x7, 0x9, 0x5, 0x80, 0x0, 0x7fff, 0x0, 0x5}, 0x0, 0x4, r2, 0x8)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0)={0x0, 0x2910}, &(0x7f0000234000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000000))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
r3 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
r6 = socket$unix(0x1, 0x2, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r6, 0x80, &(0x7f0000000340)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}}, 0x0)
r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r3, 0x0)
syz_io_uring_submit(r7, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/kmemleak', 0x240101, 0x112)
r9 = mmap$IORING_OFF_CQ_RING(&(0x7f0000234000/0x4000)=nil, 0x4000, 0x8, 0x13, r2, 0x8000000)
r10 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
syz_io_uring_submit(r9, r5, &(0x7f0000000240)=@IORING_OP_MADVISE={0x19, 0x5, 0x0, 0x0, 0x0, &(0x7f0000234000/0x4000)=nil, 0x4000, 0x13, 0x1, {0x0, r10}}, 0x101)
r11 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1, {0x0, r11}}, 0x0)
syz_io_uring_submit(0x0, r5, &(0x7f00000001c0)=@IORING_OP_OPENAT={0x12, 0x3, 0x0, r8, 0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x101202, 0x31713, {0x0, r11}}, 0xff)

04:28:58 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x2000000000000000)

04:28:58 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0)={0x0, 0x0, 0x1, 0xffffffff}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x30, r1, 0x8000000)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000000)=@IORING_OP_WRITE_FIXED={0x5, 0x2, 0x2007, @fd=r0, 0x56a91eb2, 0x9, 0x1, 0x4, 0x1, {0x2}}, 0x2)

04:28:58 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
io_uring_enter(r2, 0x4b9e, 0x39e7, 0x1, &(0x7f0000000000)={[0x80]}, 0x8)
r3 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r3, 0x13, &(0x7f0000000100)=[r4, r4], 0x2)
sync_file_range(r4, 0x6, 0xab, 0x1)

04:28:58 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0x2, 0x1, 0x6, 0x9, 0x0, 0x3, 0x8, 0xc, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x3, 0x0, @perf_bp={&(0x7f0000000000), 0xb}, 0xb8, 0x9, 0x5, 0x0, 0x40, 0x20, 0x5, 0x0, 0xd14, 0x0, 0x3}, 0x0, 0x1, 0xffffffffffffffff, 0x8)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
lseek(r2, 0x100000000, 0x2)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:28:58 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x3200000000000000)

04:29:17 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 58)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:29:17 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x3f00000000000000)

04:29:17 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 22)

04:29:17 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0x8, 0xd4, 0x0, 0x6, 0x0, 0x7, 0x80048, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1ff, 0x0, @perf_bp={&(0x7f0000000000), 0x4}, 0x20, 0x1000, 0x7fff, 0x0, 0x5, 0x7, 0x3, 0x0, 0xffff, 0x0, 0xffffffffffffff51}, 0xffffffffffffffff, 0x9, r0, 0x8)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
r2 = syz_open_dev$sg(&(0x7f00000003c0), 0x1, 0x2)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)=[r2]}, 0x1)
syz_io_uring_setup(0x7658, &(0x7f00000000c0)={0x0, 0xeec1, 0x0, 0x2, 0x3ae}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000140)=<r3=>0x0, &(0x7f0000000180))
syz_io_uring_setup(0x721b, &(0x7f00000001c0)={0x0, 0x4fab, 0x0, 0x3, 0x2d7}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000000240), &(0x7f0000000280)=<r4=>0x0)
r5 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000340), 0x10b080, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000380)=@IORING_OP_FALLOCATE={0x11, 0x5, 0x0, @fd=r5, 0xc4, 0x0, 0x9, 0x0, 0x1}, 0x200)
ioctl$BTRFS_IOC_SCRUB_CANCEL(r1, 0x941c, 0x0)

04:29:17 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0)={0x0, 0xecd2, 0x5, 0x0, 0x5d}, &(0x7f0000232000/0x3000)=nil, &(0x7f0000232000/0x4000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:29:17 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0xac, 0xffffffffffffff3d}, 0x0, 0x0, 0xfffff000, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = getpgrp(0x0)
pidfd_open(r1, 0x0)
fcntl$lock(r0, 0x24, &(0x7f0000000000)={0x0, 0x2, 0x6041bb5f, 0x8, r1})
r2 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
r3 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r3, 0x13, &(0x7f0000000100)=[r4, r4], 0x2)
ppoll(&(0x7f0000000040)=[{r3, 0x48}], 0x1, &(0x7f0000000080)={0x77359400}, &(0x7f00000000c0)={[0x5]}, 0x8)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
ioctl$FS_IOC_READ_VERITY_METADATA(r2, 0xc0286687, &(0x7f0000000280)={0x2, 0x1000, 0xdd, &(0x7f0000000180)=""/221})

04:29:17 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 22)

04:29:17 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x0)
ioctl$INCFS_IOC_FILL_BLOCKS(0xffffffffffffffff, 0x80106720, &(0x7f00000006c0)={0x6, &(0x7f0000000600)=[{0x7, 0xf5, &(0x7f0000000140)="64a6c7d93f831c2fc6e990595370fca5194de30cbd317ca5270ce0b7c1942ad568b51e33dad15541de5e6c10ad0979105ffee6f9bd1ce42864151490f5a10ac90135a766c02849e0a2ec0c1ef64062d2a5af71102cb4e2173f5e94c47fa698eeb8cddb202d7168a8744ddc254fcf0943407245ec2e84c56c8883b9acdd0e7e4ecfacf5a70028150d52a108129666da5eff591442a92494ce00ff8e09a8002d3615b7ecae09b80c66c6a2eaa04c1c79ccfaf0f78e207c8c00dc7443c619c45b8e01121054688c10e417078187eef241141ee9e31a08639675e65ae391d57adf0bdb33e3c64b36c6ad68ed84b7dec100a677f9a43664", 0x1, 0x1}, {0x2, 0xe0, &(0x7f0000000240)="fcb54b9d6a513792e765fef23356988d4f9a1a7f10a4cbec36851e4ce6cb732637c4bfadf4d042084e28eebdcb60217e2b42e3535b82c2b798f72ad5a0edc5579ddf204fc1c1c3672e9fe762192714d5fde68843d12e416549e64c683d0d72657c1823be06e2008ccd82e5c7f8ff1da5342cc8c43021b082d00ab1d99c985cd5b0cd91a6137ede8c85dc3baf1c1806d5e563ccc08deded6df9f19b8de48d1e3137cc52ae385ec194f383d052afe018e10f89bef64aed41b3d31a3113300da406024ed18c386f149c2a876cb08371341de4d3ded3835d16522f4481a28786c8fe"}, {0x1, 0xa1, &(0x7f0000000340)="a05514f7056769f46e79aa46086600b9606bbc637181be17ee46a856a4c2fd643cb5cbfc70b4706a6466281973ec74ba8dbc7b9daf7dd4e01f46e03a4cf9730e2b80a1f482f9baa4607c095c0ae588b94030f69c7baa6df804256bd9fee93fa88ed1e80e59ebed065d9883944b08e000535819154e2c628794d6468b66b521193096f8bd4bcbe699c120f7584d7d1632f7768a6da6239d315e8b491a11d8829219", 0x1}, {0x1c, 0xfd, &(0x7f0000000400)="2e446fac9a0ce4ae5cc4403d559d4be519e3910ccc23413a8b7189208b0145537831324426139083dd5d718576fad38ac8ba5a0ff11cf2aba8d63b5c79193546f9e031748b70acb80aa381fc9cc9712279252a7f25f083fb7c5fd40b2068aa59617bbda85109418bf37740f95e8edadcf7bd40e5c48530b3a13758b7d252cdc8c6af137736f85956a73c375dd08ec3f152f0830a6065b59a26ec1580dc395a61464e5d6f7e7283217cafd30389be1e2372c764ecd4781e75933e170c2320a5431c8579ab227feec29775c8a2a16d50ed729826f3f84ebe19f4927231284851f456a6b21c0deee7ea0fb524ae9f945e3a5adec829e555c955b51fbafe9e", 0x0, 0x1}, {0x3, 0x73, &(0x7f0000000500)="0c58f1c4205369883d3035711b3d6254f4a8e39a35b6fa0ae24caaa01c6eced8ee7ea1cfe658f253634efe9912ba6e1e62f96a9e5498870e1acd003d74285d8941b9e307ccce0fb4230178341758c5abe905dd5bbc06a74d9e649129ae83f5affa61afb81f52bacaecf036a0a79932718d8927"}, {0x5b8, 0x59, &(0x7f0000000580)="7920d0217d8f6e584cb5c664edeb2d678516d3bde92ada87e4482203c3bec6cb380114705fd670408c3ae91687e516dc0a623d5d2e2acc8a2216fbd318959e54418be54054c8f2e9d8a06dc06e6af0461a9aac67dfc555d7d6", 0xc8373f35af86f848}]})
r0 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r0, 0x13, &(0x7f0000000100)=[r1, r1], 0x2)
r2 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r2, 0x13, &(0x7f0000000100)=[r3, r3], 0x2)
pipe(&(0x7f0000000440)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = fcntl$dupfd(r0, 0x0, r4)
ioctl$TUNGETSNDBUF(r5, 0x800454d3, &(0x7f0000000700))
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f00000004c0)={0x0, 0x0, <r6=>0x0}, &(0x7f0000000540)=0xc)
chown(&(0x7f0000000040)='./file0\x00', 0x0, r6)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x13, &(0x7f0000000100)=[0xffffffffffffffff, 0xffffffffffffffff], 0x2)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000000740)={'tunl0\x00'})
fstat(r1, &(0x7f0000000080))
r7 = socket$inet(0x2, 0xa, 0x0)
dup3(r7, 0xffffffffffffffff, 0x0)

[ 3201.626229] FAULT_INJECTION: forcing a failure.
[ 3201.626229] name failslab, interval 1, probability 0, space 0, times 0
[ 3201.628176] FAULT_INJECTION: forcing a failure.
[ 3201.628176] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3201.628800] CPU: 0 PID: 16264 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3201.631525] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3201.633303] Call Trace:
[ 3201.633887]  dump_stack+0x107/0x167
[ 3201.634679]  should_fail.cold+0x5/0xa
[ 3201.635505]  ? create_object.isra.0+0x3a/0xa30
[ 3201.636494]  should_failslab+0x5/0x20
[ 3201.637312]  kmem_cache_alloc+0x5b/0x310
[ 3201.638214]  create_object.isra.0+0x3a/0xa30
[ 3201.639159]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3201.640267]  kmem_cache_alloc+0x159/0x310
[ 3201.641185]  __d_alloc+0x2a/0x990
[ 3201.641954]  ? find_held_lock+0x2c/0x110
[ 3201.642842]  d_alloc_pseudo+0x19/0x70
[ 3201.643667]  alloc_file_pseudo+0xce/0x250
[ 3201.644558]  ? trace_hardirqs_on+0x5b/0x180
[ 3201.645481]  ? alloc_file+0x5a0/0x5a0
[ 3201.646352]  anon_inode_getfile+0xc8/0x1f0
[ 3201.647293]  io_uring_setup+0x138b/0x2980
[ 3201.648205]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3201.649288]  ? wait_for_completion_io+0x270/0x270
[ 3201.650402]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3201.651529]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3201.652645]  do_syscall_64+0x33/0x40
[ 3201.653438]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3201.654560] RIP: 0033:0x7f3b78954b19
[ 3201.655354] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3201.659306] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3201.660949] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3201.662484] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3201.664029] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3201.665567] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3201.667102] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3201.668680] CPU: 1 PID: 16267 Comm: syz-executor.6 Not tainted 5.10.253 #1
[ 3201.669494] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3201.670464] Call Trace:
[ 3201.670784]  dump_stack+0x107/0x167
[ 3201.671210]  should_fail.cold+0x5/0xa
[ 3201.671656]  _copy_from_user+0x2e/0x1b0
[ 3201.672122]  iovec_from_user+0x141/0x400
[ 3201.672604]  ? move_addr_to_kernel.part.0+0xc8/0x110
[ 3201.673195]  __import_iovec+0x67/0x590
[ 3201.673657]  ? __ia32_sys_shutdown+0x80/0x80
[ 3201.674173]  import_iovec+0x83/0xb0
[ 3201.674597]  sendmsg_copy_msghdr+0x131/0x160
[ 3201.675107]  ? do_recvmmsg+0x6d0/0x6d0
[ 3201.675561]  ? lock_chain_count+0x20/0x20
[ 3201.676042]  ? lock_downgrade+0x6d0/0x6d0
[ 3201.676527]  ? unwind_next_frame+0x13ef/0x1a90
[ 3201.677064]  io_sendmsg+0x62c/0x830
[ 3201.677490]  ? io_setup_async_msg+0x2d0/0x2d0
[ 3201.678020]  ? mark_lock+0xf5/0x2df0
[ 3201.678487]  ? __lock_acquire+0xbb1/0x5b00
[ 3201.678987]  io_issue_sqe+0x3b3/0x7850
[ 3201.679447]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3201.680051]  ? SOFTIRQ_verbose+0x10/0x10
[ 3201.680521]  ? lock_chain_count+0x20/0x20
[ 3201.681032]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3201.681657]  ? io_connect+0x610/0x610
[ 3201.682104]  ? lock_acquire+0x197/0x470
[ 3201.682560]  ? find_held_lock+0x2c/0x110
[ 3201.683050]  ? __fget_files+0x2cf/0x520
[ 3201.683513]  ? lock_downgrade+0x6d0/0x6d0
[ 3201.683996]  __io_queue_sqe+0x90/0x9d0
[ 3201.684456]  ? io_issue_sqe+0x7850/0x7850
[ 3201.684937]  ? __fget_files+0x2f8/0x520
[ 3201.685407]  io_submit_sqes+0x44a8/0x8610
[ 3201.685912]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3201.686493]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3201.687053]  ? find_held_lock+0x2c/0x110
[ 3201.687527]  ? io_submit_sqes+0x8610/0x8610
[ 3201.688034]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3201.688596]  ? wait_for_completion_io+0x270/0x270
[ 3201.689161]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3201.689706]  ? vfs_write+0x354/0xb10
[ 3201.690140]  ? fput_many+0x2f/0x1a0
[ 3201.690559]  ? ksys_write+0x1a9/0x260
[ 3201.691000]  ? __ia32_sys_read+0xb0/0xb0
[ 3201.691475]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3201.692089]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3201.692689]  do_syscall_64+0x33/0x40
[ 3201.693123]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3201.693722] RIP: 0033:0x7fa49f703b19
[ 3201.694152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3201.695350] FAULT_INJECTION: forcing a failure.
[ 3201.695350] name failslab, interval 1, probability 0, space 0, times 0
[ 3201.696257] RSP: 002b:00007fa49cc79188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3201.696270] RAX: ffffffffffffffda RBX: 00007fa49f816f60 RCX: 00007fa49f703b19
[ 3201.696277] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 3201.696283] RBP: 00007fa49cc791d0 R08: 0000000000000000 R09: 0000000000000000
[ 3201.696289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3201.696306] R13: 00007fffb615a22f R14: 00007fa49cc79300 R15: 0000000000022000
[ 3201.704470] CPU: 0 PID: 16271 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3201.705981] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3201.707767] Call Trace:
[ 3201.708347]  dump_stack+0x107/0x167
[ 3201.709145]  should_fail.cold+0x5/0xa
[ 3201.709990]  ? create_object.isra.0+0x3a/0xa30
[ 3201.710989]  should_failslab+0x5/0x20
[ 3201.711811]  kmem_cache_alloc+0x5b/0x310
[ 3201.712698]  create_object.isra.0+0x3a/0xa30
[ 3201.713647]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3201.714746]  kmem_cache_alloc+0x159/0x310
[ 3201.715653]  __d_alloc+0x2a/0x990
[ 3201.716407]  ? find_held_lock+0x2c/0x110
[ 3201.717288]  d_alloc_pseudo+0x19/0x70
[ 3201.718117]  alloc_file_pseudo+0xce/0x250
[ 3201.719007]  ? trace_hardirqs_on+0x5b/0x180
[ 3201.719931]  ? alloc_file+0x5a0/0x5a0
[ 3201.720787]  anon_inode_getfile+0xc8/0x1f0
[ 3201.721720]  io_uring_setup+0x138b/0x2980
[ 3201.722631]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3201.723721]  ? wait_for_completion_io+0x270/0x270
[ 3201.724818]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3201.725960]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3201.727080]  do_syscall_64+0x33/0x40
[ 3201.727894]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3201.728990] RIP: 0033:0x7f4cd02cab19
[ 3201.729806] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
04:29:17 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 23)

[ 3201.733755] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3201.735543] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3201.737076] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3201.738638] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3201.740219] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3201.741762] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:29:17 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 59)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:29:17 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0xc1, 0x2, 0x1, 0x7, 0x0, 0xffffffff00000000, 0x80500, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x9b1, 0x0, @perf_bp={&(0x7f0000000000), 0x2}, 0x20, 0x4, 0xe569, 0x9, 0x0, 0x9, 0x1, 0x0, 0x4, 0x0, 0xffffffff}, 0x0, 0x8, 0xffffffffffffffff, 0x2)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:29:17 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
ioctl$TIOCSCTTY(0xffffffffffffffff, 0x540e, 0x401)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)
fchdir(r1)

04:29:17 executing program 7:
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="400001008f9aed3e4a585da2ca9c695d8b71c381d3b90e667a1b584c54a58d1a7f436c2830a4903e68eadf5c6ae42a95fcd87194eef3e985fcbced3e7f2f627dda3a", @ANYRES32, @ANYBLOB="08002cbd7000fedbdf254a00000008000300020000000800030000000000080001007063690011000200303030303a30303a31302e3000000000"], 0x40}, 0x1, 0x0, 0x0, 0x88c5}, 0x20000000)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000080)={0x0, <r0=>0x0})
r1 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x5}, 0x0, 0x0, 0x10000}, r0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r1, 0x0)
r2 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r3 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000200), 0x1, 0x0)
r4 = signalfd4(r2, &(0x7f0000000240)={[0x8]}, 0x8, 0x800)
perf_event_open$cgroup(&(0x7f0000000180)={0x5, 0x80, 0xe0, 0x2, 0x9, 0x0, 0x0, 0x1, 0x4010, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x2, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x4, 0x1, @perf_bp={&(0x7f00000000c0), 0xc}, 0x40000, 0xc3ac, 0x6, 0x0, 0x1, 0x3, 0x1ff, 0x0, 0x7, 0x0, 0x80}, r3, 0x5, r4, 0x8)

04:29:17 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x4000000000000000)

[ 3201.848990] FAULT_INJECTION: forcing a failure.
[ 3201.848990] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3201.850436] CPU: 1 PID: 16291 Comm: syz-executor.6 Not tainted 5.10.253 #1
[ 3201.851227] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3201.852180] Call Trace:
[ 3201.852494]  dump_stack+0x107/0x167
[ 3201.852917]  should_fail.cold+0x5/0xa
[ 3201.853364]  _copy_from_user+0x2e/0x1b0
[ 3201.853839]  move_addr_to_kernel.part.0+0x31/0x110
[ 3201.854407]  __copy_msghdr_from_user+0x3e1/0x4b0
[ 3201.854953]  ? __ia32_sys_shutdown+0x80/0x80
[ 3201.855474]  sendmsg_copy_msghdr+0xa1/0x160
[ 3201.855971]  ? do_recvmmsg+0x6d0/0x6d0
[ 3201.856422]  ? lock_chain_count+0x20/0x20
[ 3201.856907]  ? __is_insn_slot_addr+0x123/0x290
[ 3201.857434]  ? lock_downgrade+0x6d0/0x6d0
[ 3201.857925]  ? unwind_next_frame+0x13ef/0x1a90
[ 3201.858455]  io_sendmsg+0x62c/0x830
[ 3201.858878]  ? io_setup_async_msg+0x2d0/0x2d0
[ 3201.859399]  ? mark_lock+0xf5/0x2df0
[ 3201.859843]  ? stack_trace_consume_entry+0x160/0x160
[ 3201.860436]  ? lock_acquire+0x197/0x470
[ 3201.860900]  ? __lock_acquire+0xbb1/0x5b00
[ 3201.861391]  io_issue_sqe+0x3b3/0x7850
[ 3201.861853]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3201.862461]  ? SOFTIRQ_verbose+0x10/0x10
[ 3201.862928]  ? lock_chain_count+0x20/0x20
[ 3201.863410]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3201.864017]  ? io_connect+0x610/0x610
[ 3201.864465]  ? lock_acquire+0x197/0x470
[ 3201.864928]  ? find_held_lock+0x2c/0x110
[ 3201.865403]  ? __fget_files+0x2cf/0x520
[ 3201.865874]  ? lock_downgrade+0x6d0/0x6d0
[ 3201.866354]  __io_queue_sqe+0x90/0x9d0
[ 3201.866810]  ? io_issue_sqe+0x7850/0x7850
[ 3201.867286]  ? __fget_files+0x2f8/0x520
[ 3201.867758]  io_submit_sqes+0x44a8/0x8610
[ 3201.868258]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3201.868837]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3201.869398]  ? find_held_lock+0x2c/0x110
[ 3201.869882]  ? io_submit_sqes+0x8610/0x8610
[ 3201.870384]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3201.870944]  ? wait_for_completion_io+0x270/0x270
[ 3201.871510]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3201.872047]  ? vfs_write+0x354/0xb10
[ 3201.872477]  ? fput_many+0x2f/0x1a0
[ 3201.872895]  ? ksys_write+0x1a9/0x260
[ 3201.873337]  ? __ia32_sys_read+0xb0/0xb0
[ 3201.873819]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3201.874427]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3201.875023]  do_syscall_64+0x33/0x40
[ 3201.875453]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3201.876046] RIP: 0033:0x7fa49f703b19
[ 3201.876478] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3201.878611] RSP: 002b:00007fa49cc79188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3201.879489] RAX: ffffffffffffffda RBX: 00007fa49f816f60 RCX: 00007fa49f703b19
[ 3201.880310] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 3201.881135] RBP: 00007fa49cc791d0 R08: 0000000000000000 R09: 0000000000000000
[ 3201.881972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3201.882798] R13: 00007fffb615a22f R14: 00007fa49cc79300 R15: 0000000000022000
04:29:18 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0)={0x0, 0x3}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

[ 3201.936334] FAULT_INJECTION: forcing a failure.
[ 3201.936334] name failslab, interval 1, probability 0, space 0, times 0
[ 3201.938947] CPU: 0 PID: 16302 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3201.940418] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3201.942190] Call Trace:
[ 3201.942757]  dump_stack+0x107/0x167
[ 3201.943549]  should_fail.cold+0x5/0xa
[ 3201.944367]  ? __alloc_file+0x21/0x320
[ 3201.945202]  should_failslab+0x5/0x20
[ 3201.946027]  kmem_cache_alloc+0x5b/0x310
[ 3201.946916]  __alloc_file+0x21/0x320
[ 3201.947718]  alloc_empty_file+0x6d/0x170
[ 3201.948583]  alloc_file+0x5e/0x5a0
[ 3201.949358]  alloc_file_pseudo+0x16a/0x250
[ 3201.950283]  ? alloc_file+0x5a0/0x5a0
[ 3201.951133]  anon_inode_getfile+0xc8/0x1f0
[ 3201.952057]  io_uring_setup+0x138b/0x2980
[ 3201.952951]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3201.954039]  ? wait_for_completion_io+0x270/0x270
[ 3201.955118]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3201.956231]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3201.957335]  do_syscall_64+0x33/0x40
[ 3201.958155]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3201.959251] RIP: 0033:0x7f3b78954b19
[ 3201.960041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3201.963973] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3201.965612] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3201.967125] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3201.968629] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3201.970152] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3201.971674] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:29:18 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 23)

04:29:18 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000080)={0x0, <r1=>0x0})
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r2=>r0, {0xfff}}, './file0\x00'})
perf_event_open(&(0x7f0000000000)={0x4, 0x80, 0x0, 0x6, 0x3, 0x0, 0x0, 0x5, 0x20, 0x3, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x101, 0x0, @perf_config_ext={0x8, 0x8001}, 0x40006, 0x8, 0xffffffff, 0x4, 0xd8d1, 0x2, 0x3f, 0x0, 0x7, 0x0, 0x8}, r1, 0x1, r2, 0x9)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
r3 = syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000180)='./file0/file0\x00', 0x2, 0x1, &(0x7f0000000240)=[{&(0x7f00000001c0)="b791f366439d068a2f303221653eb5bcdfee2da8a6d3f3ee5da1f0e882450aac696097136bbf5d7ae5c81bd62fba992b93cd9cd663ef2d603cca8db7d6545ff6698df84f38f2db2b640395dddb10f34f5fd7ba823abe2535d76f64d356364b1e", 0x60, 0x800}], 0x800080, &(0x7f0000000340)={[{@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@jqfmt_vfsold}], [{@fowner_lt={'fowner<', 0xee00}}, {@uid_lt={'uid<', 0xffffffffffffffff}}, {@fsname={'fsname', 0x3d, '\\-\'/%^-.-\'&\'*:/'}}, {@euid_lt={'euid<', 0xee01}}, {@hash}, {@fowner_eq={'fowner', 0x3d, 0xffffffffffffffff}}, {@subj_user={'subj_user', 0x3d, '^'}}]})
ioctl$F2FS_IOC_SET_PIN_FILE(r3, 0x4004f50d, &(0x7f0000000280)=0x1)

[ 3202.043241] FAULT_INJECTION: forcing a failure.
[ 3202.043241] name failslab, interval 1, probability 0, space 0, times 0
[ 3202.045868] CPU: 0 PID: 16315 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3202.047344] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3202.049118] Call Trace:
[ 3202.049703]  dump_stack+0x107/0x167
[ 3202.050488]  should_fail.cold+0x5/0xa
[ 3202.051311]  ? __alloc_file+0x21/0x320
[ 3202.052148]  should_failslab+0x5/0x20
[ 3202.052962]  kmem_cache_alloc+0x5b/0x310
[ 3202.053848]  __alloc_file+0x21/0x320
[ 3202.054647]  alloc_empty_file+0x6d/0x170
[ 3202.055526]  alloc_file+0x5e/0x5a0
[ 3202.056299]  alloc_file_pseudo+0x16a/0x250
[ 3202.057198]  ? alloc_file+0x5a0/0x5a0
[ 3202.058060]  anon_inode_getfile+0xc8/0x1f0
[ 3202.058981]  io_uring_setup+0x138b/0x2980
[ 3202.059888]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3202.060970]  ? wait_for_completion_io+0x270/0x270
[ 3202.062084]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3202.063206]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3202.064319]  do_syscall_64+0x33/0x40
[ 3202.065126]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3202.066229] RIP: 0033:0x7f4cd02cab19
[ 3202.067033] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3202.070938] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3202.072574] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3202.074086] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3202.075606] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3202.077143] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3202.078685] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3202.097037] loop2: detected capacity change from 0 to 4096
04:29:32 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
r1 = io_uring_setup(0x2501, &(0x7f0000000200)={0x0, 0xfc48, 0x8, 0x2, 0xffffffff})
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000140), 0x20000, 0x0)
ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000180)={'batadv_slave_0\x00'})
r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r3, r3], 0x2)
ioctl$TIOCL_GETSHIFTSTATE(r3, 0x541c, &(0x7f0000000040)={0x6, 0x40})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r4 = socket$inet(0x2, 0xa, 0x0)
dup3(r4, r0, 0x0)

04:29:32 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 24)

04:29:32 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x4800000000000000)

04:29:32 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 60)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:29:32 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 24)

04:29:32 executing program 2:
r0 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x73, 0x0, 0x0, 0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x8000}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:29:32 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x8502}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:29:32 executing program 0:
r0 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x44, r0, 0x10, 0x70bd2c, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_ADDR={0x2c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @empty}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private1={0xfc, 0x1, '\x00', 0x1}}]}]}, 0x44}}, 0x80)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r0, 0x100, 0x70bd2a, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4040}, 0xc0)
r1 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r1, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/timer_list\x00', 0x0, 0x0)
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(r2, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0x1c, 0x0, 0x300, 0x70bd25, 0x25dfdbfc, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x20048054)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r1, 0x0)

[ 3216.876411] FAULT_INJECTION: forcing a failure.
[ 3216.876411] name failslab, interval 1, probability 0, space 0, times 0
[ 3216.878063] CPU: 0 PID: 16328 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3216.879048] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3216.880198] Call Trace:
[ 3216.880576]  dump_stack+0x107/0x167
[ 3216.881087]  should_fail.cold+0x5/0xa
[ 3216.881638]  ? create_object.isra.0+0x3a/0xa30
[ 3216.882284]  should_failslab+0x5/0x20
[ 3216.882817]  kmem_cache_alloc+0x5b/0x310
[ 3216.883398]  create_object.isra.0+0x3a/0xa30
[ 3216.884017]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3216.884727]  kmem_cache_alloc+0x159/0x310
[ 3216.885317]  __alloc_file+0x21/0x320
[ 3216.885847]  alloc_empty_file+0x6d/0x170
[ 3216.886415]  alloc_file+0x5e/0x5a0
[ 3216.886915]  alloc_file_pseudo+0x16a/0x250
[ 3216.887505]  ? alloc_file+0x5a0/0x5a0
[ 3216.888075]  anon_inode_getfile+0xc8/0x1f0
[ 3216.888673]  io_uring_setup+0x138b/0x2980
[ 3216.889265]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3216.889993]  ? wait_for_completion_io+0x270/0x270
[ 3216.890707]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3216.891450]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3216.892176]  do_syscall_64+0x33/0x40
[ 3216.892697]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3216.893412] RIP: 0033:0x7f4cd02cab19
[ 3216.893949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3216.894907] FAULT_INJECTION: forcing a failure.
[ 3216.894907] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3216.896505] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3216.896522] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3216.896531] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3216.896539] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3216.896562] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3216.904257] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3216.905283] CPU: 1 PID: 16342 Comm: syz-executor.6 Not tainted 5.10.253 #1
[ 3216.907008] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3216.909065] Call Trace:
[ 3216.909722]  dump_stack+0x107/0x167
[ 3216.910617]  should_fail.cold+0x5/0xa
[ 3216.911554]  _copy_from_user+0x2e/0x1b0
[ 3216.912525]  move_addr_to_kernel.part.0+0x31/0x110
[ 3216.913725]  __copy_msghdr_from_user+0x3e1/0x4b0
[ 3216.914874]  ? __ia32_sys_shutdown+0x80/0x80
[ 3216.915954]  ? unwind_next_frame+0x13ef/0x1a90
[ 3216.917062]  sendmsg_copy_msghdr+0xa1/0x160
[ 3216.918122]  ? do_recvmmsg+0x6d0/0x6d0
[ 3216.919063]  ? __is_insn_slot_addr+0x123/0x290
[ 3216.920171]  ? lock_downgrade+0x6d0/0x6d0
[ 3216.921172]  io_sendmsg+0x62c/0x830
[ 3216.922059]  ? io_setup_async_msg+0x2d0/0x2d0
[ 3216.923136]  ? __is_insn_slot_addr+0x14c/0x290
[ 3216.924224]  ? lock_chain_count+0x20/0x20
[ 3216.925221]  ? mark_lock+0xf5/0x2df0
[ 3216.926132]  ? register_lock_class+0xbb/0x17b0
[ 3216.927225]  ? arch_stack_walk+0x99/0xf0
[ 3216.928214]  ? is_dynamic_key+0x1e0/0x1e0
[ 3216.929227]  ? __lock_acquire+0x1657/0x5b00
[ 3216.930292]  ? __lock_acquire+0xbb1/0x5b00
[ 3216.931332]  io_issue_sqe+0x3b3/0x7850
[ 3216.932281]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3216.933538]  ? SOFTIRQ_verbose+0x10/0x10
[ 3216.934515]  ? lock_chain_count+0x20/0x20
[ 3216.935517]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3216.936773]  ? io_connect+0x610/0x610
[ 3216.937717]  ? lock_acquire+0x197/0x470
[ 3216.938667]  ? find_held_lock+0x2c/0x110
[ 3216.939661]  ? __fget_files+0x2cf/0x520
[ 3216.940611]  ? lock_downgrade+0x6d0/0x6d0
[ 3216.941609]  __io_queue_sqe+0x90/0x9d0
[ 3216.942553]  ? io_issue_sqe+0x7850/0x7850
[ 3216.943529]  ? __fget_files+0x2f8/0x520
[ 3216.944493]  io_submit_sqes+0x44a8/0x8610
[ 3216.945530]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3216.946716]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3216.947859]  ? find_held_lock+0x2c/0x110
[ 3216.948832]  ? io_submit_sqes+0x8610/0x8610
[ 3216.949882]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3216.951031]  ? wait_for_completion_io+0x270/0x270
[ 3216.952183]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3216.953265]  ? vfs_write+0x354/0xb10
[ 3216.954160]  ? fput_many+0x2f/0x1a0
[ 3216.955020]  ? ksys_write+0x1a9/0x260
[ 3216.955922]  ? __ia32_sys_read+0xb0/0xb0
[ 3216.956897]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3216.958152]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3216.959386]  do_syscall_64+0x33/0x40
[ 3216.960270]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3216.961477] RIP: 0033:0x7fa49f703b19
[ 3216.962359] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3216.966675] RSP: 002b:00007fa49cc79188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3216.967513] FAULT_INJECTION: forcing a failure.
[ 3216.967513] name failslab, interval 1, probability 0, space 0, times 0
[ 3216.968475] RAX: ffffffffffffffda RBX: 00007fa49f816f60 RCX: 00007fa49f703b19
[ 3216.968489] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 3216.968506] RBP: 00007fa49cc791d0 R08: 0000000000000000 R09: 0000000000000000
[ 3216.975038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3216.976728] R13: 00007fffb615a22f R14: 00007fa49cc79300 R15: 0000000000022000
[ 3216.978456] CPU: 0 PID: 16344 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3216.979406] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3216.980534] Call Trace:
[ 3216.980894]  dump_stack+0x107/0x167
[ 3216.981390]  should_fail.cold+0x5/0xa
[ 3216.981915]  ? create_object.isra.0+0x3a/0xa30
[ 3216.982532]  should_failslab+0x5/0x20
[ 3216.983054]  kmem_cache_alloc+0x5b/0x310
[ 3216.983614]  create_object.isra.0+0x3a/0xa30
[ 3216.984217]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3216.984945]  kmem_cache_alloc+0x159/0x310
[ 3216.985526]  __alloc_file+0x21/0x320
[ 3216.986095]  alloc_empty_file+0x6d/0x170
[ 3216.986655]  alloc_file+0x5e/0x5a0
[ 3216.987151]  alloc_file_pseudo+0x16a/0x250
[ 3216.987735]  ? alloc_file+0x5a0/0x5a0
[ 3216.988267]  anon_inode_getfile+0xc8/0x1f0
[ 3216.988849]  io_uring_setup+0x138b/0x2980
[ 3216.989425]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3216.990118]  ? wait_for_completion_io+0x270/0x270
[ 3216.990803]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3216.991511]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3216.992214]  do_syscall_64+0x33/0x40
[ 3216.992725]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3216.993409] RIP: 0033:0x7f3b78954b19
[ 3216.993924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3216.996402] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3216.997429] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3216.998399] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3216.999338] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3217.000299] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3217.001253] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:29:33 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x88000, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000004, 0x110, r1, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x200000b, 0x10, r0, 0xfffff000)

04:29:33 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x8, 0x0, 0xfffffffe})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
signalfd(r2, &(0x7f0000000000)={[0x1000]}, 0x8)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:29:33 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 25)

04:29:33 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
r1 = dup2(r0, r0)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x100000c, 0x8010, r1, 0x9723000)
ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000040)={0x0, 0x1, [@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}]})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r2 = socket$inet(0x2, 0xa, 0x0)
dup3(r2, r0, 0x0)

04:29:33 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 25)

04:29:33 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000100)=<r1=>0x0)
perf_event_open(&(0x7f0000000080)={0x0, 0x80, 0x2, 0x82, 0xf8, 0x8, 0x0, 0xe9f, 0x800, 0x9, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x3, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4, 0x4, @perf_bp={&(0x7f0000000040), 0x6}, 0x25, 0xffffffff, 0x3, 0x7, 0x1ff, 0x80000001, 0x1, 0x0, 0x3, 0x0, 0xd46}, r1, 0x8, r0, 0x8)
fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000000))
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000140), 0x40, 0x0)
accept4$inet6(r2, &(0x7f0000000180)={0xa, 0x0, 0x0, @private0}, &(0x7f00000001c0)=0x1c, 0x800)
ioctl$KDGKBLED(r2, 0x4b64, &(0x7f0000000240))
openat$sr(0xffffffffffffff9c, &(0x7f0000000200), 0x101000, 0x0)

04:29:33 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x2000000, 0x100010, r1, 0x8000000)
r3 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
r6 = socket$unix(0x1, 0x2, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r6, 0x80, &(0x7f0000000340)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}}, 0x0)
r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r3, 0x0)
syz_io_uring_setup(0x1a98, &(0x7f0000000180)={0x0, 0x8bdf, 0x8, 0x0, 0x341}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f00000000c0)=<r8=>0x0, &(0x7f0000000240))
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1, {0x0, r9}}, 0x0)
syz_io_uring_submit(r8, r5, &(0x7f0000000280)=@IORING_OP_WRITE_FIXED={0x5, 0x0, 0x0, @fd_index=0x2, 0x429, 0x110b, 0x6, 0x17, 0x1, {0x3, r9}}, 0x5)
syz_io_uring_submit(r7, r5, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r10 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x200000, 0x100)
r11 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1, {0x0, r11}}, 0x0)
syz_io_uring_submit(r2, r5, &(0x7f0000000080)=@IORING_OP_OPENAT={0x12, 0x2, 0x0, r10, 0x0, &(0x7f0000000040)='./file0\x00', 0x2, 0xc4000, 0x23456, {0x0, r11}}, 0x9cd)

[ 3217.154907] FAULT_INJECTION: forcing a failure.
[ 3217.154907] name failslab, interval 1, probability 0, space 0, times 0
[ 3217.156371] CPU: 0 PID: 16363 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3217.157227] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3217.158253] Call Trace:
[ 3217.158593]  dump_stack+0x107/0x167
[ 3217.159052]  should_fail.cold+0x5/0xa
[ 3217.159527]  ? security_file_alloc+0x34/0x170
[ 3217.160085]  should_failslab+0x5/0x20
[ 3217.160566]  kmem_cache_alloc+0x5b/0x310
[ 3217.161082]  security_file_alloc+0x34/0x170
[ 3217.161623]  __alloc_file+0xb7/0x320
[ 3217.162198]  alloc_empty_file+0x6d/0x170
[ 3217.162712]  alloc_file+0x5e/0x5a0
[ 3217.163249]  alloc_file_pseudo+0x16a/0x250
[ 3217.163779]  ? alloc_file+0x5a0/0x5a0
[ 3217.164373]  anon_inode_getfile+0xc8/0x1f0
[ 3217.165019]  io_uring_setup+0x138b/0x2980
[ 3217.165651]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3217.166410]  ? wait_for_completion_io+0x270/0x270
[ 3217.167175]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3217.167966]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3217.168742]  do_syscall_64+0x33/0x40
[ 3217.169297]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3217.170068] RIP: 0033:0x7f4cd02cab19
[ 3217.170623] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3217.173325] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3217.174439] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3217.175490] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3217.176536] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3217.177581] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3217.178641] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:29:33 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x4c00000000000000)

[ 3217.208749] FAULT_INJECTION: forcing a failure.
[ 3217.208749] name failslab, interval 1, probability 0, space 0, times 0
[ 3217.210155] CPU: 0 PID: 16369 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3217.210992] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3217.211976] Call Trace:
[ 3217.212305]  dump_stack+0x107/0x167
[ 3217.212752]  should_fail.cold+0x5/0xa
[ 3217.213215]  ? security_file_alloc+0x34/0x170
[ 3217.213767]  should_failslab+0x5/0x20
[ 3217.214231]  kmem_cache_alloc+0x5b/0x310
[ 3217.214830]  security_file_alloc+0x34/0x170
[ 3217.215397]  __alloc_file+0xb7/0x320
[ 3217.215940]  alloc_empty_file+0x6d/0x170
[ 3217.216441]  alloc_file+0x5e/0x5a0
[ 3217.216958]  alloc_file_pseudo+0x16a/0x250
[ 3217.217475]  ? alloc_file+0x5a0/0x5a0
[ 3217.218066]  anon_inode_getfile+0xc8/0x1f0
[ 3217.218689]  io_uring_setup+0x138b/0x2980
[ 3217.219302]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3217.220031]  ? wait_for_completion_io+0x270/0x270
[ 3217.220774]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3217.221535]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3217.222297]  do_syscall_64+0x33/0x40
[ 3217.222836]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3217.223570] RIP: 0033:0x7f3b78954b19
[ 3217.224113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3217.226751] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3217.227845] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3217.228860] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3217.229891] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3217.230902] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3217.231921] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3232.763487] FAULT_INJECTION: forcing a failure.
[ 3232.763487] name failslab, interval 1, probability 0, space 0, times 0
[ 3232.765168] CPU: 1 PID: 16393 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3232.766191] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3232.767414] Call Trace:
[ 3232.767809]  dump_stack+0x107/0x167
[ 3232.768340]  should_fail.cold+0x5/0xa
[ 3232.768918]  ? create_object.isra.0+0x3a/0xa30
[ 3232.769593]  should_failslab+0x5/0x20
[ 3232.770161]  kmem_cache_alloc+0x5b/0x310
[ 3232.770756]  ? percpu_ref_put_many.constprop.0+0x4e/0x110
[ 3232.771552]  create_object.isra.0+0x3a/0xa30
[ 3232.772025] FAULT_INJECTION: forcing a failure.
[ 3232.772025] name failslab, interval 1, probability 0, space 0, times 0
[ 3232.772191]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3232.772212]  kmem_cache_alloc+0x159/0x310
[ 3232.775970]  security_file_alloc+0x34/0x170
[ 3232.776605]  __alloc_file+0xb7/0x320
[ 3232.777147]  alloc_empty_file+0x6d/0x170
[ 3232.777740]  alloc_file+0x5e/0x5a0
[ 3232.778268]  alloc_file_pseudo+0x16a/0x250
[ 3232.778884]  ? alloc_file+0x5a0/0x5a0
[ 3232.779456]  anon_inode_getfile+0xc8/0x1f0
[ 3232.780078]  io_uring_setup+0x138b/0x2980
[ 3232.780688]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3232.781468]  ? wait_for_completion_io+0x270/0x270
[ 3232.782199]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3232.782967]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3232.783730]  do_syscall_64+0x33/0x40
[ 3232.784279]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3232.785028] RIP: 0033:0x7f4cd02cab19
[ 3232.785566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3232.788220] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3232.789331] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3232.790377] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3232.791420] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3232.792444] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3232.793474] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3232.794541] CPU: 0 PID: 16387 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3232.796063] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3232.797878] Call Trace:
[ 3232.798459]  dump_stack+0x107/0x167
[ 3232.799266]  should_fail.cold+0x5/0xa
[ 3232.800104]  ? create_object.isra.0+0x3a/0xa30
[ 3232.801121]  should_failslab+0x5/0x20
[ 3232.801962]  kmem_cache_alloc+0x5b/0x310
[ 3232.802857]  ? percpu_ref_put_many.constprop.0+0x4e/0x110
[ 3232.804063]  create_object.isra.0+0x3a/0xa30
[ 3232.805030]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3232.805921] FAULT_INJECTION: forcing a failure.
[ 3232.805921] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3232.806161]  kmem_cache_alloc+0x159/0x310
[ 3232.806198]  security_file_alloc+0x34/0x170
[ 3232.809585]  __alloc_file+0xb7/0x320
[ 3232.810411]  alloc_empty_file+0x6d/0x170
[ 3232.811295]  alloc_file+0x5e/0x5a0
[ 3232.812074]  alloc_file_pseudo+0x16a/0x250
[ 3232.812989]  ? alloc_file+0x5a0/0x5a0
[ 3232.813858]  anon_inode_getfile+0xc8/0x1f0
[ 3232.814791]  io_uring_setup+0x138b/0x2980
[ 3232.815708]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3232.816798]  ? wait_for_completion_io+0x270/0x270
[ 3232.817896]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3232.819023]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3232.820149]  do_syscall_64+0x33/0x40
[ 3232.820958]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3232.822067] RIP: 0033:0x7f3b78954b19
[ 3232.822872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3232.826807] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3232.828439] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3232.829970] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3232.831514] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3232.833067] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3232.834632] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3232.836243] CPU: 1 PID: 16390 Comm: syz-executor.6 Not tainted 5.10.253 #1
[ 3232.837270] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3232.838499] Call Trace:
[ 3232.838875]  dump_stack+0x107/0x167
[ 3232.839413]  should_fail.cold+0x5/0xa
[ 3232.839979]  _copy_from_user+0x2e/0x1b0
04:29:48 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$vcsu(&(0x7f0000000000), 0xff, 0x8a001)
preadv(r1, &(0x7f0000000140)=[{&(0x7f0000000040)=""/94, 0x5e}, {&(0x7f00000000c0)=""/106, 0x6a}], 0x2, 0x5, 0x1)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2000004, 0x2010, r1, 0x8000000)
r3 = ioctl$TUNGETDEVNETNS(r1, 0x54e3, 0x0)
syz_io_uring_submit(r2, 0x0, &(0x7f00000001c0)=@IORING_OP_WRITE={0x17, 0x7, 0x4003, @fd=r3, 0xffff, &(0x7f0000000180)="4f1fe6a7422d", 0x6, 0x9, 0x1}, 0x9)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:29:48 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0)={0x0, 0x0, 0x12, 0x1}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:29:48 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
r2 = dup3(r1, r0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r2, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r3=>r1, {0xd21}}, './file0\x00'})
connect$inet(r3, &(0x7f00000000c0)={0x2, 0x4e23, @multicast1}, 0x10)
connect$inet(r3, &(0x7f0000000100)={0x2, 0x0, @multicast2}, 0x10)

04:29:48 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 26)

04:29:48 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 61)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:29:48 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(0xffffffffffffffff, 0x4008240b, &(0x7f0000000040)={0x4, 0x80, 0x6, 0x0, 0x4, 0x1f, 0x0, 0x8, 0x2, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x200, 0x0, @perf_bp={&(0x7f0000000000), 0xc}, 0x0, 0xffffffff80000000, 0x1, 0x6, 0x1, 0x9, 0x3, 0x0, 0xc8ca, 0x0, 0x3f})
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:29:48 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 26)

[ 3232.840571]  move_addr_to_kernel.part.0+0x31/0x110
04:29:48 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x6800000000000000)

[ 3232.841508]  __copy_msghdr_from_user+0x3e1/0x4b0
[ 3232.842329]  ? __ia32_sys_shutdown+0x80/0x80
[ 3232.842982]  ? __sock_sendmsg+0x55/0x190
[ 3232.843579]  ? ____sys_sendmsg+0x426/0x870
[ 3232.844201]  sendmsg_copy_msghdr+0xa1/0x160
[ 3232.844833]  ? do_recvmmsg+0x6d0/0x6d0
[ 3232.845403]  ? lock_chain_count+0x20/0x20
[ 3232.846027]  ? lock_downgrade+0x6d0/0x6d0
[ 3232.846648]  io_sendmsg+0x62c/0x830
[ 3232.847224]  ? io_setup_async_msg+0x2d0/0x2d0
[ 3232.847891]  ? mark_lock+0xf5/0x2df0
[ 3232.848470]  ? __lock_acquire+0xbb1/0x5b00
[ 3232.849096]  io_issue_sqe+0x3b3/0x7850
[ 3232.849678]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3232.850456]  ? SOFTIRQ_verbose+0x10/0x10
[ 3232.851051]  ? lock_chain_count+0x20/0x20
[ 3232.851661]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3232.852425]  ? io_connect+0x610/0x610
[ 3232.852984]  ? lock_acquire+0x197/0x470
[ 3232.853563]  ? find_held_lock+0x2c/0x110
[ 3232.854166]  ? __fget_files+0x2cf/0x520
[ 3232.854743]  ? lock_downgrade+0x6d0/0x6d0
[ 3232.855351]  __io_queue_sqe+0x90/0x9d0
[ 3232.855925]  ? io_issue_sqe+0x7850/0x7850
[ 3232.856526]  ? __fget_files+0x2f8/0x520
[ 3232.857119]  io_submit_sqes+0x44a8/0x8610
[ 3232.857752]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3232.858488]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3232.859195]  ? find_held_lock+0x2c/0x110
[ 3232.859796]  ? io_submit_sqes+0x8610/0x8610
[ 3232.860434]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3232.861138]  ? wait_for_completion_io+0x270/0x270
[ 3232.861847]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3232.862521]  ? vfs_write+0x354/0xb10
[ 3232.863064]  ? fput_many+0x2f/0x1a0
[ 3232.863591]  ? ksys_write+0x1a9/0x260
[ 3232.864142]  ? __ia32_sys_read+0xb0/0xb0
[ 3232.864741]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3232.865506]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3232.866266]  do_syscall_64+0x33/0x40
[ 3232.866812]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3232.867566] RIP: 0033:0x7fa49f703b19
[ 3232.868107] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
04:29:48 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 27)

[ 3232.870795] RSP: 002b:00007fa49cc79188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3232.872074] RAX: ffffffffffffffda RBX: 00007fa49f816f60 RCX: 00007fa49f703b19
[ 3232.873103] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 3232.874141] RBP: 00007fa49cc791d0 R08: 0000000000000000 R09: 0000000000000000
[ 3232.875175] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3232.876205] R13: 00007fffb615a22f R14: 00007fa49cc79300 R15: 0000000000022000
04:29:49 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x6c00000000000000)

[ 3232.979815] FAULT_INJECTION: forcing a failure.
[ 3232.979815] name failslab, interval 1, probability 0, space 0, times 0
[ 3232.981432] CPU: 1 PID: 16414 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3232.982359] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3232.983467] Call Trace:
[ 3232.983834]  dump_stack+0x107/0x167
[ 3232.984325]  should_fail.cold+0x5/0xa
[ 3232.984846]  ? io_uring_alloc_task_context+0x99/0x6a0
[ 3232.985527]  should_failslab+0x5/0x20
[ 3232.986044]  kmem_cache_alloc_trace+0x55/0x320
[ 3232.986656]  io_uring_alloc_task_context+0x99/0x6a0
[ 3232.987314]  ? io_import_iovec+0x1120/0x1120
[ 3232.987901]  ? lock_downgrade+0x6d0/0x6d0
[ 3232.988448]  ? do_raw_spin_lock+0x121/0x260
[ 3232.989030]  ? rwlock_bug.part.0+0x90/0x90
[ 3232.989593]  __io_uring_add_tctx_node+0x2c6/0x520
[ 3232.990237]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3232.990931]  ? alloc_fd+0x2e7/0x670
[ 3232.991421]  io_uring_setup+0x1fbb/0x2980
[ 3232.991985]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3232.992661]  ? wait_for_completion_io+0x270/0x270
[ 3232.993319]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3232.994036]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3232.994721]  do_syscall_64+0x33/0x40
[ 3232.995222]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3232.995897] RIP: 0033:0x7f3b78954b19
[ 3232.996400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3232.998846] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3232.999852] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3233.000810] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3233.001755] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3233.002705] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3233.003641] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:29:49 executing program 3:
r0 = msgget$private(0x0, 0x620)
msgrcv(r0, &(0x7f00000000c0)={0x0, ""/170}, 0xb2, 0x2, 0x1000)
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r1, 0x400454cd, 0x0)
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000200)={0x0, 0x6, 0x0, [0x80000000, 0x9, 0x8, 0x400, 0x6], [0x52ce, 0x8, 0x800, 0x80, 0x781, 0x6, 0x8, 0x7c68, 0x40000, 0x8, 0x400, 0x100000000, 0x8, 0x4, 0x4, 0x4, 0x4, 0x6, 0x8a, 0x10001, 0x6, 0x5a2, 0x5, 0xf15, 0x6, 0x9, 0x9, 0x80, 0x18e3, 0xb, 0x23, 0x6c7, 0x0, 0x1, 0x0, 0x8, 0x2f8, 0x7, 0x80000000, 0x6, 0xfffffffffffffffd, 0xffffffffffffffc1, 0x1, 0x7fff, 0x5, 0x2, 0x1000, 0x7, 0x2, 0x400, 0x401, 0x8, 0x5, 0x1d, 0x1, 0x101, 0x3, 0x7fffffff, 0x7fffffff, 0x4, 0x2, 0x8000, 0x7ff, 0x9, 0xfffffffffffffffd, 0xf76, 0x8, 0x0, 0x2, 0xfffffffffffffffb, 0x9, 0x8, 0x7, 0x9, 0x80000000, 0x5, 0xbb, 0x6, 0x1, 0xf17, 0x1, 0x2, 0x7, 0x100000001, 0x3ff, 0x7, 0x8e86, 0x1073, 0x8, 0x6, 0x6, 0xfff, 0x4, 0x3, 0x100000001, 0x4, 0x401, 0x3, 0x20008f, 0x3, 0xfffffffffffffffb, 0x27, 0x10001, 0x0, 0xfcc, 0x8, 0xfffffffffffffffd, 0x1, 0x400, 0x8, 0x1, 0x3, 0x3, 0x7, 0x0, 0x4, 0x401, 0x0, 0x7, 0x100000001, 0x9]})
ioctl$FS_IOC_GETFLAGS(r1, 0x80086601, &(0x7f0000000040))
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r2=>r1, {r1}}, './file0\x00'})
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r2, 0x6612)
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000080)={'xfrm0\x00'})
r3 = socket$inet(0x2, 0xa, 0x0)
dup3(r3, r1, 0x0)

04:29:49 executing program 2:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x20, 0x6, 0x0, 0xff, 0x0, 0x0, 0x110, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x10000, 0x0, @perf_bp={&(0x7f0000000000), 0xc}, 0x50540, 0x7f, 0xb5, 0x6, 0x9, 0x5, 0x8, 0x0, 0x7f}, 0xffffffffffffffff, 0xd, r0, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
write(r2, &(0x7f00000000c0)="7f2e8307924a355cf7e0ad22221cc9a6c3cc9e1b114650d86427c3855ee667dc51f0103b0bf1b1540d86c6e686d00a2b3115946a5d17f2e4d73129a61263ea020a01cd7019baf2339d8a95201336020787f48c8d476c357f67cec24cad263edce1802b6bbc767db8c8fa93444cdef65bae13a028f2a7b1b4c5e2c89d68572908f2017137c2c23fcfd63d9bfa1f59395a65b79113eefb466c7147b070d6ea89e095a7d393249aec7ff67c6878d2fff5a6e8c7463e49af82e19b9a8abdf4222dc605e548eccaa68135ab", 0xc9)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:29:49 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 62)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:29:49 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_ASYNC_CANCEL={0xe, 0x1, 0x0, 0x0, 0x0, 0x23456, 0x0, 0x0, 0x1, {0x0, r1}}, 0x4)
getsockopt$IP_VS_SO_GET_DESTS(0xffffffffffffffff, 0x0, 0x484, &(0x7f0000000340)=""/4096, &(0x7f0000000000)=0x1000)
r2 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
r3 = fcntl$dupfd(r0, 0x605, r2)
r4 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r4, 0x13, &(0x7f0000000100)=[r5, r5], 0x2)
pread64(r5, &(0x7f0000000180)=""/222, 0xde, 0xa8af)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x4, 0x1, 0x1, 0x9, 0x0, 0xfffffffffffffffe, 0x10000, 0x3, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={&(0x7f0000001340), 0x2}, 0x490c1, 0x4, 0xffff76cb, 0x6, 0x7, 0x9, 0x6, 0x0, 0xfffffffe, 0x0, 0x48}, 0x0, 0x2, r3, 0x3)

04:29:49 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 27)

[ 3233.072492] FAULT_INJECTION: forcing a failure.
[ 3233.072492] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3233.074216] CPU: 1 PID: 16421 Comm: syz-executor.6 Not tainted 5.10.253 #1
[ 3233.075126] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3233.075912] FAULT_INJECTION: forcing a failure.
[ 3233.075912] name failslab, interval 1, probability 0, space 0, times 0
[ 3233.076201] Call Trace:
[ 3233.076221]  dump_stack+0x107/0x167
[ 3233.076236]  should_fail.cold+0x5/0xa
[ 3233.076257]  _copy_from_iter_full+0x319/0xa60
[ 3233.079884]  rawv6_sendmsg+0x210a/0x3b90
[ 3233.080417]  ? rawv6_bind+0xa70/0xa70
[ 3233.080910]  ? asm_sysvec_apic_timer_interrupt+0x12/0x20
[ 3233.081616]  ? trace_hardirqs_on+0x5b/0x180
[ 3233.082188]  ? lock_acquire+0x197/0x470
[ 3233.082685]  ? find_held_lock+0x2c/0x110
[ 3233.083205]  ? __might_fault+0xd3/0x180
[ 3233.083707]  ? lock_downgrade+0x6d0/0x6d0
[ 3233.084227]  ? lock_downgrade+0x6d0/0x6d0
[ 3233.084751]  ? sock_has_perm+0x1ea/0x280
[ 3233.085273]  ? selinux_socket_post_create+0x7f0/0x7f0
[ 3233.085952]  ? iovec_from_user+0x104/0x400
[ 3233.086498]  ? move_addr_to_kernel.part.0+0xc8/0x110
[ 3233.087157]  ? rawv6_bind+0xa70/0xa70
[ 3233.087658]  inet_sendmsg+0x11d/0x140
[ 3233.088141]  ? inet_send_prepare+0x540/0x540
[ 3233.088701]  __sock_sendmsg+0x13c/0x190
[ 3233.089206]  ____sys_sendmsg+0x70d/0x870
[ 3233.089723]  ? sock_write_iter+0x3d0/0x3d0
[ 3233.090266]  ? sendmsg_copy_msghdr+0xba/0x160
[ 3233.090825]  ? do_recvmmsg+0x6d0/0x6d0
[ 3233.091314]  ? lock_chain_count+0x20/0x20
[ 3233.091832]  ? lock_downgrade+0x6d0/0x6d0
[ 3233.092359]  __sys_sendmsg_sock+0x26/0x40
[ 3233.092878]  io_sendmsg+0x1e6/0x830
[ 3233.093336]  ? io_setup_async_msg+0x2d0/0x2d0
[ 3233.093943]  ? __lock_acquire+0xbb1/0x5b00
[ 3233.094479]  io_issue_sqe+0x3b3/0x7850
[ 3233.094972]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3233.095626]  ? SOFTIRQ_verbose+0x10/0x10
[ 3233.096141]  ? lock_chain_count+0x20/0x20
[ 3233.096673]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3233.097339]  ? io_connect+0x610/0x610
[ 3233.097829]  ? lock_acquire+0x197/0x470
[ 3233.098332]  ? find_held_lock+0x2c/0x110
[ 3233.098842]  ? __fget_files+0x2cf/0x520
[ 3233.099343]  ? lock_downgrade+0x6d0/0x6d0
[ 3233.099866]  __io_queue_sqe+0x90/0x9d0
[ 3233.100370]  ? io_issue_sqe+0x7850/0x7850
[ 3233.100885]  ? __fget_files+0x2f8/0x520
[ 3233.101403]  io_submit_sqes+0x44a8/0x8610
[ 3233.101948]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3233.102578]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3233.103182]  ? find_held_lock+0x2c/0x110
[ 3233.103702]  ? io_submit_sqes+0x8610/0x8610
[ 3233.104247]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3233.104860]  ? wait_for_completion_io+0x270/0x270
[ 3233.105472]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3233.106055]  ? vfs_write+0x354/0xb10
[ 3233.106517]  ? fput_many+0x2f/0x1a0
[ 3233.106964]  ? ksys_write+0x1a9/0x260
[ 3233.107440]  ? __ia32_sys_read+0xb0/0xb0
[ 3233.107945]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3233.108596]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3233.109234]  do_syscall_64+0x33/0x40
[ 3233.109697]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3233.110349] RIP: 0033:0x7fa49f703b19
[ 3233.110810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3233.113088] RSP: 002b:00007fa49cc79188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3233.114035] RAX: ffffffffffffffda RBX: 00007fa49f816f60 RCX: 00007fa49f703b19
[ 3233.114915] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 3233.115793] RBP: 00007fa49cc791d0 R08: 0000000000000000 R09: 0000000000000000
[ 3233.116671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3233.117552] R13: 00007fffb615a22f R14: 00007fa49cc79300 R15: 0000000000022000
[ 3233.118469] CPU: 0 PID: 16426 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3233.119615] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3233.120941] Call Trace:
[ 3233.121378]  dump_stack+0x107/0x167
[ 3233.121976]  should_fail.cold+0x5/0xa
[ 3233.122593]  ? io_uring_alloc_task_context+0x99/0x6a0
[ 3233.123425]  should_failslab+0x5/0x20
[ 3233.124040]  kmem_cache_alloc_trace+0x55/0x320
[ 3233.124786]  io_uring_alloc_task_context+0x99/0x6a0
[ 3233.125597]  ? io_import_iovec+0x1120/0x1120
[ 3233.126291]  ? lock_downgrade+0x6d0/0x6d0
[ 3233.126955]  ? do_raw_spin_lock+0x121/0x260
[ 3233.127653]  ? rwlock_bug.part.0+0x90/0x90
[ 3233.128348]  __io_uring_add_tctx_node+0x2c6/0x520
[ 3233.129136]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3233.130003]  ? alloc_fd+0x2e7/0x670
[ 3233.130607]  io_uring_setup+0x1fbb/0x2980
[ 3233.131286]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3233.132102]  ? wait_for_completion_io+0x270/0x270
[ 3233.132910]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3233.133753]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3233.134614]  do_syscall_64+0x33/0x40
[ 3233.135220]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3233.136053] RIP: 0033:0x7f4cd02cab19
[ 3233.136639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3233.139591] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3233.140818] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3233.141972] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3233.143121] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3233.144273] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3233.145410] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:29:49 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r3, 0x13, &(0x7f0000000100)=[r4, r4], 0x2)
socket$nl_route(0x10, 0x3, 0x0)
r5 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r5, 0x13, &(0x7f0000000100)=[r6, r6], 0x2)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r3, r6], 0x2)
getsockopt$inet6_opts(r2, 0x29, 0x36, &(0x7f0000000000)=""/178, &(0x7f00000000c0)=0xb2)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:30:05 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 28)

04:30:05 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
r2 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r2, 0x13, &(0x7f0000000100)=[r3, r3], 0x2)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
dup3(r1, r0, 0x0)

04:30:05 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 63)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:30:05 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
r1 = openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0)
pread64(r1, &(0x7f0000000040)=""/136, 0x88, 0x3)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:30:05 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
ioctl$TIOCGPTLCK(r1, 0x80045439, &(0x7f00000000c0))
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r2=>r0, {0x3}}, './file0\x00'})
ioctl$FIONREAD(r2, 0x541b, &(0x7f0000000180))
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r3 = socket$inet(0x2, 0xa, 0x0)
r4 = io_uring_setup(0x2501, &(0x7f0000000200)={0x0, 0xffffffff, 0x1, 0x0, 0x20})
r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r4, 0x13, &(0x7f0000000100)=[r5, r5], 0x2)
ioctl$TUNSETQUEUE(r5, 0x400454d9, &(0x7f0000000140)={'netpci0\x00'})
dup3(r3, r0, 0x0)

04:30:05 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 28)

04:30:05 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x7400000000000000)

04:30:05 executing program 0:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r1=>0x0, <r2=>0x0})
setreuid(0x0, r1)
fchownat(r0, &(0x7f0000000040)='./file0\x00', r1, 0xee01, 0x400)
r3 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r3, 0x0)
r4 = fsmount(r0, 0x0, 0x80)
syz_io_uring_setup(0x34c5, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x228, 0x0, r4}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000080))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r3, 0x0)
syz_io_uring_setup(0x6056, &(0x7f00000000c0)={0x0, 0xa385, 0x8, 0x0, 0x2d0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000140)=<r5=>0x0, &(0x7f0000000180))
r6 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r7=>0x0, &(0x7f0000000140)=<r8=>0x0)
r9 = socket$unix(0x1, 0x2, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r9, 0x80, &(0x7f0000000340)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}}, 0x0)
r10 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r6, 0x0)
syz_io_uring_submit(r10, r8, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
getsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f00000003c0)={{{@in6=@remote, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in6=@remote}}}, &(0x7f0000000240)=0xe8)
keyctl$chown(0x4, 0x0, r11, r2)
syz_io_uring_submit(r5, r8, &(0x7f00000001c0)=@IORING_OP_ASYNC_CANCEL={0xe, 0x2, 0x0, 0x0, 0x0, 0x23456}, 0x100)

[ 3249.316047] FAULT_INJECTION: forcing a failure.
[ 3249.316047] name failslab, interval 1, probability 0, space 0, times 0
[ 3249.318848] CPU: 1 PID: 16464 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3249.318860] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3249.318871] Call Trace:
[ 3249.318898]  dump_stack+0x107/0x167
[ 3249.318922]  should_fail.cold+0x5/0xa
[ 3249.318945]  ? create_object.isra.0+0x3a/0xa30
[ 3249.318964]  should_failslab+0x5/0x20
[ 3249.318984]  kmem_cache_alloc+0x5b/0x310
[ 3249.319011]  create_object.isra.0+0x3a/0xa30
[ 3249.319028]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3249.319055]  kmem_cache_alloc_trace+0x151/0x320
[ 3249.319084]  io_uring_alloc_task_context+0x99/0x6a0
[ 3249.319106]  ? io_import_iovec+0x1120/0x1120
[ 3249.319128]  ? lock_downgrade+0x6d0/0x6d0
[ 3249.319146]  ? do_raw_spin_lock+0x121/0x260
[ 3249.319164]  ? rwlock_bug.part.0+0x90/0x90
[ 3249.319190]  __io_uring_add_tctx_node+0x2c6/0x520
[ 3249.319212]  ? io_uring_alloc_task_context+0x6a0/0x6a0
04:30:05 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 29)

[ 3249.319229]  ? alloc_fd+0x2e7/0x670
[ 3249.319262]  io_uring_setup+0x1fbb/0x2980
[ 3249.319291]  ? __do_sys_io_uring_enter+0x1890/0x1890
04:30:05 executing program 7:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
openat(r2, &(0x7f0000000000)='./file0\x00', 0x141400, 0x2)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

[ 3249.319309]  ? wait_for_completion_io+0x270/0x270
[ 3249.319353]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3249.319375]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3249.319405]  do_syscall_64+0x33/0x40
[ 3249.319426]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
04:30:05 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 29)

[ 3249.319439] RIP: 0033:0x7f3b78954b19
[ 3249.319457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3249.319468] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3249.319489] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3249.319501] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3249.319512] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3249.319524] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3249.319535] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3249.326152] FAULT_INJECTION: forcing a failure.
[ 3249.326152] name failslab, interval 1, probability 0, space 0, times 0
[ 3249.326172] CPU: 1 PID: 16462 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3249.326182] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3249.326188] Call Trace:
[ 3249.326210]  dump_stack+0x107/0x167
[ 3249.326233]  should_fail.cold+0x5/0xa
[ 3249.326254]  ? create_object.isra.0+0x3a/0xa30
[ 3249.326272]  should_failslab+0x5/0x20
[ 3249.326291]  kmem_cache_alloc+0x5b/0x310
[ 3249.326317]  create_object.isra.0+0x3a/0xa30
[ 3249.326334]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3249.326361]  kmem_cache_alloc_trace+0x151/0x320
[ 3249.326389]  io_uring_alloc_task_context+0x99/0x6a0
[ 3249.326417]  ? io_import_iovec+0x1120/0x1120
[ 3249.326439]  ? lock_downgrade+0x6d0/0x6d0
[ 3249.326456]  ? do_raw_spin_lock+0x121/0x260
[ 3249.326475]  ? rwlock_bug.part.0+0x90/0x90
[ 3249.326501]  __io_uring_add_tctx_node+0x2c6/0x520
[ 3249.326523]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3249.326541]  ? alloc_fd+0x2e7/0x670
[ 3249.326573]  io_uring_setup+0x1fbb/0x2980
[ 3249.326603]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3249.326620]  ? wait_for_completion_io+0x270/0x270
[ 3249.326665]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3249.326687]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3249.326711]  do_syscall_64+0x33/0x40
[ 3249.326732]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3249.326745] RIP: 0033:0x7f4cd02cab19
[ 3249.326763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3249.326775] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3249.326796] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3249.326808] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3249.326820] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3249.326832] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3249.326843] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3249.336696] FAULT_INJECTION: forcing a failure.
[ 3249.336696] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3249.336716] CPU: 1 PID: 16460 Comm: syz-executor.6 Not tainted 5.10.253 #1
[ 3249.336726] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3249.336733] Call Trace:
[ 3249.336754]  dump_stack+0x107/0x167
[ 3249.336778]  should_fail.cold+0x5/0xa
[ 3249.336805]  _copy_from_user+0x2e/0x1b0
[ 3249.336834]  move_addr_to_kernel.part.0+0x31/0x110
[ 3249.336856]  __copy_msghdr_from_user+0x3e1/0x4b0
[ 3249.336876]  ? __ia32_sys_shutdown+0x80/0x80
[ 3249.336908]  ? unwind_next_frame+0x13ef/0x1a90
[ 3249.336937]  sendmsg_copy_msghdr+0xa1/0x160
[ 3249.336955]  ? do_recvmmsg+0x6d0/0x6d0
[ 3249.336988]  ? __is_insn_slot_addr+0x123/0x290
[ 3249.337009]  ? lock_downgrade+0x6d0/0x6d0
[ 3249.337039]  io_sendmsg+0x62c/0x830
[ 3249.337062]  ? io_setup_async_msg+0x2d0/0x2d0
[ 3249.337084]  ? __is_insn_slot_addr+0x14c/0x290
[ 3249.337104]  ? lock_chain_count+0x20/0x20
[ 3249.337128]  ? mark_lock+0xf5/0x2df0
[ 3249.337148]  ? register_lock_class+0xbb/0x17b0
[ 3249.337167]  ? arch_stack_walk+0x99/0xf0
[ 3249.337194]  ? is_dynamic_key+0x1e0/0x1e0
[ 3249.337234]  ? __lock_acquire+0x1657/0x5b00
[ 3249.337266]  ? __lock_acquire+0xbb1/0x5b00
[ 3249.337293]  io_issue_sqe+0x3b3/0x7850
[ 3249.337325]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3249.337344]  ? SOFTIRQ_verbose+0x10/0x10
[ 3249.337362]  ? lock_chain_count+0x20/0x20
[ 3249.337387]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3249.337407]  ? io_connect+0x610/0x610
[ 3249.337434]  ? lock_acquire+0x197/0x470
[ 3249.337452]  ? find_held_lock+0x2c/0x110
[ 3249.337479]  ? __fget_files+0x2cf/0x520
[ 3249.337500]  ? lock_downgrade+0x6d0/0x6d0
[ 3249.337526]  __io_queue_sqe+0x90/0x9d0
[ 3249.337555]  ? io_issue_sqe+0x7850/0x7850
[ 3249.337572]  ? __fget_files+0x2f8/0x520
[ 3249.337611]  io_submit_sqes+0x44a8/0x8610
[ 3249.337665]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3249.337684]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3249.337709]  ? find_held_lock+0x2c/0x110
[ 3249.337736]  ? io_submit_sqes+0x8610/0x8610
[ 3249.337763]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3249.337787]  ? wait_for_completion_io+0x270/0x270
[ 3249.337811]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3249.337826]  ? vfs_write+0x354/0xb10
[ 3249.337847]  ? fput_many+0x2f/0x1a0
[ 3249.337865]  ? ksys_write+0x1a9/0x260
[ 3249.337882]  ? __ia32_sys_read+0xb0/0xb0
[ 3249.337908]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3249.337930]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3249.337966]  do_syscall_64+0x33/0x40
[ 3249.337988]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3249.338001] RIP: 0033:0x7fa49f703b19
[ 3249.338019] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3249.338031] RSP: 002b:00007fa49cc79188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3249.338052] RAX: ffffffffffffffda RBX: 00007fa49f816f60 RCX: 00007fa49f703b19
[ 3249.338064] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 3249.338075] RBP: 00007fa49cc791d0 R08: 0000000000000000 R09: 0000000000000000
[ 3249.338087] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3249.338099] R13: 00007fffb615a22f R14: 00007fa49cc79300 R15: 0000000000022000
[ 3249.476321] FAULT_INJECTION: forcing a failure.
[ 3249.476321] name failslab, interval 1, probability 0, space 0, times 0
[ 3249.533647] FAULT_INJECTION: forcing a failure.
[ 3249.533647] name failslab, interval 1, probability 0, space 0, times 0
[ 3249.534240] CPU: 1 PID: 16480 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3249.595375] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
04:30:05 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x7a00000000000000)

04:30:05 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
ioctl$TIOCGPTLCK(r1, 0x80045439, &(0x7f00000000c0))
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r2=>r0, {0x3}}, './file0\x00'})
ioctl$FIONREAD(r2, 0x541b, &(0x7f0000000180))
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r3 = socket$inet(0x2, 0xa, 0x0)
r4 = io_uring_setup(0x2501, &(0x7f0000000200)={0x0, 0xffffffff, 0x1, 0x0, 0x20})
r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r4, 0x13, &(0x7f0000000100)=[r5, r5], 0x2)
ioctl$TUNSETQUEUE(r5, 0x400454d9, &(0x7f0000000140)={'netpci0\x00'})
dup3(r3, r0, 0x0)

[ 3249.595382] Call Trace:
[ 3249.595411]  dump_stack+0x107/0x167
[ 3249.595434]  should_fail.cold+0x5/0xa
[ 3249.595458]  ? create_object.isra.0+0x3a/0xa30
[ 3249.595477]  should_failslab+0x5/0x20
[ 3249.595498]  kmem_cache_alloc+0x5b/0x310
[ 3249.595524]  create_object.isra.0+0x3a/0xa30
[ 3249.595549]  kmemleak_alloc_percpu+0xa0/0x100
[ 3249.595575]  pcpu_alloc+0x4e2/0x1240
[ 3249.595615]  __percpu_counter_init+0x10d/0x2d0
[ 3249.595640]  io_uring_alloc_task_context+0xcc/0x6a0
[ 3249.595662]  ? io_import_iovec+0x1120/0x1120
[ 3249.595684]  ? lock_downgrade+0x6d0/0x6d0
[ 3249.595702]  ? do_raw_spin_lock+0x121/0x260
04:30:05 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 64)
socket$inet6_udplite(0xa, 0x2, 0x88)

[ 3249.595720]  ? rwlock_bug.part.0+0x90/0x90
[ 3249.595747]  __io_uring_add_tctx_node+0x2c6/0x520
04:30:05 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TIOCSCTTY(0xffffffffffffffff, 0x540e, 0x3)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:30:05 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2, 0x312}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @mcast2}, 0x80, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000b40)="8726726db2e268aef6af859b15b8914ff16bfc724208dd1c0ce506142429e8f35a7a671cea284e02f560bfa6c125df683e55dd59b87d1fa1c60c8d2c50f817b58208513c2418adb046189a22d2982cb09aa64290d5ab3a624ea53b331ae0e1159dc183d83cb1", 0x66}], 0x2}}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x3000000, 0x80010, r0, 0x10000000)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x80000001)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x40082406, 0x0)
ioctl$AUTOFS_IOC_PROTOVER(r0, 0x80049363, &(0x7f0000000100))
lseek(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, 0x0)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
memfd_create(&(0x7f00000000c0)='\xa0g,[]\'#{[$@(\x00', 0x5)

[ 3249.595769]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3249.595788]  ? alloc_fd+0x2e7/0x670
[ 3249.595821]  io_uring_setup+0x1fbb/0x2980
[ 3249.595851]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3249.595868]  ? wait_for_completion_io+0x270/0x270
[ 3249.595913]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3249.595935]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3249.595960]  do_syscall_64+0x33/0x40
[ 3249.595981]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3249.595995] RIP: 0033:0x7f4cd02cab19
[ 3249.596015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3249.596026] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3249.596048] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3249.596060] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3249.596072] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3249.596084] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3249.596096] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3249.596140] CPU: 0 PID: 16482 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3249.596154] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3249.596162] Call Trace:
[ 3249.596187]  dump_stack+0x107/0x167
[ 3249.596217]  should_fail.cold+0x5/0xa
[ 3249.596243]  ? create_object.isra.0+0x3a/0xa30
[ 3249.596265]  should_failslab+0x5/0x20
[ 3249.596286]  kmem_cache_alloc+0x5b/0x310
[ 3249.596323]  create_object.isra.0+0x3a/0xa30
[ 3249.596357]  kmemleak_alloc_percpu+0xa0/0x100
[ 3249.596390]  pcpu_alloc+0x4e2/0x1240
[ 3249.596455]  __percpu_counter_init+0x10d/0x2d0
[ 3249.596487]  io_uring_alloc_task_context+0xcc/0x6a0
[ 3249.596516]  ? io_import_iovec+0x1120/0x1120
04:30:05 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0xfeffffff00000000)

[ 3249.596539]  ? lock_downgrade+0x6d0/0x6d0
04:30:05 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
ioctl$TIOCGPTLCK(r1, 0x80045439, &(0x7f00000000c0))
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r2=>r0, {0x3}}, './file0\x00'})
ioctl$FIONREAD(r2, 0x541b, &(0x7f0000000180))
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r3 = socket$inet(0x2, 0xa, 0x0)
r4 = io_uring_setup(0x2501, &(0x7f0000000200)={0x0, 0xffffffff, 0x1, 0x0, 0x20})
r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r4, 0x13, &(0x7f0000000100)=[r5, r5], 0x2)
ioctl$TUNSETQUEUE(r5, 0x400454d9, &(0x7f0000000140)={'netpci0\x00'})
dup3(r3, r0, 0x0)

[ 3249.596560]  ? do_raw_spin_lock+0x121/0x260
[ 3249.596583]  ? rwlock_bug.part.0+0x90/0x90
04:30:05 executing program 7:
r0 = add_key$keyring(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0x0)
r2 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, 0x0)
r3 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc)
keyctl$clear(0x7, r2)
r4 = add_key$fscrypt_v1(&(0x7f0000000580), &(0x7f00000005c0)={'fscrypt:', @desc1}, &(0x7f0000000600)={0x0, "5bdb879a2e143cf4899dc0210350c29ac9b26a5aa052793b178a8cc7763bb001626c3ce28e93cf06aa0519aa2efdeeb3d63c1cf2d5368560fdb2df9ffd8c0c3b"}, 0x48, 0xffffffffffffffff)
r5 = add_key$keyring(&(0x7f0000000380), 0x0, 0x0, 0x0, r4)
keyctl$link(0x8, r3, 0x0)
keyctl$link(0x8, 0x0, r5)
r6 = add_key$keyring(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
r7 = add_key$user(&(0x7f0000000100), &(0x7f00000001c0)={'syz', 0x1}, &(0x7f0000000280)='K', 0x1, r1)
keyctl$revoke(0x3, 0x0)
add_key$fscrypt_v1(&(0x7f0000000340), &(0x7f00000005c0)={'fscrypt:', @desc2}, &(0x7f0000000600)={0x0, "ed8032eaaa72d6ec87f643cab0c926e43e52b45be0718fa1bf8470d7984fa56fcfff09b72ebb3708a98b7788cc66f98aa4689951ea7c382c2fedcc5dd5391b33", 0x1d}, 0x48, 0x0)
r8 = add_key$fscrypt_v1(&(0x7f0000000680), &(0x7f0000000380)={'fscrypt:', @desc1}, &(0x7f00000003c0)={0x0, "a6ac3ca6302644e72f5d6dbc3352ee9560c5256cbbc10eaed9f27b5f13ae85e7a80e63700098a337a9517ea8bb18b16961bbfdfcf5074089f0f86fa218943adf"}, 0x48, r6)
keyctl$link(0x11, r7, r8)
add_key(&(0x7f0000000040)='encrypted\x00', &(0x7f00000001c0)={'syz', 0x3}, &(0x7f00000004c0)="e8a8cbf223196039b6f6f4d07354007b8d8f5bad160855c372be29ecc2c3f8b5d42dc98c7b99d85454457d7d88732d9ff8e61f009a72caee18ca0ad96c3ea626268b102afe85834b1158130041fba6de23e9c574922c90ef84e89226e73f848f3fecba14f57f2b6aa81aaa4a9ba0063b7e45f5069089f7c086748d194537df6d573e08a95f86f546d59010e7607bdd4e18b76b9aa91aa8685a33eb95a77bd5e21fdf82563e9df90231bcf1589132be8113d186d7260d506e4286a27d746c0db27157184cf8c1fc9dd66ceed1765508fc89f47a25fffe00d967d43953b67c42ed9cee70e3bc53eb451e784753c8ddacf3c168175f4db00c", 0xf7, r8)
add_key$keyring(&(0x7f0000000240), &(0x7f00000006c0)={'syz', 0x1}, 0x0, 0x0, r0)
add_key(&(0x7f0000000000)='dns_resolver\x00', 0x0, &(0x7f0000000200)='\x00\x00', 0x2, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9, 0x8}, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
clone3(&(0x7f0000000ac0)={0x17412c500, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x42)

[ 3249.596620]  __io_uring_add_tctx_node+0x2c6/0x520
[ 3249.596646]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3249.596664]  ? alloc_fd+0x2e7/0x670
[ 3249.596712]  io_uring_setup+0x1fbb/0x2980
[ 3249.596753]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3249.596770]  ? wait_for_completion_io+0x270/0x270
[ 3249.596840]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
04:30:05 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 65)
socket$inet6_udplite(0xa, 0x2, 0x88)

[ 3249.596864]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3249.596896]  do_syscall_64+0x33/0x40
[ 3249.596919]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3249.596933] RIP: 0033:0x7f3b78954b19
04:30:06 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0xa00c0, 0x182)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth1_to_hsr\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r2 = socket$inet(0x2, 0xa, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r1, 0xc0189374, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r0, {0x4}}, './file0\x00'})
connect$inet(r3, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
dup3(r2, r0, 0x0)

[ 3249.596952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
04:30:06 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 30)

[ 3249.596964] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3249.596988] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3249.597001] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3249.597014] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3249.597026] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3249.597039] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3249.733679] FAULT_INJECTION: forcing a failure.
[ 3249.733679] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3249.733701] CPU: 1 PID: 16491 Comm: syz-executor.6 Not tainted 5.10.253 #1
[ 3249.733712] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3249.733719] Call Trace:
[ 3249.733745]  dump_stack+0x107/0x167
[ 3249.733769]  should_fail.cold+0x5/0xa
[ 3249.733798]  _copy_from_user+0x2e/0x1b0
[ 3249.733823]  __copy_msghdr_from_user+0x91/0x4b0
[ 3249.733842]  ? __ia32_sys_shutdown+0x80/0x80
[ 3249.733866]  ? inet_sendmsg+0xbd/0x140
[ 3249.733887]  ? inet_send_prepare+0x540/0x540
[ 3249.733907]  ? __sock_sendmsg+0x55/0x190
[ 3249.733930]  ? ____sys_sendmsg+0x426/0x870
[ 3249.733969]  sendmsg_copy_msghdr+0xa1/0x160
[ 3249.733987]  ? do_recvmmsg+0x6d0/0x6d0
[ 3249.734007]  ? lock_chain_count+0x20/0x20
[ 3249.734031]  ? lock_downgrade+0x6d0/0x6d0
[ 3249.734066]  io_sendmsg+0x62c/0x830
[ 3249.734089]  ? io_setup_async_msg+0x2d0/0x2d0
[ 3249.734121]  ? mark_lock+0xf5/0x2df0
[ 3249.734150]  ? lock_chain_count+0x20/0x20
[ 3249.734207]  ? __lock_acquire+0xbb1/0x5b00
[ 3249.734234]  io_issue_sqe+0x3b3/0x7850
[ 3249.734267]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3249.734285]  ? SOFTIRQ_verbose+0x10/0x10
[ 3249.734304]  ? lock_chain_count+0x20/0x20
[ 3249.734329]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3249.734355]  ? io_connect+0x610/0x610
[ 3249.734383]  ? lock_acquire+0x197/0x470
[ 3249.734402]  ? find_held_lock+0x2c/0x110
[ 3249.734429]  ? __fget_files+0x2cf/0x520
[ 3249.734450]  ? lock_downgrade+0x6d0/0x6d0
[ 3249.734477]  __io_queue_sqe+0x90/0x9d0
[ 3249.734505]  ? io_issue_sqe+0x7850/0x7850
[ 3249.734523]  ? __fget_files+0x2f8/0x520
[ 3249.734561]  io_submit_sqes+0x44a8/0x8610
[ 3249.734616]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3249.734635]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3249.734660]  ? find_held_lock+0x2c/0x110
[ 3249.734687]  ? io_submit_sqes+0x8610/0x8610
[ 3249.734716]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3249.734740]  ? wait_for_completion_io+0x270/0x270
[ 3249.734764]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3249.734779]  ? vfs_write+0x354/0xb10
[ 3249.734800]  ? fput_many+0x2f/0x1a0
[ 3249.734818]  ? ksys_write+0x1a9/0x260
[ 3249.734835]  ? __ia32_sys_read+0xb0/0xb0
[ 3249.734861]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3249.734883]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3249.734908]  do_syscall_64+0x33/0x40
[ 3249.734930]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3249.734943] RIP: 0033:0x7fa49f703b19
[ 3249.734963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3249.734974] RSP: 002b:00007fa49cc79188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3249.734996] RAX: ffffffffffffffda RBX: 00007fa49f816f60 RCX: 00007fa49f703b19
[ 3249.735007] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 3249.735018] RBP: 00007fa49cc791d0 R08: 0000000000000000 R09: 0000000000000000
[ 3249.735030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3249.735041] R13: 00007fffb615a22f R14: 00007fa49cc79300 R15: 0000000000022000
[ 3250.004809] FAULT_INJECTION: forcing a failure.
[ 3250.004809] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3250.004832] CPU: 0 PID: 16509 Comm: syz-executor.6 Not tainted 5.10.253 #1
[ 3250.004844] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3250.004851] Call Trace:
[ 3250.004878]  dump_stack+0x107/0x167
[ 3250.004903]  should_fail.cold+0x5/0xa
[ 3250.004934]  _copy_from_user+0x2e/0x1b0
[ 3250.004964]  move_addr_to_kernel.part.0+0x31/0x110
[ 3250.004988]  __copy_msghdr_from_user+0x3e1/0x4b0
[ 3250.005008]  ? __ia32_sys_shutdown+0x80/0x80
[ 3250.005039]  ? __sock_sendmsg+0x55/0x190
[ 3250.005064]  ? ____sys_sendmsg+0x426/0x870
[ 3250.005090]  sendmsg_copy_msghdr+0xa1/0x160
[ 3250.005108]  ? do_recvmmsg+0x6d0/0x6d0
[ 3250.005129]  ? lock_chain_count+0x20/0x20
[ 3250.005154]  ? lock_downgrade+0x6d0/0x6d0
[ 3250.005192]  io_sendmsg+0x62c/0x830
[ 3250.005217]  ? io_setup_async_msg+0x2d0/0x2d0
[ 3250.005250]  ? mark_lock+0xf5/0x2df0
[ 3250.005324]  ? __lock_acquire+0xbb1/0x5b00
[ 3250.005353]  io_issue_sqe+0x3b3/0x7850
[ 3250.005386]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3250.005414]  ? SOFTIRQ_verbose+0x10/0x10
[ 3250.005438]  ? lock_chain_count+0x20/0x20
[ 3250.005464]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3250.005484]  ? io_connect+0x610/0x610
[ 3250.005513]  ? lock_acquire+0x197/0x470
[ 3250.005533]  ? find_held_lock+0x2c/0x110
[ 3250.005562]  ? __fget_files+0x2cf/0x520
[ 3250.005584]  ? lock_downgrade+0x6d0/0x6d0
[ 3250.005613]  __io_queue_sqe+0x90/0x9d0
[ 3250.005643]  ? io_issue_sqe+0x7850/0x7850
[ 3250.005661]  ? __fget_files+0x2f8/0x520
[ 3250.005702]  io_submit_sqes+0x44a8/0x8610
[ 3250.005760]  ? __do_sys_io_uring_enter+0x6b2/0x1890
[ 3250.005780]  __do_sys_io_uring_enter+0x6b2/0x1890
[ 3250.005806]  ? find_held_lock+0x2c/0x110
[ 3250.005835]  ? io_submit_sqes+0x8610/0x8610
[ 3250.005865]  ? __mutex_unlock_slowpath+0xe1/0x600
[ 3250.005890]  ? wait_for_completion_io+0x270/0x270
[ 3250.005916]  ? rcu_read_lock_any_held+0x75/0xa0
[ 3250.005932]  ? vfs_write+0x354/0xb10
[ 3250.005954]  ? fput_many+0x2f/0x1a0
[ 3250.005984]  ? ksys_write+0x1a9/0x260
[ 3250.006002]  ? __ia32_sys_read+0xb0/0xb0
[ 3250.006029]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3250.006052]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3250.006079]  do_syscall_64+0x33/0x40
[ 3250.006101]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3250.006115] RIP: 0033:0x7fa49f703b19
[ 3250.006136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3250.006147] RSP: 002b:00007fa49cc79188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 3250.006171] RAX: ffffffffffffffda RBX: 00007fa49f816f60 RCX: 00007fa49f703b19
[ 3250.006183] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000004
[ 3250.006195] RBP: 00007fa49cc791d0 R08: 0000000000000000 R09: 0000000000000000
[ 3250.006208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 3250.006221] R13: 00007fffb615a22f R14: 00007fa49cc79300 R15: 0000000000022000
[ 3250.055299] FAULT_INJECTION: forcing a failure.
[ 3250.055299] name failslab, interval 1, probability 0, space 0, times 0
[ 3250.055325] CPU: 0 PID: 16518 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3250.055339] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3250.055347] Call Trace:
[ 3250.055377]  dump_stack+0x107/0x167
[ 3250.055419]  should_fail.cold+0x5/0xa
[ 3250.055449]  ? create_object.isra.0+0x3a/0xa30
[ 3250.055475]  should_failslab+0x5/0x20
[ 3250.055499]  kmem_cache_alloc+0x5b/0x310
[ 3250.055539]  create_object.isra.0+0x3a/0xa30
[ 3250.055576]  kmemleak_alloc_percpu+0xa0/0x100
[ 3250.055614]  pcpu_alloc+0x4e2/0x1240
[ 3250.055681]  __percpu_counter_init+0x10d/0x2d0
[ 3250.055717]  io_uring_alloc_task_context+0xcc/0x6a0
[ 3250.055748]  ? io_import_iovec+0x1120/0x1120
[ 3250.055775]  ? lock_downgrade+0x6d0/0x6d0
[ 3250.055799]  ? do_raw_spin_lock+0x121/0x260
[ 3250.055824]  ? rwlock_bug.part.0+0x90/0x90
[ 3250.055865]  __io_uring_add_tctx_node+0x2c6/0x520
[ 3250.055893]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3250.055914]  ? alloc_fd+0x2e7/0x670
[ 3250.055966]  io_uring_setup+0x1fbb/0x2980
[ 3250.056011]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3250.056031]  ? wait_for_completion_io+0x270/0x270
[ 3250.056108]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3250.056134]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3250.056169]  do_syscall_64+0x33/0x40
[ 3250.056195]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3250.056211] RIP: 0033:0x7f3b78954b19
[ 3250.056234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3250.056248] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3250.056275] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3250.056290] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3250.056304] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3250.056318] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3250.056333] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:30:20 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 30)

04:30:20 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
r2 = perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x6, 0x3f, 0x80, 0x4, 0x0, 0x5b, 0x74801, 0x4, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x4, @perf_config_ext={0x6, 0xd05d}, 0x8000, 0x401, 0x3f, 0x3, 0xff, 0x6, 0x7, 0x0, 0xf87, 0x0, 0xfffffffffffffff9}, 0x0, 0x3, r0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r3=>r1, {0xffffffffffffffff, 0xffffffffffffffff}}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_READY(r3, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r2, {0x6}}, './file0\x00'})
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:30:20 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 66)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:30:20 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x2, 0x8000, 0x1, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:30:20 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
ioctl$TIOCGPTLCK(r1, 0x80045439, &(0x7f00000000c0))
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r2=>r0, {0x3}}, './file0\x00'})
ioctl$FIONREAD(r2, 0x541b, &(0x7f0000000180))
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r3 = socket$inet(0x2, 0xa, 0x0)
r4 = io_uring_setup(0x2501, &(0x7f0000000200)={0x0, 0xffffffff, 0x1, 0x0, 0x20})
r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r4, 0x13, &(0x7f0000000100)=[r5, r5], 0x2)
dup3(r3, r0, 0x0)

[ 3264.338242] FAULT_INJECTION: forcing a failure.
[ 3264.338242] name failslab, interval 1, probability 0, space 0, times 0
[ 3264.339861] CPU: 1 PID: 16527 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3264.340847] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3264.342023] Call Trace:
[ 3264.342410]  dump_stack+0x107/0x167
[ 3264.342932]  should_fail.cold+0x5/0xa
[ 3264.343476]  ? create_object.isra.0+0x3a/0xa30
[ 3264.344121]  should_failslab+0x5/0x20
[ 3264.344661]  kmem_cache_alloc+0x5b/0x310
[ 3264.345244]  create_object.isra.0+0x3a/0xa30
[ 3264.345871]  kmemleak_alloc_percpu+0xa0/0x100
[ 3264.346523]  pcpu_alloc+0x4e2/0x1240
[ 3264.347064]  __percpu_counter_init+0x10d/0x2d0
[ 3264.347713]  io_uring_alloc_task_context+0xcc/0x6a0
[ 3264.348426]  ? io_import_iovec+0x1120/0x1120
[ 3264.349070]  ? lock_downgrade+0x6d0/0x6d0
[ 3264.349652]  ? do_raw_spin_lock+0x121/0x260
[ 3264.350271]  ? rwlock_bug.part.0+0x90/0x90
[ 3264.350880]  __io_uring_add_tctx_node+0x2c6/0x520
[ 3264.351561]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3264.352300]  ? alloc_fd+0x2e7/0x670
[ 3264.352828]  io_uring_setup+0x1fbb/0x2980
[ 3264.353419]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3264.354140]  ? wait_for_completion_io+0x270/0x270
[ 3264.354840]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3264.355583]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3264.356314]  do_syscall_64+0x33/0x40
[ 3264.356847]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3264.357569] RIP: 0033:0x7f4cd02cab19
[ 3264.358106] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3264.360676] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3264.361749] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3264.362763] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3264.363764] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3264.364775] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3264.365783] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3264.371366] FAULT_INJECTION: forcing a failure.
[ 3264.371366] name failslab, interval 1, probability 0, space 0, times 0
[ 3264.372958] CPU: 1 PID: 16533 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3264.373925] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3264.375108] Call Trace:
[ 3264.375482]  dump_stack+0x107/0x167
[ 3264.375998]  should_fail.cold+0x5/0xa
[ 3264.376537]  ? io_uring_alloc_task_context+0x4a3/0x6a0
[ 3264.377269]  should_failslab+0x5/0x20
[ 3264.377807]  kmem_cache_alloc_trace+0x55/0x320
[ 3264.378463]  io_uring_alloc_task_context+0x4a3/0x6a0
[ 3264.379178]  ? io_import_iovec+0x1120/0x1120
[ 3264.379796]  ? lock_downgrade+0x6d0/0x6d0
[ 3264.380381]  ? do_raw_spin_lock+0x121/0x260
[ 3264.380997]  ? rwlock_bug.part.0+0x90/0x90
[ 3264.381599]  __io_uring_add_tctx_node+0x2c6/0x520
[ 3264.382288]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3264.383013]  ? alloc_fd+0x2e7/0x670
[ 3264.383529]  io_uring_setup+0x1fbb/0x2980
[ 3264.384113]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3264.384816]  ? wait_for_completion_io+0x270/0x270
[ 3264.385512]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3264.386252]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3264.386976]  do_syscall_64+0x33/0x40
[ 3264.387497]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3264.388210] RIP: 0033:0x7f3b78954b19
[ 3264.388735] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3264.391318] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3264.392382] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3264.393399] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3264.394428] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3264.395429] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3264.396430] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:30:20 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0xffffffff00000000)

04:30:20 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 31)

04:30:20 executing program 7:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c)
syz_extract_tcp_res$synack(&(0x7f0000000000)={0x41424344, <r1=>0x41424344}, 0x1, 0x0)
syz_emit_ethernet(0x1f1, &(0x7f0000000100)={@broadcast, @empty, @val={@void}, {@ipv6={0x86dd, @tcp={0x8, 0x6, "af34aa", 0x1b7, 0x6, 0x1, @empty, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, {[@fragment={0x0, 0x0, 0x4, 0x1, 0x0, 0x8, 0x64}, @routing={0x0, 0x8, 0x2, 0x1f, 0x0, [@remote, @loopback, @ipv4={'\x00', '\xff\xff', @multicast2}, @local]}, @hopopts={0x1d, 0x0, '\x00', [@jumbo={0xc2, 0x4, 0x80000000}]}, @dstopts={0x29, 0x6, '\x00', [@ra={0x5, 0x2, 0x1}, @calipso={0x7, 0x30, {0x0, 0xa, 0x1, 0x6a15, [0xd8, 0x80, 0x6, 0x2, 0x8]}}]}, @routing={0xc, 0x6, 0x0, 0x8, 0x0, [@empty, @local, @private2]}], {{0x4e20, 0x4e22, r1, 0x41424344, 0x1, 0x0, 0x6, 0x40, 0x800, 0x0, 0x100, {[@mss={0x2, 0x4, 0x2}]}}, {"60df4701b9ac74554493935c86fbdc99713e7f12843968f8c1cd80af2f5ccbd2958e8c5d1cad0183a0b25fa09a972b07aafac7d6075648b6de7a30ed1cc1b5eefd2c10b805cbaced8a22e6662ef31dcc49f0b4c3f8da1c1ad36f79fd7c3fb35f0b5746d0b6f88fe09035efa4f98bc3e12557105f58f5d0c028530d87d65d996d053ae61b978ac2fd8059c970e62f6bf61889f2506762b2b9b98e64b8894233fa4c771350e963f42adf5bcf4ba9b33f62fa5d2f33cc577535b7734edf65ae92a5e2a97361c7023a"}}}}}}}, 0x0)

04:30:20 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 31)

04:30:20 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 32)

[ 3264.450375] FAULT_INJECTION: forcing a failure.
[ 3264.450375] name failslab, interval 1, probability 0, space 0, times 0
[ 3264.451994] CPU: 1 PID: 16544 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3264.452939] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3264.454057] Call Trace:
[ 3264.454430]  dump_stack+0x107/0x167
[ 3264.454932]  should_fail.cold+0x5/0xa
[ 3264.455452]  ? io_uring_alloc_task_context+0x4a3/0x6a0
[ 3264.456169]  should_failslab+0x5/0x20
[ 3264.456686]  kmem_cache_alloc_trace+0x55/0x320
[ 3264.457320]  io_uring_alloc_task_context+0x4a3/0x6a0
[ 3264.458023]  ? io_import_iovec+0x1120/0x1120
[ 3264.458635]  ? lock_downgrade+0x6d0/0x6d0
[ 3264.459200]  ? do_raw_spin_lock+0x121/0x260
[ 3264.459794]  ? rwlock_bug.part.0+0x90/0x90
[ 3264.460369]  __io_uring_add_tctx_node+0x2c6/0x520
[ 3264.461027]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3264.461740]  ? alloc_fd+0x2e7/0x670
[ 3264.462261]  io_uring_setup+0x1fbb/0x2980
[ 3264.462831]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3264.463529]  ? wait_for_completion_io+0x270/0x270
[ 3264.464201]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3264.464916]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3264.465622]  do_syscall_64+0x33/0x40
[ 3264.466146]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3264.466850] RIP: 0033:0x7f4cd02cab19
[ 3264.467359] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3264.469881] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3264.470920] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3264.471860] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3264.472818] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3264.473772] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3264.474725] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:30:20 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 32)

04:30:20 executing program 7:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001780)=@updsa={0x13c, 0x10, 0x1, 0x0, 0x0, {{@in=@multicast2, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}, {@in6=@empty, 0x0, 0x32}, @in=@multicast2, {}, {}, {}, 0x0, 0x0, 0xa, 0x1}, [@algo_auth_trunc={0x4c, 0x14, {{'sha256\x00'}}}]}, 0x13c}}, 0x0)

04:30:20 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x28, r1, 0x1, 0x0, 0x0, {}, [@HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1000000}]}]}, 0x28}}, 0x0)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000000)=<r2=>0x0)
r3 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x8, 0x0, 0x0, 0x9}, r2, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r3, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r3, 0x0)

[ 3264.537826] FAULT_INJECTION: forcing a failure.
[ 3264.537826] name failslab, interval 1, probability 0, space 0, times 0
[ 3264.539358] CPU: 1 PID: 16548 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3264.540279] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3264.541368] Call Trace:
[ 3264.541724]  dump_stack+0x107/0x167
[ 3264.542209]  should_fail.cold+0x5/0xa
[ 3264.542716]  ? create_object.isra.0+0x3a/0xa30
[ 3264.543316]  should_failslab+0x5/0x20
[ 3264.543815]  kmem_cache_alloc+0x5b/0x310
[ 3264.544358]  create_object.isra.0+0x3a/0xa30
[ 3264.544945]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3264.545618]  kmem_cache_alloc_trace+0x151/0x320
[ 3264.546279]  io_uring_alloc_task_context+0x4a3/0x6a0
[ 3264.546937]  ? io_import_iovec+0x1120/0x1120
[ 3264.547518]  ? lock_downgrade+0x6d0/0x6d0
[ 3264.548060]  ? do_raw_spin_lock+0x121/0x260
[ 3264.548636]  ? rwlock_bug.part.0+0x90/0x90
[ 3264.549203]  __io_uring_add_tctx_node+0x2c6/0x520
[ 3264.549843]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3264.550541]  ? alloc_fd+0x2e7/0x670
[ 3264.551028]  io_uring_setup+0x1fbb/0x2980
[ 3264.551586]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3264.552256]  ? wait_for_completion_io+0x270/0x270
[ 3264.552906]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3264.553597]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3264.554289]  do_syscall_64+0x33/0x40
[ 3264.554774]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3264.555449] RIP: 0033:0x7f3b78954b19
[ 3264.555944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3264.558369] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3264.559366] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3264.560308] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3264.561230] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3264.562172] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3264.563104] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3264.577557] FAULT_INJECTION: forcing a failure.
[ 3264.577557] name failslab, interval 1, probability 0, space 0, times 0
[ 3264.579112] CPU: 1 PID: 16554 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3264.580023] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3264.581109] Call Trace:
[ 3264.581454]  dump_stack+0x107/0x167
[ 3264.581926]  should_fail.cold+0x5/0xa
[ 3264.582423]  ? create_object.isra.0+0x3a/0xa30
[ 3264.583027]  should_failslab+0x5/0x20
[ 3264.583529]  kmem_cache_alloc+0x5b/0x310
[ 3264.584077]  create_object.isra.0+0x3a/0xa30
[ 3264.584647]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3264.585316]  kmem_cache_alloc_trace+0x151/0x320
[ 3264.585914]  io_uring_alloc_task_context+0x4a3/0x6a0
[ 3264.586580]  ? io_import_iovec+0x1120/0x1120
[ 3264.587153]  ? lock_downgrade+0x6d0/0x6d0
[ 3264.587693]  ? do_raw_spin_lock+0x121/0x260
[ 3264.588242]  ? rwlock_bug.part.0+0x90/0x90
[ 3264.588797]  __io_uring_add_tctx_node+0x2c6/0x520
[ 3264.589435]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3264.590120]  ? alloc_fd+0x2e7/0x670
[ 3264.590598]  io_uring_setup+0x1fbb/0x2980
[ 3264.591148]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3264.591801]  ? wait_for_completion_io+0x270/0x270
[ 3264.592447]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3264.593134]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3264.593802]  do_syscall_64+0x33/0x40
[ 3264.594291]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3264.594959] RIP: 0033:0x7f4cd02cab19
[ 3264.595443] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3264.597831] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3264.598811] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3264.599738] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3264.600653] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3264.601574] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3264.602494] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:30:35 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, &(0x7f0000000140))
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, 0x4000010, r2, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:30:35 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:30:35 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 33)

04:30:35 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 33)

04:30:35 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
ioctl$TIOCGPTLCK(r1, 0x80045439, &(0x7f00000000c0))
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r2=>r0, {0x3}}, './file0\x00'})
ioctl$FIONREAD(r2, 0x541b, &(0x7f0000000180))
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r3 = socket$inet(0x2, 0xa, 0x0)
io_uring_setup(0x2501, &(0x7f0000000200)={0x0, 0xffffffff, 0x1, 0x0, 0x20})
openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
dup3(r3, r0, 0x0)

04:30:35 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
r4 = socket$unix(0x1, 0x2, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000340)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}}}}, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
syz_io_uring_submit(r5, r3, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, 0xffffffffffffffff, 0x0}, 0x0)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, 0x0, &(0x7f00000000c0)=@IORING_OP_CONNECT={0x10, 0x2, 0x0, 0xffffffffffffffff, 0x80, &(0x7f0000000040)=@phonet={0x23, 0x1, 0x5, 0x8}, 0x0, 0x0, 0x8ec7efccb8000a1a, {0x0, r6}}, 0x3)
dup3(0xffffffffffffffff, r0, 0x0)

04:30:35 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r0, 0xc0189371, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r2=>r0}, './file0\x00'})
getsockopt$inet6_tcp_int(r2, 0x6, 0x6, &(0x7f0000000080), &(0x7f0000000100)=0x4)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
listen(r3, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, &(0x7f0000000200)={{0x1, 0x1, 0x18, <r4=>r1, {0x4}}, './file0\x00'})
openat(r4, &(0x7f00000001c0)='./file0\x00', 0x800, 0x4)
ioctl$sock_inet_SIOCSIFNETMASK(r0, 0x891c, &(0x7f0000000140)={'wg2\x00', {0x2, 0x0, @multicast2}})
dup2(r0, r3)
sendfile(r1, r0, 0x0, 0x500000001)

04:30:35 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000180)={0x6, 0x10000, 0x0, 0x6, 0x2, "77004a6efdff000081d63e871c9f71a200", 0x2000000})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000140)={'team_slave_1\x00'})
r2 = accept$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @local}, &(0x7f00000000c0)=0x1c)
splice(r0, &(0x7f0000000040)=0x3, r2, &(0x7f0000000100)=0x20, 0x1, 0x0)
dup3(r1, r0, 0x0)

[ 3279.095657] FAULT_INJECTION: forcing a failure.
[ 3279.095657] name failslab, interval 1, probability 0, space 0, times 0
[ 3279.098183] CPU: 1 PID: 16575 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3279.098773] FAULT_INJECTION: forcing a failure.
[ 3279.098773] name failslab, interval 1, probability 0, space 0, times 0
[ 3279.099684] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3279.099691] Call Trace:
[ 3279.099717]  dump_stack+0x107/0x167
[ 3279.099740]  should_fail.cold+0x5/0xa
[ 3279.105293]  ? io_wq_create+0xeb/0xc00
[ 3279.106145]  should_failslab+0x5/0x20
[ 3279.106988]  __kmalloc+0x72/0x390
[ 3279.107753]  io_wq_create+0xeb/0xc00
[ 3279.108578]  io_uring_alloc_task_context+0x1f1/0x6a0
[ 3279.109688]  ? io_import_iovec+0x1120/0x1120
[ 3279.110648]  ? io_apoll_task_func+0x2d0/0x2d0
[ 3279.111612]  ? __io_req_find_next+0x300/0x300
[ 3279.112573]  ? do_raw_spin_lock+0x121/0x260
[ 3279.113505]  ? rwlock_bug.part.0+0x90/0x90
[ 3279.114435]  __io_uring_add_tctx_node+0x2c6/0x520
[ 3279.115484]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3279.116619]  ? alloc_fd+0x2e7/0x670
[ 3279.117420]  io_uring_setup+0x1fbb/0x2980
[ 3279.118341]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3279.119442]  ? wait_for_completion_io+0x270/0x270
[ 3279.120514]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3279.121658]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3279.122787]  do_syscall_64+0x33/0x40
[ 3279.123596]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3279.124707] RIP: 0033:0x7f3b78954b19
[ 3279.125515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3279.129540] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3279.131203] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3279.132899] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3279.134667] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3279.136428] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3279.138190] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3279.139990] CPU: 0 PID: 16576 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3279.140994] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3279.142191] Call Trace:
[ 3279.142597]  dump_stack+0x107/0x167
[ 3279.143131]  should_fail.cold+0x5/0xa
[ 3279.143685]  ? io_wq_create+0xeb/0xc00
[ 3279.144247]  should_failslab+0x5/0x20
[ 3279.144797]  __kmalloc+0x72/0x390
[ 3279.145313]  io_wq_create+0xeb/0xc00
[ 3279.145866]  io_uring_alloc_task_context+0x1f1/0x6a0
[ 3279.146621]  ? io_import_iovec+0x1120/0x1120
[ 3279.147259]  ? io_apoll_task_func+0x2d0/0x2d0
[ 3279.147906]  ? __io_req_find_next+0x300/0x300
[ 3279.148553]  ? do_raw_spin_lock+0x121/0x260
[ 3279.149177]  ? rwlock_bug.part.0+0x90/0x90
[ 3279.149799]  __io_uring_add_tctx_node+0x2c6/0x520
[ 3279.150510]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3279.151270]  ? alloc_fd+0x2e7/0x670
[ 3279.151795]  io_uring_setup+0x1fbb/0x2980
[ 3279.152399]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3279.153108]  ? wait_for_completion_io+0x270/0x270
[ 3279.153818]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3279.154586]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3279.155308]  do_syscall_64+0x33/0x40
[ 3279.155834]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3279.156537] RIP: 0033:0x7f4cd02cab19
[ 3279.157047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3279.159589] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3279.160668] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3279.161658] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3279.162652] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3279.163650] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3279.164650] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:30:35 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 34)

04:30:35 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
ioctl$TIOCGPTLCK(r1, 0x80045439, &(0x7f00000000c0))
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r2=>r0, {0x3}}, './file0\x00'})
ioctl$FIONREAD(r2, 0x541b, &(0x7f0000000180))
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r3 = socket$inet(0x2, 0xa, 0x0)
io_uring_setup(0x2501, &(0x7f0000000200)={0x0, 0xffffffff, 0x1, 0x0, 0x20})
dup3(r3, r0, 0x0)

04:30:35 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
r1 = syz_io_uring_setup(0x34c9, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, &(0x7f0000000140))
r2 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r2, 0x13, &(0x7f0000000100)=[r3, r3], 0x2)
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x30, r2, 0x0)
r5 = mmap$IORING_OFF_SQES(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x110, r1, 0x10000000)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x9, 0x0, 0x0, 0x0, {0x2040}, 0x1}, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

04:30:35 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)
setsockopt$IP_VS_SO_SET_DELDEST(r1, 0x0, 0x488, &(0x7f0000000080)={{0xc, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x4e21, 0x3, 'rr\x00', 0x20, 0x0, 0x67}, {@rand_addr=0x64010100, 0x4e24, 0x4, 0x2, 0x49c7, 0x3}}, 0x44)
creat(&(0x7f0000000040)='./file0\x00', 0x4)

04:30:35 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 34)

[ 3279.278494] FAULT_INJECTION: forcing a failure.
[ 3279.278494] name failslab, interval 1, probability 0, space 0, times 0
[ 3279.281097] CPU: 0 PID: 16587 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3279.282656] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3279.284512] Call Trace:
[ 3279.285116]  dump_stack+0x107/0x167
[ 3279.285951]  should_fail.cold+0x5/0xa
[ 3279.286840]  ? create_object.isra.0+0x3a/0xa30
[ 3279.287875]  should_failslab+0x5/0x20
[ 3279.288744]  kmem_cache_alloc+0x5b/0x310
[ 3279.289682]  create_object.isra.0+0x3a/0xa30
[ 3279.290695]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3279.291853]  __kmalloc+0x16e/0x390
[ 3279.292684]  io_wq_create+0xeb/0xc00
[ 3279.293553]  io_uring_alloc_task_context+0x1f1/0x6a0
[ 3279.294719]  ? io_import_iovec+0x1120/0x1120
[ 3279.295718]  ? io_apoll_task_func+0x2d0/0x2d0
[ 3279.296727]  ? __io_req_find_next+0x300/0x300
[ 3279.297734]  ? do_raw_spin_lock+0x121/0x260
[ 3279.298727]  ? rwlock_bug.part.0+0x90/0x90
[ 3279.299697]  __io_uring_add_tctx_node+0x2c6/0x520
[ 3279.300790]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3279.301959]  ? alloc_fd+0x2e7/0x670
[ 3279.302819]  io_uring_setup+0x1fbb/0x2980
[ 3279.303776]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3279.304923]  ? wait_for_completion_io+0x270/0x270
[ 3279.306064]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3279.307266]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3279.308441]  do_syscall_64+0x33/0x40
[ 3279.309292]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3279.310483] RIP: 0033:0x7f3b78954b19
[ 3279.311349] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3279.315527] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3279.317284] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3279.318897] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3279.320523] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3279.322147] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3279.323782] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3279.361100] FAULT_INJECTION: forcing a failure.
[ 3279.361100] name failslab, interval 1, probability 0, space 0, times 0
[ 3279.363821] CPU: 0 PID: 16594 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3279.365410] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3279.367299] Call Trace:
[ 3279.367917]  dump_stack+0x107/0x167
[ 3279.368757]  should_fail.cold+0x5/0xa
[ 3279.369643]  ? create_object.isra.0+0x3a/0xa30
[ 3279.370693]  should_failslab+0x5/0x20
[ 3279.371566]  kmem_cache_alloc+0x5b/0x310
[ 3279.372504]  create_object.isra.0+0x3a/0xa30
[ 3279.373506]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3279.374680]  __kmalloc+0x16e/0x390
[ 3279.375511]  io_wq_create+0xeb/0xc00
[ 3279.376385]  io_uring_alloc_task_context+0x1f1/0x6a0
[ 3279.377535]  ? io_import_iovec+0x1120/0x1120
[ 3279.378557]  ? io_apoll_task_func+0x2d0/0x2d0
[ 3279.379571]  ? __io_req_find_next+0x300/0x300
[ 3279.380581]  ? do_raw_spin_lock+0x121/0x260
[ 3279.381557]  ? rwlock_bug.part.0+0x90/0x90
[ 3279.382561]  __io_uring_add_tctx_node+0x2c6/0x520
[ 3279.383658]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3279.384817]  ? alloc_fd+0x2e7/0x670
[ 3279.385677]  io_uring_setup+0x1fbb/0x2980
[ 3279.386658]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3279.387805]  ? wait_for_completion_io+0x270/0x270
[ 3279.388951]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3279.390157]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3279.391384]  do_syscall_64+0x33/0x40
[ 3279.392259]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3279.393437] RIP: 0033:0x7f4cd02cab19
[ 3279.394302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3279.398353] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3279.400068] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3279.401673] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3279.403282] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3279.404884] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3279.406500] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:30:51 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 35)

04:30:51 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000040)={'bridge_slave_0\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r3 = socket$inet(0x2, 0xa, 0x0)
dup3(r3, r0, 0x0)

04:30:51 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:30:51 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
ioctl$TIOCGPTLCK(r1, 0x80045439, &(0x7f00000000c0))
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r2=>r0, {0x3}}, './file0\x00'})
ioctl$FIONREAD(r2, 0x541b, &(0x7f0000000180))
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r3 = socket$inet(0x2, 0xa, 0x0)
dup3(r3, r0, 0x0)

04:30:51 executing program 0:
perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x9)
sendfile(r1, r0, 0x0, 0x4000007ffffffc)

04:30:51 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 35)

04:30:51 executing program 1:
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000ffff000018000000", @ANYRES32, @ANYBLOB="fdffffff0000000000"])
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x1, 0x0, 0xfffffff9, 0x2, "7700020000000000004b08002600", 0x4, 0x78c})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:30:51 executing program 7:
getitimer(0x1, &(0x7f0000000000))
r0 = syz_io_uring_setup(0x1c29, &(0x7f00000002c0), &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000180)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/tty/ldiscs\x00', 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x6390, &(0x7f00000001c0)={0x0, 0x8efb, 0x4, 0x2, 0x46, 0x0, r3}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000040), &(0x7f0000000140))
r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ea, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
utimes(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080))

[ 3295.823915] FAULT_INJECTION: forcing a failure.
[ 3295.823915] name failslab, interval 1, probability 0, space 0, times 0
[ 3295.826480] CPU: 0 PID: 16612 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3295.827929] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3295.829654] Call Trace:
[ 3295.830216]  dump_stack+0x107/0x167
[ 3295.831001]  should_fail.cold+0x5/0xa
[ 3295.831830]  ? io_wq_create+0x6ef/0xc00
[ 3295.832691]  should_failslab+0x5/0x20
[ 3295.833481]  kmem_cache_alloc_node_trace+0x59/0x340
[ 3295.834555]  io_wq_create+0x6ef/0xc00
[ 3295.835375]  io_uring_alloc_task_context+0x1f1/0x6a0
[ 3295.836435]  ? io_import_iovec+0x1120/0x1120
[ 3295.837375]  ? io_apoll_task_func+0x2d0/0x2d0
[ 3295.838330]  ? __io_req_find_next+0x300/0x300
[ 3295.839114] selinux_netlink_send: 30 callbacks suppressed
[ 3295.839133] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=35144 sclass=netlink_audit_socket pid=16619 comm=syz-executor.0
[ 3295.839271]  ? do_raw_spin_lock+0x121/0x260
[ 3295.839296]  ? rwlock_bug.part.0+0x90/0x90
[ 3295.844755]  __io_uring_add_tctx_node+0x2c6/0x520
[ 3295.845763]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3295.846885]  ? alloc_fd+0x2e7/0x670
[ 3295.846920] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=34247 sclass=netlink_audit_socket pid=16619 comm=syz-executor.0
[ 3295.847683]  io_uring_setup+0x1fbb/0x2980
[ 3295.847727]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3295.851102] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=53893 sclass=netlink_audit_socket pid=16619 comm=syz-executor.0
[ 3295.851143]  ? wait_for_completion_io+0x270/0x270
[ 3295.852857] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=53481 sclass=netlink_audit_socket pid=16619 comm=syz-executor.0
[ 3295.854775]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3295.854800]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3295.854834]  do_syscall_64+0x33/0x40
[ 3295.861189]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3295.862260] RIP: 0033:0x7f3b78954b19
[ 3295.863046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3295.866841] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3295.868463] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3295.869961] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3295.871471] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3295.872960] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3295.874471] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3295.887981] FAULT_INJECTION: forcing a failure.
[ 3295.887981] name failslab, interval 1, probability 0, space 0, times 0
[ 3295.890363] CPU: 0 PID: 16622 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3295.891815] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3295.892935] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=35656 sclass=netlink_audit_socket pid=16619 comm=syz-executor.0
[ 3295.893548] Call Trace:
[ 3295.893575]  dump_stack+0x107/0x167
[ 3295.893606]  should_fail.cold+0x5/0xa
[ 3295.893633]  ? io_wq_create+0x6ef/0xc00
[ 3295.899080]  should_failslab+0x5/0x20
[ 3295.899566] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=16619 comm=syz-executor.0
[ 3295.899875]  kmem_cache_alloc_node_trace+0x59/0x340
[ 3295.899917]  io_wq_create+0x6ef/0xc00
[ 3295.899963]  io_uring_alloc_task_context+0x1f1/0x6a0
[ 3295.905291]  ? io_import_iovec+0x1120/0x1120
[ 3295.906220]  ? io_apoll_task_func+0x2d0/0x2d0
[ 3295.907152]  ? __io_req_find_next+0x300/0x300
[ 3295.908008] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=33608 sclass=netlink_audit_socket pid=16619 comm=syz-executor.0
[ 3295.908105]  ? do_raw_spin_lock+0x121/0x260
[ 3295.911548]  ? rwlock_bug.part.0+0x90/0x90
[ 3295.912293] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=35140 sclass=netlink_audit_socket pid=16619 comm=syz-executor.0
[ 3295.912437]  __io_uring_add_tctx_node+0x2c6/0x520
[ 3295.912466]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3295.917093]  ? alloc_fd+0x2e7/0x670
[ 3295.917889]  io_uring_setup+0x1fbb/0x2980
[ 3295.918780]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3295.919824]  ? wait_for_completion_io+0x270/0x270
[ 3295.920874]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3295.921965]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3295.923049]  do_syscall_64+0x33/0x40
[ 3295.923831]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3295.924896] RIP: 0033:0x7f4cd02cab19
[ 3295.925691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3295.929517] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3295.931110] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3295.932581] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3295.934055] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3295.935549] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3295.937019] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3295.963248] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=16619 comm=syz-executor.0
[ 3295.966038] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=21 sclass=netlink_audit_socket pid=16619 comm=syz-executor.0
04:30:52 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
ioctl$TIOCGPTLCK(r1, 0x80045439, &(0x7f00000000c0))
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r2=>r0, {0x3}}, './file0\x00'})
ioctl$FIONREAD(r2, 0x541b, &(0x7f0000000180))
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
dup3(0xffffffffffffffff, r0, 0x0)

04:30:52 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 36)

04:30:52 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 36)

04:30:52 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)
r2 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r2, 0x13, &(0x7f0000000100)=[r3, r3], 0x2)
ioctl$TUNSETQUEUE(r3, 0x400454d9, &(0x7f0000000040)={'bond_slave_0\x00'})

04:30:52 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$VT_DISALLOCATE(0xffffffffffffffff, 0x5608)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

[ 3296.154829] FAULT_INJECTION: forcing a failure.
[ 3296.154829] name failslab, interval 1, probability 0, space 0, times 0
[ 3296.157384] CPU: 1 PID: 16631 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3296.158868] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3296.160618] Call Trace:
[ 3296.161185]  dump_stack+0x107/0x167
[ 3296.161963]  should_fail.cold+0x5/0xa
[ 3296.162791]  ? io_wq_create+0x6ef/0xc00
[ 3296.163646]  should_failslab+0x5/0x20
[ 3296.164457]  kmem_cache_alloc_node_trace+0x59/0x340
[ 3296.165526]  io_wq_create+0x6ef/0xc00
[ 3296.166349]  io_uring_alloc_task_context+0x1f1/0x6a0
[ 3296.167427]  ? io_import_iovec+0x1120/0x1120
[ 3296.168358]  ? io_apoll_task_func+0x2d0/0x2d0
[ 3296.169312]  ? __io_req_find_next+0x300/0x300
[ 3296.170259]  ? do_raw_spin_lock+0x121/0x260
[ 3296.171183]  ? rwlock_bug.part.0+0x90/0x90
[ 3296.172091]  __io_uring_add_tctx_node+0x2c6/0x520
[ 3296.173114]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3296.174227]  ? alloc_fd+0x2e7/0x670
[ 3296.175030]  io_uring_setup+0x1fbb/0x2980
[ 3296.175924]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3296.177001]  ? wait_for_completion_io+0x270/0x270
[ 3296.178051]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3296.179185]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3296.180279]  do_syscall_64+0x33/0x40
[ 3296.181078]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3296.182164] RIP: 0033:0x7f3b78954b19
[ 3296.182963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3296.186850] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3296.188458] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3296.189974] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3296.191486] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3296.192995] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3296.194513] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3296.216348] FAULT_INJECTION: forcing a failure.
[ 3296.216348] name failslab, interval 1, probability 0, space 0, times 0
[ 3296.219299] CPU: 1 PID: 16637 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3296.220786] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3296.222546] Call Trace:
[ 3296.223106]  dump_stack+0x107/0x167
[ 3296.223888]  should_fail.cold+0x5/0xa
[ 3296.224698]  ? create_object.isra.0+0x3a/0xa30
[ 3296.225664]  should_failslab+0x5/0x20
[ 3296.226480]  kmem_cache_alloc+0x5b/0x310
[ 3296.227337]  ? io_wq_create+0x114/0xc00
[ 3296.228187]  create_object.isra.0+0x3a/0xa30
[ 3296.229114]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3296.230199]  kmem_cache_alloc_node_trace+0x16d/0x340
[ 3296.231293]  io_wq_create+0x6ef/0xc00
[ 3296.232119]  io_uring_alloc_task_context+0x1f1/0x6a0
[ 3296.233186]  ? io_import_iovec+0x1120/0x1120
[ 3296.234129]  ? io_apoll_task_func+0x2d0/0x2d0
[ 3296.235093]  ? __io_req_find_next+0x300/0x300
[ 3296.236046]  ? do_raw_spin_lock+0x121/0x260
[ 3296.236964]  ? rwlock_bug.part.0+0x90/0x90
[ 3296.237875]  __io_uring_add_tctx_node+0x2c6/0x520
[ 3296.238916]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3296.240017]  ? alloc_fd+0x2e7/0x670
[ 3296.240798]  io_uring_setup+0x1fbb/0x2980
[ 3296.241686]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3296.242767]  ? wait_for_completion_io+0x270/0x270
[ 3296.243816]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3296.244923]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3296.246019]  do_syscall_64+0x33/0x40
[ 3296.246819]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3296.247906] RIP: 0033:0x7f4cd02cab19
[ 3296.248695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3296.252580] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3296.254194] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3296.255711] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3296.257226] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3296.258748] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3296.260263] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:31:07 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 37)

[ 3311.101726] FAULT_INJECTION: forcing a failure.
[ 3311.101726] name failslab, interval 1, probability 0, space 0, times 0
[ 3311.103190] CPU: 1 PID: 16654 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3311.104069] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3311.105100] Call Trace:
[ 3311.105436]  dump_stack+0x107/0x167
[ 3311.105887]  should_fail.cold+0x5/0xa
[ 3311.106370]  ? __io_uring_add_tctx_node+0x15c/0x520
[ 3311.107005]  should_failslab+0x5/0x20
[ 3311.107481]  kmem_cache_alloc_trace+0x55/0x320
[ 3311.108048]  __io_uring_add_tctx_node+0x15c/0x520
[ 3311.108637]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3311.109285]  ? alloc_fd+0x2e7/0x670
[ 3311.109743]  io_uring_setup+0x1fbb/0x2980
[ 3311.110262]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3311.110903]  ? wait_for_completion_io+0x270/0x270
[ 3311.111516]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3311.112167]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3311.112809]  do_syscall_64+0x33/0x40
[ 3311.113269]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3311.113901] RIP: 0033:0x7f3b78954b19
[ 3311.114362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3311.116637] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3311.117561] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3311.118435] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3311.119314] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3311.120425] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3311.121289] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:31:07 executing program 7:
mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f0000ffc000/0x4000)=nil)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x0, &(0x7f0000000080)=0x90, 0x4)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1)
mlock2(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0xad, @empty, 0x80000000}, 0x1c)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
mlock2(&(0x7f0000731000/0x3000)=nil, 0x3000, 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)

04:31:07 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
ioctl$TIOCGPTLCK(r1, 0x80045439, &(0x7f00000000c0))
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r2=>r0, {0x3}}, './file0\x00'})
ioctl$FIONREAD(r2, 0x541b, &(0x7f0000000180))
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
dup3(0xffffffffffffffff, r0, 0x0)

04:31:07 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x6cb2b12f, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600", 0x0, 0xfffffffd})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
r2 = dup2(r1, r1)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @multicast1}, 0x10)
dup3(r1, r0, 0x0)

04:31:07 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 37)

04:31:07 executing program 0:
prctl$PR_SET_IO_FLUSHER(0x39, 0x1)
r0 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r0, 0x13, &(0x7f0000000100)=[r1, r1], 0x2)
close_range(r0, r0, 0x0)
syz_io_uring_setup(0x2f4c, &(0x7f0000000000)={0x0, 0xc0ce, 0x0, 0x3, 0x1e5, 0x0, r0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000080), &(0x7f00000000c0))
syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000180), &(0x7f00000001c0))

04:31:07 executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:31:07 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x2, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

[ 3311.137077] FAULT_INJECTION: forcing a failure.
[ 3311.137077] name failslab, interval 1, probability 0, space 0, times 0
[ 3311.138526] CPU: 1 PID: 16656 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3311.139416] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3311.140449] Call Trace:
[ 3311.140784]  dump_stack+0x107/0x167
[ 3311.141231]  should_fail.cold+0x5/0xa
[ 3311.141705]  ? __io_uring_add_tctx_node+0x15c/0x520
[ 3311.142331]  should_failslab+0x5/0x20
[ 3311.142838]  kmem_cache_alloc_trace+0x55/0x320
[ 3311.143425]  __io_uring_add_tctx_node+0x15c/0x520
[ 3311.144024]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3311.144674]  ? alloc_fd+0x2e7/0x670
[ 3311.145132]  io_uring_setup+0x1fbb/0x2980
[ 3311.145650]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3311.146268]  ? wait_for_completion_io+0x270/0x270
[ 3311.146903]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3311.147564]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3311.148189]  do_syscall_64+0x33/0x40
[ 3311.148643]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3311.149266] RIP: 0033:0x7f4cd02cab19
[ 3311.149726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3311.151975] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3311.152896] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3311.153752] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3311.154632] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3311.155491] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3311.156362] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:31:07 executing program 7:
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x401, 0x9, &(0x7f00000008c0)=[{&(0x7f0000000300)="d4f531e7f2ab258eac4d6db00c01606597dd6d9fb0", 0x15, 0x10001}, {&(0x7f0000000340)="7114c2ad498ca2089dc3eb9285df6971ce1fe5e998257935581b6af90784855c0fe6436675d5bf9b8acc48dd61d465e4b534f6e3b4049cce5051f130c9de4c44fed30b18b066456dc0fa9a846123e8c75b45b42cb0151733da8446f9a7d75d9474260f75b66d0f0d88aeec16c3675d9263f1695f3af067aab8881d9153bfc5aa28", 0x81, 0x7ff}, {&(0x7f0000000400)="a8a9b67555119ccc73f6b9cd3c601fe7e3c5d3ce3590e204faaf6679a1a49983727766bb97dcdf406fa104f38f274e91323cc78afa9052b8ffb3770a9d43f4677e40a78520096f73404a2f39aa5ce7c4bd247b3f1d4e586b2c9094a301d3aeb0123676d6407bb493ced9c1ded57ccd0bf5db408a7d56f2152990b78aba83ffd8bb0c0eb5375ed9b7e478a6d96c333d8c68e51d49c18fc9de7f3ddf68e6a18865a24156a1f28b97f501dbf038d240f4533d2f0ccdca7e6da8845d4667bd555cb5097a72fdd999bc1123f47ca49025c98f464337a085e3248a798184254b", 0xdd, 0x4}, {&(0x7f0000000500)="7d3f3ee788d677f12ab759b91706b02f975c1a26cd43c754639e7e10ec441ea689722f955e826d91ca629e991ba1b8f4a6e4d6bdc55215329250", 0x3a, 0x8}, {&(0x7f0000000540)="62699eaec97733", 0x7, 0x400}, {&(0x7f0000000580)="05bac11c8c00a4688c17b0d232330f9be1cf11fd940340f177efbc218c24d341a04d95e59932c2af717e57aa75c084af2cb29460c7fead37713c9ab57d06f2d638e99bec4d13a398d25283d7a33b5f9fb6422052ca3439b1a1521022755a82961f4206391d9f610ed250c8717cfcc1a764e5511bd988d49c66c6a21ac392d52875a16bea32c3e2e3f7cea1a0aadf19ce2be30585f1fdf6f71b13ed840b52c67e4aad7ebf6d811fac2ee8b521cc22a0125403097411a6fd5aa3eb11226b302e978c25824dfeac378cb484a19679db1513", 0xd0, 0x8}, {&(0x7f0000000680)="22b3f07040b6236bea88463bad0ee9b2ff8a5d381d7cc4a1bc022a8aea75682d656cd500750ea7a0577b88781364368640d929a162d815f26e34f62320577d684e2014344225f1f8bac497eb17e04cc8bbf1559865d80279e4dd6dc08b9f676e22cf59", 0x63}, {&(0x7f0000000700)="31ad44c640a051d0f5af111b389dceb678583df141a2cbe66484c09f2e36eff16e41d4cad5d17da608d050c9fa7a8c05928250695649bdf6970dececbb1910ffcf12e1af7c89a74a16d8d9919ad250dc096f45ac10985fb103c47ce1355d6fc1400c963c7bb77af6f3cefa93c08a24580292f66546ed52eabb519a3f16e32fdc328247547a8c9fe3088e52790c23b92e8127", 0x92}, {&(0x7f00000007c0)="a346a69481f6146e51e904b97f69f9eab3b3fc04a69a692f2ab379d7c81aa37b551d4a85e08da40c6e9bb3fd0b9539ac1e4824df9663114f8b56603e999340a81308ad4e895bc366e8abe006cd31017960cc7b6be95af56d8471162a598a70391ecda95dba9b3213a1d1f9bfdc4bbf315e404b577e30df76bbf9921a061c0b5da6f709a3887795e53e95a92ee29736b6f3aeca18be036cd6d80ac6496c622a5d749c3c1bd99b781c832c06bb3c4d4183ac716b46c29430d9e05cb3fbe4e5cb55df83700b3a78f6bd5850a96bb134db68", 0xd0, 0x2a2d}], 0x40400, &(0x7f00000009c0)={[{@shortname_lower}, {@fat=@codepage={'codepage', 0x3d, '1255'}}, {@utf8}, {@utf8}, {@utf8no}, {@shortname_lower}], [{@fowner_lt={'fowner<', 0xee01}}, {@context={'context', 0x3d, 'root'}}, {@subj_user={'subj_user', 0x3d, 'vfat\x00'}}, {@subj_user={'subj_user', 0x3d, '\\{v$'}}, {@seclabel}, {@mask={'mask', 0x3d, '^MAY_APPEND'}}]})
perf_event_open(&(0x7f00000001c0)={0x6, 0x80, 0x0, 0x80, 0xfa, 0x1f, 0x0, 0x6, 0x82008, 0xa, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1d7, 0x4, @perf_bp={&(0x7f0000000100), 0x7}, 0x1000, 0x7ff, 0x1, 0x1, 0x4, 0x7f, 0x40, 0x0, 0x4, 0x0, 0xbed}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xd)
r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x2010, 0xffffffffffffffff, 0x0)
fcntl$setsig(0xffffffffffffffff, 0xa, 0x29)
fsetxattr$trusted_overlay_upper(0xffffffffffffffff, &(0x7f0000000b40), &(0x7f0000000b80)={0x0, 0xfb, 0xfe, 0x5, 0x20, "ef9a5d12809943adb1fc459039292356", "a4179fbe38cb20420f3ee6cf094b3cb4bcadc8ea7db22b22d4d0c9fe12fa052e56e694f0ac9bb4a1fcf19dde9820da9e1a78f37da82afd2606ede72a6006efc9eeca8f6873e65f358cfacc7c7beb7bf7b50633d20c9ac09898334c8af4f6d4524800f0598c54b445d4943e375cc3d98a99883868132531ff567256ca7620deb8a65ce92eae7d8fde2adfbb961d7205e885f4b185725f3efd8fe0af7b44ca3a3a1e67007f4632715f82c8557ee69961a89f86980e5ff18285c6efbc8a15fb35256cf974000fd2d1bbebf6659f9ddf8282f8f1067b1778d0b6f79bacf43be6cd533ce104603985b55fb2"}, 0xfe, 0x2)
write$binfmt_elf64(r0, &(0x7f0000000300)=ANY=[], 0x278)
perf_event_open(&(0x7f0000000ac0)={0x5, 0x80, 0x3, 0x20, 0x3f, 0x7, 0x0, 0x1, 0x0, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x77d7, 0x0, @perf_bp={&(0x7f0000000a80), 0xc}, 0x8, 0x7, 0x5, 0x4, 0x6, 0x0, 0xc145, 0x0, 0x260, 0x0, 0x3}, 0x0, 0xf, r0, 0x1b)
sendfile(r0, r1, 0x0, 0x100000001)

04:31:07 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 38)

04:31:07 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 38)

04:31:07 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x80)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
socket$inet(0x2, 0xa, 0x0)
syz_open_dev$ttys(0xc, 0x2, 0x0)
r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x13, &(0x7f0000000100)=[r1, r1], 0x2)
ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000280)={0x1, 0x5, [@dev={'\xaa\xaa\xaa\xaa\xaa', 0x39}, @link_local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x43}, @random="26e5168c0315", @random="73046546cb1d"]})
r2 = creat(&(0x7f0000000080)='./file0\x00', 0x1)
epoll_create(0x7622)
r3 = io_uring_setup(0x2501, &(0x7f0000000200)={0x0, 0x0, 0x2})
r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r4, 0x40286608, &(0x7f0000000180)={0x200, 0x3, 0x5, 0x7ff, 0x2, 0x100})
io_uring_register$IORING_REGISTER_FILES(r3, 0x13, &(0x7f0000000100)=[r4, r4], 0x2)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc018937e, &(0x7f0000000140)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="01000000200000002e2f66030000208a"])
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
dup3(r5, r3, 0x0)
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r4, 0x40089413, &(0x7f00000000c0)=0x6f7)

04:31:07 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
ioctl$TIOCGPTLCK(r1, 0x80045439, &(0x7f00000000c0))
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r2=>r0, {0x3}}, './file0\x00'})
ioctl$FIONREAD(r2, 0x541b, &(0x7f0000000180))
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
dup3(0xffffffffffffffff, r0, 0x0)

[ 3311.281554] FAULT_INJECTION: forcing a failure.
[ 3311.281554] name failslab, interval 1, probability 0, space 0, times 0
[ 3311.282944] CPU: 1 PID: 16679 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3311.283731] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3311.284675] Call Trace:
[ 3311.284982]  dump_stack+0x107/0x167
[ 3311.285406]  should_fail.cold+0x5/0xa
[ 3311.285843]  ? create_object.isra.0+0x3a/0xa30
[ 3311.286364]  should_failslab+0x5/0x20
[ 3311.286819]  kmem_cache_alloc+0x5b/0x310
[ 3311.287284]  create_object.isra.0+0x3a/0xa30
[ 3311.287790]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3311.288366]  kmem_cache_alloc_trace+0x151/0x320
[ 3311.288898]  __io_uring_add_tctx_node+0x15c/0x520
[ 3311.289448]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3311.290049]  ? alloc_fd+0x2e7/0x670
[ 3311.290471]  io_uring_setup+0x1fbb/0x2980
[ 3311.290963]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3311.291537]  ? wait_for_completion_io+0x270/0x270
[ 3311.292116]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3311.292712]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3311.293298]  do_syscall_64+0x33/0x40
[ 3311.293722]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3311.294301] RIP: 0033:0x7f3b78954b19
[ 3311.294748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3311.296846] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3311.297742] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3311.298567] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3311.299380] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3311.299692] FAULT_INJECTION: forcing a failure.
[ 3311.299692] name failslab, interval 1, probability 0, space 0, times 0
[ 3311.300193] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3311.300201] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3311.304739] CPU: 0 PID: 16682 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3311.305933] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3311.307367] Call Trace:
[ 3311.307833]  dump_stack+0x107/0x167
[ 3311.308473]  should_fail.cold+0x5/0xa
[ 3311.309134]  ? create_object.isra.0+0x3a/0xa30
[ 3311.309928]  should_failslab+0x5/0x20
[ 3311.310602]  kmem_cache_alloc+0x5b/0x310
[ 3311.311331]  create_object.isra.0+0x3a/0xa30
[ 3311.312109]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3311.313012]  kmem_cache_alloc_trace+0x151/0x320
[ 3311.313834]  __io_uring_add_tctx_node+0x15c/0x520
[ 3311.314685]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3311.315590]  ? alloc_fd+0x2e7/0x670
[ 3311.316241]  io_uring_setup+0x1fbb/0x2980
[ 3311.316976]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3311.317853]  ? wait_for_completion_io+0x270/0x270
[ 3311.318734]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3311.319645]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3311.320545]  do_syscall_64+0x33/0x40
[ 3311.321197]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3311.322087] RIP: 0033:0x7f4cd02cab19
04:31:07 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x3, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:31:07 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = syz_open_dev$vcsu(&(0x7f0000000080), 0x1000, 0x101002)
r2 = syz_open_dev$vcsn(&(0x7f00000000c0), 0x8, 0x0)
r3 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r3, 0x13, &(0x7f0000000100)=[r4, r4], 0x2)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000000200))
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000040)={'veth1_to_bond\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r5 = socket$inet(0x2, 0xa, 0x0)
dup3(r5, r0, 0x0)

[ 3311.322753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3311.326110] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3311.327440] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3311.328659] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3311.329875] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3311.331116] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3311.332355] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:31:07 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x20}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f00000000c0)=ANY=[@ANYRESOCT=r3, @ANYRESOCT=r3, @ANYRES64, @ANYRESHEX, @ANYRESDEC=r2, @ANYRES64])
ioctl$PERF_EVENT_IOC_RESET(0xffffffffffffffff, 0x2403, 0xffffffff)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
perf_event_open(&(0x7f0000000500)={0x3, 0x80, 0x4, 0x3, 0x64, 0x4, 0x0, 0x1000000006, 0x800, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x8003, 0x4, @perf_bp={&(0x7f0000000440), 0x3}, 0x0, 0x3ff, 0x6, 0x0, 0xffffffffffffffff, 0x2, 0xfffb, 0x0, 0xfffffff9, 0x0, 0x100000000}, 0x0, 0xd, 0xffffffffffffffff, 0x1)
mmap(&(0x7f0000ff7000/0x9000)=nil, 0x9000, 0x2000002, 0x10, 0xffffffffffffffff, 0x3f93c000)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x3, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1, {0x2}}, 0x800)
perf_event_open(&(0x7f0000000300)={0x0, 0x80, 0x7, 0x1, 0x0, 0x1, 0x0, 0x4, 0x43409, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x2, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, @perf_config_ext={0x3, 0x101}, 0x4200, 0x6e1, 0xe8d, 0x6, 0x80000000, 0x1, 0x8, 0x0, 0x3, 0x0, 0x7fff}, 0x0, 0x7, r0, 0x8)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r4, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000b40)="8726726db2e268aef6af859b15b8914ff16bfc724208dd1c0ce506142429e8f35a7a671cea284e02f560bfa6c125df683e55dd59b87d1fa1c60c8d2c50f817b58208513c2418adb046189a22d2982cb09aa64290d5ab3a624ea53b331ae0e1159dc183d83cb1813e1fa15095a62055ce6e4f1750bf73b83284aef07b7b8f2ef533ebac442416ff5a8682c723c2df8836bc51c149178495ca8e470293bd0fc8910f1dff155a7e5dc77b2d736019b783a6b5f435d6080bc21a036717f0f8a7013153a6b39b722534770980ac587f8c9988ad76a72210c9ca8ef31cbc13dacc2ebce58c405f45a450cfa314542e3a7e92c1b0fd86e033455212309ca32b3acff0a2aafb02003d841be66574734225f552e1e1a7a3b1f7d805499afab1c13eb8eea5a00494d305326b87fa8975f58b7d097ca60b94255568613061df0b87ff1cf5f77e382506458c0a257443516065f109ddc815bcc166847d9f432046e2482a28f691cf1d278e25cfa83fc73072d6db64a52d488a471d5df362a6068c9f0cf92f9926334b2b8e8c39bc7cb8516af8d22e2dfaa6d963a0d2e708bae7276bc3e89039c1deacdbf53353adb6a93545bf76bb3dc0d2d3d0842c087199f1cb6b53be52bfd5c21d1bcd95f71ccad654131739dadbc7eac5fb157f865625a6ab68453314ae8067b977de27558e57550025038d95c6c5d662e12b28928650412964fe4d6ff5b0f1a950a5c58bb8d292d6081af59967b2f516450bb12592194b9a1b02a251dc91ea0e96dbcdc1ab8345ab50294e4f169904a1e595c07c946c72600056766a01cd7d94d5f1c6323ca416a478f76ba980f89235fc821eac00d3ebfe1f9fea0091033b836fa4cf33744ec9bb5c9bda791a618d415f2f6b41dc8e45db559cbecebe209465756f6b5fe9c365ad4ec5ec616eee048c03a9ae2dffc909e4a2630f88b0364ce2fe7c4d822d20540af904f0982adf036e82873096a253f2dd4f26a18c58fe43ab0f82056b2812ea86718ba98cc10fed13dc8e86c77ccbba51d0a3452f0ec7732eea1115d90cd8edca6d48cd6ad1ff41b0d0fb73f1e3d55ae8be34cc1fa5e3c4ecbd6089ef0db3c3a2421c82f425eae5c8b15b67e08e20ea82cfaf1c26ec0d6691886b3f282e12c5a319a89b2bff52390c1e5fa55bb5c84058851c570b35a3d964e689e6901fa8c0a19a7ee9381bfe545dc81a44d963d84841df48e70d537bfa9373809d041275462e2314f1cce138a7ec7b47aa18cd6eff8af9148a7f191ff66146919af33b65033b67d2a53b74c9b4babbded09cc1c8ceedac6abae3e0a6140ad190b3d3a2431b694a946ced51c6f20e4983f9edc64d673752232ce62af9fc2afda756d8d5698465b32a8a46b9a1898bc86c7568122f9f8a936abb42b2f45a19a269c84344341d244aa2d2732ab4a0d7cebcf81d93f3ff588d56d8072bb0ac1ca5044f21a88d0b9fa834f009df", 0x410}], 0x3}, 0x0, 0x4008000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0)
msync(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2)
r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1, {0x0, r6}}, 0x0)
syz_io_uring_submit(r2, 0x0, &(0x7f0000000380)=@IORING_OP_FADVISE={0x18, 0x4, 0x0, @fd_index=0x5, 0x5, 0x0, 0x1, 0x0, 0x0, {0x0, r6}}, 0x0)
syz_io_uring_submit(r5, r3, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
openat$zero(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0)

[ 3311.340372] loop7: detected capacity change from 0 to 41948160
04:31:07 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 39)

04:31:07 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 39)

04:31:07 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
ioctl$TIOCGPTLCK(r1, 0x80045439, &(0x7f00000000c0))
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r2=>r0, {0x3}}, './file0\x00'})
ioctl$FIONREAD(r2, 0x541b, &(0x7f0000000180))
r3 = socket$inet(0x2, 0xa, 0x0)
dup3(r3, r0, 0x0)

04:31:07 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
r1 = accept4(0xffffffffffffffff, &(0x7f0000000040)=@x25={0x9, @remote}, &(0x7f00000000c0)=0x80, 0x80000)
dup3(r0, r1, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r2 = socket$inet(0x2, 0xa, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/bus/serio', 0x600, 0x10c)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000200)={{{@in=@broadcast, @in=@private, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6=@dev}, 0x0, @in=@dev}}, &(0x7f0000000140)=0xe8)
ioctl$TUNSETOWNER(r3, 0x400454cc, r4)
dup3(r2, r0, 0x0)

[ 3311.456339] FAULT_INJECTION: forcing a failure.
[ 3311.456339] name failslab, interval 1, probability 0, space 0, times 0
[ 3311.457954] CPU: 1 PID: 16702 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3311.458772] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3311.459704] Call Trace:
[ 3311.460009]  dump_stack+0x107/0x167
[ 3311.460422]  should_fail.cold+0x5/0xa
[ 3311.460865]  ? xas_alloc+0x336/0x440
[ 3311.461304]  should_failslab+0x5/0x20
[ 3311.461743]  kmem_cache_alloc+0x5b/0x310
[ 3311.462213]  ? stack_trace_consume_entry+0x160/0x160
[ 3311.462817]  xas_alloc+0x336/0x440
[ 3311.463232]  xas_create+0x34a/0x10d0
[ 3311.463671]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3311.464274]  xas_store+0x8c/0x1c40
[ 3311.464697]  __xa_store+0x164/0x2d0
[ 3311.465116]  ? xa_delete_node+0x280/0x280
[ 3311.465597]  ? trace_hardirqs_on+0x5b/0x180
[ 3311.466092]  xa_store+0x31/0x50
[ 3311.466476]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3311.467049]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3311.467661]  ? alloc_fd+0x2e7/0x670
[ 3311.468091]  io_uring_setup+0x1fbb/0x2980
[ 3311.468579]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3311.469174]  ? wait_for_completion_io+0x270/0x270
[ 3311.469746]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3311.470350]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3311.470966]  do_syscall_64+0x33/0x40
[ 3311.471400]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3311.471989] RIP: 0033:0x7f3b78954b19
[ 3311.472416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3311.474541] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3311.475431] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3311.476262] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3311.477108] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3311.477922] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3311.478747] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3311.493764] FAULT_INJECTION: forcing a failure.
[ 3311.493764] name failslab, interval 1, probability 0, space 0, times 0
[ 3311.495120] CPU: 1 PID: 16703 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3311.495919] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3311.496859] Call Trace:
[ 3311.497159]  dump_stack+0x107/0x167
[ 3311.497580]  should_fail.cold+0x5/0xa
[ 3311.498016]  ? xas_alloc+0x336/0x440
[ 3311.498438]  should_failslab+0x5/0x20
[ 3311.498905]  kmem_cache_alloc+0x5b/0x310
[ 3311.499381]  ? stack_trace_consume_entry+0x160/0x160
[ 3311.499966]  xas_alloc+0x336/0x440
[ 3311.500379]  xas_create+0x34a/0x10d0
[ 3311.500819]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3311.501428]  xas_store+0x8c/0x1c40
[ 3311.501841]  __xa_store+0x164/0x2d0
[ 3311.502261]  ? xa_delete_node+0x280/0x280
[ 3311.502760]  ? trace_hardirqs_on+0x5b/0x180
[ 3311.503266]  xa_store+0x31/0x50
[ 3311.503653]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3311.504208]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3311.504808]  ? alloc_fd+0x2e7/0x670
[ 3311.505229]  io_uring_setup+0x1fbb/0x2980
[ 3311.505708]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3311.506284]  ? wait_for_completion_io+0x270/0x270
[ 3311.506860]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3311.507470]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3311.508054]  do_syscall_64+0x33/0x40
[ 3311.508482]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3311.509063] RIP: 0033:0x7f4cd02cab19
[ 3311.509484] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3311.511597] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3311.512457] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3311.513272] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3311.514077] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3311.514902] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3311.515715] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:31:21 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
ioctl$TIOCGPTLCK(r1, 0x80045439, &(0x7f00000000c0))
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r2=>r0, {0x3}}, './file0\x00'})
ioctl$FIONREAD(r2, 0x541b, &(0x7f0000000180))
r3 = socket$inet(0x2, 0xa, 0x0)
dup3(r3, r0, 0x0)

04:31:21 executing program 7:
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x0, 0x21}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r4, 0x13, &(0x7f0000000100)=[r5, r5], 0x2)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r5, &(0x7f0000000200), 0x0, 0x0, 0x80000}, 0x7f)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0, 0x20000000}, 0x0)
r6 = socket(0x23, 0x2, 0x0)
accept(r6, &(0x7f0000000080)=@nfc_llcp, &(0x7f0000000100)=0x80)
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)

04:31:21 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {<r1=>r0}}, './file0\x00'})
r2 = socket$inet(0x2, 0xa, 0x0)
dup3(r2, r0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r1, 0xc0189371, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff}, './file0\x00'})
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'veth0_macvtap\x00'})

04:31:21 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 40)

04:31:21 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 40)

04:31:21 executing program 0:
r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
pipe2(&(0x7f0000000040)={<r3=>0xffffffffffffffff}, 0x0)
r4 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
recvmmsg$unix(r3, &(0x7f0000004ec0)=[{{&(0x7f0000001900)=@abs, 0x6e, &(0x7f0000000180)=[{&(0x7f0000001980)=""/88, 0x58}, {&(0x7f0000001a00)=""/195, 0xc3}, {&(0x7f0000001b00)=""/209, 0xd1}, {&(0x7f0000001c00)=""/212, 0xd4}], 0x4}}, {{&(0x7f0000001d00), 0x6e, &(0x7f0000001f80)=[{&(0x7f0000001d80)=""/243, 0xf3}, {&(0x7f0000001e80)=""/124, 0x7c}, {&(0x7f0000001f00)=""/102, 0x66}], 0x3, &(0x7f0000001fc0)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x58}}, {{&(0x7f0000002040), 0x6e, &(0x7f00000035c0)=[{&(0x7f00000020c0)=""/93, 0x5d}, {&(0x7f0000002140)=""/92, 0x5c}, {&(0x7f00000021c0)=""/102, 0x66}, {&(0x7f0000002240)=""/94, 0x5e}, {&(0x7f00000022c0)=""/194, 0xc2}, {&(0x7f00000023c0)=""/4096, 0x1000}, {&(0x7f00000033c0)=""/59, 0x3b}, {&(0x7f0000003400)=""/126, 0x7e}, {&(0x7f0000003480)=""/151, 0x97}, {&(0x7f0000003540)=""/78, 0x4e}], 0xa, &(0x7f0000003680)=[@cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x40}}, {{&(0x7f00000036c0), 0x6e, &(0x7f0000003740), 0x0, &(0x7f0000003780)=[@cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x70}}, {{&(0x7f0000003800), 0x6e, &(0x7f0000003a80)=[{&(0x7f0000003880)=""/228, 0xe4}, {&(0x7f0000003980)=""/193, 0xc1}], 0x2, &(0x7f0000003ac0)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x20}}, {{&(0x7f0000003b00)=@abs, 0x6e, &(0x7f0000004dc0)=[{&(0x7f0000003b80)=""/16, 0x10}, {&(0x7f0000003bc0)=""/22, 0x16}, {&(0x7f0000003c00)=""/4096, 0x1000}, {&(0x7f0000004c00)=""/57, 0x39}, {&(0x7f0000004c40)=""/91, 0x5b}, {&(0x7f0000004cc0)=""/41, 0x29}, {&(0x7f0000004d00)=""/61, 0x3d}, {&(0x7f0000004d40)=""/119, 0x77}], 0x8, &(0x7f0000004e40)=[@rights={{0x28, 0x1, 0x1, [<r5=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x48}}], 0x6, 0x12062, &(0x7f0000005040))
renameat(r5, &(0x7f0000005080)='./file0\x00', r4, &(0x7f00000050c0)='./file0/file0\x00')
openat2$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280)={0xa000, 0x10, 0xd}, 0x18)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000400)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
r7 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x200000c, 0x10, r4, 0x8000000)
r8 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r9 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r8, 0x13, &(0x7f0000000100)=[r9, r9], 0x2)
syz_io_uring_submit(r7, r2, &(0x7f00000018c0)=@IORING_OP_SENDMSG={0x9, 0x3, 0x0, r9, 0x0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001780)=[{&(0x7f0000000480)="a423c86246794d2f06f5c9af670f8138ab369b8c3f6780428ff1d358ec1e183c0322e1734916803b38ec86b4647a695db0124800d2214952b871317b543315b9cf6344de3c9ab07fb788c419f205fdb0b3c6b0c6d39e0c4e81a1357686af2ba6694dcfb62b03212a25f0fd802723fd1aa75a671800cea4f0d07719acd9ffeb4615fdc89a28a6045b57098f43a2f16f1f05db40935eb6fad52228f0c7222126c527c9bbfacb5090e5f5688bd67b4d9d6bcf3903c68730df998a5103227f5d", 0xbe}, {&(0x7f0000000540)="c324808763235b8c9e0d040a2cf58c4dc056800b0e5aa532bc16461086946a453a5541a704038933c912e652bf8719c45f5930843102ce31edb2cfb3d2a8d3fafd517e6ca203d8972fa827779945e1ccbce1ad26ae9e5e3f9aab43b14a00c3253a04f5f66bd90a17bbe9c8c302ce432bdfd5c2390a52d3fb637c7e4e9ed2d620e45dd97f8d7244811437c7aac2044628a3325144984dfd3ad80d480f612f3de5ee124ae28a8f195dee9aea3fbe5418438b44a888f674", 0xb6}, {&(0x7f0000000600)="66658929920f03b4378c5828ad17ece75c9ca6dcc2b325c36615ab2df070d58b41c670996e3d875a72285789ca543dbcf8ea7b45acaa7dc043efa1dbd270ba5ff249339264d86ff840fe9533b32835510877b0ca13a108e06ae7a7ae115ebe9dfbace9688f6d30f0466999c7277b620ff7b0d7684d7e4f0d93a69e45c4ea149661b8ba78d98e0e65017a983ed466b80796e1d05f06b275b67a87fb9baee8c91faf9f7864817f5869198302d6a325e9ee8f93d4e8e0d7c554dfa9335c0c23e1a1229530c10a8b258034612b978447ce1bf09826a5634209ae77600fc4577d981202290c4c81a86af00579ca91c853f204877558909adb74817a52b263cd1e0b3047860958fb583b24ff8dbe0932ad4cf6a5cbdff28742224bb50aaea17b66891e62b0cfbc95911669a1a3af5caca8f899a534cc6d492203382046c664d74cf573337f9aa7ec16f84d776ff2c205f860b8df1a6d31ad0c32d71140cc3a24849f4efde1779b11289ed07a938eac0968684de19d9e598794487184a420949c4aa453d71ad2fe2e75480a085ff72e2ab952a06ddd0557e3a9c8122c89ab77d85eb8bc29153f74c2bc75993601eb1ef63b86d723b9cb6df1ce3faee925915c7cd5e200359f1a685326111a9686ad36e640ecf3877454b8dbceea7fb1b9922d66b63481eba36acf795e405a2de302129deeac413979c2512e4d654b9e2c2769f007ed9d4739bf5954bf15797671bd8b6ee4daf4f90b89d89b263710e7389811dc2d10c974f369b1c9a8278025349820e6fd7ac0e50d73d402be3449bbe63bfd59e78005e2b495fcab2f10168303d0567e343a905e723deec030a23cf5ff65672275e8c71d6943ff41b0c16a6369697a52116bfbeaa4bd394f37eb05e626c07e1ddef3a91451360c970fefbb9adc2deae8da069c3d525f7fa9ab358bf9a93ac99ee51844e9a06f693053a20911c2bc5f9f0db0c034dae05216ca9ddf81deaffc7db5d981840d215adb21bf861883ecb9d7dfe4d9b10d0868e7a233a5c134cc7220fbd64eab41ec2e47ea34ecfa49f866941ebdca63bc027081ef14bae1287fb1fa670d5be0b1de44d186b77ecfa003ca8fdaf67c311b229f301914f522a9cecaaf4f85fc892acc9463c0a76c7213cf1d58ab4900619b99cdf4d2569fe034f9f09d7e107deaf159f47c6caf3ac2867703504beb087a3b4530d71fb18b6835679d758965821767ca3947fb55a1cab40998146f6b8d92fd5bcb4263fc7675110ae5e0db2fceacba6153cb66a08da896836d26157899dde1be802e9b47100160400536de4e391cd7f94b95a1f9acfaec6b3fc2ff9df85e57d21d75622ab34adefce0e33f5caea1ac75f27ab59b1772108bb964e503ba1f2266a9ef2393432a391789037c32bbf3840c37dd2fac3c04b862f72b729b432bb199d0d80ffc6175a5c1d1c54ddbe7e0a231c42df7884bbbcc4775ed813e3114ac1fcf121035a0a460fc7fa071da2b1c4b8475c54133aa7cd0e0b40a9b430d70dee2a7624e405825044135d38d2c35a4cb6b122c352c8482e34797de49c049f7ad438842e2b84e67e9ef680a3ee933413a9499efec9827fc26c0d582507e5f8da03f66607e0c3cd963c5e6c62538e081fcaf24736ae322aa0e32f0e25b9b14db1f8e641100af5c73e393dc54a71b5b4d73dd69b03fb1ca13d2b7be3a716eacac59c6ba7c37deeeac60548eb5abc7bb61a25713ce36cd8d1cb3584ef14f3b47535fe6c42965bb813e338ea897588e180b552ffeb8dede2d20582400640a18700e5303b5e212baa5e53e8201dc44b784e49b1ac9237a190e23310460df760d10c1c1f4478fcad70a2a6bc9c42bc603c33e3606faf1d2974e24901ad45e854a8c3825b36b17f9e7f4de494200afe0e9ee4f5d0d2a91973a3aa21e6ad654905890f1a63cec0140ef0ead019542feeca4a1fbd5f1140ef96088ee6ab47e4301bb1a4f63d9c5b303e2bbd1caf16f25084c088a5a34a32707ea7e50a9801e910f26997c1ac9a4f6ca09c457a4fecf6ff3d8850535130bd0c13a71e2ebe7e32840af969692a3b48861ca1a007b6f2c489ff4851377930db5d1d9a9a3b5f868fe203859b8bd6e9a77caac439f27983829201de802b4b2b12acaf26317c1a1b5be10f16bf9c9d65e9900eee08e605e5bdeb2443448089f9956dbbfb592517e4400793c16dcb6b8902c4d2e63ec1f12e7a03c25afbc37b36ffd2ae24a1ab5252daa2f8022e5a5dff51e8416c2873c1a1d5091413e10445c909ac335ebad41406d734a2415a0e82de53a8ef8afdf63ef2f2330773932236b6ae38a8cabdbf47782c33d1eb94d1ba50325449a05e9ebea54ef1d2cd866d3d89f07e6ae5f8bb17ffb0b6815bde76d0297f16760108391df53acbe45ca65e72df5d9234e8ca79e3bdd192f3ccf3249bd55ed890fa25ad153f2221273f1d02b2c92a12189c641c150f27cc7ff822653def38cc20db20c699bbe8e3600ba5567e2e1045bed5751d1177b94c534f8079018c4b2da266647aa9ef65dd96b3fdfd632869d4bca02b2451f98cd4d5ef08e0ec21bd134ca6c16e6e033efc7349eb933ca86c6f9db4a16446e0337dc83780ea2fbdcd5b8ab217da95ebd8638478b7814a397d4fdb1361aab3d7e2869014f9113fa3fa355691b2a2f421cb22acf08b0bab25060539d1be1e3c3cfa5314039fa276bfa35ba95b617a4b9a248c6005def541596d6bc92be9603c049d93aaa65fd193eef99eedb8da8cdb22fdcf557641af597932e2ca1022eed6834e4044e3671a2d32e36c831fb8d3ce039cabed038a5235dcc4e4e11fe0c0e5096f3dd2dc254a9f1df9683dc5b91333176fac9d089dc5bf705fb77415e5b8c872dceb5d07dd51f0bd9ab0e1f44fb4fa1866e6c4b3a2d1a9ce986ec4b08512f8ec7360c7002d2828bbbe86765cb7d22726838c1d37268221c78ecaade6d220e4fde542821ed5b27cd4151733c7a72af7d972454c4852dc15426a6c81cc3e21e5f1ccd78a441554f723d97c2dd409779061b306c9e495730ad501b630afb6ca8744396ee41acbe684ade9e8eb6893bf3cb640bcae0fd70ae9668251704b06c3cd163d2c9e9e602ce4a341aec7e19fbb02111da1a79baaa5aaad9b3ced988cee83b257a010bf74d48dad12227dc81651e1d8b645c3e8059dd0cb7b9c3740cf004bfa477e8771e544a278210e953fae9f76340b420b593962d49f8c644e2670d112e3ddf0f87b8f7def2e86d5c87c4ef3ae034eb138036640215e4fcfa9ac7e3362cbab6ab3c7d83eb708973958fa6daa421b0d9aafd402efe142cdc712ea78cce14ef303743f9c54616a83afa5cead6becddd1555e277543d08d29c3ecb8e4c892b115d584ccb1646860600cd2e646e8114bcf639b7831888d5108862c48f86b711d4698f5d2d58194c7e85e6cf21e14cdc630bcb8dfadf89ef11d879d9cdcda9f702408f43efa06c8a6c21d0398259caf9589c195562faa6661e31cc2399c5382f497bdc6a0acea49a4e2f1cea03b71105ed504a09bbb2ff993b24bf42be6429edc3bda59538a8c4d742724e798bb0a9a7086a7745677269e0fe3fa2a7e9feaa403d7a5f85b3add51de2e7a2d28b35bf400b323674a1ad8e7221150e5fb6b1586ec4393a4af1d838314bad2ef52803c470f67887e4e1a1e1b7bfd785939cb52b3b148e066d52ea1fdeabafb9ccbfdabd440eb900c11f54bc4b121f7b58b8765eeb9c92e5d2b8966017b4e1bc83c7deed109a7ea8937ae6b2300cf34cd57f93fd484bc9663c8905a343bd77ee2d41b1f81f49953c01c54f749238286353f22f302b308c2db8e821adca408515f44b7c4b411b57051471b1f59231343e941ba1b9e7c7d0405aaab16de3fde00e0cba12cc5460b61926c13b7cf5b5b13a1756ac2b559bdc91f6c823fdde37cada497eb1308ef98e9ea306e73e2dfc5977fee6c8820d7ad1545e4835bc9dfbebbebba39a1fbb1a58f3192f0d57afd0b1c02aa07371e5bb0c3e2ec1ea885f9448f18fc5d5cfe3d32077bba4cee5efeb0f213be52dc268e7dfefa5382cc964c7a82b807d93186bf034439903803318a5f09220dad109fa231e40b8b8fe47a5b96ea74048f35792d7af131b36baab4414ae7c8366fd0aa7c646bb261765573ca4a282f2b024b5ae22f5c7a66a881acf202fa595ba0fc6e85081d935c70b661dcc33854e2ab0fd0e40856fa40d262a80677f50a340d5a85d9f74a3d12bb738fc93fe62a2029cb675dd0087c37332867d6b60a49e927223a0bdef13477edb88fa7a9b815bf8a3898f6167698bd651130eb6b1a3a71728a933cf88d18e437271aa4ecd92f958b0c2daa99326b659ef9bdacfc80e5781dcc96936f7c2fee8d4a7a6deec9bc4e2b2795e350516f9e0c183c384548bb0f4efc392a179b6b06369a627613988adec8fd5cbd35f245618a20cc7a36950157e27d356e64fbaf747d99d16ff47c21d569911152d5a93e266477069bbc8cd5ef2a0621bcb11fa04f46eecf7f243a4a4872a6e011f4d2b9dc7f81c171429351fa7db60c93c29621a908a67c57fdafc65707754d5a15142f98a8457783d488b3ec4899b99a12558273a6d3ddf61230317812de542db47071eb8dde844efdfd4e236ffe5013f433c11c9167644f55a8ee6508b916d35f9f1d997f36dc023deef738b29ceb91c8e1f52ad841c5494cba5ef24626ac48ad49d423f3805a3df8c61ae9a129889abe9eed067c6d399bbddd5c96a4d30291f501d833a64c95d581803f2710e07153bc7fcdf1ddd9fbb8d5f9d0961257dbc203f1cbc97a296a381d9386f766f9d4f9c27bd6d8cd44008b26125f4b09ee3eeaeda69ea059f886ec7c0716391c77fcd226b8855cceea605b2ad589333c184353c42cc9ed3d95ed706147e8ad14a9256e10ff364c9905ce4bf3fa9b3b2c04650fe80c3669ac4a20cb611fbd6367a7177f3e10afbf7d22a11e6e588d4311b1b7349b4418ee2e5b2528ddea669158cd4ac89976d1f840f198ce672d28407ebad07f706e9a79ae4e597749bef48f61674e2ee0f2fb9e5fd103af4a92c192388380e3f8b322c78d80583d4e46fe5c4ccbf09382ea6c8fa773598a2422f634b5188758a33ad6103ee443efa5f7b683b8eedee1933989b5fc25f43f8da73fc95fa9e697ca552d33130ec556c3107b4320a594d44f2cd5f2e094de57114d29120384a46e3c3de175c28af0fd0c0b9a7d0790719e570d951bead45665a638554150a26b5d33964691650b12b5a3d5d4c82f65325aef2f32f077a00c0118fc26b19a71566b606660b06d658004d105528da85162da0b9770a3f38daa253782f5170488f9fd186c47042673be5d9b4437b759337e78444b935fdcedca49532822d94848ef4f9b4343518a1262db51c917a6067b5ea305a207a3101aa6571700060bf4aeb15333008b93d3d754e837fe7f1a2bf22d93497b26c99b6b767a7d7fcf113a90f9b50404d5ea5e3bc2478762466633152c7b8c744777879333a998846cbf3cdfb23e70a0d2f8ecd838222e84dfe2664b4baf79cf700574e85802111202b179ccfe321e1350d9833ac2c71d2c26da3b8c2f530d19446dd2fc26aeda58a23f401a3276a02f413b6870a9e7e5e55f6621d20627ccf188247b50b3e8af747bf72ffb27465caaf8ad29e1e81994afe38dbb6f6b18d7473f3e047de0a61730405c6bd74c40709a47da9c7a6a262c5dbc018ef15b10a5adc905ee96ded933147763cf9c8742a51e38c0e5ba6e3b914bc547727da6f04ed18fdc67585e66d5fcf443aa6b8b46af4c0bb3f", 0x1000}, {&(0x7f0000001600)="766c4636da31c1dff73d2c008c684e5c330c54180dbe326c8e762694524b0945454d41127de8569932be5fd16dbf6fa3974bfb2c5111394acda26ede5b5e11a7d589d13ce268afe93316c3f22d9f08772c4f0171875e73f34529c870d95cd159", 0x60}, {&(0x7f0000001680)="e4f8d7a50812c8a93084cdcc4f6ea1360ebe2b2d4c29de339734226ebcca690dc5b1e2efbc5b039e54d615cb0378f15bebf100869c07cfa24ab2340b776f91ac79cacb4cf766322ade931f838f956bdb1e7025fdd9746b8bd01b8f57afcb1b1ad47fced75a35e15b622aef2e0105e81af1cb3fa4e8ea6fc4f2e10f14c72bf07eca6c901f77661d81ea070e1bb7727b7fd6fb8c8d90766af81fd41e75d3f6c288aaca51d4586ee2fe00f31a7661d8a6beb67f6ad19366bcae6e68c74e27117687c9ab45a6b7b047ac23632ff09e77c87bd5960cdd504d67f3777294ed25bf29c55b9307fb69a4ee1da0e005c38218d5e99187cd7de31a3b", 0xf7}], 0x5, &(0x7f0000001800)=[{0xa0, 0x6, 0x800000, "f796622790c3783061820b8e0872f6485f264f1341f245c693079a3f11f2e6146d55ab11685d074510350192ad06d6c668332d215998eeebc6f0814fa5ba7d38ffcffa9837b42d8990bdc41599af6ed99c3fc311404bf56257d97fd6321b2eab09b169ffddf94455563e0fd522f6425c29f412ea348dac5f5ade7c0eeba120b803f10ba7ec4e9ebf72aff0"}], 0xa0}, 0x0, 0x20000800, 0x1}, 0x8)
io_uring_enter(r0, 0x10058ab, 0x0, 0x0, 0x0, 0x0)

04:31:21 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
socket$inet(0x2, 0x6, 0x6a)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
ioctl$TUNSETTXFILTER(r2, 0x400454d1, &(0x7f0000000040)=ANY=[@ANYBLOB="01000900aaaaaaaaaa2daaaaaaaaaa0faaaaaaaaaaaaaaaaaaaaffffffffaaaaa2aafffffee4b3371e1a638abbbb1bfc36770a4baaaaaaaaaaaa"])
r3 = dup3(r2, r0, 0x80000)
io_uring_register$IORING_REGISTER_FILES(r2, 0x2, &(0x7f0000000140)=[r3], 0x1)
r4 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r4, 0x13, &(0x7f0000000100)=[r5, r5], 0x2)
fcntl$F_SET_RW_HINT(r5, 0x40c, &(0x7f0000000180)=0x2)
r6 = socket$inet(0x2, 0xa, 0x0)
dup3(r6, r0, 0x0)

04:31:21 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x4, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

[ 3325.549543] FAULT_INJECTION: forcing a failure.
[ 3325.549543] name failslab, interval 1, probability 0, space 0, times 0
[ 3325.551027] CPU: 1 PID: 16732 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3325.551880] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3325.552903] Call Trace:
[ 3325.553237]  dump_stack+0x107/0x167
[ 3325.553696]  should_fail.cold+0x5/0xa
[ 3325.554172]  ? create_object.isra.0+0x3a/0xa30
[ 3325.554744]  should_failslab+0x5/0x20
[ 3325.555225]  kmem_cache_alloc+0x5b/0x310
[ 3325.555732]  create_object.isra.0+0x3a/0xa30
[ 3325.556280]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3325.556914]  kmem_cache_alloc+0x159/0x310
[ 3325.557438]  xas_alloc+0x336/0x440
[ 3325.557509] FAULT_INJECTION: forcing a failure.
[ 3325.557509] name failslab, interval 1, probability 0, space 0, times 0
[ 3325.557894]  xas_create+0x34a/0x10d0
[ 3325.560782]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3325.561434]  xas_store+0x8c/0x1c40
[ 3325.561899]  __xa_store+0x164/0x2d0
[ 3325.562351]  ? xa_delete_node+0x280/0x280
[ 3325.562914]  ? trace_hardirqs_on+0x5b/0x180
[ 3325.563454]  xa_store+0x31/0x50
[ 3325.563869]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3325.564466]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3325.565137]  ? alloc_fd+0x2e7/0x670
[ 3325.565596]  io_uring_setup+0x1fbb/0x2980
[ 3325.566120]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3325.566752]  ? wait_for_completion_io+0x270/0x270
[ 3325.567356]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3325.567997]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3325.568644]  do_syscall_64+0x33/0x40
[ 3325.569104]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3325.569732] RIP: 0033:0x7f4cd02cab19
[ 3325.570186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3325.572566] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3325.573534] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3325.574409] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3325.575283] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3325.576152] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3325.577022] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3325.577922] CPU: 0 PID: 16731 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3325.579476] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3325.581266] Call Trace:
[ 3325.581855]  dump_stack+0x107/0x167
[ 3325.582684]  should_fail.cold+0x5/0xa
[ 3325.583513]  ? create_object.isra.0+0x3a/0xa30
[ 3325.584502]  should_failslab+0x5/0x20
[ 3325.585334]  kmem_cache_alloc+0x5b/0x310
[ 3325.586238]  create_object.isra.0+0x3a/0xa30
[ 3325.587240]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3325.588359]  kmem_cache_alloc+0x159/0x310
[ 3325.589285]  xas_alloc+0x336/0x440
[ 3325.590066]  xas_create+0x34a/0x10d0
[ 3325.590944]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3325.592099]  xas_store+0x8c/0x1c40
[ 3325.592918]  __xa_store+0x164/0x2d0
[ 3325.593715]  ? xa_delete_node+0x280/0x280
[ 3325.594677]  ? trace_hardirqs_on+0x5b/0x180
[ 3325.595645]  xa_store+0x31/0x50
[ 3325.596358]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3325.597405]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3325.598536]  ? alloc_fd+0x2e7/0x670
[ 3325.599392]  io_uring_setup+0x1fbb/0x2980
[ 3325.600350]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3325.601483]  ? wait_for_completion_io+0x270/0x270
[ 3325.602661]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3325.603843]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3325.604982]  do_syscall_64+0x33/0x40
[ 3325.605810]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3325.606938] RIP: 0033:0x7f3b78954b19
[ 3325.607781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3325.611805] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3325.613469] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3325.615044] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3325.616598] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3325.618133] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3325.619707] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:31:37 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
ioctl$TIOCGPTLCK(r1, 0x80045439, &(0x7f00000000c0))
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r2=>r0, {0x3}}, './file0\x00'})
ioctl$FIONREAD(r2, 0x541b, &(0x7f0000000180))
r3 = socket$inet(0x2, 0xa, 0x0)
dup3(r3, r0, 0x0)

04:31:37 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x5, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

[ 3341.210963] FAULT_INJECTION: forcing a failure.
[ 3341.210963] name failslab, interval 1, probability 0, space 0, times 0
[ 3341.213054] CPU: 1 PID: 16768 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3341.214115] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3341.215736] Call Trace:
[ 3341.216152]  dump_stack+0x107/0x167
[ 3341.216872]  should_fail.cold+0x5/0xa
[ 3341.217626]  ? xas_alloc+0x336/0x440
[ 3341.218358]  should_failslab+0x5/0x20
[ 3341.219109]  kmem_cache_alloc+0x5b/0x310
[ 3341.219922]  xas_alloc+0x336/0x440
[ 3341.220619]  xas_create+0x34a/0x10d0
[ 3341.221350]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3341.222359]  xas_store+0x8c/0x1c40
[ 3341.223079]  __xa_store+0x164/0x2d0
[ 3341.223787]  ? xa_delete_node+0x280/0x280
[ 3341.224610]  ? trace_hardirqs_on+0x5b/0x180
[ 3341.225461]  xa_store+0x31/0x50
[ 3341.226111]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3341.226860]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3341.227878]  ? alloc_fd+0x2e7/0x670
[ 3341.228496]  io_uring_setup+0x1fbb/0x2980
[ 3341.229295]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3341.230112]  ? wait_for_completion_io+0x270/0x270
[ 3341.231077]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3341.231880]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3341.232878]  do_syscall_64+0x33/0x40
[ 3341.233500]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3341.234507] RIP: 0033:0x7f4cd02cab19
[ 3341.235250] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3341.239194] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3341.240816] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3341.242212] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3341.243615] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3341.244993] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
04:31:37 executing program 0:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x11, &(0x7f0000000200)=[{&(0x7f0000010000)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d20202020202020202020202020202020202020202020202020202000000000000000002301000000000123000000000000000000000000000000000000000000000000000000000000000001000001010000010008080018000000000000180d010000000000000000010f0000000022001501", 0xa0, 0x8000}, {0x0}, {0x0}, {0x0, 0x0, 0x40000}, {0x0}, {0x0, 0x0, 0x108e0}, {0x0}, {0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x18000}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {&(0x7f0000014000)="8800150100000000011500080000000008007809140b2a3a0802000001000001010053500701beef005252050181505824016d4100000000416d03000000000000030000000000000000000000000000000054461a010e7809140b2a3a087809140b2a3a087809140b2a3a0843451c01190100000000011900", 0x79, 0x8a800}], 0x0, &(0x7f0000015200))
r0 = accept$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @private2}, &(0x7f00000000c0)=0x1c)
sendmmsg$sock(r0, &(0x7f0000000d80)=[{{&(0x7f00000003c0)=@nl=@kern={0x10, 0x0, 0x0, 0x40000}, 0x80, &(0x7f0000000880)=[{&(0x7f0000000500)="d6235954e3ec20ee8a7edbc999c18424320918808a01f24c368539d862ca711d0d393851d6a52a485c669c76ec503fe0ad158b2e94dc1331cfb4a324b8a610981f15d7930a1cc70dcad4f0179ecf4ed14247090dd135ee0da820a228fca8a3b4561d5461a6e200aea5232db7cda528087aa7d4e5e725b174be8b8b04bbb5c8d87e926921176a24f83d6498391be3c17b418c04be0eb1ea205cd3df058424564e9e33a5aa9dea93b2628ab24fe976e0d5e364ad9ef89ba4ba78289f24c0a423cb8f3c95753813c1a8bf55e6dbf4e0ed4fed30", 0xd2}, {&(0x7f0000000600)="85f007f731067dbe02177df95c65569cb876bc39f9b9576103b74b3170a5691481f575b2cf5fbe24a3fa1da0beb41eb76b35093cbedc1a6a0a5c5281c7ec7958682e3697dd0700594ec3f4d88d960abfa506dca90eedec0239116be55ca17767b2073ca7032e3633c578f3", 0x6b}, {&(0x7f0000000680)="204970cb557edb0c79d99aff6985e3d84b4cdb255be18552f92a488182ee35447a89b2725572620d9aa2572d3322561fa01d0c40665701991b1d079486143e6a1d925d46f8b01af60a03dc4d1404ccf5ce37dd89d5842613c81024aa33ef4280e95fb4669351f0e262ea0fb5180ef7df1e065e7216fe1394d55f1b07f622fbcdef3531892f15d9f5c9f585e21003061c580e38bac31968ad516d0e9f6fc4a3cbbdb52cbc74d4bcc2e50d7999b0e3920769d6e1c4555d1f8528f126", 0xbb}, {&(0x7f0000000740)="22626a4765c7f1f37df715f62942b663703c49a7605b9058e1fd907f293ac83ffb830391c41f9c2ad35014b57f6ea083fc0e21d5722c97952277ab4ff72c733b2c7ae110b370c5b1319a25d1f687b9987a9a059d50bb7d8aadf77715b96cd68cde37bc386cca", 0x66}, {&(0x7f00000007c0)="4fecbbae6db48c06b6cf7c7bfea8dbab3b706513743a6c5ba7f64548549cccf478856c5ce7419ba06cfefaa58f15ad543faeb014746c29db5f00eaffeb53aa753db2985ef5ec7bf94f511e4ec10eb4f418de0a8dc40b3562598500070c183a2ccb617a8723819ef7e0b515e7a647bba0ddb07fbe5d60a36d2734c23231f828b1a2c8342e89e1fbc861d96f9f4d1947b3c2470963c737e4893ca454699327e00f6f6e9ed1fb947e14c05a06ec1f401993a2b8ba1af5d1f2f9e5745d6909", 0xbd}], 0x5}}, {{&(0x7f0000000900)=@rc={0x1f, @none, 0x4}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000980)="cc17cd30500e16ccfc68fce953aada4c2f65904f7ad9ae06435ee4e1968e630628229511efbec9cc1428784d995170d359f83b66c76282720cee9d79588f2466a2618de2bea93a7ea34541221075748357a8b7c8983daa777f5a970ed20fa94d85fca0fb2bac4be4502ec657c0b66fc5fb0df0b9cd1849af7ef94f0227abdb0f5acc", 0x82}, {&(0x7f0000000a40)="67fa19e0e322c073d80490a33371c18ebb3637c0e66155037692416d641ad447e8690f0e38bf091472125bdf5762b1abe18dccd2612c993b5f124b08b61e3b7ab2edde6279237cb1c18dd5339e092916ac56be7bd62fc3a74303c780923a75e5ce8aa5c81d8f4c04f68c901b3519", 0x6e}, {&(0x7f0000000ac0)="3d9c2af8d80f51f4ad182c228394902a0010dc3ccbc4fec41a45f6a0d390165d87b07ddffa0453298b9ea18c8516776bff6021aa80464cdef32af71c9f8d26e6e80c827898b49740b2cb64b1d939f6478cbd3a4bea207de9544402cd34def67328a81e27415044e6e8a11aedcb2e73e735d6eabb8711efe2c21913362e3b20fca3d29ee8a9605c5d062a4385bae831e3d2b6860bd887be5f", 0x98}, {&(0x7f0000000b80)="348928e92a1667cd6cead88ff05403397edfac31f3ceaa722d42084c49bee7dd3a599359b4455051aad82c080f18a1708caba1605bf60139fb3d8b99255efd9fb22b5ced1211e3cbde7272ced00f4ee4e7922208203a1bc9b1398849a84a0fdfbbbe05d75f56ae266715700119dd32d7d7d5f6bfdb569bfcce6600441427de1054d3265cc5598af1d8052d9e6e64675e3e5496d71fc14fe8616837a8a7931fc5819cf484163dfaf4a0bf41a153ca136a11af4145e100ddde75717e28f4aabb", 0xbf}], 0x4, &(0x7f00000001c0)=[@mark={{0x14, 0x1, 0x24, 0x1}}, @mark={{0x14, 0x1, 0x24, 0x9}}], 0x30}}, {{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000c40)="85ed0d4024111b1094fb1e321707ab3d450722ee7834ce9d1d9f52e9eb3ca8481efaeac9b7fa173642b2cd3160237feb824bb355dfa423853117e2c6ba064d1648d124a8b9ac0f8ffb4e0473acabf14677e9db6a4e04093b1417f69643e37e358440a499957f170199e277d413af614578baa90b75fb89fd64367435b8ca78af9ac4e72bf2c7ed9ee64ad260b38256a820de3e58fb012a063cffdbe9b874fa8f06ee406e64e6e67029e31475bd893a8880d84ca828fd2867a15f56602f942f904dd94aa4bb031454b7ee2b44970668676a422ede3c2517240f7aac6e13b100f781c30fbc061884ecc4382de3e64884200cda837d2bd6b685c272d60cd7de", 0xfe}], 0x1, &(0x7f0000000d40)=[@mark={{0x14}}], 0x18}}], 0x3, 0x10)
kcmp(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = syz_mount_image$iso9660(&(0x7f0000000e40), &(0x7f0000000e80)='./file0\x00', 0x0, 0x4, &(0x7f0000001180)=[{&(0x7f0000000ec0)="b515e9fb937ce007db356e04e3f64c2f93cbcd8365999512fcb8e2c9d771902b8f4403", 0x23, 0xfffffffffffffff1}, {&(0x7f0000000f00)="cdc7e1ee5fd4e136a68e9a771fba5f1fb255098b1a2bf7da0faa7a12b95681e376377e28775ef6e9a218996a49765b8d5f9181d410bcc44e19f5ed54a199c4db4ff95eb1c62dd69fd69a326102da14ade9cb2843335385bec2c7f2cd8de9ba3490c00fbf137839fbb5e54934dce8dcce4ee1243bb400c7bd53ffe2c08b7d60ea2d6f9a75872287fe7a287f988b708a7c49a7ed5ea06db7c4bb4ecf7006cee119bde36d2df4eede155fbbbd1e7be0e7301f7af93db6c9d699b51d2bb1903b4619b66a6847de96fa2391aaa014c53733a4c4a61f6c42c80b50a68355418146ccef0177afe2f7b63dc6a7e7f1b71d7b5005c1d5c1a011f4c12d207f", 0xfa, 0x1}, {&(0x7f0000001000)="56c3b889530a868b829885c0191bfc1edee3f1825af2144dad3ad8bc27dd4e98e724a6a9ba7de0c64c52c230b4404a9b714eb46a2a2b274ac59785ed952ab16c04b50705279f8a082043049c73bd6c95fb09eeac14324a4c828b79d9ecb67ffbeed464584b491c02a6452852cd8d53c910d71058f6f00e0f65478fad9691e8444a6a229fea74fc761d78915a50648cdcf45d385cd1f5e8b1fd7e28b869afe3774bd2f49ba049a07d30485f76f50e507ea4c9de57d80253d2e9f5469f532c8f591da360de151f36c9494cbbff6985ead5b97ebcfeccc23ebb9713087e", 0xdc, 0x3}, {&(0x7f0000001100)="7cbc747a6457844cc3455688f519fc9ca62fe421adf06b11c3f8ffcd30988b466384cace04ffeabe845310c20e1d07bb44477d56e94bb1f999a38ed9ba23e9025540e1", 0x43, 0xffff}], 0x10100c0, &(0x7f0000001200)={[{@gid={'gid', 0x3d, 0xffffffffffffffff}}, {}, {@sbsector={'sbsector', 0x3d, 0x9}}], [{@dont_measure}, {@fscontext={'fscontext', 0x3d, 'system_u'}}, {@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}]})
faccessat2(r1, &(0x7f0000001280)='./file0\x00', 0x4, 0x1000)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1e1100, 0x35)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(0xffffffffffffffff, 0x80047210, &(0x7f0000000180))

04:31:37 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0xcb)
dup3(r1, r0, 0x0)

04:31:37 executing program 7:
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040), 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffbfffffffff, 0xffffffffffffffff, 0x8)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000001700)={0x0, @initdev}, &(0x7f0000001740)=0xc)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x105142, 0x50)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup(0xffffffffffffffff)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x16, 0x0, 0x0)
openat(r3, &(0x7f0000000180)='./file1\x00', 0x54000, 0xe0)
r4 = fsopen(&(0x7f00000000c0)='ext2\x00', 0x1)
sendfile(0xffffffffffffffff, r4, &(0x7f0000000140)=0x8001, 0x1d87)
copy_file_range(r2, 0x0, r1, 0x0, 0x10001, 0x0)
fsmount(r4, 0x0, 0x4)
r5 = accept(r0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r5, &(0x7f00000001c0)=0x88, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x0)
sendfile(r1, r6, 0x0, 0x20d315)

04:31:37 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 41)

04:31:37 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
ioctl$GIO_UNISCRNMAP(r2, 0x4b69, &(0x7f0000000080)=""/4)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r3 = socket$inet(0x2, 0xa, 0x0)
ioctl$TUNSETVNETBE(r0, 0x400454de, &(0x7f0000000040))
fcntl$getown(r0, 0x9)
dup3(r3, r0, 0x0)

04:31:37 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 41)

[ 3341.246474] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3341.257505] FAULT_INJECTION: forcing a failure.
[ 3341.257505] name failslab, interval 1, probability 0, space 0, times 0
[ 3341.259436] CPU: 1 PID: 16776 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3341.260765] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3341.262377] Call Trace:
[ 3341.262899]  dump_stack+0x107/0x167
[ 3341.263612]  should_fail.cold+0x5/0xa
[ 3341.264348]  ? xas_alloc+0x336/0x440
[ 3341.265072]  should_failslab+0x5/0x20
[ 3341.265804]  kmem_cache_alloc+0x5b/0x310
[ 3341.266586]  xas_alloc+0x336/0x440
[ 3341.267289]  xas_create+0x34a/0x10d0
[ 3341.268029]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3341.269050]  xas_store+0x8c/0x1c40
[ 3341.269755]  __xa_store+0x164/0x2d0
[ 3341.270456]  ? xa_delete_node+0x280/0x280
[ 3341.271263]  ? trace_hardirqs_on+0x5b/0x180
[ 3341.272107]  xa_store+0x31/0x50
[ 3341.272735]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3341.273675]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3341.274686]  ? alloc_fd+0x2e7/0x670
[ 3341.275415]  io_uring_setup+0x1fbb/0x2980
[ 3341.276215]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3341.277190]  ? wait_for_completion_io+0x270/0x270
[ 3341.278149]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3341.279179]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3341.280180]  do_syscall_64+0x33/0x40
[ 3341.280903]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3341.281889] RIP: 0033:0x7f3b78954b19
[ 3341.282601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3341.286141] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3341.287982] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3341.289867] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3341.291746] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3341.293128] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3341.294513] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:31:37 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 42)

04:31:37 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 42)

[ 3341.421933] FAULT_INJECTION: forcing a failure.
[ 3341.421933] name failslab, interval 1, probability 0, space 0, times 0
[ 3341.424170] CPU: 1 PID: 16789 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3341.425675] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3341.427532] Call Trace:
[ 3341.428056]  dump_stack+0x107/0x167
[ 3341.428888]  should_fail.cold+0x5/0xa
[ 3341.429628]  ? create_object.isra.0+0x3a/0xa30
[ 3341.430526]  should_failslab+0x5/0x20
[ 3341.431272]  kmem_cache_alloc+0x5b/0x310
[ 3341.432066]  ? mark_held_locks+0x9e/0xe0
[ 3341.432866]  create_object.isra.0+0x3a/0xa30
[ 3341.433707]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3341.434701]  kmem_cache_alloc+0x159/0x310
[ 3341.435526]  xas_alloc+0x336/0x440
[ 3341.436215]  xas_create+0x34a/0x10d0
[ 3341.436956]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3341.437767]  xas_store+0x8c/0x1c40
[ 3341.438476]  __xa_store+0x164/0x2d0
[ 3341.439211]  ? xa_delete_node+0x280/0x280
[ 3341.440035]  ? trace_hardirqs_on+0x5b/0x180
[ 3341.440880]  xa_store+0x31/0x50
[ 3341.441532]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3341.442467]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3341.443494]  ? alloc_fd+0x2e7/0x670
[ 3341.444227]  io_uring_setup+0x1fbb/0x2980
[ 3341.445196]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3341.446185]  ? wait_for_completion_io+0x270/0x270
[ 3341.447210]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3341.448227]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3341.449230]  do_syscall_64+0x33/0x40
[ 3341.449956]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3341.450964] RIP: 0033:0x7f4cd02cab19
[ 3341.451690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3341.455261] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3341.456101] FAULT_INJECTION: forcing a failure.
[ 3341.456101] name failslab, interval 1, probability 0, space 0, times 0
[ 3341.456738] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3341.456749] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3341.456759] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3341.456769] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3341.456779] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3341.467960] CPU: 0 PID: 16793 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3341.469478] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3341.471310] Call Trace:
[ 3341.471902]  dump_stack+0x107/0x167
[ 3341.472722]  should_fail.cold+0x5/0xa
[ 3341.473577]  ? create_object.isra.0+0x3a/0xa30
[ 3341.474583]  should_failslab+0x5/0x20
[ 3341.475435]  kmem_cache_alloc+0x5b/0x310
[ 3341.476336]  ? mark_held_locks+0x9e/0xe0
[ 3341.477243]  create_object.isra.0+0x3a/0xa30
[ 3341.478208]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3341.479351]  kmem_cache_alloc+0x159/0x310
[ 3341.480284]  xas_alloc+0x336/0x440
[ 3341.481077]  xas_create+0x34a/0x10d0
[ 3341.481927]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3341.483102]  xas_store+0x8c/0x1c40
[ 3341.483919]  __xa_store+0x164/0x2d0
[ 3341.484729]  ? xa_delete_node+0x280/0x280
[ 3341.485662]  ? trace_hardirqs_on+0x5b/0x180
[ 3341.486633]  xa_store+0x31/0x50
[ 3341.487378]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3341.488441]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3341.489591]  ? alloc_fd+0x2e7/0x670
[ 3341.490420]  io_uring_setup+0x1fbb/0x2980
[ 3341.491365]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3341.492480]  ? wait_for_completion_io+0x270/0x270
[ 3341.493590]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3341.494744]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3341.495896]  do_syscall_64+0x33/0x40
[ 3341.496721]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3341.497846] RIP: 0033:0x7f3b78954b19
[ 3341.498667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3341.502715] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3341.504397] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3341.505960] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3341.507533] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3341.509097] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3341.510663] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:31:37 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
ioctl$TIOCGPTLCK(r1, 0x80045439, &(0x7f00000000c0))
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {0x3}}, './file0\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r2 = socket$inet(0x2, 0xa, 0x0)
dup3(r2, r0, 0x0)

04:31:37 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0xc, 0x0, 0x0, 0x2, "77004ab80000eb0800", 0x2, 0x100})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
r2 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r2, 0x13, &(0x7f0000000100)=[r3, r3], 0x2)
ioctl$TCGETA(r3, 0x5405, &(0x7f0000000040))
r4 = openat$null(0xffffffffffffff9c, &(0x7f0000000140), 0x80100, 0x0)
dup3(r1, r4, 0x0)

04:31:37 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x10, 0x0, 0x4d})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0)
r3 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r3, 0x13, &(0x7f0000000100)=[r4, r4], 0x2)
ioctl$TUNSETQUEUE(r4, 0x400454ca, &(0x7f0000000180)={'lo\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r5 = socket$inet(0x2, 0xa, 0x0)
dup3(r5, r0, 0x0)
connect$inet(r2, &(0x7f0000000140)={0x2, 0x4e20, @multicast2}, 0x10)
ioctl$TUNDETACHFILTER(r0, 0x401054d6, 0x0)

04:31:37 executing program 0:
r0 = semget$private(0x0, 0x4, 0x100)
r1 = perf_event_open(&(0x7f0000000400)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4317, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x5, 0x48}, 0x80, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
semctl$IPC_RMID(0x0, 0x0, 0xb)
semget$private(0x0, 0x4, 0x100)
semctl$SEM_STAT_ANY(0x0, 0x0, 0x14, &(0x7f00000002c0)=""/207)
clock_gettime(0x1, &(0x7f0000000140)={<r2=>0x0, <r3=>0x0})
semtimedop(0x0, 0x0, 0x0, &(0x7f0000000180)={r2, r3+60000000})
semtimedop(0x0, &(0x7f00000003c0)=[{0x0, 0x4a41, 0x1800}, {0x0, 0x0, 0x1c00}, {0x2, 0x6, 0x400}], 0x3, &(0x7f00000001c0)={0x0, 0x989680})
poll(&(0x7f0000000000)=[{r1, 0x8430}], 0x1, 0x200000)
semtimedop(0x0, &(0x7f0000000000), 0x0, &(0x7f0000000040))
semctl$SEM_STAT_ANY(0x0, 0x2, 0x14, 0x0)
semctl$IPC_RMID(0x0, 0x0, 0x0)
semget$private(0x0, 0x6, 0x0)
semctl$IPC_RMID(0x0, 0x0, 0x0)
r4 = semget(0x1, 0x0, 0x0)
semctl$IPC_SET(r4, 0x0, 0x1, &(0x7f0000000340)={{0x2, 0x0, 0xffffffffffffffff, 0xee01, 0x0, 0x4fc20b8343fdba95, 0x2003}, 0x1, 0x6, 0x0, 0x0, 0x0, 0x0, 0x3})
semtimedop(r4, &(0x7f00000000c0)=[{0x2, 0x7fff, 0x3000}, {0x2, 0x0, 0x1000}], 0x2, &(0x7f0000000100)={0x0, 0x3938700})
semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000480)=""/4096)
semctl$SEM_STAT_ANY(0x0, 0x2, 0x14, &(0x7f0000000080)=""/14)
unshare(0x48020200)

04:31:37 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 43)

04:31:37 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x6, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:31:37 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 43)

04:31:37 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
ioctl$TIOCGPTLCK(r1, 0x80045439, &(0x7f00000000c0))
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r2 = socket$inet(0x2, 0xa, 0x0)
dup3(r2, r0, 0x0)

04:31:37 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, 'w\x00J\x00', 0x0, 0x1})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000040)={'bridge0\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f0000000240))
r1 = socket$inet(0x2, 0xa, 0x0)
r2 = dup3(r1, r0, 0x0)
ioctl$GIO_FONT(r2, 0x4b60, &(0x7f0000000080)=""/235)
r3 = syz_open_dev$usbmon(&(0x7f0000000180), 0x17, 0x121000)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000200)={0x20000010})

[ 3341.740529] FAULT_INJECTION: forcing a failure.
[ 3341.740529] name failslab, interval 1, probability 0, space 0, times 0
[ 3341.742829] CPU: 1 PID: 16817 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3341.744178] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3341.745818] Call Trace:
[ 3341.746463]  dump_stack+0x107/0x167
[ 3341.747189]  should_fail.cold+0x5/0xa
[ 3341.747930]  ? xas_alloc+0x336/0x440
[ 3341.748654]  should_failslab+0x5/0x20
[ 3341.749396]  kmem_cache_alloc+0x5b/0x310
[ 3341.750191]  xas_alloc+0x336/0x440
[ 3341.750892]  xas_create+0x34a/0x10d0
[ 3341.751627]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3341.752642]  xas_store+0x8c/0x1c40
[ 3341.753346]  __xa_store+0x164/0x2d0
[ 3341.754055]  ? xa_delete_node+0x280/0x280
[ 3341.754875]  ? trace_hardirqs_on+0x5b/0x180
[ 3341.755719]  xa_store+0x31/0x50
[ 3341.756362]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3341.757303]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3341.758315]  ? alloc_fd+0x2e7/0x670
[ 3341.759047]  io_uring_setup+0x1fbb/0x2980
[ 3341.759860]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3341.760841]  ? wait_for_completion_io+0x270/0x270
[ 3341.761799]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3341.761833] FAULT_INJECTION: forcing a failure.
[ 3341.761833] name failslab, interval 1, probability 0, space 0, times 0
[ 3341.762820]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3341.762844]  do_syscall_64+0x33/0x40
[ 3341.762863]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3341.762884] RIP: 0033:0x7f3b78954b19
[ 3341.768695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3341.772251] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3341.773724] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3341.775112] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3341.776492] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3341.777875] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3341.779261] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3341.780673] CPU: 0 PID: 16818 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3341.782246] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3341.784189] Call Trace:
[ 3341.784787]  dump_stack+0x107/0x167
[ 3341.785604]  should_fail.cold+0x5/0xa
[ 3341.786452]  ? xas_alloc+0x336/0x440
[ 3341.787291]  should_failslab+0x5/0x20
[ 3341.788136]  kmem_cache_alloc+0x5b/0x310
[ 3341.789047]  xas_alloc+0x336/0x440
[ 3341.789869]  xas_create+0x34a/0x10d0
[ 3341.790728]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3341.791912]  xas_store+0x8c/0x1c40
[ 3341.792735]  __xa_store+0x164/0x2d0
[ 3341.793548]  ? xa_delete_node+0x280/0x280
[ 3341.794485]  ? trace_hardirqs_on+0x5b/0x180
[ 3341.795470]  xa_store+0x31/0x50
[ 3341.796216]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3341.797286]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3341.798443]  ? alloc_fd+0x2e7/0x670
[ 3341.799286]  io_uring_setup+0x1fbb/0x2980
[ 3341.800224]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3341.801346]  ? wait_for_completion_io+0x270/0x270
[ 3341.802460]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3341.803628]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3341.804777]  do_syscall_64+0x33/0x40
[ 3341.805604]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3341.806738] RIP: 0033:0x7f4cd02cab19
[ 3341.807574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3341.811627] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3341.813315] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3341.814898] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3341.816470] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3341.818038] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3341.819616] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:31:37 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x4000000, 0x2, "77004a6efdff0000000008003600"})
ioctl$KDSKBSENT(0xffffffffffffffff, 0x4b49, &(0x7f00000004c0)={0x6c, "66b7dd25dfdbac1580057480133495ff58faa18e79404c53de6fe8f7806f6baa99317705ade59a8d8fa427c41b9b55e0b9fbb03525d4df3499624e4ad66e5981ac0f2e05afb3095e2553c3bf6adec729731ea55902d06474083dcc682a4176db617f5adba56134750397037e96d1135725f8285a6f4c3e8a0c8177ead40c12cf7c67e7a42891af2fc2a76720520a5e66e71197488c8442cda3e57ff7ea9d5e7a3c752bafedb9fdf40cad8f65f388ad5334f8a4c12426edffec380be0ed3011bc65db6c7e897eea70cfc9b324eed78cf459234868edb62743825a5f08eda5f027e0049a49c95b3872e4fbd053c7fbf5b7623a541e6afb7e1ad2b59c86c459799b13be0ae3b25444f730658345360278f0664cbcd0278fd12d46c742b07b47e08ba878366b5be7b56fc59e6050a7c24bbbf08f664a18ff4e6a17f3d0c12fb8a090e07cd8df500a6f6377329b9261fbc6f265d02eb8c3992599f70c3ea5a2b5e5b3c2feee64365b0f19f5703ff60ff451144b0671d911f3dcced924af27c914c0741add2c4aec00ab5445789ca8598d173dfb4355672c1eafa6e7bbb6eb556c49fef5be4ab2a27929a539927d2a97eebce9836be5129e1b003fd5e2b46261ec9bd3855b0cb257d93334fa678692dea097844a426a61eff0d7026a82b3f320393468c75dc08de2bbe545c9f388caaf1dad9435bc127e9f738d4f774b4d914cd724d8"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
dup3(r0, r0, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = syz_mount_image$nfs4(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x3ff, 0x2, &(0x7f0000000100)=[{&(0x7f0000000200)="5719f39a060f1ffa01c151ed2c0f75db9a2852b1b3500e0804a9816ffa9fbb678f7f45c4e089940660bb66643f130ac3a302770a62ca9aed7ef0b24da23a4c93debb3eeac8a1e4013dc0338068075d0bc55a59920e337e1682c9b50a8764d960799296d7d742f552ac357a4547bc5522a88ffe175e13d2f7335a3fa8d6ff3b7d6f8785151b14f45ac6999c3ec769906c6c67c9621b8934c544ef40c7fe74c6f986bd32b84a34d01dd3dfd5a749da968afea1c7b4430b162e3d025d33976c8bd2dc51bf9b84ce374558712888066dfde442f3be6af8c381a6208cec0e1ef7c38cd573d5054bd312", 0xe7, 0x25}, {&(0x7f0000000300)="a797e66d9c3a20441778914a75498ae0ddfc548463ab9b2dbcbc8c6a0fa5f8121946ae413f3be505f201aff68131473d3cfb34abf6a8203bcacc6d742371c0f068b041dc4f45f534d3135269d089632c996a9d053b00c3dc2e1be59a844399394316245798e3241e8abee9718f98e6eae2e34b07eb988acfbedc583fb48167012aa6c90f9d70a4f17e354d7b9a642118234a7def61c3b7342291915f16ba6b1b306eb90b2a2cc7ee8088f51ef6b8f90f84341a3fa08fd7391b5aeca4636cef97aa9f041f8a082f6fe6ef2e4642e0d506d2fcf812263126140d96b40d46fa7a4d87fdb367728ddd8ef571675917", 0xed, 0x100}], 0x2, &(0x7f0000000400)=ANY=[@ANYBLOB="7d5e2c2f6465762f6e65742f74756e002c2d5b2a2126c928295d2c2f6465762f6e65742f74756e002c7375626a5f747970653d2f6465762f6e65742f74756e002c6f626a5f757365723d76657468305f766c616e002c6f626a5f757365723da13a29282c736d61636b6673726f6f743d2f6465762f6e65742f74756e002c657569643e", @ANYRESDEC, @ANYBLOB='\x00\x00'])
r2 = openat(r1, &(0x7f0000000140)='./file0\x00', 0x141001, 0x10)
ioctl$AUTOFS_IOC_EXPIRE_MULTI(r2, 0x40049366, &(0x7f0000000180))
r3 = socket$inet(0x2, 0xa, 0x0)
dup3(r3, r0, 0x0)

04:31:53 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 44)

04:31:53 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
ioctl$TIOCGPTLCK(r1, 0x80045439, &(0x7f00000000c0))
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r2 = socket$inet(0x2, 0xa, 0x0)
dup3(r2, r0, 0x0)

04:31:53 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
ioctl$TUNSETCARRIER(r2, 0x400454e2, &(0x7f0000000040)=0x1)
r3 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r3, 0x13, &(0x7f0000000100)=[r4, r4], 0x2)
ioctl$TUNSETSNDBUF(r4, 0x400454d4, &(0x7f0000000140)=0x8000)
r5 = socket$inet(0x2, 0xa, 0x0)
dup3(r5, r0, 0x0)

04:31:53 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x10000, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = syz_io_uring_complete(0x0)
dup3(r0, r1, 0x0)
r2 = socket$inet(0x2, 0xa, 0x0)
dup3(r2, r0, 0x0)

04:31:53 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 44)

04:31:53 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x10f6e2, 0x0)
ftruncate(r0, 0x1000004)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0)
perf_event_open(&(0x7f0000000400)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000002c0)}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
lseek(r1, 0x0, 0x2)
copy_file_range(r0, 0x0, r1, 0x0, 0x200f5f4, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x43c003, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x1f012, 0xffffffffffffffff, 0x0)
open_tree(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x800)
r2 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip_tables_matches\x00')
mount$9p_fd(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000540)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})
lseek(r1, 0x8000, 0x3)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000500)={0xffffffffffffffff, 0x2, 0xff})
fchdir(r3)
syz_io_uring_setup(0x305a, &(0x7f0000000340)={0x0, 0x10a9, 0x0, 0x2, 0x2af, 0x0, r0}, &(0x7f000025d000/0x1000)=nil, &(0x7f0000715000/0x4000)=nil, &(0x7f00000003c0), &(0x7f0000000480))
mount$cgroup(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x5030, &(0x7f00000001c0)={[{@clone_children}, {@clone_children}, {@none}, {@release_agent={'release_agent', 0x3d, './file0'}}, {@name={'name', 0x3d, '\\-@---^\x9a#,'}}, {@cpuset_v2_mode}], [{@smackfsfloor={'smackfsfloor', 0x3d, '\x00'}}, {@fsmagic={'fsmagic', 0x3d, 0x8001}}, {@dont_measure}, {@smackfsroot={'smackfsroot', 0x3d, '\x00'}}, {@smackfsroot={'smackfsroot', 0x3d, '\x00'}}, {@seclabel}, {@smackfsdef}]})
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2000003, 0x1f012, 0xffffffffffffffff, 0x0)

04:31:53 executing program 7:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0x4)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), r0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'bond0\x00', <r2=>0x0})
sendmsg$BATADV_CMD_GET_MESH(r0, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x40, r1, 0x200, 0x70bd29, 0x25dfdbfc, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r2}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @broadcast}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}]}, 0x40}, 0x1, 0x0, 0x0, 0x20010800}, 0x20000011)
sendmsg$nl_generic(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="8021b80012000501"], 0x2180}}, 0x0)

04:31:53 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x7, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

[ 3357.067371] FAULT_INJECTION: forcing a failure.
[ 3357.067371] name failslab, interval 1, probability 0, space 0, times 0
[ 3357.069006] CPU: 1 PID: 16846 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3357.069959] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3357.071105] Call Trace:
[ 3357.071483]  dump_stack+0x107/0x167
[ 3357.071995]  should_fail.cold+0x5/0xa
[ 3357.072524]  ? create_object.isra.0+0x3a/0xa30
[ 3357.073152]  should_failslab+0x5/0x20
[ 3357.073674]  kmem_cache_alloc+0x5b/0x310
[ 3357.074247]  ? mark_held_locks+0x9e/0xe0
[ 3357.074810]  create_object.isra.0+0x3a/0xa30
[ 3357.075420]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3357.076122]  kmem_cache_alloc+0x159/0x310
[ 3357.076703]  xas_alloc+0x336/0x440
[ 3357.077198]  xas_create+0x34a/0x10d0
[ 3357.077750]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3357.079263]  xas_store+0x8c/0x1c40
[ 3357.080344]  __xa_store+0x164/0x2d0
[ 3357.081410]  ? xa_delete_node+0x280/0x280
[ 3357.082626]  ? trace_hardirqs_on+0x5b/0x180
[ 3357.083904]  xa_store+0x31/0x50
[ 3357.084869]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3357.086264]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3357.087785]  ? alloc_fd+0x2e7/0x670
[ 3357.088867]  io_uring_setup+0x1fbb/0x2980
[ 3357.090083]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3357.091558]  ? wait_for_completion_io+0x270/0x270
[ 3357.092990]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3357.094487]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3357.096023]  do_syscall_64+0x33/0x40
[ 3357.097088]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3357.098551] RIP: 0033:0x7f4cd02cab19
[ 3357.099633] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3357.104825] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3357.106976] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3357.108978] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3357.110985] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3357.112736] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3357.114539] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3357.129494] kernel write not supported for file /16842/net/ip_tables_matches (pid: 14596 comm: kworker/0:1)
04:31:53 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x8, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

[ 3357.147347] FAULT_INJECTION: forcing a failure.
[ 3357.147347] name failslab, interval 1, probability 0, space 0, times 0
[ 3357.150735] CPU: 1 PID: 16857 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3357.152379] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3357.154325] Call Trace:
[ 3357.154960]  dump_stack+0x107/0x167
[ 3357.155802]  should_fail.cold+0x5/0xa
[ 3357.156685]  ? xas_alloc+0x336/0x440
[ 3357.157547]  should_failslab+0x5/0x20
[ 3357.158423]  kmem_cache_alloc+0x5b/0x310
[ 3357.159373]  xas_alloc+0x336/0x440
[ 3357.160196]  xas_create+0x34a/0x10d0
[ 3357.161255]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3357.162462]  xas_store+0x8c/0x1c40
[ 3357.163305]  __xa_store+0x164/0x2d0
[ 3357.164131]  ? xa_delete_node+0x280/0x280
[ 3357.165077]  ? trace_hardirqs_on+0x5b/0x180
[ 3357.166056]  xa_store+0x31/0x50
[ 3357.166807]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3357.167901]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3357.169077]  ? alloc_fd+0x2e7/0x670
[ 3357.169914]  io_uring_setup+0x1fbb/0x2980
[ 3357.170861]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3357.172011]  ? wait_for_completion_io+0x270/0x270
[ 3357.173127]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3357.174313]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3357.175487]  do_syscall_64+0x33/0x40
[ 3357.176333]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3357.177484] RIP: 0033:0x7f3b78954b19
[ 3357.178326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3357.182424] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3357.184141] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3357.185742] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3357.187352] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3357.188956] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3357.190552] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:31:53 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 45)

04:31:53 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
ioctl$TIOCGPTLCK(r1, 0x80045439, &(0x7f00000000c0))
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r2 = socket$inet(0x2, 0xa, 0x0)
dup3(r2, r0, 0x0)

[ 3357.272786] FAULT_INJECTION: forcing a failure.
[ 3357.272786] name failslab, interval 1, probability 0, space 0, times 0
[ 3357.274403] CPU: 0 PID: 16871 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3357.275370] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3357.276525] Call Trace:
[ 3357.276898]  dump_stack+0x107/0x167
[ 3357.277411]  should_fail.cold+0x5/0xa
[ 3357.277944]  ? xas_alloc+0x336/0x440
[ 3357.278471]  should_failslab+0x5/0x20
[ 3357.279017]  kmem_cache_alloc+0x5b/0x310
[ 3357.279597]  xas_alloc+0x336/0x440
[ 3357.280098]  xas_create+0x34a/0x10d0
[ 3357.280631]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3357.281361]  xas_store+0x8c/0x1c40
[ 3357.281881]  __xa_store+0x164/0x2d0
[ 3357.282391]  ? xa_delete_node+0x280/0x280
[ 3357.282987]  ? trace_hardirqs_on+0x5b/0x180
[ 3357.283598]  xa_store+0x31/0x50
[ 3357.284061]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3357.284735]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3357.285464]  ? alloc_fd+0x2e7/0x670
[ 3357.285986]  io_uring_setup+0x1fbb/0x2980
[ 3357.286581]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3357.287291]  ? wait_for_completion_io+0x270/0x270
[ 3357.287996]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3357.288727]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3357.289446]  do_syscall_64+0x33/0x40
[ 3357.289966]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3357.290674] RIP: 0033:0x7f4cd02cab19
[ 3357.291192] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3357.293722] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3357.294768] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3357.295749] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3357.296725] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3357.297699] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3357.298676] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:31:53 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r1=>r0, {0x7ff}}, './file0\x00'})
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000180)={'caif0\x00'})
r2 = socket$inet(0x2, 0xa, 0x0)
r3 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r3, 0x13, &(0x7f0000000100)=[r4, r4], 0x2)
dup3(r2, r0, 0x0)

04:31:53 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000040)={0x40, 0x5, 0x1, 'queue1\x00', 0x1})
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000200)={0x1, 0x8000}, 0x4)
mremap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4000, 0x4, &(0x7f0000ffc000/0x4000)=nil)
r1 = syz_mount_image$tmpfs(&(0x7f0000000500), &(0x7f0000000580)='./file1\x00', 0x0, 0x2, &(0x7f0000000800)=[{&(0x7f00000005c0)="ad54251b3ad1b82effb2afc3a529007f1fccfc5541d9503721a1483aae2621d1bb81e1de534bff67e5be84a829d57cb7286a2cbae33daaff55a4cda02c0666a20d82f99b6db590c9a4fd8aaedd87b1a62965c30ebf2f10b3aafd8097b007282e6058ff8b7a4f5fb4b09d355f254428841d2e4fa2da0f63b3fb2cad87436353d0ce1cdfe541a1703c2580a7122309d311decac1e0fc5bba419737586612c765f41fbadb00d79934f83fa3d03999d4fc74b8335cc404288d36e2bf9de9c51e34237cc8b95271f5e15a1451fe3c", 0xcc, 0x2}, {&(0x7f0000000700)="b67fefe57028c4f68194a462ede140fcd1719e57fea2dc09c3657149e58e4ac00c14768561815532f73f6e27f38cfc35bb114017183cda638b59d7503329e5c22ea93d0432d5b73929ff96f776f8ed4722d98dc5a9691f2ca34b7b66f983f68179710c34118f32dbeade3f1e88958835d08dbbb633c68f12dd26b01c7b3362adeb3795cebbb83ffdad0cd5e00fdc44b76933473bfd9e0bc31ee3a060bfd588d0d93f521beecb42b9f3ebbfeba4d0bdfe35c3391575b42129108cf44505bef06ea4cd18933bb1c6c4046c69f7b3f2378b8967a55c15d1b990f6af4fdf2ea2", 0xde, 0x5}], 0x0, &(0x7f0000000840)={[{@gid={'gid', 0x3d, 0xee00}}, {@size={'size', 0x3d, [0x70, 0x58]}}, {@huge_advise}, {@nr_inodes={'nr_inodes', 0x3d, [0x67, 0x6b, 0x78, 0x38, 0x38, 0x70, 0x33, 0x35, 0x0, 0x36]}}], [{@obj_user={'obj_user', 0x3d, '#}[]!].%'}}, {@fsuuid={'fsuuid', 0x3d, {[0x36, 0x38, 0x63, 0x33, 0x30, 0x37, 0x38, 0x63], 0x2d, [0x32, 0x32, 0x61, 0x38], 0x2d, [0x64, 0x36, 0x63, 0x32], 0x2d, [0x37, 0x34, 0x37, 0x65], 0x2d, [0x62, 0xca, 0x62, 0x31, 0x34, 0x30, 0x35, 0x39]}}}, {@euid_eq={'euid', 0x3d, 0xffffffffffffffff}}, {@subj_user={'subj_user', 0x3d, '[:'}}, {@mask={'mask', 0x3d, '^MAY_APPEND'}}, {@measure}, {@mask={'mask', 0x3d, '^MAY_APPEND'}}, {@seclabel}, {@smackfsdef={'smackfsdef', 0x3d, '^]}\\'}}]})
renameat(r1, &(0x7f0000000940)='./file1\x00', r0, &(0x7f0000000980)='\x00')
ioctl$SIOCGSTAMP(0xffffffffffffffff, 0x8906, &(0x7f00000000c0))
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
mlock2(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0xa, &(0x7f0000000080)=0x90, 0x4)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
sendmsg$inet6(r2, &(0x7f00000006c0)={0x0, 0x31, &(0x7f0000000540)=[{&(0x7f0000000100)=':\x00', 0xfffffdef}], 0x1}, 0x10044008)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x1, {0x0, r3}}, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, r0, 0x0, &(0x7f0000000480)={&(0x7f0000000180)=@nfc_llcp, 0x80, &(0x7f0000000400)=[{&(0x7f0000000240)=""/149, 0x95}, {&(0x7f0000000300)=""/46, 0x2e}, {&(0x7f0000000340)=""/188, 0xbc}], 0x3, &(0x7f0000000440)=""/26, 0x1a}, 0x0, 0x0, 0x0, {0x1, r3}}, 0x9)
openat(0xffffffffffffffff, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)

04:31:53 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r0, 0x13, &(0x7f0000000100)=[r1, r1], 0x2)
r2 = dup(r1)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r3, 0x400454cd, 0x0)
r4 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NL80211_CMD_TDLS_OPER(r2, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="50b04768e5010deffe106c2b718b51bd69aa5948375a4a79de850b", @ANYRES16=0x0, @ANYBLOB="000131bd7000fcdbdf255100000008000300", @ANYRES32=0x0, @ANYBLOB="05008a00010000000a0006000802110000000000"], 0x30}}, 0x4000)
io_uring_register$IORING_REGISTER_FILES(r4, 0x13, &(0x7f0000000100)=[r5, r5], 0x2)
pipe(&(0x7f0000000040)={<r6=>0xffffffffffffffff})
r7 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000140)='devices.deny\x00', 0x2, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r4, 0x6, &(0x7f0000000200)={0x7ff, 0x0, &(0x7f0000000180)=[r6, r7]}, 0x2)
socket$inet(0x2, 0xa, 0x0)

04:31:53 executing program 7:
r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180))
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x4000)
r4 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000500)='/proc/locks\x00', 0x0, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x20010, r4, 0x0)
syz_io_uring_setup(0x68f7, &(0x7f0000000400)={0x0, 0xc404, 0x0, 0x0, 0x0, 0x0, r5}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000080), &(0x7f00000001c0)=<r7=>0x0)
syz_io_uring_submit(r6, r7, 0x0, 0xf0)
r8 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x4, 0x2010, r4, 0x8000000)
syz_io_uring_setup(0x45cb, &(0x7f0000000540)={0x0, 0xc3c4, 0x8, 0x2, 0x11f, 0x0, r3}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000000280), &(0x7f00000005c0)=<r9=>0x0)
syz_io_uring_submit(r8, r9, &(0x7f0000000700)=@IORING_OP_WRITE={0x17, 0x2, 0x2000, @fd_index=0x4, 0x1, &(0x7f0000000600)="41098ddd6ed64c9b41e12e62face99975c5aeaf5641a4012826643831f1b522b92377cd9e5466b076088dd985891ffef9a60592e4377ccf516e81c94118ead96a7bb5c5a48bf0d8da155a2a05a8baed978a678cbdde51e81cee825f62dfcc8448fbff1f119f949c3807092a99adf7a0616ebef5860d93d23b6ff407a24620d4fdd8fa66ee51cf3780b333ab0a8a0de40199e20faaf1c00a2fb1fcf2bc172f089f5146f506ea0b04df28c80abea638ab0f56a9aecdeac9155fc0c864c16e3154b318b569f75a292bf8e8d4603bc7edd9a2db24d8fcc81da0b7e2a3e5c55d84fc7bd1f7eb48ec7767d70af9d562021fbac07d585", 0xf3}, 0x9)
r10 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x10000000)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_io_uring_submit(r10, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x10058ab, 0x0, 0x0, 0x0, 0x0)

04:31:53 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 45)

04:31:53 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
ioctl$TIOCGPTLCK(r1, 0x80045439, &(0x7f00000000c0))
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r2 = socket$inet(0x2, 0xa, 0x0)
dup3(r2, r0, 0x0)

04:31:53 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 46)

[ 3357.468289] FAULT_INJECTION: forcing a failure.
[ 3357.468289] name failslab, interval 1, probability 0, space 0, times 0
[ 3357.469766] CPU: 0 PID: 16892 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3357.470615] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3357.471634] Call Trace:
[ 3357.471962]  dump_stack+0x107/0x167
[ 3357.472415]  should_fail.cold+0x5/0xa
[ 3357.472886]  ? create_object.isra.0+0x3a/0xa30
[ 3357.473442]  should_failslab+0x5/0x20
[ 3357.473909]  kmem_cache_alloc+0x5b/0x310
[ 3357.474406]  ? mark_held_locks+0x9e/0xe0
[ 3357.474905]  create_object.isra.0+0x3a/0xa30
[ 3357.475445]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3357.476068]  kmem_cache_alloc+0x159/0x310
[ 3357.476579]  xas_alloc+0x336/0x440
[ 3357.477018]  xas_create+0x34a/0x10d0
[ 3357.477485]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3357.478131]  xas_store+0x8c/0x1c40
[ 3357.478588]  __xa_store+0x164/0x2d0
[ 3357.479041]  ? xa_delete_node+0x280/0x280
[ 3357.479561]  ? trace_hardirqs_on+0x5b/0x180
[ 3357.480095]  xa_store+0x31/0x50
[ 3357.480504]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3357.481093]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3357.481730]  ? alloc_fd+0x2e7/0x670
[ 3357.482186]  io_uring_setup+0x1fbb/0x2980
[ 3357.482701]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3357.483323]  ? wait_for_completion_io+0x270/0x270
[ 3357.483942]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3357.484585]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3357.485216]  do_syscall_64+0x33/0x40
[ 3357.485676]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3357.486297] RIP: 0033:0x7f3b78954b19
[ 3357.486752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3357.488981] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3357.489917] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3357.490788] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3357.491668] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3357.492530] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3357.493399] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:31:53 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x60, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

[ 3357.538202] FAULT_INJECTION: forcing a failure.
[ 3357.538202] name failslab, interval 1, probability 0, space 0, times 0
[ 3357.541185] CPU: 1 PID: 16899 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3357.542990] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3357.544727] Call Trace:
[ 3357.545419]  dump_stack+0x107/0x167
[ 3357.546235]  should_fail.cold+0x5/0xa
[ 3357.547225]  ? create_object.isra.0+0x3a/0xa30
[ 3357.548171]  should_failslab+0x5/0x20
[ 3357.549022]  kmem_cache_alloc+0x5b/0x310
[ 3357.549886]  create_object.isra.0+0x3a/0xa30
[ 3357.550810]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3357.551877]  kmem_cache_alloc+0x159/0x310
[ 3357.552763]  xas_alloc+0x336/0x440
[ 3357.553506]  xas_create+0x34a/0x10d0
[ 3357.554313]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3357.555414]  xas_store+0x8c/0x1c40
[ 3357.556186]  __xa_store+0x164/0x2d0
[ 3357.556961]  ? xa_delete_node+0x280/0x280
[ 3357.557825]  ? trace_hardirqs_on+0x5b/0x180
[ 3357.558732]  xa_store+0x31/0x50
[ 3357.559434]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3357.560440]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3357.561535]  ? alloc_fd+0x2e7/0x670
[ 3357.562296]  io_uring_setup+0x1fbb/0x2980
[ 3357.563181]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3357.564227]  ? wait_for_completion_io+0x270/0x270
[ 3357.565270]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3357.566350]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3357.567440]  do_syscall_64+0x33/0x40
[ 3357.568216]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3357.569299] RIP: 0033:0x7f4cd02cab19
[ 3357.570077] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3357.573835] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3357.575416] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3357.576900] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3357.578372] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3357.579858] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3357.581323] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:31:53 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 46)

04:31:53 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0}, './file0\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

[ 3357.667657] FAULT_INJECTION: forcing a failure.
[ 3357.667657] name failslab, interval 1, probability 0, space 0, times 0
[ 3357.669093] CPU: 0 PID: 16911 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3357.669883] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3357.670838] Call Trace:
[ 3357.671157]  dump_stack+0x107/0x167
[ 3357.671588]  should_fail.cold+0x5/0xa
[ 3357.672037]  ? xas_alloc+0x336/0x440
[ 3357.672474]  should_failslab+0x5/0x20
[ 3357.672924]  kmem_cache_alloc+0x5b/0x310
[ 3357.673405]  xas_alloc+0x336/0x440
[ 3357.673821]  xas_create+0x34a/0x10d0
[ 3357.674272]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3357.674886]  xas_store+0x8c/0x1c40
[ 3357.675323]  __xa_store+0x164/0x2d0
[ 3357.675748]  ? xa_delete_node+0x280/0x280
[ 3357.676238]  ? trace_hardirqs_on+0x5b/0x180
[ 3357.676749]  xa_store+0x31/0x50
[ 3357.677139]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3357.677700]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3357.678319]  ? alloc_fd+0x2e7/0x670
[ 3357.678755]  io_uring_setup+0x1fbb/0x2980
[ 3357.679251]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3357.679843]  ? wait_for_completion_io+0x270/0x270
[ 3357.680428]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3357.681038]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3357.681639]  do_syscall_64+0x33/0x40
[ 3357.682073]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3357.682667] RIP: 0033:0x7f3b78954b19
[ 3357.683111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3357.685238] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3357.686119] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3357.686952] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3357.687781] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3357.688605] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3357.689427] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:32:10 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 47)

04:32:10 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r3, 0x13, &(0x7f0000000100)=[r4, r4], 0x2)
dup3(r2, r3, 0x80000)

04:32:10 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0xc02c2, 0x0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
mmap$perf(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2, 0x11, 0xffffffffffffffff, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000280)={0x0, 0x1})
r1 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000040), 0x2884c0, 0x0)
ioctl$AUTOFS_IOC_EXPIRE(r1, 0x810c9365, &(0x7f0000000580)={{0x4, 0xff}, 0x100, './file1/file0\x00'})
r2 = open(&(0x7f00000000c0)='./file0\x00', 0x1811c1, 0x12)
openat(0xffffffffffffffff, &(0x7f00000002c0)='./file1/file0\x00', 0xc0, 0x0)
r3 = syz_open_dev$vcsn(&(0x7f0000000200), 0x401, 0x80)
sendfile(0xffffffffffffffff, r3, &(0x7f0000000240)=0x3, 0x0)
r4 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x21)
openat$cdrom(0xffffffffffffff9c, &(0x7f0000000180), 0x4a03, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r4, 0xc020f509, &(0x7f0000000140)={r0, 0x3, 0x2, 0xffffffff})
r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r5, r6, 0x0, 0x100000001)
fallocate(0xffffffffffffffff, 0x1, 0x0, 0x1)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/class/sound', 0x40002, 0x102)
perf_event_open(&(0x7f0000000500)={0x0, 0x80, 0x0, 0x0, 0x0, 0x20, 0x0, 0x60, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x75e6}, 0x284, 0x10000, 0x7ff, 0x8, 0x80}, 0x0, 0x40013, r7, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f00000001c0)={0x0, r2})

04:32:10 executing program 7:
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, 0x2, &(0x7f0000000140)=[{&(0x7f0000000080)="cf5459fda9d1d3089224087b965f72c680630e28b24810e4714e244e63b144cca1c2a10fc6d7533c4aaa3847", 0x2c, 0x401}, {&(0x7f00000000c0)="1afa66e4247f2997b37b98e92c0d1a1b0d2dce65d84101587ba8c13edf4373b0c5192aaa82abbd72108abd513398f865ff63977ee10c93ca442efb42a258fae7e2d1140272d8df85ce5420b0e04e02910d783d7b50126650009bd226e46303c838cd488f6e4d92bc1adc525d90", 0x6d, 0x34}], 0x2080, &(0x7f0000000180)={[{}, {@cruft}, {@hide}, {@cruft}, {}, {@unhide}, {@map_normal}, {@utf8}, {@unhide}], [{@subj_user={'subj_user', 0x3d, '\x00'}}]})
r0 = creat(&(0x7f0000000f40)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000200)={0x0, 0x0, 0x1, 0x0, '\x00', [], ['\x00']})

04:32:10 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
ioctl$KDGKBTYPE(0xffffffffffffffff, 0x4b33, &(0x7f0000000040))
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:32:10 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:32:10 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 47)

04:32:10 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x7c, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

[ 3374.510625] FAULT_INJECTION: forcing a failure.
[ 3374.510625] name failslab, interval 1, probability 0, space 0, times 0
[ 3374.513614] CPU: 0 PID: 16928 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3374.515126] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3374.516925] Call Trace:
[ 3374.517508]  dump_stack+0x107/0x167
[ 3374.518309]  should_fail.cold+0x5/0xa
[ 3374.519154]  ? xas_alloc+0x336/0x440
[ 3374.519969]  should_failslab+0x5/0x20
[ 3374.520800]  kmem_cache_alloc+0x5b/0x310
[ 3374.521704]  xas_alloc+0x336/0x440
[ 3374.522313] FAULT_INJECTION: forcing a failure.
[ 3374.522313] name failslab, interval 1, probability 0, space 0, times 0
[ 3374.522485]  xas_create+0x34a/0x10d0
[ 3374.522536]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3374.526815]  xas_store+0x8c/0x1c40
[ 3374.527637]  __xa_store+0x164/0x2d0
[ 3374.528439]  ? xa_delete_node+0x280/0x280
[ 3374.529359]  ? trace_hardirqs_on+0x5b/0x180
[ 3374.530316]  xa_store+0x31/0x50
[ 3374.531045]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3374.532107]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3374.533244]  ? alloc_fd+0x2e7/0x670
[ 3374.534063]  io_uring_setup+0x1fbb/0x2980
[ 3374.534983]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3374.536090]  ? wait_for_completion_io+0x270/0x270
[ 3374.537187]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3374.538328]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3374.539465]  do_syscall_64+0x33/0x40
[ 3374.540280]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3374.541395] RIP: 0033:0x7f4cd02cab19
[ 3374.542205] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3374.546206] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3374.547867] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3374.549414] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3374.550961] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3374.552511] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3374.554061] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3374.555682] CPU: 1 PID: 16933 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3374.557415] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3374.559734] Call Trace:
[ 3374.560397]  dump_stack+0x107/0x167
[ 3374.561303]  should_fail.cold+0x5/0xa
[ 3374.562260]  ? xas_alloc+0x336/0x440
[ 3374.563271]  should_failslab+0x5/0x20
[ 3374.564401]  kmem_cache_alloc+0x5b/0x310
[ 3374.565478]  xas_alloc+0x336/0x440
[ 3374.566347]  xas_create+0x34a/0x10d0
[ 3374.566833] loop7: detected capacity change from 0 to 2048
[ 3374.567288]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3374.569710]  xas_store+0x8c/0x1c40
[ 3374.570602]  __xa_store+0x164/0x2d0
[ 3374.571503]  ? xa_delete_node+0x280/0x280
[ 3374.572538]  ? trace_hardirqs_on+0x5b/0x180
[ 3374.573599]  xa_store+0x31/0x50
[ 3374.574408]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3374.575590]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3374.576874]  ? alloc_fd+0x2e7/0x670
[ 3374.577772]  io_uring_setup+0x1fbb/0x2980
[ 3374.578791]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3374.580024]  ? wait_for_completion_io+0x270/0x270
[ 3374.581217]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3374.582478]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3374.583752]  do_syscall_64+0x33/0x40
[ 3374.584650]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3374.585881] RIP: 0033:0x7f3b78954b19
[ 3374.586780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3374.591272] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3374.593099] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3374.594821] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3374.596556] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3374.598279] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3374.600027] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3374.645152] loop7: detected capacity change from 0 to 2048
04:32:10 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 48)

[ 3374.825322] FAULT_INJECTION: forcing a failure.
[ 3374.825322] name failslab, interval 1, probability 0, space 0, times 0
[ 3374.826851] CPU: 0 PID: 16947 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3374.827686] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3374.828668] Call Trace:
[ 3374.828985]  dump_stack+0x107/0x167
[ 3374.829417]  should_fail.cold+0x5/0xa
[ 3374.829881]  ? create_object.isra.0+0x3a/0xa30
[ 3374.830417]  should_failslab+0x5/0x20
[ 3374.830874]  kmem_cache_alloc+0x5b/0x310
[ 3374.831362]  ? mark_held_locks+0x9e/0xe0
[ 3374.831855]  create_object.isra.0+0x3a/0xa30
[ 3374.832508]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3374.833127]  kmem_cache_alloc+0x159/0x310
[ 3374.833636]  xas_alloc+0x336/0x440
[ 3374.834059]  xas_create+0x34a/0x10d0
[ 3374.834509]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3374.835146]  xas_store+0x8c/0x1c40
[ 3374.835600]  __xa_store+0x164/0x2d0
[ 3374.836035]  ? xa_delete_node+0x280/0x280
[ 3374.836532]  ? trace_hardirqs_on+0x5b/0x180
[ 3374.837063]  xa_store+0x31/0x50
[ 3374.837458]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3374.838040]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3374.838666]  ? alloc_fd+0x2e7/0x670
[ 3374.839122]  io_uring_setup+0x1fbb/0x2980
[ 3374.839630]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3374.840232]  ? wait_for_completion_io+0x270/0x270
[ 3374.840846]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3374.841465]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3374.842079]  do_syscall_64+0x33/0x40
[ 3374.842516]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3374.843136] RIP: 0033:0x7f3b78954b19
[ 3374.843582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3374.845712] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3374.846600] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3374.847432] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3374.848262] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3374.849100] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3374.849937] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:32:27 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 48)

04:32:27 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0xb, 0x0, 0x0, 0x4, "77004a0100ff0000000008002600000100"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xca496a150dbd088, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:32:27 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:32:27 executing program 7:
ioctl$BTRFS_IOC_DEV_INFO(0xffffffffffffffff, 0xd000941e, &(0x7f00000003c0)={0x0, "2ce12ec7d054a51bc205629de9279849"})
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x92)
fallocate(r0, 0x0, 0x0, 0x1000002)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r2 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r2, 0x13, &(0x7f0000000100)=[r3, r3], 0x2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_START_AP(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)={0x5c, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x30, 0xe, {@wo_ht={{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x0, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @val={0x72, 0x6}, @void, @void}}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x5c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_DEL_TX_TS(r3, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f00000002c0)={0x64, r5, 0x400, 0x50, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_TSID={0x5, 0xd2, 0xf}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x45}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x6}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x1}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x8}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x7}]}, 0x64}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r8 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
r9 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat(r9, &(0x7f0000000040)='./file0\x00', 0x81, 0xff)
sendfile(r1, r8, 0x0, 0x100000001)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)

04:32:27 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0x8080a, 0x0)
dup3(r1, r0, 0x0)

04:32:27 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 49)

04:32:27 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0xfc, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:32:27 executing program 0:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x7, 0xb, 0x0, 0x2000, 0x2, "77004a6e1700040000001f002600", 0x80, 0xfffffffd})
ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0xffff)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000000840)={{}, 0x0, 0x0, @inherit={0x80, &(0x7f00000004c0)=ANY=[@ANYBLOB="010000d14693307bef8fd60000000000b26e8690f7fad59a120778ddb06eb1674495c9b70300000064ed45f1730bb624709777cd00000063dac4000000000000000000000000020000a580040000000000b664f1a202000000000000007eacf3177c4830daa39375ff7f00000000000000000001000080000000080900400000000000040000000ee3e9b8c5c7a550bfae98ee4c4c0d010960caa4480884a46a5d93ac8a16d2b605826dc4c3802385911c98f247dd786b4a0000000000000000cb6df55d9364a7e18e6bacd44b41c25e3db1bc74092a1b5a60dc5526ea0a3aad0dc726c43d8f3f5b10c992122df58da26b98377e6b1386a04945e75e52f0f69d67912f98ec07820d5f830c4c241a429af13157ecd7f6228927b8521a750657f8ff0781fbfc4fbb825e254ce0f6a1310bb6c74d78e26921db0d"]}, @devid})
ioctl$FIONREAD(0xffffffffffffffff, 0x541b, 0x0)
r1 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r0, 0xf503, 0x0)
ioctl$TIOCL_PASTESEL(r1, 0x541c, &(0x7f0000000200))
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000080)={'veth0_vlan\x00'})
ioctl$FIONREAD(0xffffffffffffffff, 0x541b, &(0x7f0000000480))
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_RESVSP(r2, 0x40305828, &(0x7f0000000600)={0x0, 0x0, 0x6eaa4804, 0x401})
ioctl$FIONREAD(0xffffffffffffffff, 0x541b, &(0x7f0000000180))
r3 = socket$inet(0x2, 0xa, 0x0)
poll(&(0x7f00000001c0)=[{0xffffffffffffffff, 0x4}, {}], 0x2, 0x0)
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x200000b, 0x12, r2, 0x197f8000)
ioctl$TIOCGISO7816(0xffffffffffffffff, 0x80285442, &(0x7f00000002c0))
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x840, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
dup3(r3, r0, 0x0)

[ 3391.589935] FAULT_INJECTION: forcing a failure.
[ 3391.589935] name failslab, interval 1, probability 0, space 0, times 0
[ 3391.591514] CPU: 0 PID: 16959 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3391.592428] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3391.593532] Call Trace:
[ 3391.593887]  dump_stack+0x107/0x167
[ 3391.594375]  should_fail.cold+0x5/0xa
[ 3391.594888]  ? xas_alloc+0x336/0x440
[ 3391.595413]  should_failslab+0x5/0x20
[ 3391.595924]  kmem_cache_alloc+0x5b/0x310
[ 3391.596474]  xas_alloc+0x336/0x440
[ 3391.596947]  xas_create+0x34a/0x10d0
[ 3391.597455]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3391.598164]  xas_store+0x8c/0x1c40
[ 3391.598660]  __xa_store+0x164/0x2d0
[ 3391.599158]  ? xa_delete_node+0x280/0x280
[ 3391.599746]  ? trace_hardirqs_on+0x5b/0x180
[ 3391.600330]  xa_store+0x31/0x50
[ 3391.600768]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3391.601418]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3391.602113]  ? alloc_fd+0x2e7/0x670
[ 3391.602624]  io_uring_setup+0x1fbb/0x2980
[ 3391.603206]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3391.603904]  ? wait_for_completion_io+0x270/0x270
[ 3391.604563]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3391.605250]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3391.605935]  do_syscall_64+0x33/0x40
[ 3391.606439]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3391.607113] RIP: 0033:0x7f3b78954b19
[ 3391.607625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3391.610022] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3391.611035] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3391.611993] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3391.612930] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3391.613877] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3391.614830] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3391.624217] FAULT_INJECTION: forcing a failure.
[ 3391.624217] name failslab, interval 1, probability 0, space 0, times 0
[ 3391.625709] CPU: 0 PID: 16968 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3391.626612] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3391.627716] Call Trace:
[ 3391.628061]  dump_stack+0x107/0x167
[ 3391.628557]  should_fail.cold+0x5/0xa
[ 3391.629057]  ? create_object.isra.0+0x3a/0xa30
[ 3391.629653]  should_failslab+0x5/0x20
[ 3391.630154]  kmem_cache_alloc+0x5b/0x310
[ 3391.630687]  ? mark_held_locks+0x9e/0xe0
[ 3391.631221]  create_object.isra.0+0x3a/0xa30
[ 3391.631824]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3391.632495]  kmem_cache_alloc+0x159/0x310
[ 3391.633055]  xas_alloc+0x336/0x440
[ 3391.633530]  xas_create+0x34a/0x10d0
[ 3391.634039]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3391.634741]  xas_store+0x8c/0x1c40
[ 3391.635233]  __xa_store+0x164/0x2d0
[ 3391.635745]  ? xa_delete_node+0x280/0x280
[ 3391.636297]  ? trace_hardirqs_on+0x5b/0x180
[ 3391.636877]  xa_store+0x31/0x50
[ 3391.637314]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3391.637955]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3391.638646]  ? alloc_fd+0x2e7/0x670
[ 3391.639143]  io_uring_setup+0x1fbb/0x2980
[ 3391.639730]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3391.640404]  ? wait_for_completion_io+0x270/0x270
[ 3391.641079]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3391.641775]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3391.642471]  do_syscall_64+0x33/0x40
[ 3391.642960]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3391.643652] RIP: 0033:0x7f4cd02cab19
[ 3391.644147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3391.646563] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3391.647568] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3391.648501] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3391.649446] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3391.650376] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3391.651327] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:32:27 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000080)={'macvlan0\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
r2 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r2, 0x13, &(0x7f0000000100)=[r3, r3], 0x2)
ioctl$TCSBRK(r3, 0x5409, 0xfff)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r4 = io_uring_setup(0x2505, &(0x7f0000000080)={0x0, 0x0, 0x2})
r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r4, 0x13, &(0x7f0000000100)=[r5, r5], 0x2)
fsetxattr$trusted_overlay_origin(r4, &(0x7f0000000140), &(0x7f0000000180), 0x2, 0x3)
r6 = socket$inet(0x2, 0xa, 0x0)
dup3(r6, r0, 0x0)
unlink(&(0x7f00000000c0)='./file0\x00')
ftruncate(r0, 0x1)

04:32:27 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x20)
r0 = socket$inet(0x2, 0xa, 0x0)
dup3(r0, 0xffffffffffffffff, 0x0)

04:32:27 executing program 0:
r0 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r0, 0x13, &(0x7f0000000100)=[r1, r1], 0x2)
ioctl$BTRFS_IOC_QGROUP_LIMIT(r0, 0x8030942b, &(0x7f0000000000)={0x7, {0x24, 0x4, 0x3ff, 0x4, 0x3}})
r2 = syz_io_uring_setup(0x3862, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000180))
r3 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x1f012, r3, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f0000001480)=[{0x0}], 0x1)

04:32:27 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x1ff, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
socket$inet(0x2, 0x800, 0x0)
syz_open_dev$vcsa(&(0x7f0000000040), 0x3, 0x81)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0x4, 0x5, 0x3f, 0x5, 0x0, 0xe8a5, 0x10200, 0xa, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0xd5, 0x6}, 0x42411, 0xce, 0x6, 0x8, 0x3, 0x4, 0x6, 0x0, 0x3, 0x0, 0xfffffffffffffff7}, 0x0, 0x5, r2, 0x0)
dup3(r2, 0xffffffffffffffff, 0x80000)

04:32:27 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 50)

04:32:27 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x20)
r0 = socket$inet(0x2, 0xa, 0x0)
dup3(r0, 0xffffffffffffffff, 0x0)

04:32:27 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 49)

04:32:27 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x300, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:32:27 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
lseek(0xffffffffffffffff, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
socket$nl_audit(0x10, 0x3, 0x9)
clock_gettime(0x0, &(0x7f0000000080))
openat(r0, &(0x7f0000000000)='./file1/file0\x00', 0x280000, 0x16)
sendfile(r0, r1, 0x0, 0x100000001)

[ 3391.900855] FAULT_INJECTION: forcing a failure.
[ 3391.900855] name failslab, interval 1, probability 0, space 0, times 0
[ 3391.902221] CPU: 0 PID: 17000 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3391.903203] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3391.904284] Call Trace:
[ 3391.904608]  dump_stack+0x107/0x167
[ 3391.905042]  should_fail.cold+0x5/0xa
[ 3391.905500]  ? create_object.isra.0+0x3a/0xa30
[ 3391.906040]  should_failslab+0x5/0x20
[ 3391.906480]  kmem_cache_alloc+0x5b/0x310
[ 3391.906952]  ? mark_held_locks+0x9e/0xe0
[ 3391.907456]  create_object.isra.0+0x3a/0xa30
[ 3391.907963]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3391.908563]  kmem_cache_alloc+0x159/0x310
[ 3391.909055]  xas_alloc+0x336/0x440
[ 3391.909475]  xas_create+0x34a/0x10d0
[ 3391.909921]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3391.910537]  xas_store+0x8c/0x1c40
[ 3391.910969]  __xa_store+0x164/0x2d0
[ 3391.911414]  ? xa_delete_node+0x280/0x280
[ 3391.911909]  ? trace_hardirqs_on+0x5b/0x180
[ 3391.912422]  xa_store+0x31/0x50
[ 3391.912813]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3391.913375]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3391.913981]  ? alloc_fd+0x2e7/0x670
[ 3391.914417]  io_uring_setup+0x1fbb/0x2980
[ 3391.914912]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3391.915524]  ? wait_for_completion_io+0x270/0x270
[ 3391.916109]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3391.916718]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3391.917318]  do_syscall_64+0x33/0x40
[ 3391.917758]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3391.918353] RIP: 0033:0x7f3b78954b19
[ 3391.918792] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3391.920935] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3391.921815] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3391.922627] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3391.923467] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3391.924284] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3391.925092] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3392.042825] FAULT_INJECTION: forcing a failure.
[ 3392.042825] name failslab, interval 1, probability 0, space 0, times 0
[ 3392.045814] CPU: 1 PID: 17009 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3392.047503] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3392.049607] Call Trace:
[ 3392.050274]  dump_stack+0x107/0x167
[ 3392.051135]  should_fail.cold+0x5/0xa
[ 3392.052030]  ? create_object.isra.0+0x3a/0xa30
[ 3392.053223]  should_failslab+0x5/0x20
[ 3392.054142]  kmem_cache_alloc+0x5b/0x310
[ 3392.055033]  ? mark_held_locks+0x9e/0xe0
[ 3392.056114]  create_object.isra.0+0x3a/0xa30
[ 3392.057153]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3392.058343]  kmem_cache_alloc+0x159/0x310
[ 3392.059460]  xas_alloc+0x336/0x440
[ 3392.060336]  xas_create+0x34a/0x10d0
[ 3392.061270]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3392.062599]  xas_store+0x8c/0x1c40
[ 3392.063489]  __xa_store+0x164/0x2d0
[ 3392.064284]  ? xa_delete_node+0x280/0x280
[ 3392.065345]  ? trace_hardirqs_on+0x5b/0x180
[ 3392.066294]  xa_store+0x31/0x50
[ 3392.067023]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3392.068086]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3392.069226]  ? alloc_fd+0x2e7/0x670
[ 3392.070032]  io_uring_setup+0x1fbb/0x2980
[ 3392.070955]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3392.072075]  ? wait_for_completion_io+0x270/0x270
[ 3392.073144]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3392.074290]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3392.075415]  do_syscall_64+0x33/0x40
[ 3392.076221]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3392.077346] RIP: 0033:0x7f4cd02cab19
[ 3392.078152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3392.082146] RSP: 002b:00007f4ccd81f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3392.083816] RAX: ffffffffffffffda RBX: 00007f4cd03de020 RCX: 00007f4cd02cab19
[ 3392.085365] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3392.086921] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3392.088475] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3392.090029] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:32:43 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x20)
r0 = socket$inet(0x2, 0xa, 0x0)
dup3(r0, 0xffffffffffffffff, 0x0)

04:32:43 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x500, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:32:43 executing program 7:
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'team0\x00', <r0=>0x0})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$INCFS_IOC_GET_FILLED_BLOCKS(0xffffffffffffffff, 0x80286722, &(0x7f0000000cc0)={&(0x7f0000000100)=""/41, 0x29})
syz_read_part_table(0xfffffffd, 0x0, 0x0)
r1 = socket$inet_icmp(0x2, 0x2, 0x1)
syz_open_procfs(0x0, &(0x7f0000000180)='clear_refs\x00')
setsockopt$IP_VS_SO_SET_FLUSH(r1, 0x0, 0x485, 0x0, 0x0)
r2 = open(&(0x7f0000000080)='./file0\x00', 0x206040, 0x40)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8914, &(0x7f0000000140)={'lo\x00'})
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'syz_tun\x00'})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000d00)={'syztnl1\x00', &(0x7f0000001580)={'syztnl2\x00', r0, 0x2f, 0x7b, 0x0, 0x0, 0x0, @loopback, @private0, 0x8, 0x7, 0x40, 0x1ff}})
accept$inet6(r2, 0x0, &(0x7f00000000c0))
r4 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r4, 0x13, &(0x7f0000000100)=[r5, r5], 0x2)
faccessat2(r5, &(0x7f0000000040)='./file0\x00', 0x1a, 0x200)

04:32:43 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 50)

04:32:43 executing program 0:
r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat$cgroup_pressure(0xffffffffffffffff, &(0x7f00000000c0)='io.pressure\x00', 0x2, 0x0)
pipe2(&(0x7f0000000080)={<r2=>0xffffffffffffffff}, 0x800)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r0, 0xc0189375, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r3=>r1}, './file0\x00'})
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r3, &(0x7f0000000180)={0x10})
stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setreuid(0x0, r4)
pipe(&(0x7f0000000000)={<r5=>0xffffffffffffffff})
openat$cgroup_pressure(r5, &(0x7f0000000040)='io.pressure\x00', 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0xc018937b, &(0x7f0000000100)={{0x1, 0x1, 0x18, r1, {r4, 0xee00}}, './file0\x00'})
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r6, 0x400448cb, 0x0)

04:32:43 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 51)

04:32:43 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
r2 = socket$packet(0x11, 0x0, 0x300)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000000200))
dup3(r1, r0, 0x0)

04:32:43 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000040)={'tunl0\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
ioctl$BTRFS_IOC_GET_FEATURES(r1, 0x80189439, &(0x7f0000000080))
dup3(r1, r0, 0x0)

[ 3407.002904] FAULT_INJECTION: forcing a failure.
[ 3407.002904] name failslab, interval 1, probability 0, space 0, times 0
[ 3407.005461] CPU: 1 PID: 17029 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3407.006942] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3407.008725] Call Trace:
[ 3407.009303]  dump_stack+0x107/0x167
[ 3407.010091]  should_fail.cold+0x5/0xa
[ 3407.010913]  ? create_object.isra.0+0x3a/0xa30
[ 3407.011904]  should_failslab+0x5/0x20
[ 3407.012725]  kmem_cache_alloc+0x5b/0x310
[ 3407.013603]  ? mark_held_locks+0x9e/0xe0
[ 3407.014482]  create_object.isra.0+0x3a/0xa30
[ 3407.015436]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3407.016535]  kmem_cache_alloc+0x159/0x310
[ 3407.017431]  xas_alloc+0x336/0x440
[ 3407.018207]  xas_create+0x34a/0x10d0
[ 3407.019028]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3407.020176]  xas_store+0x8c/0x1c40
[ 3407.020962]  __xa_store+0x164/0x2d0
[ 3407.021757]  ? xa_delete_node+0x280/0x280
[ 3407.022695]  ? trace_hardirqs_on+0x5b/0x180
[ 3407.023659]  xa_store+0x31/0x50
[ 3407.024383]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3407.025439]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3407.026581]  ? alloc_fd+0x2e7/0x670
[ 3407.027404]  io_uring_setup+0x1fbb/0x2980
[ 3407.028364]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3407.029492]  ? wait_for_completion_io+0x270/0x270
[ 3407.030611]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3407.031791]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3407.032528] FAULT_INJECTION: forcing a failure.
[ 3407.032528] name failslab, interval 1, probability 0, space 0, times 0
[ 3407.032947]  do_syscall_64+0x33/0x40
[ 3407.036621]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3407.037759] RIP: 0033:0x7f4cd02cab19
[ 3407.038586] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3407.042695] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3407.044415] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3407.046031] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3407.047654] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3407.049276] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3407.050898] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3407.052572] CPU: 0 PID: 17032 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3407.054357] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3407.056334] Call Trace:
[ 3407.056970]  dump_stack+0x107/0x167
[ 3407.057760]  should_fail.cold+0x5/0xa
[ 3407.058594]  ? xas_alloc+0x336/0x440
[ 3407.059423]  should_failslab+0x5/0x20
[ 3407.060250]  kmem_cache_alloc+0x5b/0x310
[ 3407.061152]  xas_alloc+0x336/0x440
[ 3407.062086]  xas_create+0x34a/0x10d0
[ 3407.062894]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3407.064122]  xas_store+0x8c/0x1c40
[ 3407.064929]  __xa_store+0x164/0x2d0
[ 3407.065718]  ? xa_delete_node+0x280/0x280
[ 3407.066619]  ? trace_hardirqs_on+0x5b/0x180
[ 3407.067613]  xa_store+0x31/0x50
[ 3407.068368]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3407.069404]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3407.070531]  ? alloc_fd+0x2e7/0x670
[ 3407.071328]  io_uring_setup+0x1fbb/0x2980
[ 3407.072255]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3407.073336]  ? wait_for_completion_io+0x270/0x270
[ 3407.074413]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3407.075537]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3407.076651]  do_syscall_64+0x33/0x40
[ 3407.077616]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3407.078781] RIP: 0033:0x7f3b78954b19
[ 3407.079619] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3407.083511] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3407.085408] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3407.086953] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3407.088557] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3407.090197] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3407.091723] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3407.128938] loop7: detected capacity change from 0 to 135266304
04:32:43 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:32:43 executing program 0:
read(0xffffffffffffffff, &(0x7f0000000000)=""/209, 0xd1)
perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff8100791f}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0xeb66)
close(r0)

04:32:43 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
ioctl$FIONREAD(r2, 0x541b, &(0x7f0000000040))
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
r3 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r3, 0x13, &(0x7f0000000100)=[r4, r4], 0x2)
ioctl$TUNSETQUEUE(r4, 0x400454d9, &(0x7f0000000140)={'bridge_slave_1\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r5 = socket$inet(0x2, 0xa, 0x0)
dup3(r5, r0, 0x0)

[ 3407.236331] loop7: detected capacity change from 0 to 135266304
04:32:43 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 52)

04:32:43 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 51)

[ 3407.298481] FAULT_INJECTION: forcing a failure.
[ 3407.298481] name failslab, interval 1, probability 0, space 0, times 0
[ 3407.300863] CPU: 1 PID: 17064 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3407.302318] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3407.304057] Call Trace:
[ 3407.304626]  dump_stack+0x107/0x167
[ 3407.305389]  should_fail.cold+0x5/0xa
[ 3407.306196]  ? create_object.isra.0+0x3a/0xa30
[ 3407.307147]  should_failslab+0x5/0x20
[ 3407.307950]  kmem_cache_alloc+0x5b/0x310
[ 3407.308819]  ? mark_held_locks+0x9e/0xe0
[ 3407.309693]  create_object.isra.0+0x3a/0xa30
[ 3407.310622]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3407.311694]  kmem_cache_alloc+0x159/0x310
[ 3407.312579]  xas_alloc+0x336/0x440
[ 3407.313324]  xas_create+0x34a/0x10d0
[ 3407.314119]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3407.315230]  xas_store+0x8c/0x1c40
[ 3407.316018]  __xa_store+0x164/0x2d0
[ 3407.316795]  ? xa_delete_node+0x280/0x280
[ 3407.317671]  ? trace_hardirqs_on+0x5b/0x180
[ 3407.318590]  xa_store+0x31/0x50
[ 3407.319283]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3407.320308]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3407.321411]  ? alloc_fd+0x2e7/0x670
[ 3407.322189]  io_uring_setup+0x1fbb/0x2980
[ 3407.323071]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3407.324150]  ? wait_for_completion_io+0x270/0x270
[ 3407.325201]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3407.326303]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3407.327401]  do_syscall_64+0x33/0x40
[ 3407.328181]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3407.329270] RIP: 0033:0x7f3b78954b19
[ 3407.330041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3407.333927] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3407.335536] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3407.337043] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3407.338564] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3407.340062] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3407.341572] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:32:43 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x600, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:32:43 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:32:43 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
r2 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETOWNER(r3, 0x400454cc, 0xee01)
io_uring_register$IORING_REGISTER_FILES(r2, 0x13, &(0x7f0000000100)=[r3, r3], 0x2)
ioctl$TUNDETACHFILTER(r3, 0x401054d6, 0x0)
close_range(r0, r0, 0x0)
ioctl$TUNGETFILTER(r3, 0x801054db, &(0x7f0000000040)=""/202)
r4 = dup3(r1, r0, 0x0)
ioctl$sock_inet_SIOCGIFNETMASK(r4, 0x891b, &(0x7f0000000140)={'team0\x00', {0x2, 0x0, @local}})

04:32:43 executing program 7:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x9, 0x0, 0x10, 0x0, 0x0, 0x430b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xfffffffffffffffe}, 0x219, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r2, 0x40042409, 0x1)
r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000440), 0x109c00, 0x0)
r4 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r4, 0x13, &(0x7f0000000100)=[r5, r5], 0x2)
ioctl$LOOP_CHANGE_FD(r3, 0x4c06, r5)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000240), 0x80, 0x0)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @loopback}, 0x10)
setsockopt$inet_udp_encap(0xffffffffffffffff, 0x11, 0x64, &(0x7f0000000140)=0x1, 0x4)
sendmmsg$inet(r0, &(0x7f0000000300)=[{{&(0x7f0000000000)={0x2, 0x4e20, @multicast1}, 0x10, 0x0, 0x0, 0x0, 0x0, 0xe8030000}, 0xe00}], 0x40001a9, 0x1ffff000)
readv(r2, &(0x7f0000000600)=[{&(0x7f0000000340)=""/196, 0xc4}, {&(0x7f0000000500)=""/206, 0xce}, {&(0x7f0000000180)=""/76, 0x4c}, {&(0x7f0000000200)=""/12, 0xc}, {&(0x7f0000000280)=""/120, 0x78}], 0x5)
ioctl$BTRFS_IOC_BALANCE(r0, 0x5000940c, 0x0)

[ 3407.486838] FAULT_INJECTION: forcing a failure.
[ 3407.486838] name failslab, interval 1, probability 0, space 0, times 0
[ 3407.489805] CPU: 0 PID: 17077 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3407.491574] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3407.493673] Call Trace:
[ 3407.494358]  dump_stack+0x107/0x167
[ 3407.495289]  should_fail.cold+0x5/0xa
[ 3407.496299]  ? xas_alloc+0x336/0x440
[ 3407.497113]  should_failslab+0x5/0x20
[ 3407.497946]  kmem_cache_alloc+0x5b/0x310
[ 3407.498807]  xas_alloc+0x336/0x440
[ 3407.499577]  xas_create+0x34a/0x10d0
[ 3407.500378]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3407.501684]  xas_store+0x8c/0x1c40
[ 3407.502626]  __xa_store+0x164/0x2d0
[ 3407.503588]  ? xa_delete_node+0x280/0x280
[ 3407.504675]  ? trace_hardirqs_on+0x5b/0x180
[ 3407.505795]  xa_store+0x31/0x50
[ 3407.506648]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3407.507903]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3407.509237]  ? alloc_fd+0x2e7/0x670
[ 3407.510188]  io_uring_setup+0x1fbb/0x2980
[ 3407.511263]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3407.512342]  ? wait_for_completion_io+0x270/0x270
[ 3407.513390]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3407.514495]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3407.515610]  do_syscall_64+0x33/0x40
[ 3407.516412]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3407.517535] RIP: 0033:0x7f4cd02cab19
[ 3407.518307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3407.522184] RSP: 002b:00007f4ccd81f108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3407.523821] RAX: ffffffffffffffda RBX: 00007f4cd03de020 RCX: 00007f4cd02cab19
[ 3407.525353] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3407.526862] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3407.528364] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3407.529876] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:32:43 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:32:43 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:32:43 executing program 0:
semget$private(0x0, 0x4, 0x100)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2040, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
semop(0x0, &(0x7f0000000040)=[{0x1, 0x400, 0x1000}, {0x1, 0x4, 0x1000}, {0x4, 0x8, 0x800}, {0x1, 0xfff, 0x1800}, {0x3, 0x5, 0x1000}, {0x0, 0x7}, {0x2, 0x1, 0x1000}, {0x3, 0x1, 0x1000}], 0x8)
semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000000)=[0x2, 0x0])
clock_gettime(0x0, &(0x7f0000000400)={<r0=>0x0, <r1=>0x0})
semtimedop(0x0, &(0x7f0000000140)=[{0x0, 0x20, 0x800}], 0x1, &(0x7f0000000440)={r0, r1+10000000})
r2 = semget$private(0x0, 0x0, 0x0)
semget(0x2, 0x2, 0x12)
clock_gettime(0x0, 0x0)
semtimedop(0x0, 0x0, 0x0, &(0x7f0000000180))
semop(r2, &(0x7f0000000040), 0x0)
semtimedop(0x0, &(0x7f00000003c0)=[{0x0, 0x4a41, 0x1800}, {}, {0x0, 0x6, 0x400}], 0x3, &(0x7f00000001c0)={0x0, 0x989680})
semtimedop(0x0, &(0x7f0000000200)=[{0x0, 0x401}], 0x1, 0x0)
semctl$IPC_RMID(0x0, 0x0, 0x0)
semop(0x0, &(0x7f0000000040), 0x0)
semctl$IPC_RMID(0x0, 0x0, 0x0)
unshare(0x48020200)
semop(0x0, &(0x7f0000000080), 0x0)
r3 = semget$private(0x0, 0x0, 0x0)
semctl$SETALL(r3, 0x0, 0x11, &(0x7f0000000000)=[0x2, 0x0])

04:32:43 executing program 7:
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc0189379, &(0x7f0000000300)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="efdb2bdb2705000000000000006530009784141fb1a12b5dfcc026e0718cf77baabc2551e39508cb00ee835993600ed9094c8fcc03a5"])
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000180), 0x4)
dup(r1)
openat(0xffffffffffffff9c, 0x0, 0x105142, 0x22)
fstat(0xffffffffffffffff, &(0x7f00000004c0))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000080)={0x8, 0xfffffffffffff588, 0x3, 0x8, 0xff, 0x4})
sendmsg$NL80211_CMD_DEL_TX_TS(r2, &(0x7f0000000380)={&(0x7f0000000100), 0xc, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x44040804)
ioctl$SCSI_IOCTL_PROBE_HOST(0xffffffffffffffff, 0x5385, &(0x7f0000000640)=ANY=[@ANYBLOB="df0000000000000000000000a21a960ed23452f6826835b2f2000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007f000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b1b2e21a55f3ba3af7915ead45e268a616e4c5fe9a8aa546294f79bf63b8ca4d2e80c386a9dcaf49b4a501dcfb46002988ec4e551bb2dae5d0710ac4a6c8bc229eb7d6e2daaa4d4e64d3aa4e985c0de7cbd014cb0463bc1cadafc574da74953a0fc11070659fb5e01da6"])
dup(0xffffffffffffffff)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000042400001d09bd7000fcdbdf2509000100d1ec8f15419b19a38d52c742463919bc9c48c274555a7605736870fc8c631717183ab9e559cfad8c29f14e3063c9f96dff9a44a0fded9a2271c43bbe7ed8656b3e8a2cb2fd37ad9829accfeeb152bc3e7c7c276cb3"], 0x14}, 0x1, 0x0, 0x0, 0x20050884}, 0x6004884)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffefffffffffff, 0xffffffffffffffff, 0xb)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000003c0)=ANY=[@ANYBLOB="f80300001d00210c210000000000000004000200b1bd08b56e5859f05b75611de1b652bb35041fd21b1c77dc7931356478a7b491bacf1f0466f4f4e7f023d46d29c97359ebac3ab5125bc4969f"], 0x3f8}}, 0x0)

[ 3407.773721] netlink: 996 bytes leftover after parsing attributes in process `syz-executor.7'.
04:33:00 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:33:00 executing program 0:
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4348, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x5}, 0x1c)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r3 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r3)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e20, 0x6, @remote}, 0x1c)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0x0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r4)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xa42e2, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x12, r5, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000000200)=""/98, 0x62}, {&(0x7f0000000280)=""/151, 0x97}, {&(0x7f0000000340)=""/57, 0x39}, {&(0x7f0000000380)=""/4096, 0x1000}], 0x4, 0x7fff, 0x7f)
fcntl$dupfd(r5, 0x0, r0)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r1)

04:33:00 executing program 7:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
ioctl$VT_RELDISP(0xffffffffffffffff, 0x5605)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:33:00 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x700, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:33:00 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000200)=ANY=[@ANYBLOB="0100de971d9d1356da9f5049", @ANYRES32=<r1=>r0, @ANYBLOB='\x00\b\x00\x00\x00\x00\x00\x00./file0\x00'])
r2 = openat$cgroup_ro(r1, &(0x7f0000000240)='blkio.bfq.io_wait_time_recursive\x00', 0x0, 0x0)
r3 = openat(r2, &(0x7f0000000080)='./file0\x00', 0x14000, 0x12)
r4 = io_uring_setup(0x668d, &(0x7f0000000280)={0x0, 0x647c, 0x8, 0x2, 0x20000, 0x0, r3})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000140)={'veth1_macvtap\x00'})
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
sendfile(r5, r4, &(0x7f0000000180)=0x3, 0x5)
r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r4, 0x13, &(0x7f0000000100)=[r6, r6], 0x2)
ioctl$TUNSETQUEUE(r6, 0x400454d9, &(0x7f0000000040)={'macvtap0\x00'})
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r7 = socket$inet(0x2, 0xa, 0x0)
dup3(r7, r0, 0x0)

04:33:00 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 52)

04:33:00 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/hci_vhci', 0x200800, 0x102)
ioctl$sock_TIOCOUTQ(r1, 0x5411, &(0x7f00000000c0))
ioctl$SIOCGIFHWADDR(r2, 0x8927, &(0x7f0000000080)={'veth1_to_team\x00'})
r3 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r3, 0x13, &(0x7f0000000100)=[r4, r4], 0x2)
ioctl$TUNDETACHFILTER(r4, 0x401054d6, 0x0)
dup3(r1, r0, 0x0)

04:33:00 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 53)

[ 3424.845694] FAULT_INJECTION: forcing a failure.
[ 3424.845694] name failslab, interval 1, probability 0, space 0, times 0
[ 3424.847226] FAULT_INJECTION: forcing a failure.
[ 3424.847226] name failslab, interval 1, probability 0, space 0, times 0
[ 3424.847420] CPU: 1 PID: 17126 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3424.850903] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3424.852146] Call Trace:
[ 3424.852545]  dump_stack+0x107/0x167
[ 3424.853091]  should_fail.cold+0x5/0xa
[ 3424.853665]  ? create_object.isra.0+0x3a/0xa30
[ 3424.854342]  should_failslab+0x5/0x20
[ 3424.854925]  kmem_cache_alloc+0x5b/0x310
[ 3424.855536]  ? mark_held_locks+0x9e/0xe0
[ 3424.856150]  create_object.isra.0+0x3a/0xa30
[ 3424.856808]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3424.857569]  kmem_cache_alloc+0x159/0x310
[ 3424.858192]  xas_alloc+0x336/0x440
[ 3424.858735]  xas_create+0x34a/0x10d0
[ 3424.859301]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3424.860104]  xas_store+0x8c/0x1c40
[ 3424.860646]  __xa_store+0x164/0x2d0
[ 3424.861192]  ? xa_delete_node+0x280/0x280
[ 3424.861824]  ? trace_hardirqs_on+0x5b/0x180
[ 3424.862473]  xa_store+0x31/0x50
[ 3424.862970]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3424.863707]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3424.864488]  ? alloc_fd+0x2e7/0x670
[ 3424.865035]  io_uring_setup+0x1fbb/0x2980
[ 3424.865656]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3424.866398]  ? wait_for_completion_io+0x270/0x270
[ 3424.867125]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3424.867910]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3424.868671]  do_syscall_64+0x33/0x40
[ 3424.869219]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3424.869980] RIP: 0033:0x7f4cd02cab19
[ 3424.870528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3424.873231] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3424.874353] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3424.875401] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3424.876482] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3424.877524] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3424.878587] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3424.879679] CPU: 0 PID: 17130 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3424.881242] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3424.883109] Call Trace:
[ 3424.883722]  dump_stack+0x107/0x167
[ 3424.884555]  should_fail.cold+0x5/0xa
[ 3424.885417]  ? xas_alloc+0x336/0x440
[ 3424.886265]  should_failslab+0x5/0x20
[ 3424.887119]  kmem_cache_alloc+0x5b/0x310
[ 3424.888063]  xas_alloc+0x336/0x440
[ 3424.888873]  xas_create+0x34a/0x10d0
[ 3424.889741]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3424.890906]  xas_store+0x8c/0x1c40
[ 3424.891752]  __xa_store+0x164/0x2d0
[ 3424.892580]  ? xa_delete_node+0x280/0x280
[ 3424.893532]  ? trace_hardirqs_on+0x5b/0x180
[ 3424.894517]  xa_store+0x31/0x50
[ 3424.895264]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3424.896354]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3424.897519]  ? alloc_fd+0x2e7/0x670
[ 3424.898369]  io_uring_setup+0x1fbb/0x2980
[ 3424.899322]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3424.900455]  ? wait_for_completion_io+0x270/0x270
[ 3424.901593]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3424.902772]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3424.903946]  do_syscall_64+0x33/0x40
[ 3424.904775]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3424.905918] RIP: 0033:0x7f3b78954b19
[ 3424.906737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3424.910814] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3424.912505] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3424.914081] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3424.915675] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3424.917249] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3424.918820] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:33:01 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:33:01 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x2000, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:33:01 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 53)

04:33:01 executing program 7:
syz_emit_ethernet(0x6a, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaabb08004500005c0000000000f68f78ac1e0001ac1414aa0500a3781a000000400000000000000000020000e0000001ac1414aa00831b007f0000017f00000100000000ac1414aa000000000000000000440c000300"/106], 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'wg1\x00'})

[ 3425.064992] FAULT_INJECTION: forcing a failure.
04:33:01 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

[ 3425.064992] name failslab, interval 1, probability 0, space 0, times 0
[ 3425.066737] CPU: 1 PID: 17150 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3425.067686] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3425.068826] Call Trace:
[ 3425.069198]  dump_stack+0x107/0x167
[ 3425.069709]  should_fail.cold+0x5/0xa
[ 3425.070236]  ? xas_alloc+0x336/0x440
[ 3425.070740]  should_failslab+0x5/0x20
[ 3425.071264]  kmem_cache_alloc+0x5b/0x310
[ 3425.071825]  xas_alloc+0x336/0x440
[ 3425.072307]  xas_create+0x34a/0x10d0
[ 3425.072829]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3425.073548]  xas_store+0x8c/0x1c40
[ 3425.074053]  __xa_store+0x164/0x2d0
[ 3425.074550]  ? xa_delete_node+0x280/0x280
[ 3425.075122]  ? trace_hardirqs_on+0x5b/0x180
[ 3425.075722]  xa_store+0x31/0x50
[ 3425.076173]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3425.076822]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3425.077517]  ? alloc_fd+0x2e7/0x670
[ 3425.078016]  io_uring_setup+0x1fbb/0x2980
[ 3425.078581]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3425.079268]  ? wait_for_completion_io+0x270/0x270
[ 3425.079948]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3425.080659]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3425.081368]  do_syscall_64+0x33/0x40
[ 3425.081886]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3425.082592] RIP: 0033:0x7f4cd02cab19
[ 3425.083091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3425.085583] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3425.086610] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3425.087575] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3425.088535] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3425.089495] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3425.090445] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:33:01 executing program 0:
r0 = semget$private(0x0, 0x4, 0x100)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x4317, 0x122, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0x3, 0x0, 0x0, 0x0, 0x3941, 0x0, 0x0, 0xaea7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
semop(r0, &(0x7f00000000c0)=[{0x2, 0x101}, {0x4, 0xce7, 0x1800}], 0x2)
semop(r0, &(0x7f0000000040)=[{0x0, 0x6, 0x82b4d8da1ae7c66c}], 0x1)
r1 = semget$private(0x0, 0x0, 0x0)
semctl$IPC_RMID(0x0, 0x0, 0xb)
semctl$SETALL(r1, 0x0, 0x11, &(0x7f0000000000)=[0x2, 0x0])
semop(0x0, &(0x7f0000000100)=[{0x1, 0x40, 0x1800}, {0x1, 0x1f, 0x1800}, {0x1, 0xe79, 0x1800}], 0x3)
semctl$SEM_STAT_ANY(0x0, 0x0, 0x14, &(0x7f00000002c0)=""/207)
clock_gettime(0x0, &(0x7f0000000140)={<r2=>0x0, <r3=>0x0})
semtimedop(0x0, 0x0, 0x0, &(0x7f0000000180)={r2, r3+60000000})
semtimedop(0x0, &(0x7f00000003c0), 0x0, &(0x7f00000001c0))
semtimedop(0x0, &(0x7f0000000000), 0x0, &(0x7f0000000040))
semctl$SEM_STAT_ANY(0x0, 0x2, 0x14, 0x0)
semctl$IPC_RMID(0x0, 0x0, 0x0)
r4 = semget$private(0x0, 0x6, 0x0)
semctl$IPC_RMID(0x0, 0x0, 0x0)
semctl$SEM_STAT_ANY(0x0, 0x2, 0x14, &(0x7f0000000080)=""/14)
semctl$SEM_STAT_ANY(r4, 0x3, 0x14, &(0x7f0000001140)=""/4096)
unshare(0x48020200)

04:33:01 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:33:01 executing program 3:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:33:15 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 54)

[ 3439.515450] FAULT_INJECTION: forcing a failure.
[ 3439.515450] name failslab, interval 1, probability 0, space 0, times 0
[ 3439.517125] CPU: 1 PID: 17184 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3439.518103] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3439.519279] Call Trace:
[ 3439.519665]  dump_stack+0x107/0x167
[ 3439.520194]  should_fail.cold+0x5/0xa
[ 3439.520734]  ? create_object.isra.0+0x3a/0xa30
[ 3439.521387]  should_failslab+0x5/0x20
[ 3439.521938]  kmem_cache_alloc+0x5b/0x310
[ 3439.522522]  ? mark_held_locks+0x9e/0xe0
[ 3439.523122]  create_object.isra.0+0x3a/0xa30
[ 3439.523755]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3439.524474]  kmem_cache_alloc+0x159/0x310
[ 3439.525079]  xas_alloc+0x336/0x440
[ 3439.525584]  xas_create+0x34a/0x10d0
[ 3439.526120]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3439.526870]  xas_store+0x8c/0x1c40
04:33:15 executing program 7:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[])
r1 = openat(r0, &(0x7f0000000200)='./file0\x00', 0x35e7eaa4871bc4b0, 0x0)
chdir(&(0x7f0000000040)='./file0\x00')
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x200900, 0x110)
r3 = openat2$dir(0xffffffffffffff9c, &(0x7f00000004c0)='./file1/file0\x00', &(0x7f0000000500)={0x48501, 0x0, 0x4}, 0x18)
sendfile(0xffffffffffffffff, r3, &(0x7f0000000540)=0xfffffffffffffffc, 0x10001)
ioctl$INCFS_IOC_GET_FILLED_BLOCKS(0xffffffffffffffff, 0x80286722, 0x0)
creat(&(0x7f0000000300)='\x00', 0x40)
r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x13, &(0x7f0000000100)=[r4, r4], 0x2)
openat(r4, &(0x7f0000000340)='./file1\x00', 0x214002, 0x0)
inotify_add_watch(r1, &(0x7f0000000100)='./file1/file0\x00', 0x50000204)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000480)=ANY=[@ANYRES16], 0x10)
r5 = creat(&(0x7f00000001c0)='./file1\x00', 0x62)
write$binfmt_elf64(r5, &(0x7f0000000440)=ANY=[@ANYRES16], 0xfdef)
ioctl$INCFS_IOC_FILL_BLOCKS(0xffffffffffffffff, 0x80106720, &(0x7f0000000580)={0x3, &(0x7f0000000780)=[{0x2, 0x20, &(0x7f0000000400)="7e58cc5b4d1fc5e22c0aa13f55f9b761e449c5a510702513cdd465fab8da9b4f"}, {0x7fffffff, 0x67, &(0x7f0000000680)="7c46e701ba895144734e3e08662df3e4dd14827f253d20039c873501290d513f07a87e920ebd7db41b6ca15e3e563de5291633608aa0df68e8006f17cc597f5ff137f5368e2c25e1fbf7846f627782e662b4ad8a595d69f8c20a435730f505af8a93bd7cfbe290", 0x1}, {0x3, 0x75, &(0x7f0000000240)="0c9d86a724d6ceef0bde7015670195f33bd90006bc3e305eece0c9d7af5570fce68e005b050923fa09361127a80c0ec7e15e5bd9aa1e3f078880b454310e2da822bd2a341ddd36388695c0c19f7dfd136d6d6bbfeab027226c4dba1ad6dc8500fddb6a0effb6c0fe0b1561b9c4b1fb46144bc42fdd", 0x1}]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x640c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(0xffffffffffffffff, r2, 0x0, 0x100000001)
openat(0xffffffffffffffff, &(0x7f00000002c0)='./file1\x00', 0x80800, 0x1a)

04:33:15 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "778082b8af17e37be0b7080000dce34500"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:33:15 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(r1, 0x8008f513, &(0x7f0000000040))
r3 = socket$inet(0x2, 0xa, 0x0)
dup3(r3, r0, 0x0)

04:33:15 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

[ 3439.527628]  __xa_store+0x164/0x2d0
04:33:15 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x61, 0x24004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, @perf_config_ext, 0x200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x5, 0x0, 0x0, 0x0, 0x4, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x2}, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000080)={0x0, 0x8000}, 0x4)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/cpuinfo\x00', 0x0, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind(r3, &(0x7f0000000140)=@ieee802154={0x24, @none={0x0, 0xffff}}, 0x80)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
recvfrom$inet6(r2, &(0x7f0000000040)=""/11, 0xb, 0x2100, &(0x7f0000000100)={0xa, 0x4e24, 0x0, @mcast2, 0x6}, 0x1c)
sendfile(r4, r2, 0x0, 0xc4e)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r2, 0xc0189375, &(0x7f0000000000)=ANY=[@ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00./file0\x00'])

04:33:15 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 54)

[ 3439.528282]  ? xa_delete_node+0x280/0x280
[ 3439.529031]  ? trace_hardirqs_on+0x5b/0x180
[ 3439.529648]  xa_store+0x31/0x50
[ 3439.530119]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3439.530798]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3439.531538]  ? alloc_fd+0x2e7/0x670
[ 3439.532065]  io_uring_setup+0x1fbb/0x2980
[ 3439.532653]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3439.533370]  ? wait_for_completion_io+0x270/0x270
[ 3439.534068]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3439.534804]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3439.535547]  do_syscall_64+0x33/0x40
[ 3439.536092]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3439.536817] RIP: 0033:0x7f3b78954b19
[ 3439.537338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3439.539947] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3439.541011] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3439.542021] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
04:33:15 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x4000, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

[ 3439.543035] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3439.544175] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3439.545226] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3439.558654] loop7: detected capacity change from 0 to 41948160
[ 3439.566231] FAULT_INJECTION: forcing a failure.
[ 3439.566231] name failslab, interval 1, probability 0, space 0, times 0
[ 3439.568725] CPU: 0 PID: 17191 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3439.570199] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3439.571967] Call Trace:
[ 3439.572537]  dump_stack+0x107/0x167
[ 3439.573323]  should_fail.cold+0x5/0xa
[ 3439.574142]  ? ___slab_alloc+0x155/0x700
[ 3439.575015]  ? create_object.isra.0+0x3a/0xa30
[ 3439.575997]  should_failslab+0x5/0x20
[ 3439.576810]  kmem_cache_alloc+0x5b/0x310
[ 3439.577689]  create_object.isra.0+0x3a/0xa30
[ 3439.578604]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3439.579672]  kmem_cache_alloc+0x159/0x310
[ 3439.580586]  xas_alloc+0x336/0x440
[ 3439.581344]  xas_create+0x34a/0x10d0
[ 3439.582166]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3439.583272]  xas_store+0x8c/0x1c40
[ 3439.584069]  __xa_store+0x164/0x2d0
[ 3439.584852]  ? xa_delete_node+0x280/0x280
[ 3439.585762]  ? trace_hardirqs_on+0x5b/0x180
[ 3439.586700]  xa_store+0x31/0x50
[ 3439.587410]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3439.588458]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3439.589573]  ? alloc_fd+0x2e7/0x670
[ 3439.590371]  io_uring_setup+0x1fbb/0x2980
[ 3439.591268]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3439.592339]  ? wait_for_completion_io+0x270/0x270
[ 3439.593409]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3439.594526]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3439.595633]  do_syscall_64+0x33/0x40
[ 3439.596440]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3439.597532] RIP: 0033:0x7f4cd02cab19
[ 3439.598316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3439.602587] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3439.604423] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3439.606157] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3439.607921] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3439.609676] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3439.611427] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:33:15 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 55)

[ 3439.646478] FAULT_INJECTION: forcing a failure.
[ 3439.646478] name failslab, interval 1, probability 0, space 0, times 0
[ 3439.649237] CPU: 0 PID: 17197 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3439.650853] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3439.652825] Call Trace:
[ 3439.653475]  dump_stack+0x107/0x167
[ 3439.654374]  should_fail.cold+0x5/0xa
[ 3439.655310]  ? xas_alloc+0x336/0x440
[ 3439.656237]  should_failslab+0x5/0x20
[ 3439.657167]  kmem_cache_alloc+0x5b/0x310
[ 3439.658176]  xas_alloc+0x336/0x440
[ 3439.659055]  xas_create+0x34a/0x10d0
[ 3439.660055]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3439.661325]  xas_store+0x8c/0x1c40
[ 3439.662222]  __xa_store+0x164/0x2d0
[ 3439.663108]  ? xa_delete_node+0x280/0x280
[ 3439.664143]  ? trace_hardirqs_on+0x5b/0x180
[ 3439.665204]  xa_store+0x31/0x50
[ 3439.666013]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3439.667171]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3439.668447]  ? alloc_fd+0x2e7/0x670
[ 3439.669355]  io_uring_setup+0x1fbb/0x2980
[ 3439.670381]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3439.671596]  ? wait_for_completion_io+0x270/0x270
[ 3439.672827]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3439.674099]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3439.675353]  do_syscall_64+0x33/0x40
[ 3439.676264]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3439.677509] RIP: 0033:0x7f3b78954b19
[ 3439.678409] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3439.682831] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3439.684664] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3439.686375] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3439.688107] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3439.689839] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3439.691566] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:33:30 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 55)

04:33:30 executing program 7:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$inet6(r0, &(0x7f0000000d00)={&(0x7f0000000940)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c, 0x0}, 0x24000040)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x32f9}}, './file0\x00'})

04:33:30 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x336)
r1 = socket$inet(0x2, 0xa, 0x0)
r2 = dup3(r1, r0, 0x0)
r3 = openat2(r2, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x200001, 0xa, 0x2}, 0x18)
sendmmsg$inet(r3, &(0x7f0000001780)=[{{0x0, 0x0, &(0x7f0000001680)=[{&(0x7f00000000c0)="36ef044d2cc586fc70ac001ab372e834706469d19d899c188a76a5e5c51175755121fb586041ef701b8dc8140be79cb2800ef09e5be8210ab5a0f88429e3baa49140c04536e63ac8aee8a08a2253be7527b7102dcebba522c665c9cb8abe5641b7a465f9f7d4ae45cb64c8b27d28139b7d0fd9c72e4de156d742e74701fa863929204bb88d450c8877acb491127a34cc5cbbe259155162e6dd1da668b37ddf8a", 0xa0}, {&(0x7f0000000200)="abc41a9843d3e5a1e0ad91a1c217a5b4ecfcbbe53bb17a90b62e6beb952c6e8866bda50c1d39d2348c6e5ebd48eef0e2a6fa98b2005eda988a01a46723a2fa308dc62d2e04e51fef7c479b750b150f5905e7ce14907eaa0754de5d99530a2ce95140c97a0136ebfce334617e596b8a4f9e27d26717a312a79af95c00f7b873d025dd68aa6067742ed10219b2bad428b2909d34174f8e83896de9b3cbbdcf1e6690b93dfd103e5de5bc33228503ea4250c8a581ed7261dffc00d8084f24dbfa5278d3ad58cc0334c84cbd13c724ccbc53f47d07ba94271ea12ecceb1e0a3df3c128e4ae1fdc82ee95930931fdfcf19f97546fd1", 0xf3}, {&(0x7f0000000180)="2ed560677429a2329b37455938721a615780ade8734c7c9be60f2e04c759930e1d7f194385f58ebb81d8b76f45c43136b48eec55", 0x34}, {&(0x7f0000000300)="099d14ad86fb29831643002090137fee3b825ff268874f3edba761b1231b7b819d7d0e8ae40063decc2dae5519941706899b6cce0767d928a92f6383ab4f6d8aabaf1938536b6b0940c16f628515d2b64816209a6500711b6ce8ceeddeee5787f60fa483530490f83e4736a65b6b12bfa2995195c65f230e8e710166becbca7e136ec277ec6ee5f0b4045f2379b4c2bcf3ef907d8d2c7d5e1f61fab073c03dc08944cbef026fc5e243a91a8e5e32891846c815b3356c78d621", 0xb9}, {&(0x7f00000003c0)="15689d9e192d921d1106b8d57c7a73bf77c4d68f3db2e5ce3baa9a62b3d5b9f7b425e9505943c90501ff5b397f2a230a6c3eb5032101df0603b30c24f8d6cffd425621739e94490604509b9b741dfc8fe7dc5e5fda5456a1f29283a12fcad5139ac5e0dca91ddc7444ca6d2d5b8210142f02a6a3c99029d3a47c4437c36e0e5be6ba562fab3d876889eda28ba33ae691ef97e49af93316d6de6088a4db754ddec0425ec0a72abc1a321701d0f50573cf924612fa81279c6ab0820975182ec47e42d07627cefc9e3864daefa1b895c5e0c3581ed5abfcbf0240666f1bdcb0e89485f70d2d46428db74ff5432170c6fcf40c74b8f533596aa858accf2c56717a1da710ec5d41f958b2e84dbb0759ab5c1b61e1266dbc7fbd4c5a0e16f6326236a7e1fdc8c1d28d7a8a4f281cfb41afd692ff044ac54aacbb9cb259cc5f6d4877e01d336382c074f55d0ebe47334299049ce860615e6660bd2eb4242d1d8a0ab105c1e5d84ffe71a9c573a65db8d0042b3c87c3671377e06335adb7e4cf84db2ff8887b7f428ad8bf2d9afe105255428852e1dc4911b083f5f6ad4e1fd83f31273cb52550ed370ee19dd208e49ee8dc96def240309943061c24a28156dd7857b696eb0dc8af7890b1816b1460d6a3c683de1259d700c23acaa6a03d0299d11c19712f31e2c984c435136eac6fb0dc4c126daa57ae554367dcf2b8c110b00a3fb4dae263fbae05d8dcbdade9a50e738d17d588b9cf8ff7928f1f120b5b49785b111be72b6039db7ef6aaba3ffecafa9286b05ba4b9bbb0620a08b7cd863c5d3c6049533cc4d40a169cbd0c783b0f0887d6d512a64ca94ad5272bc9879469237547190586ff7a8cf87dce346cf9a998feca28c998741502e340e4700d08108e8afce0627114c15640e6643509f064f9a8e69b373d7ea0436adfc2e1a7230828253fcaa9024fe7a6fa89fa4749ea93f63bc10f1814842b428db0d32f56a91469bdef31a3d31cdab71f7b60ee0fafb15f886be59892b19140a16456fdaf4b2344b2226a996988823e4aa3549442c9a6d4b7ad090814cbdcfd9a9b1374f6514b262a2bd3b00818558000810e0ab99205b67d0f4620f45e7cd5a1428d3fb65fbe3c380b5aa6fee09e8b96cbf3f902ac14df3e3bd57305010b359b8137102a5adb7be3260ca869d200fd3e1a5afdfbeff70259306cbd0b32f82d74bff46adba4928082a57ee6fe048da2a2881078858eed148091a8fb2bf3bbfa4a44d8dd4b632c0ccfa5ac26915946a37c6e900c8c084ac0641cfbe4ac365f6d11dd99bd01685dac718804cf9bc03e1439c7ee8029da65a22cc1282b0a60b54764283e1e7466749da84183f4f163829dec53237a8d0e7a1995f977f50ae694bb1a552917d3df348d8e81f46018d53c6a00ceff550e01a166cd040347e27b3905334150a2b41b08d8fcf3632e590202eade376d1b58953927bd081d13e1a15b5c9c24249060960a5d6c13fa53e8a4d60d8722aea1a08c0284c0161eb37dfea3d9563d6b31fc9c7d30f8af6b0656cf86cf6bafefe47fdb37278e51d06356bf1667d931d21c0dabf936b63313d0b9ba37d00a326cde0fea182098572d37b68efb2032c19a1bd4cf0749269c78d45b65cf3af0f4ff18db165dbe937f0150df4c09a9ae84255d93c9658720ae7037a98041750acfe911f91070e583469bab1b450a143c6491761592fedbe946c6af2a84edaec5335dab171eff7367d10a1b69076666ddd0c331829d9d0415755be809cc3cd5a27f8a320738d8dc742ab832dfb818a64ac2b0a678162ac7a698ae0596ca22348f2d88998c471244990b0b77b28445909ab267c3c56dfff617eeacf030bb597bd7fd13343f12f592c852ac8d057ae57771de205eecc4d1b5a72ab0883cff3ced7cabd1aefaa27034de02b880d132cd206a7e24e535cb0161536101d87cac3f16e9e83b8bae13617745fd54082e368fd9139772233dcd26512bf2fe2c18541a91eb25bb9dc7e9ae4585fb0f7ed5669a6bbb28042973b79141e49f276a22df4a48c30982214d8acbbfb78c6c7b6aa2aeb634fe3ac5b68c91f38a012d9aafa9e8ad9d4cdc170403a77e6c9241f2a2e67e37f29d10a80e432bce1914f79c74b0aae2d56ddd503acd5d0121105a081f683a4eb33b3d8c9a65e44a6478f954f21ecc526e3943da81deb95788cec3b8664c12865dcd4cfd0001e5ba851d00fcdb352131e4bd2cf5d23f8694ef8ee3b6d6c57773d00015e71373a08414bdb3c46341e5e54671342e608e2a9ebaaa7192037605702ecd4d85ca037a6c2841301182d41dac58d8997d7b6ff2be6a7075e27ad708dc3a0d789c22b970ce8a40503dac054317fcc23913af4052e6684aa67b2bbc2e70ce5757b839441aa7f5f001664e5b35061aaa0c8405aadf1f92b5037e293846237996258fcd47c082f3ca5c2535a173b9e8a1dc49afcfac2a4bb838e328abca1a6e3867b0e60c4ccd1ae5669c5772206f2bf2b5ecbf6c01be4d1a64d6e97e595967fbcb70199f547eaf9248048960de441d9d4d369c0b4b6891ff231599fc3209b600af586c7fbaa39e4f7ded3d53fad8baba79631c00744d8b90386904419cff02a7eeaf926f449b094b77ed83139b19f35b331d1fec4f14aecdef927d7ce82fa8f717ac458a55d03668b0085d26aa949eb767dacddc48147833b9e396c865b75ec09b5fea7a650aad1661a59ed352dfd94e41b8ae174c392037ce55b8927db5f61c2026d781f5f91118d2e37b68aaaa1ba005525aa979f8a9ae70d3991b7ca0843e90414f070c3281938e7f2a694e300bb522d3a22ebe057f48d28b5bc57a86515bc41a17d620d81c49e55138423db53f2ad52f999551d1c92a643b03f2dddc98301c29a350ade65d758487b634c71d62e91c18fbe55f0c0a1b0db2a637161242576204c32effd669be99d2bf81a9d0559217b45b14fd2735df4220d4bc8bed75ca6387a747ce8d61822dad19ae24716ddff8297df07166ac64539756bd614e5530e7ce820436b48ca821e1b149ce5669ecd1988bffe1de9ffa20175470ad0862eab567dcb397ce3278309418b8fa49758bb56e9e700e559991cd376b154723e0ee35542b4e9b60f6d3fc31979d78c4262a4b80b40120afa483aad65980d9d8786926cf55d516a13adac0f3a8b6c8d5781ebc0cb142c677a2f67609563245893d8451448d13fd4946d0857f919edd76488a6e735a6abd8822c3c5100d66b30b0c97e20e74b33c47c2cb90b29739f8f887a4b521d38270409c60f4aec0fc5740b48779e960bb6752d66740435419f1ffb31fa112d46f584a8ea2a1c27e899c1808bd43fdc0a8e2180c9b7c9993f42cb6e02bb622f4a9051ca8c659172b73088b6d385011c9d26f20f8f468dcf734017feba26784d9cd6cc7b4b0bebbdde453845718453e1845a27f2d1ce85e6b4f4867c2db4ed1675101235f6ae134d5b5b7fcf1643a48dee20b18a1117e514b062e3a7e130b54407b634a2de56679ad7fcd21bb3ed7910a09d25618558b08fc04157790df44f3ac9eea8ed5f3bd56bc0d6e2696147da686164d738d049c14dda9121fd77f3c005bd94c1e8014263e120e54d39369b045f55064cea1f4a64079b711ceac12e93db8edace6f5339f2ace14d97d3718e60428dfb5f1d42adf1e180f2d63f6d65b1b181ec1e79aa9f39c09cea0425b783ab9e9f548759473f3d904bb3fdc42ddecdd93127aab4270d7808b71d0c4e6fc545a73a18f63922d4d0f4bf2916a758a514cf728de7a3c05a70f140e4744d64da72ab2d8a4d5854e837d3d87b4a8176ecca052156dd85f6f3dbc1af63dbe322663f51836df62a68c17fbe3fa2724dce98db8394f49b77df4a8d40eac54846b66e18e587730f0f24fc717c37bd5360d8cd76390ece87151386ce078a90c7762454620a7436c1c060688d60fb657e3b24c831c16956ce6055b3c072a24ccf20d0cd4674ff73943f17c45bddc8ad27bfedfe9654715ff09514ccb00c152908938d2e13f12ce8fe6c0b52747e196ea529bf3249747ef5758e74a3436505d986ae7471ae82e166707b72028843ae644e9cdc9eb9423a67e6a3959840140b7c74b7325eb6191cf5a3c77d3236fb9846958689c1d28dde3e22cc486dc0e0ca33345f2ee73b1075e7ab5e17c49fb29060dfa6478607b9a0b23327727100107d99fbc665b6c8d49342d7974dc09d0b146ad1deae849579e1e538729ffa4436eeb85945d2dfb568aa87041ace6d1a009102b3f26d2eabb5cc43ee4a0b00aa5fb16ff2d4f52caefa9336c168d3997d830c110cf53b017ae71a866cb87e83a5e8bc7b24847ed9561ff22ae0df884ac870e595f4b06196015e3b241672958f5f23ca9ab8db9d670f46f196c185edd54c704d6c921687cc68eddfd5d65da7e0ce3554fbd8066199aabae9462e45c845f11df637c70e9244876c27b34e81bdd5e3a928fbad8527e0fe0e488751f5fdf9afdb95186735d5c62a44f3eb64f6f16fef1849301a1704fa0460892d5b657a3a4f41d3906291b4e0a8ccfc946155ed41852c9ca4968729e324970e280b7a66b0115bc46b5e1995339ff9fc3e070ea4b5c9541820a94193f43bcf92e82e5b4770fef360056fb1eae79f27e6823ac4754f5e6ae5055028dcefc9d94009ac433242e472cafbf179b1cf31d05160bcc86caf5b1ce6d7f42f6b6a52fe5500b0c589ee31e58b2ec8f31d5a5ceb048da2c02a059bb3362ddcab1e8a8b98c13a334b6f06fb86d12e0b91a913901e0578abd50cbbdcd71114e2b67af9d6ed14a19636b62541c99ac3370cce935b0411a7b6840988b8a35ac558a7dbd8b976efcbe2564619b3ac5650ab8b73ce356f6e491c76b2adf5b4f49dabf463f9b7473de257705975ddf886ee59d9594e6e8355febbc018bd9f552b6a4ee71363739a237d1fd35875953390eb316325e3355f0ee4dba102b6c41cd8392280785b4cbcff9ff57430dbb1519abda7330376721a0db5a466b90851b93694548ea92608151f91d0428904f1eecbc4bb97bee4997a8b73311eb44253520cb6c257208a93c51338f7fa88f9ba6f87c8b692b3f0e444e38d7340cfce25209de4649bc2c2b2f7720898712d44062cb5ea2049d9ba3047dcaf843e4c1956bcf6d3f300be580e2354d6d18f6e8a3ed8e81e1a1dc7e5d0e163815a04ca6c0e0e34cf47a5d614b34d3ef2773ecec1f9ae395f75ca4ded36f4aaf63e77e5a53d8e471f2c48f2830527062fcefa4bff2e431196a433c0dcd7972d044fff5127ab22f46ee4cb62f3f947d98444740609cb958cf268e12b9adf9b4d61feddb94c2ebe3f3e70695413f18dd650dad99aa29259353f7f0856929030985496f6d42fe3fa81b4c4ac2d17e6fb47591b1e91085a2559a936196f51f2f4b970e7bd941e319e83525be58ad38ba7a296fda7dec59e17cd6ad0679ab0849ff32a37acb0424dc280210a5a86ffc0772d01d8cab1bec185260d965f8351fa9989accd0db07bbefb2206130d29a383805178f2c671308c21b8e84db4cff0286f94019f3e3ec99725b0dc4d75881ae435e22446e3f2fc41892cfdc26500230fc7cad1c2a1445a852fcc160a8444c975f83ede31ad7ee13c0eac52a0d55c82911aafb1f4dbb618d63f67f45d2f2d97b9fc38b34af614a2f145f62b6bb36ece081aff90084dfccebd265ae5aa34c9e501bf572fc834e77ce8750eeac9e43789835fd6f2c78d77906786f6d133d2f20de9ce22efc4f06cb2187ad8eb8e2dea9b9b4cf9f32923dc306d758f9890498ce2ec1671c9544033295", 0x1000}, {&(0x7f00000013c0)="4c581d8c0228a8c7e38005e92e27650efeb48b2d77d743ff89e787871a3e87037640dc0f909ce3cd16891c3137808297a8c4f858b770a3b59ff5612b26a8acfddadc1e1c31e1f038297a708d48298d88b4f7e4f63b54b989c0c1837e9391efe677f01666c5fc7b3656506b2181cef6d91998527b32a81d06342efe55a773b19fc5fd43e751152a7b31c8db6d59e22e2af636f2d6ab5e5e171415355e", 0x9c}, {&(0x7f0000001480)="d721215050e791d7d82b8055222a126153dd131c8121b371d76ded71ff66ce685c0afe811f0e9aca595a7adea14fb3f943b23bc673cb0898fa5ed038ca5e3792dab14f4afd99506d262df262817e50cd9bda6f111e3e374c13e673f3d97d5fa67f889bbd45c7e398860971d8c51e781010a3e19a5ca5e08eb6747d2b2e0fc17b5cfe841db531805c8c6ef72986c6c359d44d39115b7f4411747e009aa2d38c1a15f93fb917880208b231793745450fded2bb338957d6ab0a5f12a667ca6fc4003b8e2da3ec3f3b865d038cc6a75bbc94ff8b1f60126e38cd99c2026c573ad32ed03f12ce72", 0xe5}, {&(0x7f0000001580)="ead71035b945599413cf98977c1f572db9a899dce42f7570b2064235f55ca49f770bf702cfd1aa29aaae79a3fe9346b31c476baf1a3bbde23d792d164d7d9d618d0181", 0x43}, {&(0x7f00000017c0)="6390c8054e4b197e9188ae733169f2623a7923500804f0847604b7481932c52d54b7d7aca328c69d5ddba1d68f3c9195ddb28357105bf19fed304d98c640deabe30d0023d43a0e60bd55950a58e8a510c5a74c6f66189096f1d4d2fef0195a1ac3823a10458a13e1e6e2bf0b40682ff0ae5105e423df34a3d8bc6bd695376b85e3c880e3df383b5c62f1576fefeeb4c95d108f56341826240dbdfd25aaea397149162d60398e769561c091a09bc4e069fb0f7c0a6db28c31e83296fcd5cca848f69aa496bb00d6d98d030355c648369d2ea80db9774e9fc3d491656f5a43dfaf4fe38e18cd7e7882e1122bd8f9fcf31057753607212bb267a3f63090", 0xfc}], 0x9, &(0x7f0000001740)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x1c}, @remote}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x2}}], 0x38}}], 0x1, 0x804)
ioctl$PIO_UNIMAPCLR(r2, 0x4b68, &(0x7f0000001600)={0x8001, 0x5, 0x6aa3})

04:33:30 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 56)

04:33:30 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:33:30 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x6000, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:33:30 executing program 0:
semget$private(0x0, 0x4, 0x100)
perf_event_open(&(0x7f0000000240)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4317, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4, @perf_config_ext, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
semop(0x0, &(0x7f0000000040), 0x0)
r0 = semget$private(0x0, 0x0, 0x0)
semget(0x0, 0x3, 0x0)
semctl$IPC_RMID(0x0, 0x0, 0xb)
semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000000)=[0x0])
r1 = semget$private(0x0, 0x4, 0x100)
semctl$IPC_RMID(r1, 0x0, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r2=>0x0, <r3=>0x0})
semtimedop(r1, &(0x7f0000000040)=[{0x1, 0x800, 0x800}, {0x1, 0x4, 0x800}, {0x0, 0x4, 0x800}, {0x1, 0xfffa, 0x800}], 0x4, &(0x7f00000000c0)={r2, r3+60000000})
semop(0x0, &(0x7f0000000000), 0x0)
semctl$SEM_STAT_ANY(0x0, 0x0, 0x14, &(0x7f00000002c0)=""/207)
semctl$IPC_RMID(0x0, 0x0, 0x0)
unshare(0x48020200)

04:33:30 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
open(&(0x7f00000000c0)='./file0\x00', 0x140b02, 0xc0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'bridge0\x00'})
r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000080)={'vlan0\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r2 = socket$inet(0x2, 0xa, 0x0)
dup3(r2, r0, 0x0)

[ 3454.140875] FAULT_INJECTION: forcing a failure.
[ 3454.140875] name failslab, interval 1, probability 0, space 0, times 0
[ 3454.141821] FAULT_INJECTION: forcing a failure.
[ 3454.141821] name failslab, interval 1, probability 0, space 0, times 0
[ 3454.143449] CPU: 0 PID: 17216 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3454.146517] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3454.148344] Call Trace:
[ 3454.148932]  dump_stack+0x107/0x167
[ 3454.149744]  should_fail.cold+0x5/0xa
[ 3454.150597]  ? create_object.isra.0+0x3a/0xa30
[ 3454.151603]  should_failslab+0x5/0x20
[ 3454.152456]  kmem_cache_alloc+0x5b/0x310
[ 3454.153344]  ? mark_held_locks+0x9e/0xe0
[ 3454.154253]  create_object.isra.0+0x3a/0xa30
[ 3454.155207]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3454.156345]  kmem_cache_alloc+0x159/0x310
[ 3454.157272]  xas_alloc+0x336/0x440
[ 3454.158060]  xas_create+0x34a/0x10d0
[ 3454.158899]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3454.160068]  xas_store+0x8c/0x1c40
[ 3454.160882]  __xa_store+0x164/0x2d0
[ 3454.161693]  ? xa_delete_node+0x280/0x280
[ 3454.162618]  ? trace_hardirqs_on+0x5b/0x180
[ 3454.163581]  xa_store+0x31/0x50
[ 3454.164324]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3454.165393]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3454.166552]  ? alloc_fd+0x2e7/0x670
[ 3454.167376]  io_uring_setup+0x1fbb/0x2980
[ 3454.168319]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3454.169427]  ? wait_for_completion_io+0x270/0x270
[ 3454.170528]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3454.171672]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3454.172797]  do_syscall_64+0x33/0x40
[ 3454.173604]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3454.174713] RIP: 0033:0x7f3b78954b19
[ 3454.175516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3454.179467] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3454.181112] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3454.182648] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3454.184206] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3454.185757] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3454.187309] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3454.188918] CPU: 1 PID: 17219 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3454.189914] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3454.191086] Call Trace:
[ 3454.191463]  dump_stack+0x107/0x167
[ 3454.191990]  should_fail.cold+0x5/0xa
[ 3454.192531]  ? xas_alloc+0x336/0x440
[ 3454.193056]  should_failslab+0x5/0x20
[ 3454.193591]  kmem_cache_alloc+0x5b/0x310
[ 3454.194171]  xas_alloc+0x336/0x440
[ 3454.194680]  xas_create+0x34a/0x10d0
[ 3454.195214]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3454.195963]  xas_store+0x8c/0x1c40
[ 3454.196477]  __xa_store+0x164/0x2d0
[ 3454.196992]  ? xa_delete_node+0x280/0x280
[ 3454.197578]  ? trace_hardirqs_on+0x5b/0x180
[ 3454.198187]  xa_store+0x31/0x50
[ 3454.198653]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3454.199329]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3454.200071]  ? alloc_fd+0x2e7/0x670
[ 3454.200593]  io_uring_setup+0x1fbb/0x2980
[ 3454.201181]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3454.201900]  ? wait_for_completion_io+0x270/0x270
[ 3454.202594]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3454.203327]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3454.204079]  do_syscall_64+0x33/0x40
[ 3454.204605]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3454.205322] RIP: 0033:0x7f4cd02cab19
[ 3454.205845] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3454.208428] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3454.209498] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3454.210497] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3454.211494] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3454.212505] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3454.213505] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:33:30 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 56)

04:33:30 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:33:30 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 57)

04:33:30 executing program 7:
keyctl$update(0x2, 0x0, &(0x7f0000000000), 0x0)
keyctl$get_keyring_id(0x0, 0x0, 0x80)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, &(0x7f0000000000)='dns_resolver\x00', &(0x7f0000000280)=@secondary)
syz_usb_connect$cdc_ecm(0x3, 0x0, 0x0, 0x0)
timer_create(0x0, 0x0, &(0x7f0000000040))
getsockopt$IP6T_SO_GET_REVISION_MATCH(0xffffffffffffffff, 0x29, 0x44, 0x0, &(0x7f0000000380))
lseek(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
timer_settime(0x0, 0x0, 0x0, 0x0)
timer_gettime(0x0, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000000c0)=<r0=>0x0)
timer_create(0x0, &(0x7f0000000340), 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4059, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_create(0x6, 0x0, 0x0)
timer_gettime(0x0, &(0x7f0000000080))
timer_create(0x2, &(0x7f0000000140)={0x0, 0x33, 0x2, @tid=r0}, &(0x7f0000000180)=<r2=>0x0)
timer_gettime(r2, &(0x7f0000000240))
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r3=>r1}, './file0\x00'})
clone3(&(0x7f00000001c0)={0x40192300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0, 0x0, {r3}}, 0x58)

04:33:30 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x7c00, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

[ 3454.330558] FAULT_INJECTION: forcing a failure.
[ 3454.330558] name failslab, interval 1, probability 0, space 0, times 0
[ 3454.333202] CPU: 0 PID: 17233 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3454.334813] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3454.336761] Call Trace:
[ 3454.337392]  dump_stack+0x107/0x167
[ 3454.338264]  should_fail.cold+0x5/0xa
[ 3454.339172]  ? create_object.isra.0+0x3a/0xa30
[ 3454.340247]  should_failslab+0x5/0x20
[ 3454.341145]  kmem_cache_alloc+0x5b/0x310
[ 3454.342107]  ? mark_held_locks+0x9e/0xe0
[ 3454.343075]  create_object.isra.0+0x3a/0xa30
[ 3454.344110]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3454.345308]  kmem_cache_alloc+0x159/0x310
[ 3454.346297]  xas_alloc+0x336/0x440
[ 3454.347150]  xas_create+0x34a/0x10d0
[ 3454.348057]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3454.349282]  xas_store+0x8c/0x1c40
[ 3454.350166]  __xa_store+0x164/0x2d0
[ 3454.351028]  ? xa_delete_node+0x280/0x280
[ 3454.352035]  ? trace_hardirqs_on+0x5b/0x180
[ 3454.353066]  xa_store+0x31/0x50
[ 3454.353608] FAULT_INJECTION: forcing a failure.
[ 3454.353608] name failslab, interval 1, probability 0, space 0, times 0
[ 3454.353840]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3454.356397]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3454.357626]  ? alloc_fd+0x2e7/0x670
[ 3454.358509]  io_uring_setup+0x1fbb/0x2980
[ 3454.359510]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3454.360693]  ? wait_for_completion_io+0x270/0x270
[ 3454.361867]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3454.363080]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3454.364311]  do_syscall_64+0x33/0x40
[ 3454.365174]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3454.366351] RIP: 0033:0x7f4cd02cab19
[ 3454.367231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3454.371520] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3454.373284] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3454.374928] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3454.376561] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3454.378181] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3454.379810] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3454.381493] CPU: 1 PID: 17237 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3454.382403] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3454.383490] Call Trace:
[ 3454.383841]  dump_stack+0x107/0x167
[ 3454.384312]  should_fail.cold+0x5/0xa
[ 3454.384811]  ? xas_alloc+0x336/0x440
[ 3454.385290]  should_failslab+0x5/0x20
[ 3454.385787]  kmem_cache_alloc+0x5b/0x310
[ 3454.386320]  xas_alloc+0x336/0x440
[ 3454.386796]  xas_create+0x34a/0x10d0
[ 3454.387284]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3454.387973]  xas_store+0x8c/0x1c40
[ 3454.388457]  __xa_store+0x164/0x2d0
[ 3454.388928]  ? xa_delete_node+0x280/0x280
[ 3454.389473]  ? trace_hardirqs_on+0x5b/0x180
[ 3454.390048]  xa_store+0x31/0x50
[ 3454.390477]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3454.391101]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3454.391765]  ? alloc_fd+0x2e7/0x670
[ 3454.392244]  io_uring_setup+0x1fbb/0x2980
[ 3454.392790]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3454.393436]  ? wait_for_completion_io+0x270/0x270
[ 3454.394073]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3454.394738]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3454.395403]  do_syscall_64+0x33/0x40
[ 3454.395890]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3454.396541] RIP: 0033:0x7f3b78954b19
[ 3454.397020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3454.399370] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3454.400347] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3454.401264] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3454.402172] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3454.403081] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3454.404008] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:33:30 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
r2 = dup3(r0, r1, 0x0)
ioctl$TUNSETTXFILTER(r2, 0x400454d1, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000000000000008"])
dup3(r1, r0, 0x0)

04:33:30 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:33:30 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0x50380, 0x0)
ioctl$AUTOFS_IOC_EXPIRE_MULTI(r2, 0x40049366, &(0x7f0000000080)=0x2)
r3 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_io_uring_setup(0x6cf7, &(0x7f0000000280)={0x0, 0x2406, 0x10, 0x3, 0x2c7, 0x0, r3}, &(0x7f0000000000/0x2000)=nil, &(0x7f0000001000/0x2000)=nil, &(0x7f0000000200), &(0x7f0000000140))
io_uring_register$IORING_REGISTER_FILES(r3, 0x13, &(0x7f0000000100)=[r4, r4], 0x2)
r5 = openat$cgroup_type(r2, &(0x7f00000000c0), 0x2, 0x0)
ioctl$FICLONERANGE(r4, 0x4020940d, &(0x7f0000000100)={{r5}, 0x8, 0x5, 0x8})
r6 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r7 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r6, 0x13, &(0x7f0000000100)=[r7, r7], 0x2)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000300)={&(0x7f0000001000/0x3000)=nil, &(0x7f0000001000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000002000/0x1000)=nil, &(0x7f0000000000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff2000/0xe000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000002000/0x1000)=nil, &(0x7f0000000180)="d9e60d4e86647b2d", 0x8, r6}, 0x68)
io_uring_register$IORING_UNREGISTER_FILES(r3, 0x3, 0x0, 0x0)
dup3(r1, r0, 0x0)

04:33:46 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:33:46 executing program 7:
r0 = getgid()
fchown(0xffffffffffffffff, 0xee00, r0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$F2FS_IOC_DEFRAGMENT(r1, 0xc010f508, &(0x7f0000000000)={0x7, 0x60c2})
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e23, 0x2, @mcast1, 0x7c1}, 0x1c)
getsockopt$SO_COOKIE(r1, 0x1, 0x39, &(0x7f0000000080), &(0x7f00000000c0)=0x8)
recvfrom$inet6(0xffffffffffffffff, &(0x7f0000000100)=""/41, 0x29, 0x0, &(0x7f0000000140)={0xa, 0x4e24, 0x3, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x89a}, 0x1c)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000200), 0x404000, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x1010008, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@access_client}, {@access_user}, {@cachetag={'cachetag', 0x3d, '\x00'}}, {@access_any}, {@debug={'debug', 0x3d, 0x200}}, {@privport}, {@access_client}, {@noextend}, {@afid={'afid', 0x3d, 0x8}}], [{@uid_gt={'uid>', 0xee00}}]}})
writev(r1, &(0x7f00000025c0)=[{&(0x7f0000000340)="15c1aef655ceaf23a3330eabe9531216ac8849085f71071067f2ad6b49b2cc2dddd72536caed6b99b78be85d3eb8dcb7655690dc3ba434eeb2ca9c2d94954b4fcc1c745978b6c9985815cd09caff3ea87070038abad4b18197917586606c1ff3ec53f558e2d21045463edd0d38b75991bdea0709997abb5f421502380bca3ad215", 0x81}, {&(0x7f0000000400)="1ec7c4853e0d5c0b8ad2037abbbec9216a88e980c529ded0a10e560cd747a3ffd609d1b788ee20fb1192d2e16322668a52f16b5b586ce4d4da4974866a105802867b4d96d43e1ea971a290952a4cb64dd514942e08ff2eff3a90c1989c2a2ae8e6ab49a90f99cd0bc3388314e3e93f46b7a9ab4ce69f1b69253b984caf0a318a5830f1e27c8fd2864bdf1d0765a5c4b909d5617aed6dce3641ff3b5ada47772cfcbdb79a12d0a30431a9d30f5b13f49581343aed5293b24d0ad11d7fb65af01d4803fc51b4e0017a9ca0d05c5f905d5247c24814506ec1a36bcb840cfa296a1b88d579598b81127e2ba0820cf98f628f302a5d8dafe37944f40a8d9d3921e0c782fdb0db55a6ba4b8175320b216aced3cf59809d02532495b08097e1bb94762ad587442292ff21d841c53830f86a0dc4836a404208f42c27073ce5c5739b74f856282e7acb4005b77772cd071d5d84b45105a5bc91409adca36b8d210fe0b750a9257b40d3331aed7f436d3019e3ec7f05115ffc4c132346cbc32972923509623cfb77d2e8d302867bf1667f588193e16facbae1427c74f2c578950a615aec6fa094551505e670fa18724581ff430009ac1819df1cbc39924b4e413b23d7b3a928596ef2a70cd8e279a788ff584ba09741091891f0510056c75a21e61e0d87b321f6e6eb485f19abf77de130954331ca8c8fe6e14b38ed5b31f7ce5fe41fc52d7c9bc415199840b8fcd1c2f2f3cafe1c6cb7ec62a5f1d34ee0cdc4fe2895c3478a99f2d9b2d05dee95ee290852be1f31ff8709dcb30885814561b82483eec3ef9794b08680e60164de61cda3b07ba50d731287708fce791181b145e3af9a4ea37b158be4c9ed4c24aea7e649e0d90221d992a64069b104bcfcd54f4478bde2c389d6c8e8eb6d0f34d99ea48c94f8c05b54a756d03ecda8dccff077d08fb084195dbd438e1f6026e594550ebf5618a7c18335c35e1433e6aa8ad90ae1ab292ce7b4f6c12978e9c7fccace622425621d6a52d4a55591c275fd1d12f4380a89d5f9c732eb9521c2d84c36e561868be2c690898271d35916955baa33d8bb780c6f2e87442af9b1ee3d1e0504062973d8b44762b68916a8cbe64a891a51794ce3e8461f6808a043a76b70efb12a248f85e80a09d2ae42477374c8ba19fb2331bcdaa70779e0945dc686b121c76eb1b4e67df319f521606afa2af56f6bfe07c49042270b23eddc174919fb87b4bc664d7d6e1dfcfcb28d37ed83fca54688a1dd5704d7a81db4383f8a8a4581350548af8582652ec919d1dc17941671bf63182808f117848221211044841f4f9df7952e1465d51e0279d4cfb93cca5122771da00e6950e7fe7697912f2165edf80a24c598a931f814f20e3d9c3092bff440f5592ec55965caa68e289349f0ee84914cb99e6b44a681132e1295b59dc4cbefc3e077516725de9876bac911aecdf0b4d8ff78151c46a12346b5ea81886d463f2a012682dda0d0a8302281ae60f2121aa9c4ed7a295038faf8f143fe33ca1098483117390a01efbef7a1611f6b469b4a906663876637ed5b2ccd4a21b7a8ef2652d17a13f98fde0a3bf8abb227c7325ef2d1c3acafdef78693ceeb98fac84cb3e4fc11c4f8b7eed6655e95dc19ebce4edb60fd88035fb2f96840c50ccfa73a598836727519fade5099b7de7c73783e621394cd1664290bf3b1ef8a5506d19481a62f7db7e0ebaae743c21bdeeb71386b57f7a22f42e38d3ee04895eb1e3b3d3d83e1a75c3208c1fcdd7b4cd109306481d5ee198a1901bb9ae55bd17019e0655521fd3eb7c802e910328e387b49f3d28a46dc8839d49de83dacaaa0739c88d8d160012b60c91208ca9c307ce74b57cf6b658d1e91d5b246263af3977ecc73e64a24329ae7425c3ccd1cbbc98f34182c97232af8a8c28d72c2170d36bcc99e1e57c29cd6910eaa62e60c1b0a6927bcaf199a2b86c175b018f4b306dff53c4118ababd6b90acb17e797c93a3a5b87abf270426ae51ccecb65311dd9d25d9732e6f180983aa48f7c3f46572ec7762e9615ec0e6fb4668f0f1c3eba94e2d3ecdf764527a4d7f5218816e80afb0985ddba8dfbcf249e9ab4dd9e371e3146178431fada49aefb7ad86097c67e6bd3db6c534086ec09630d8afc2192d9f50f6242c8947da9dedf300e9c23ddab2adff0c0b7d8fa84356213d6cb7bbedfeccb02cd6b6af02b5445d920d3137fcfdbcb05619493fc96f9aa5d58de05160838600fa74098c5c4935278f69f59d44ece3c886d50053204c39dde8dc46f6adfb2706754ff07f0789b7b5fcda125e87ce01fe48ab953f6573ab1f2d8b0cea99bf79c93d66efcd91ac0ad63624659481734b540e84e5cc16f9850e25a0312e0890d386d2698443ba25aa4ef1dbe895cd27ef83da3337d7658e31fa1dc7dd76c13a1507f1f1dbd68bd8882adf56d1a57376646099b1e3d6816ea5086d4190ea9b7f593034e296d72f7e1e89751a2b30495b40e5f025280d53a4637ffd98a59ff074477a283a6acc9bd5f7e7d07684dbb4ab77283db812aa81177f4445a1a8fd4cd3580e6c154387e2a01ec43ff80b2be81facbb67405d7c2e8ce8488bcae12f3c865c6ea409fd216de3e56dd651adae392540a6a400cc16db3de1e6c79b23a3e301f3f5569d2a6262f427a66e077d4a2f9182dba5a278a4dcc01d550fcb6dfd2921d54bb6d628bb3f8829b7b05e17b6ad918dfe8eba6d9616639518316a86c933bafb381b3ce9880f30980933e96d12e9c529c6d85533067659a02667d8f80a06a093bc2dcc28a3f122e752d4c3e63e4871e0b783bce3757934349f85e0d62ce5e175b824bb3cae93ed0f41c9ebcb1d8e4f1511baf409ab0ddddfdb662b7d4d1dd6811a592e844006d75ebc77b19d1b02ecfbaa5399892ba3871c60e8d23a7084f2c8b5f6251c6524ce86c16cd70039acfd6ba5da04f5008a3c99ca1219eb8d1f0c7114fe86edf2071e3485ce85375905e9b40333d8126be20414be0da87acb3d8a2b74d32d4896a4c930f2d089c8fe5691010ff0d41cd2a5b925651315c35b38fc41bfa25c518b5a212daf5231036aeae5e22b650005f22ada3dff3590af883a33a278728836b9ef5b9b148226f7dbb62783720d1b8019c4491e80d58ae00b1e10cbaf16c8c43a803e1fad008a278fd8189eec57c2fb9e17ac4214ede1ae7ffdc23b2e1e638a8521841a7ab3eb7567903135744d1a7743a828fb24e1fb09c3ae51d5e78b4f37b3c0a81cc1b75eb13a64fd6a5b5d80f5f9de48c17c7445385e5527e4fdac3f6005043bb1ebb7ba77bde6e9635267ea0badd3c9c6e412fdb1aba9063da09860dc148e98b60ee44d4a24e85fe2614a269431a66a8e221e742537dd5d63ec3daea4be31e9fbf53492743f76b4b2592ce5d7c9ae240d8694898715c1ae9f6d15345c0f72b48d555d1e31bb6ae5a7b8ffffd880083269b97a43603fe137448635522163d610381450d34ed8ad7ada46793e9f11f7c13252bfa5daeaddba1cea0f377df31dfbef7c9842c51f9c90ec61518f6da0faad832f687e8750b1bd5445b2808e3b264153f262f5984c117bc0b9d87bf990f8b6ac4bd54ab4a9229b6940a12692868430223f1e5f1df388d828ae3cbe55be1d70de849abf58c7db08b988278624e71cb5aba6306a7380c035df68ba8fb4e94938cb37cc9de75d9f5ca1981d94889f9ad31b80cfde0b3fface27f894a21bd9f25e642c3a518a67fb697a3b9fde76ab19052705e3ab8f3814c8f7b775c6da58454e5ad4c77f02f9223f6aa88e495afc9834e56a5da4b324132d5469620a44d63c1c8eaf6f38ab50b7ec0aa64fddf1df9e3cc8283ea19c7629a54a885e57be0377face35bccbae8c62d8ffad73c1d543db28c402ec8894217beeba0dbe2c0a23bc3350f2926bae0e0bee409ecda31ac7c2284ce5606bd9623693e8b945b882a90554409993028dd27fb3f443321f35d8ec83db3e72cd167ac0b61d766c313066cfa2c0f7ba0e5a2c0454773f6700f8e5fc3d1def1ec23f30d079e5115b13244c936eda8997deea7152fb63fddc3514d67d63b38f234205878ed4d0eea284e820b89607fd8bd991a981c0b5a347dc65dc820f202b7afb9bef5555c4c7bc95c844f3ea719b4b2c09d46009c6a3f6d5dbde83f73a029f4f2cf9d29591d29289f72ec65f1908680f506c3a50ddecda4e2ec37ef21b62ecb95d83a09a5d44cce41fa84a2c6ed69c63e979c39d8188270315effd63e002d820fb253115221c935b9b8367e8af589c639e65d00b4bdf421a2b8ce84988ae10d41718f3b3a7309ea62312fa2bd1b728c0abbaa98b2a1e1b672c58b94d68917cd1db3b5d5a0a6d71d1312daa2ee68ad44da7f424ed901cadea245e52bf2f694a8f1df6ccf0c5c8ced4a1f3837f5c765d9612e0ee34bfa7a1d94e4a9de7613d8f202afbed23b54c79c5c61d9d19bf88d9e7fb2812f8257205451b7c60dad5265ca9dd2a81ba6ee2619d9a734d5093cadad3c366f81eedec5de18ce50a9f80a205ceacca1a4f727133abcf25174f3f06a076accc56742daf771b299201d1efe8d6634f4b3a5259629ee6281111e31e55b4671158ed1ad5ed13338f28ad612242822bac0e32bb44f74ef15b5b3e5848b771db1a2d54abcdb065ee5823b85d52fcfd4f97b1932464bde986f0679966e8f7e6bc24def4fe59f71e8075c15fb2441068c536d55ff4038875d97a94438783156d1b5e4e044d078e3f57151c566e31c303786f13d2eeeb4e48a81de081a3a1b1c4e89d19e50d9f937bd99c741bc064bce227085984c6fe05602472539ede70f4300d02aabfe166e75bafaeb29168582255e052cbde206e91b345bbdb1f31d29f24b6c5e17ef8e9d5f36a7386a05b3fa28d1a1493e0ed2038ff723e1043d5191880e0300fc57e3d4ea648723c88cade5248a5fe3b912752c0345f4bd22819df7bc2781cd10be005914ef4c2ba20420e9951405676aea1e29282db8873031f0c6d6e9bf00c08096f4bdd2adfdf42685ad8069ed4fcb2f67e603a5d1d1e82d155bb0c5dbbc20261113f0c084a6f59a4c9c5a1343fc569423326db2e38cffdbe98e074523efa62e17c3a8b8bb97808338a5b4658408f5336699ad9cada8cf505c6ce36a1ee4f2f1ebe2d687424f62a1a51c285dc0180cd9c4e2e39aeec969fed879d8d9dd1a1d4bee5097c8c7d3b91077fedc61b385004ba4ee8b88cdd58d187f33c7ffde477a97e4d0c8be7940e8a4e9b1d1e32bd82d244c1a8aaa55e06f60cd19d48a00b02d8a084c2024dbcdc07a5029848abdc2d238abab7047c560f563843a83a33de1123c6a968055fdbbcbd0d302c159f929e8b7ac2673ed968100ab40ce97d14b74e859c8e30740fb0830293b1022c1b660a4b8a7a92e79c4fe72e716f0b5ea36b2b60d0a5e58b53ef2ee062ca3c1e5b98e6246bd3a02524296c42780a8e2cb28d2ce04f3f565a5a46d63110012b0c105071b5b7d8cb3bd6d6e7c040fb0c366085952b20e6cf8921ee92da47f2c40dde63717383dc97a458dbbe5d0302387eaaaaf68f27835cbebf704c58e40df052b46331a5e8476ad2f720c0c3142cdd0914594c9d0c487e3fdd9933b7035af6a4ef11b76684cc85b499c825b23bf05005bb4c929061d84d82371979c76ab9c3b440f99fd9c6a5e4e684915baa889942a54b569c0e8a621656b32ef777ae6aa9989cffbc3192585cbdc12afaee8f9c54d2db7111977550c5c1b250187b4a6689f381b8a82ba5c58da2b21004582bbc31f26c2b2b8888c910db59c8d8a1fcd3a7b14", 0x1000}, {&(0x7f0000001400)="2c3a0ea44c7361738cfde8ca42b2ca4c62a0d1294e7de59ae51015bde73393bdec2d1b231d2dd59e53d8d6fb70c2c687b14f3a5e60bb629502b18f1ab0b5d389b9991212ca63061643ff30f11c9a075d284c2d8affeb8256326d8a37cbe701448c24e5e8ae77f6dfaf1d4824291bed6232212d2f69c6f39044d7f633549a3bc72f6a712491a5a9e397dc191a8932e40d624a224f9e98fe23013fe863c073c1a2eee9001ec7edda9675ef8475195f2de4eced0227163c032532a665f5dedab5b565d632aa33", 0xc5}, {&(0x7f0000001500)="f6adadaa77d04993", 0x8}, {&(0x7f0000001540)="44451cfb539799caa87806e5356592dfb6b2fb956154ce7af3a0e948148b077d7cb6f8e27a95ac3f4edde894ea6333fdd9d31692f00f5a51deb9f6e02c2fc3bb63a1083e31468ebe42c46c9b81f98913bec0cf7e91dbb3a7e6095b1cec86cf355b1e265efeda63fb98b1d1667f2f5a7eb3235e2d4aabf3677a50636ce19318f1c750bc520d43e6c115aaaafc4d1a634f80cd96afa9d7da4f565f9eb5063781898b8d1bda08dfc1cd092a313649dfbed4ea9dd843f7a0f59a5d3baeeceed59c6304427ad24e63c41df600c0491c4a2bc567dc597ecf5324c7d30e70dcb31a24b4eb15cbb269d655f5afbc4d798b69629b319a23483568ff77f73b72a48579edba2f83c67c303da618fb9c9347b2df704536e0c7781e129d9a265d4230ec53e96a032849980b0df109be0339e6e57fea55e6c6cbb38a042ad6940346a97d918499690bc28e0cd7b9f4daadb5bafa52b58e977550b6262b0cdcecfad68512d705e62ee4c25633374353e00193ded649dea9607d1f6be0ba9d83225a6489ef0bc1683450b0e94d17e56e7b484028991ba1bc3e3ab230de0a2bb003c874f75fedec8d9dfdb23195baec983789f35ba23353a4a7b862ba2ee0b6bd3eccf1b9e8981a1d34a5ff6d46a92f0f4b120f38a687e7ae2d684991164d93b53990071d726978b6c5525fb0b03cde5b92ba10b468d7000c63630caa61861e791ecaaaafabac969204f88eb48d0c5f33cc917639d3f0eb114bd52daa140c56c0a12d80a1a9fc01c0e3cfdfeb7a5efb015b9a1ee41ed6530831f003df0dfb9166221e301ed3d381126c22caf1e531691fb46fb8fb0e54c42ecca9ccca84ba84646cabf74862e43ffad4b471a34ec0f6b554f3e00ceaa4b6bc982a7a23ab01b237f3ca4aa769dec75b5f595f99018cfaec600aef4fed22099a3b4ae2a1f9a768c32872286c585cd7055d4679e4776dc96d756f63f6f1e801aa4e6d7c430c4862d3a193a5dfe17169afc3cd17619491dc4e6e0f3370e84216ce4193d34a183910a95fae7ff1cbbe78afffeaba56d4fc0ea95fe48c5538d5b8f8835c0208878b8c35bb307016ece9618b997e3e148a235428a45001f38e6a81812fdd3b855482a7bc6f7b7e650f7053ef54c5a87b0dd82a4cc162779cecd5c2689d3d4daf3f9f25ce10cb76d2ff438b3f1efca36cb563f041236f97bb87366eb3ac8f6aff59e5a8615b26133e75fb0ef4b29325fc082ad38000fff2a927d32a76da9c2d90b6ec5a1c129624cd5fd40ebae5e2c285319c0a713a2cb12f275334ad222b0de99d2b638eefa6b36ce172bb72a6fed8ef78b29c4371dd2c23be0eeb6e7badfd9f0f8349b6684bf476cdf7ce308f10c4af7b509b42d434717c29bf1bca2ce239f81b3215fea9d398227ba9ab4a1ef17c2061fea88cf1a0d7180d6d7bb6eab11a996100ad1271d4dceb42246356f6358e97c27324c3bfae8b134a3f8e0844fc396cf540e092f4950ae98ba988b5272f4a812f8391f2cf7eb325ecf71e80579d56bec9a18d64dcc880e906648b88bbfcedfeec1efab8892080dea9ff4feea32ba705f2d3dc0e0bcd1e43681dc873ab3a44f70cb81975f3d160e72e600d59c9e03d3a095eeb74ae80a09ba628930e46ba87a7eeb1eeb5b6317b43a3b3dd40abe8c1d080c3032d8f6a4a8402a865a0cfec1cf21a074b17fea8a2c2c0a5a1881b72c85daafc1708ee68258e08fe08bf22ec514c6005389eaa4857df1a84b3675a09346fb12d878e0d1edcdb5bf01b7b238c7c3b85151e7509992286458544e695019375c8cac2d0fe1a0d3075e473d8fd639691072b6e2282d5cbcdd443cfb1c372799ae02547c556658e6d84b4ee51d65b5ecdfed28f4fa22705f32ca277c949fa7963ba402df1a14e6f7fe465a71d6b12f42bbbd74aed49691db8bfbf5c0fe4be05758a7853b6e8fa376cc70a8ae96de13f312847fc815f0cc0adade99ff850e7c09879b37588f171377057814f611f725b4b1233abacd6251d8c706891314b9469c746137ffe812c037b862ef3fc3d4f5577337004279d2726d2bb715c123039ec76d8c369a63e11e617becf99531c416fd0887d7d1708e0114c613275e35b507c0739bb214b35cf15b7b4293f99491d8f650cbc9ec2bbbe4e032f8f9d3da730761966e8a40e1bbd0504f801f7eae46ef10b28640d34ad2b3ecc3f6052ee86fb03a51550e2d66e774b99c4a3735ec18722f4eb7b681bfac8e2b72da07e1b3410547aff13d038223b4a819dd7ed95bbc61bdb6263cd1f9178677ced5f1c91cf85ac552b68eabcc1255460dd221553447256c8e9ae3b1265740d82ac5613cee5a64e347109d9f01669f64c56359fc6279b69f01c0ba64407a59623677602a7ff763024ed9f988875570e23f1fcf14d2e399255e541cc081e010aad7ad61c9627e554484b107f10f4bc6a8ef083e4074d7430f92ff2395c789ff81478cb2963345a7b782f73f22b97a97cb875f540bb9ee3f76ab82771d87cb012b96a916aea810aed102910ea2e2d054350ac94306d29c3239121b200a2b6bd80c6a99989125dadcb9c083f6dfb9cd2b946ca471f75dad74763ab4dee8c1ec656661d780ace68f6f7d422730a753ad7a33da8481ca1a8b04bd98f1e88dad145c18f06e1bd83974e3be3a62533cc3a9fa9dc61603719f56617b381998b6c928cf229a4acd3d9c5be0d36ed30749278f3e292369ba8ea2a44734c0601587b181c5c22efcdfee8c1a1ff243149fc479277257b890e936db9f3a1ebfc378ce1f1930fcde24e0bd50c33af1dce38f8b403566ed2b705bf897866167c8f4791df1db56a18778f7c35ef0e0daaada47a2bcdaf0f4f96c82d48d590a58dacda20c950b436ed2107268c4f07aa3e7e3825f204802b99e75d8ea739d68221812d37875553d8fec208a761a6163afc558a583eb39cd53e9543eda554cc7e5419855775dcae1f1a783f2b7bc556de801fcd99235c347d0a8f5d1153ebf75b0490c035c53488dbd2cd4585c3d21ecab2c1342ca397d749b990fdcca2f189596448b359e0f7786be83cb34ebd14f80b2c03636ff9e3dd25b7cc180b9561e8b2f8b2554b6f5a5aab0f32b4b6dcfa7ebe7360d73a7ab7639ef9f9dc63baaedc7d6287ff698ebff9f313daa5a063f36549cd54e6f44e0646f4ecf0f8a1504862fc98cc094b5d2910d91a28cbd4a530c79b88856938a8491302c04e1656a3d158fe29b553e881d064d377c5996f2cbf06b5922d446296205fd827e9125455c6e25d8f7f4a4144f40e2da66f04f4b58c8e1ecd31003d2c43bfe1c882a610f4d6d70f6aee8ee6d1ddacb14d0abea62100d044adc80cb0ee1e58679510b9fac95ebdc197a790a515d46eede79cfa47925ed90784147aee62cb77d98767fdb2af87f6afec64c1d7e261179ef3521a10294fbd2562a4b5aff6b3b1be35305c2929955c5cb77af2f08ebf3944432fd6e6738b58bcd46bbdcb8646fd9853574e565e8d45584e91e8b10bc078f3a5dbb75ffb08eabf2387bacba32d69d6547412bf96c90a18cb66df5286dbf96f9899c4d1670e5599eac8419cc3500ba20fb6d0b5fee9a313a289dee550c5a535f18e4dff1745d07c3073b29a7bf9f6df5c865907292061f2b1caba26542a302dbb76f5e8608975ff2bc877ff449b62e0e5ab2f8e6d1ca30bae14c3e05ae1add85958fedbff02e382bc0e69bab480edfc481537077cb1a65ef188e8d501a35545889c374649d108fb40d0cd82a9960007d5452ba28169e0fa88b24b0243b5a4769b900e5e59c5c1f20577bd008b7f375634363fc065f5cd113ee7fb2b8ca5d3cc37755bd7ee7f73dc7b8513164cc23d44d4a0402ad26ae75d4c95a183ff0f22d06599dc11297d58f81a82bd8c49e3093184a3a7595184614e08d7e19bc31c98511208c3cfd48fd5371c2ed5d9366401b13bb0a459324fc14e4c3f14b0f61efb1ad4c46cadb07da816747ac4589cb4639f2ecdf207adf3c233032fdc415a75ec09b90126bdfa8f6a2e4698bf092d9a1e1d1db4174530c3850dcc3513d42954747d09b07fd4be34b82c90174c6c296de36e266faea2ad58010c3710f7eb8b195364c1e18564c68367398b36ea7ff6617c7c2f9af18c0d2b2e977a8a111176b8c3a677d93ae12e0f88ae2c89f0774503976cf842a1033431d42be1945d8ede37308460f3dd60c0353a7bd94b98ea4ae40c68dcf1702535ac410b840b2a29eabbb024e1cee8d389ab726c71c784044e76e8aa37634b8b981f2c455cdc5aa0ee6182fd839eb4d1a80ea9c3f3bd87d84e74dbce816f32ec6430eb8db10e1f64996fa845e0129718e58b0c95ba0a0a9bf7f4b64f72231bcb3af5d6f6a85c2bd01914a7087ae62ded0f97b3e5babdfb806ec34b417dcbc1bd8705a8359426eb46e42709b7b6e1857f54855d6fd60dd1d72535f78433d9667ebe62485ab66ffc9d31cfa3d5fd736ec5e77ed43280eaab73e481f8afea1be8ae8528751904465c3eaa268e38f224825215822b5a5ff28a56acd999a951a667a8fdd21a36c2f0694a59f3dbf0c5f61ea00618b3913a4a4e120fcb33799a98fa5a1267932c03c2219a8e9f2a95041337baf63da781db518ed4bfeac3856a0d70693d6aa6fb1fbcc9c8baf2ec843a46c1a5515a1231bc1adce51f25b8b633c35f19c77620e8abefe8137d22401244dc46206bd80d6712c5246c26d6b47de5213c6983cde8592b5b8d09aa19c51be84f35454893eef07965e975b322452cab223f7e7271e6bbbc9c59be9d07155e4a409b954c5c3cc4646a0021abe6d845685b3bb8ce15d4aaafebbec8f52150cc48a08616fc6679bcd57ac89851946ed2a2ef7a1cb9a9b1d8615d2b06e8d18bb2b111d9e33eef56bcb1c34f89d9c844acec0a6ab3159b90f78f73c7b4aa2057a259d17b26ddb6ffab4d0e5c93b83d6201607399cbf90824eaa13235d92b622ff55a1ffdc1dd79a01f62ee4117fb0a1b5a2ff6a045e625d5220cec62058c83913a5fa5ee9f79c518d2840f340fcb515fe5c6db4af6d62586f3c61aa8ba1d50aa18a91124204f02f1f93444d933f88a8a1c04b4027cccade492733cee0f27d7fb964bcef4c514f53a5920af60dc8093c3fc7e34dbce6475d94accd306d7d73520c9ca5ff3e88c1c35da784474a73378d696cd7c2d00c638eaeed383cf9991542bb857ff732144dbab8eb4ba86b5bcab70c2ef646cc10cd25d2119014ae1acf99de9b8d0dd89b36c8f6c965cdd9ac93413097e72ce60e9e625ebe39d0a34b1e280fa8d7289be39730a6605604bece9a2a48b7bc04f39882611b51a49ac8d625c125f75ce398049cd3aa5d54ca5195b2412191143ce82e95392a466bf2dec3e89430e7fb248b5c7117f351497420fdf262ce3e0c64deb7293fcdbc3ee5a8d03a74224dce57c500f89b7c13e142cb78551c944b1a46b3687e32ef4bc55de67d2231f8f303c6ef8ba742ebfe40211aefaea5c66a3bb383230baf05916ea771acf6d17fe4340d92c2877a79564a8b926fc8fec538c2a79ba5ead05e0c96157f2c9738b1a73149d98d9d49ffcb3f7eff57046d111d99368f7ee2c34d6ea41c330cf81c7591124a9b555fac2d6870276fe04f225490bf74e50fa9a274b08ef1b7ba2df925d4a1a081abd25ab8955e3beb51a8928e856c92a58d30d1dba51c328400d396eed2b02d74ba001e2e630e2e2fd22d02eb54eefebf22afaa59c0200528debe6d6c32bea260c723f0f4468b64906b482352f18e9655e5057090ea8db4bed3036c886b45bed2aa1713f49ea1f8113ca65a9a29875b07559", 0x1000}, {&(0x7f0000002540)="f373ed581ab5472464ae6549b0270390e3fe6dd972ed7d4f85d081541d8f963aac47079e318b24bb0b915bb1f7488d75694bfa436c2e52deda8d37b052af6a6daf0d63d776a6a89565b04bc8bd50a63924a3944f7c54908f", 0x58}], 0x6)
fadvise64(r2, 0x3, 0x7fffffff, 0x2)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
read(r3, &(0x7f0000002640)=""/126, 0x7e)
socketpair(0x25, 0x800, 0x4, &(0x7f00000026c0)={<r4=>0xffffffffffffffff})
fallocate(r4, 0x10, 0x6, 0xff)
io_setup(0x9, &(0x7f0000002700)=<r5=>0x0)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000027c0)='task\x00')
io_cancel(r5, &(0x7f0000002800)={0x0, 0x0, 0x0, 0x8, 0x1, r2, &(0x7f0000002740)="5298c3e41dfd23fce77bc38ef7c0bae7852c799f5fb9663bf9e09a1cc2feef5436f94a0ff3972bf3e172eafae9357dc3a1a2a89fd15bbe0e6ff3c83590d4c1444604957650b227599396ade36fdcc41e71d1f5f94393d949a5988d487c2d", 0x5e, 0x1, 0x0, 0x2, r6}, &(0x7f0000002840))
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, 0xffffffffffffffff)
sendmmsg$inet6(r2, &(0x7f0000002fc0)=[{{&(0x7f0000002880)={0xa, 0x4e23, 0xffffffff, @loopback, 0xb2fe}, 0x1c, &(0x7f0000002e80)=[{&(0x7f00000028c0)="747c4a154a50010129d180d817018a37dd829d3ffe65ecb1db92c18667191b85d3c3aa3663b3d6dd2078471a22ba3e8872103e02e76e60c27e93e8757710f4a2f2a3c776fc1aed96db561b134fc1d99c6756861237084867b3d70e82fb4e19dfe0d4aaff5d79c8801c09c6dfd47c743986056f2a145b3cfb555b396f3e1308359e2080d6a0280583111dd38dccfa7bacee1510d29834d66efec2ed461e5036773398573c7594cfb49e91130e5cc41ff4e92fdb4af726782f53f1fa438e40a48eac87341f99169f2e99e414e6672cd6a070ab6d861ddc861d8de323616f84", 0xde}, {&(0x7f00000029c0)="3d0d70e5d6a3629351eba374cd377aae61631c7035df9e70644f099f1a97faae7c2860fbdc7d54f0eb69924c938bda75ae29911de8818c26e5dd1134c8f8d3c552ebe83a41d11b03b96c4fbd176bcbf04173b79a3a2a7d86b5ddf765eb778e2fab35e19737ebb5530d625d05e256b10905dc697d13e75873f836ea6cccad0323bcdcd130", 0x84}, {&(0x7f0000002a80)="e6f964fb76097947246e7e38d9abadec3c0cb2c5bfb0e9a4ae2795ecc1634eb571b536b0890d66af491c2da553f0324bc590059d773b2efb48c089e84b7e20546b5c14850a026e349b307fd200048b8f6e85174088fb23d85a2529bbe414e8771ea827f48e9e333bba9f69a70a93ffd4ac5d86b78e06fd325f7f1b614e526c5bded12927f7e6d5d265ded1a41dc9468027b2c2bd996d11cb54f806fbaab9b10d6dc8cc823aeeb7dbc718cc384ba7403251eded371894f9289f208018e804acdefb2c67368f010eecf616b6afc1372c7f6e327dc42d0451743b99c350", 0xdc}, {&(0x7f0000002b80)="6b69e0efaedf389763d3923938ecfeaa879915d9a1cb50c1ca2e541b26ba7e15112af3d14debf7048b86c0fcda361c2da66ea780cc14928f4c0bcea5e1ecb089ce648327d580fe395bb5ed2a7c5b2226cd49592aaec07eaf5852119329c040860da2e0", 0x63}, {&(0x7f0000002c00)="51d79551cfd2c1f194e5d42c7adf0fd323e14e08452fdd4cc885a7993465ebbdfc35aadec94f3e16210f3dd25817660796d3d25c3a7509cf0f1610f27fea53b10ab3ec477051b39524c16b1dcb1848782d5d086abd1b4738ec7de4113bc0", 0x5e}, {&(0x7f0000002c80)="61fafb2f42fe2223e804fe680c5bc3df7d6362fc37654eead6da1766d35563ee356ad40ca69df56e2139c11e8dd7baae40932a04869c85649ac0d15ad5f191647f00d69fb533855c21d3d0b9e98ec9763345dffcf3351569539a7302a72534562a367957e5390f3b0b3cf608040516e4cac9de71a9361c07373160dbf73ee3805d7f8e7e863f1c162e1084417b8dc0f78d6807eacec1b346d87adbacb730901630b95e2f7b103da899f906d8cb10210c54fa522da0033dbd70", 0xb9}, {&(0x7f0000002d40)="7555194d6b06bc867e0989f9b5c1b44cfa259ba6a1e4d173b611a265d781f30909a0736e451def89e0c9fa025bdba1f71d628fdf05fbacd0599d32b6792cc73151224ae662f939ea901b4bc37cec6a297b481ba592bc1f24eb27120a9a07ac255c9af9f61a3703cca342f84ebe82379e1d615c602095eaef6df4ef62caff0beb4684bd8f80a671fba9a465cce4c27293", 0x90}, {&(0x7f0000002e00)="a230d3f8dc9a60ec37698f9c9c3c247c8051fa5eab343edd559ba4876039bfba2e7ec956f970ce3ebb1906685e3e930625d1c1df95216a6e4887a663dd9f244235f5981851cf02c37f8197f073f05ac5585a61fb4022bac05dce718fb44d", 0x5e}], 0x8, &(0x7f0000002f00)=[@dontfrag={{0x14, 0x29, 0x3e, 0x1}}, @rthdr_2292={{0x48, 0x29, 0x39, {0x1d, 0x6, 0x2, 0x6, 0x0, [@private1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @ipv4={'\x00', '\xff\xff', @private=0xa010100}]}}}, @flowinfo={{0x14, 0x29, 0xb, 0xca80}}, @tclass={{0x14, 0x29, 0x43, 0x4}}], 0x90}}], 0x1, 0x84)

04:33:46 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x4, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000040)={'gretap0\x00'})
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

[ 3470.368488] FAULT_INJECTION: forcing a failure.
[ 3470.368488] name failslab, interval 1, probability 0, space 0, times 0
[ 3470.369875] FAULT_INJECTION: forcing a failure.
[ 3470.369875] name failslab, interval 1, probability 0, space 0, times 0
[ 3470.371091] CPU: 0 PID: 17270 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3470.374251] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3470.376129] Call Trace:
[ 3470.376746]  dump_stack+0x107/0x167
[ 3470.377590]  should_fail.cold+0x5/0xa
[ 3470.378469]  ? create_object.isra.0+0x3a/0xa30
[ 3470.379496]  should_failslab+0x5/0x20
[ 3470.380427]  kmem_cache_alloc+0x5b/0x310
[ 3470.381345]  ? mark_held_locks+0x9e/0xe0
[ 3470.382273]  create_object.isra.0+0x3a/0xa30
[ 3470.383263]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3470.384438]  kmem_cache_alloc+0x159/0x310
[ 3470.385406]  xas_alloc+0x336/0x440
[ 3470.386227]  xas_create+0x34a/0x10d0
[ 3470.387097]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3470.388292]  xas_store+0x8c/0x1c40
[ 3470.389125]  __xa_store+0x164/0x2d0
[ 3470.389947]  ? xa_delete_node+0x280/0x280
[ 3470.390901]  ? trace_hardirqs_on+0x5b/0x180
[ 3470.391879]  xa_store+0x31/0x50
[ 3470.392638]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3470.393725]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3470.394891]  ? alloc_fd+0x2e7/0x670
[ 3470.395746]  io_uring_setup+0x1fbb/0x2980
[ 3470.396707]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3470.397844]  ? wait_for_completion_io+0x270/0x270
[ 3470.398974]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3470.400164]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3470.401337]  do_syscall_64+0x33/0x40
[ 3470.402183]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3470.403344] RIP: 0033:0x7f3b78954b19
[ 3470.404200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3470.408322] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3470.410025] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3470.411595] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3470.413183] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3470.414759] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3470.416347] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3470.417974] CPU: 1 PID: 17265 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3470.418982] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3470.420219] Call Trace:
[ 3470.420604]  dump_stack+0x107/0x167
[ 3470.421138]  should_fail.cold+0x5/0xa
[ 3470.421706]  ? xas_alloc+0x336/0x440
[ 3470.422264]  should_failslab+0x5/0x20
[ 3470.422826]  kmem_cache_alloc+0x5b/0x310
[ 3470.423424]  xas_alloc+0x336/0x440
[ 3470.423953]  xas_create+0x34a/0x10d0
[ 3470.424509]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3470.425277]  xas_store+0x8c/0x1c40
[ 3470.425806]  __xa_store+0x164/0x2d0
[ 3470.426337]  ? xa_delete_node+0x280/0x280
[ 3470.426946]  ? trace_hardirqs_on+0x5b/0x180
[ 3470.427589]  xa_store+0x31/0x50
[ 3470.428094]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3470.428795]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3470.429567]  ? alloc_fd+0x2e7/0x670
[ 3470.430121]  io_uring_setup+0x1fbb/0x2980
[ 3470.430739]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3470.431472]  ? wait_for_completion_io+0x270/0x270
[ 3470.432199]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3470.432959]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3470.433710]  do_syscall_64+0x33/0x40
[ 3470.434250]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3470.435003] RIP: 0033:0x7f4cd02cab19
[ 3470.435530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3470.438199] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3470.439304] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3470.440336] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3470.441365] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3470.442378] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3470.443409] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:33:46 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 57)

04:33:46 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x80fe, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:33:46 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 58)

04:33:46 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
ioctl$GIO_SCRNMAP(0xffffffffffffffff, 0x4b40, &(0x7f0000000100)=""/92)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x400000, 0x0)
r2 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)
r3 = openat2(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x41, 0x2}, 0x18)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x8}}}}}, 0x0)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e24, @multicast1}, 0x10)
dup3(r2, r0, 0x0)
socketpair(0x21, 0xa, 0x2, &(0x7f0000000200)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
setsockopt$inet_mtu(r5, 0x0, 0xa, &(0x7f0000000240), 0x4)
ioctl$TUNGETDEVNETNS(r0, 0x54e3, 0x0)

04:33:46 executing program 0:
keyctl$update(0x2, 0x0, 0x0, 0x0)
keyctl$get_keyring_id(0x0, 0x0, 0x0)
r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000580))
syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
keyctl$KEYCTL_MOVE(0x1e, 0x0, 0xfffffffffffffffc, 0x0, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, &(0x7f0000000080)='.request_key_auth\x00', &(0x7f0000000140)=@chain)
timer_gettime(0x0, &(0x7f0000000100))
timer_create(0x0, &(0x7f0000000340)={0x0, 0x33, 0x4}, &(0x7f00000003c0)=<r1=>0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4059, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=<r3=>0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000400)=ANY=[@ANYBLOB="0c6b368f6c14fc77f5add051ff7c0500010000001c0000000000a0dd3dbea682e50fe63971ca751bf07e1295b723b2ad6f489de521fb947635e32452c14b25aa17eeb83d60cf0b2461ef9db1b4edaf1a37db6493f2ffdebc1ef5c9ae03c147b83c8c66d3bdaca108f65d38b9a3f7c338fe163b759891d882fd3ace1b38d4fc2bc59aed2bc9027de06383f0a7fb1a92d3979dcaf98fe1c63f0881ce13bfc83b58cb998eba4877d49997d5a554ee923c5232e631c31e8dbfb67919e989167e9a60010f6f3e4fcca28c5925f93cdc96d0a830e956ed7ed2d5fae207bb150c7a8f970c175ea2590e643060b2631934c54ac4cb767668a026cd090b0dfe45a711c38a67d53155f7c11a177afe3a9cf44654f88a01255d242471991fe5a15e38eff18c6a000000000000000000", @ANYRES32=r2, @ANYBLOB="ff0f0000000000002e2f66696c653000"])
timer_settime(r3, 0x0, &(0x7f00000003c0)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timer_create(0x4, &(0x7f0000000180)={0x0, 0x3}, 0x0)
timer_settime(0x0, 0x0, &(0x7f00000003c0)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timer_gettime(r1, &(0x7f0000000280))
timer_create(0x6, 0x0, 0x0)
clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0, 0x0, {r2}}, 0x58)

04:33:46 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:33:46 executing program 7:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REGISTER_BEACONS(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB="1f000000", @ANYRES16=r1, @ANYBLOB="01000000000000000000550010fdbc454c7bb4677556cb000008000100000000000c0099000000000000000000"], 0x28}}, 0x0)

04:33:46 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 59)

04:33:46 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x0)
r0 = socket$inet(0x2, 0xa, 0x0)
dup3(r0, 0xffffffffffffffff, 0x0)

04:33:46 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0x3, 0x0)
dup3(r1, r0, 0x0)

04:33:46 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 58)

[ 3470.629256] netlink: 11 bytes leftover after parsing attributes in process `syz-executor.7'.
04:33:46 executing program 0:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x2, &(0x7f0000000100)=[{&(0x7f0000000180)="eb3c906d6b66732e66617400020801000470008400f001", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x0, &(0x7f0000000240)=ANY=[])
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000140)='./file0\x00', 0x2d, 0x1, &(0x7f00000002c0)=[{&(0x7f00000001c0)="e872cbe4990afb0775c0e3c836ac4cd96a0571fc59761903584becb866f5ee9919d49253172a4997d2c0a57662a5190cb03480e7099172c5cd0f076d106920977cc83345f1029d958aadab9a83d886f15f68bcd532030476af3896ef4c2c80a73e0d983041af642708de741e11231a87b5e4a1a3fe300851654650b7ba0cf9910c167ba2a6ac004c1d8be6131e144269abc525e63d8d5008e896", 0x9a, 0xdca}], 0x10006, &(0x7f0000000300)=ANY=[@ANYBLOB="756e695f786c6174653d312c73686f72746e616d653d6c6f7765722c6e6e6f6e756d7461696c5ad02c7375626a5f726f6c653d76666174002c00"])
ioctl$FAT_IOCTL_SET_ATTRIBUTES(r0, 0x40047211, &(0x7f0000000000)=0x7)

[ 3470.651143] netlink: 11 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 3470.660167] FAULT_INJECTION: forcing a failure.
[ 3470.660167] name failslab, interval 1, probability 0, space 0, times 0
[ 3470.662735] CPU: 0 PID: 17294 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3470.664304] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3470.666179] Call Trace:
[ 3470.666791]  dump_stack+0x107/0x167
[ 3470.667628]  should_fail.cold+0x5/0xa
[ 3470.668508]  ? xas_alloc+0x336/0x440
[ 3470.669360]  should_failslab+0x5/0x20
[ 3470.670226]  kmem_cache_alloc+0x5b/0x310
[ 3470.671166]  xas_alloc+0x336/0x440
[ 3470.672000]  xas_create+0x34a/0x10d0
[ 3470.672884]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3470.674080]  xas_store+0x8c/0x1c40
[ 3470.674931]  __xa_store+0x164/0x2d0
[ 3470.675768]  ? xa_delete_node+0x280/0x280
[ 3470.676748]  ? trace_hardirqs_on+0x5b/0x180
[ 3470.677760]  xa_store+0x31/0x50
[ 3470.678524]  __io_uring_add_tctx_node+0x1cf/0x520
04:33:46 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000000040)={'tunl0\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

[ 3470.679632]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3470.680996]  ? alloc_fd+0x2e7/0x670
[ 3470.681858]  io_uring_setup+0x1fbb/0x2980
[ 3470.682826]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3470.683998]  ? wait_for_completion_io+0x270/0x270
[ 3470.685160]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3470.686366]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3470.687565]  do_syscall_64+0x33/0x40
[ 3470.688442]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3470.689620] RIP: 0033:0x7f3b78954b19
[ 3470.690479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3470.694647] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3470.696407] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3470.698075] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3470.699747] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3470.701416] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3470.703086] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:33:46 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:33:46 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0xc0fe, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

[ 3470.751713] FAULT_INJECTION: forcing a failure.
[ 3470.751713] name failslab, interval 1, probability 0, space 0, times 0
[ 3470.754578] CPU: 1 PID: 17310 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3470.756262] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3470.758280] Call Trace:
[ 3470.758936]  dump_stack+0x107/0x167
[ 3470.759825]  should_fail.cold+0x5/0xa
[ 3470.760764]  ? create_object.isra.0+0x3a/0xa30
[ 3470.761878]  should_failslab+0x5/0x20
[ 3470.762698]  kmem_cache_alloc+0x5b/0x310
[ 3470.763656]  ? mark_held_locks+0x9e/0xe0
[ 3470.764564]  create_object.isra.0+0x3a/0xa30
[ 3470.765488]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3470.766559]  kmem_cache_alloc+0x159/0x310
[ 3470.767450]  xas_alloc+0x336/0x440
[ 3470.768210]  xas_create+0x34a/0x10d0
[ 3470.769015]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3470.770124]  xas_store+0x8c/0x1c40
[ 3470.770898]  __xa_store+0x164/0x2d0
[ 3470.771664]  ? xa_delete_node+0x280/0x280
[ 3470.772573]  ? trace_hardirqs_on+0x5b/0x180
[ 3470.773504]  xa_store+0x31/0x50
[ 3470.774217]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3470.775249]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3470.776381]  ? alloc_fd+0x2e7/0x670
[ 3470.777175]  io_uring_setup+0x1fbb/0x2980
[ 3470.778071]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3470.779155]  ? wait_for_completion_io+0x270/0x270
[ 3470.780228]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3470.781361]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3470.782476]  do_syscall_64+0x33/0x40
[ 3470.783278]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3470.784388] RIP: 0033:0x7f4cd02cab19
[ 3470.785189] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3470.789172] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3470.790827] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3470.792385] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3470.793933] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3470.795492] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3470.797065] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:33:46 executing program 7:
ioctl$FIGETBSZ(0xffffffffffffffff, 0x2, &(0x7f0000000200))
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/mcfilter6\x00')
pread64(r0, &(0x7f0000000000)=""/152, 0x28, 0x8000000000)
fcntl$dupfd(r0, 0x406, r0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x80049367, &(0x7f0000000140))
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r0, 0xc0189372, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="0000005bfd8d0f78d6d2c58f00"/25])
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4f3c, 0x3f}, 0x8000, 0x0, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
creat(&(0x7f0000000180)='./file0\x00', 0x81)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmallocinfo\x00', 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xffe3)

04:34:04 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000040)={'macvlan1\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)
writev(r0, &(0x7f0000000480)=[{&(0x7f0000000080)="4bbe71da31d989e179da5d71d46a0321fc66df9c40e2e5c8be2c44a82111058306abc99c2761106c88cf8c1e4e5d673ddcb9ea0e32a9fc91f7d941240d21cfe27ae6369221078081f7774639ac2e2d3766f8c808bcc86335623cee1f87facbff280a21a04979eb", 0x67}, {&(0x7f0000000100)="1e4ff6516d38271dd2fe1904ce40a95dfb34b696ebf6243628e4a68971e608e4dfef186aefec6305c509e8564fbb8e32d46abc0ce8a5ad679afbe7e1b8bb01e01cb410010086eeec85a0a7adcb1e427ce28270ed970c7a292296931c64b4e24d1c0d8b9106c1a327236683b296ce7878408c366aee56eb018151824f93288664af0bbfaa579d3205f696d416fe2fff032e20bb82097666f5b7abbe9c59c7f546b11b0d93a38e9de8ed1ae8ea51d7813cafeed744c44601acb6c2", 0xba}, {&(0x7f0000000200)="6441410e57d3f90a027717033fd22f833c1ff073834edff4dbcf595efbd4cfe406569e875564252074d6c39061a8d117697b2ed38cebc527a3928d33f4a56b54ca4cb6a5287867d8b12c6756e1da26c52a160c55f95f22d2348348202e61e3bcc9d5ea5d1be1c5d6c3ccf9019a5acf9841e0d229516d6877b422c872d33ed1c25a022e89409b8d90f6753902ba0a91e927cddb855c6b1d46524a9d2146672b9289a04aacd554d504e65b6eb10d1145", 0xaf}, {&(0x7f00000002c0)="63b95cd19e347f072e9c8bd626b033b10e614e85c2bd3b2d64ae52c5b33c935e58b6a5cbdc6a537481a6bf3f1324d83ac608", 0x32}, {&(0x7f0000000300)="91aeb53408f1303a434a82117ad332e0810053f4dc487d9e3da50a5075f53242f6547f3c00a51dc3687fb28b6e1813ad4ca6feff6e0fd14fa254810c14fab7f89ca19ce07365999bee512a6ea8c432a98c6b33489ec13b31b39144d8a0a8f6efe7230a722974d68b3312f7905fc63a7eebdf5cf6037e42ea934ef9a22aa456c760afee6e5753d85d74b3a3160f6a3cb0", 0x90}, {&(0x7f00000003c0)="038b22a1db508fb9270bd5809aa0deacebd12f9ba2072496f04d113b678db80097d94c34f6b0b4e1eb2b7badd8566d701d9c3a4b366b3be79b7e636c3fcb281d83535897822c81601252d1c7c08b9884cd3785e225e23e6585781e5b6e676aa3c75f95337d6f3d747b0cc7a7cb63593ffa224d6d0a3266541c497832bb9d0cd7d7ca9c0e95ee25989e1e066539a22428765a60fb146cb61d4bdcab602099e155018e83f4b1eceee461", 0xa9}], 0x6)

04:34:04 executing program 0:
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000640)={0x30, 0x1, 0x4, 0x101, 0x0, 0x0, {}, [@NFULA_CFG_MODE={0xa, 0x2, {0x0, 0x2}}, @NFULA_CFG_NLBUFSIZ={0x8, 0x3, 0x1, 0x0, 0x7fff}, @NFULA_CFG_CMD={0x5, 0x1, 0x1}]}, 0x30}}, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
sendmsg$NFULNL_MSG_CONFIG(r2, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x30, 0x1, 0x4, 0x3, 0x0, 0x0, {0xc, 0x0, 0x3}, [@NFULA_CFG_MODE={0xa, 0x2, {0x8b7}}, @NFULA_CFG_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x8}, @NFULA_CFG_QTHRESH={0x8, 0x5, 0x1, 0x0, 0x5}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000005}, 0x80)

04:34:04 executing program 7:
syz_emit_ethernet(0x110, &(0x7f00000001c0)=ANY=[@ANYRES16=0x0, @ANYRES32], 0x0)
mknod$loop(&(0x7f0000000300)='./file0\x00', 0x6000, 0x0)
setxattr$trusted_overlay_opaque(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440), &(0x7f0000000480), 0x2, 0x1)
creat(&(0x7f0000000080)='./file0\x00', 0x9)
r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000000)={'\x00', 0x0, 0x102, 0xb91})
fallocate(r0, 0x40, 0x1, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/module/8250', 0x460800, 0x8)
ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0)
signalfd(0xffffffffffffffff, &(0x7f0000000140), 0x8)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
fcntl$getown(0xffffffffffffffff, 0x9)
r2 = openat$nvram(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read$snapshot(r2, &(0x7f00000004c0)=""/149, 0x95)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x401c5820, &(0x7f0000000180)={0xb0})
sendmsg$NL80211_CMD_GET_KEY(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="b4006d92", @ANYRES16=0x0, @ANYBLOB="000125bd7000fbdbdf250900000007000a00074471006c00508008000700010000000800030001ac0f00ebff0501ac0f00110001005b0d375d7fbda2de71d8cae2ca000000050002000500000004000500120004004407d98c36f73d3550165d1fdde700000f000400febf400248ffdc8131c09c00040028000800370000000000080011fb31b966762b006c319a74090001ac0f0009000700c79fb03cf6000000e31d178c42a23a6b8257a793a6e4040c27075259272c659db3d7fa83951885e13c071dd24db5cd9a417e592d338422990e1a3ab5f44c5086aaa746f59b38e824c7d678cba90bed7b7cea145b418caad97f533b9ecf8d5f1022f0eb34b0c11f8f2b042bb2f0ac10000000000000000000000000002a193198388943f728224a378abee5470b3894ee2b24fb2b2d1022ad50b73b519b7a24aac7ad9fb2d1ee70e5986a8390b247c9316c99"], 0xb4}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000)
openat(r2, 0x0, 0x18000, 0x80)
r3 = open(&(0x7f0000000040)='./file0\x00', 0x100, 0xce)
bind$packet(r3, &(0x7f0000000080)={0x11, 0x1a, 0x0, 0x1, 0x3, 0x6, @broadcast}, 0x14)

04:34:04 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 59)

04:34:04 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0xfffdfffd, 0x10000, 0xcf89, 0x0, 0x5, "4a6efdff0000000008004200", 0xcf3})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = io_uring_setup(0x1b87, &(0x7f0000000200)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f00000002c0), 0x222080, 0x0)
r3 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000180), 0x40000, 0x0)
r4 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r4, 0x13, &(0x7f0000000100)=[r5, r5], 0x2)
io_uring_register$IORING_REGISTER_EVENTFD(0xffffffffffffffff, 0x4, &(0x7f0000000280)=r5, 0x1)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
ioctl$FIONREAD(r2, 0x541b, &(0x7f0000000140))
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
r6 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0xfffffffe, 0x20})
r7 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r6, 0x13, &(0x7f0000000100)=[r7, r7], 0x2)
openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x240000, 0x0)
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x7)
r8 = socket$inet(0x2, 0xa, 0x0)
dup3(r8, r0, 0x0)

04:34:04 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 60)

04:34:04 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0xfc00, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:34:04 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

[ 3488.885828] FAULT_INJECTION: forcing a failure.
[ 3488.885828] name failslab, interval 1, probability 0, space 0, times 0
[ 3488.888363] CPU: 1 PID: 17329 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3488.889806] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3488.891539] Call Trace:
[ 3488.892098]  dump_stack+0x107/0x167
[ 3488.892870]  should_fail.cold+0x5/0xa
[ 3488.893669]  ? xas_alloc+0x336/0x440
[ 3488.894450]  should_failslab+0x5/0x20
[ 3488.895252]  kmem_cache_alloc+0x5b/0x310
[ 3488.896105]  xas_alloc+0x336/0x440
[ 3488.896871]  xas_create+0x34a/0x10d0
[ 3488.897665]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3488.898767]  xas_store+0x8c/0x1c40
[ 3488.899528]  __xa_store+0x164/0x2d0
[ 3488.900308]  ? xa_delete_node+0x280/0x280
[ 3488.901193]  ? trace_hardirqs_on+0x5b/0x180
[ 3488.902112]  xa_store+0x31/0x50
[ 3488.902808]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3488.903823]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3488.904924]  ? alloc_fd+0x2e7/0x670
[ 3488.905701]  io_uring_setup+0x1fbb/0x2980
[ 3488.906578]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3488.907638]  ? wait_for_completion_io+0x270/0x270
[ 3488.908693]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3488.909790]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3488.910875]  do_syscall_64+0x33/0x40
[ 3488.911653]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3488.912731] RIP: 0033:0x7f4cd02cab19
[ 3488.913512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3488.916672] FAULT_INJECTION: forcing a failure.
[ 3488.916672] name failslab, interval 1, probability 0, space 0, times 0
[ 3488.917392] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3488.917413] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3488.917424] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3488.917435] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3488.917447] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3488.917458] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3488.929201] CPU: 0 PID: 17337 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3488.930660] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3488.932418] Call Trace:
[ 3488.932982]  dump_stack+0x107/0x167
[ 3488.933764]  should_fail.cold+0x5/0xa
[ 3488.934578]  ? create_object.isra.0+0x3a/0xa30
[ 3488.935544]  should_failslab+0x5/0x20
[ 3488.936375]  kmem_cache_alloc+0x5b/0x310
[ 3488.937243]  ? mark_held_locks+0x9e/0xe0
[ 3488.938115]  create_object.isra.0+0x3a/0xa30
[ 3488.939045]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3488.940137]  kmem_cache_alloc+0x159/0x310
[ 3488.941041]  xas_alloc+0x336/0x440
[ 3488.941806]  xas_create+0x34a/0x10d0
[ 3488.942618]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3488.943342] blktrace: Concurrent blktraces are not allowed on loop14
[ 3488.943731]  xas_store+0x8c/0x1c40
[ 3488.943788]  __xa_store+0x164/0x2d0
[ 3488.943818]  ? xa_delete_node+0x280/0x280
[ 3488.943859]  ? trace_hardirqs_on+0x5b/0x180
[ 3488.948454]  xa_store+0x31/0x50
[ 3488.949158]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3488.950176]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3488.951281]  ? alloc_fd+0x2e7/0x670
[ 3488.952074]  io_uring_setup+0x1fbb/0x2980
[ 3488.952989]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3488.954053]  ? wait_for_completion_io+0x270/0x270
[ 3488.955118]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3488.956235]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3488.957337]  do_syscall_64+0x33/0x40
[ 3488.958136]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3488.959218] RIP: 0033:0x7f3b78954b19
[ 3488.960003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3488.963871] RSP: 002b:00007f3b75eca108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3488.965484] RAX: ffffffffffffffda RBX: 00007f3b78a67f60 RCX: 00007f3b78954b19
[ 3488.966989] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3488.968512] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3488.970018] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3488.971539] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:34:05 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:34:05 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 60)

04:34:05 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x8001, 0x2, "77004a6efdff0000000008002600", 0x3a6})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2755a17f64696f9f, 0x10, r1, 0x2d59a000)
r2 = socket$inet(0x2, 0xa, 0x0)
dup3(r2, r0, 0x0)

04:34:05 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:34:05 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 61)

[ 3489.179186] FAULT_INJECTION: forcing a failure.
[ 3489.179186] name failslab, interval 1, probability 0, space 0, times 0
[ 3489.181651] CPU: 1 PID: 17362 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3489.183117] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3489.184329] FAULT_INJECTION: forcing a failure.
[ 3489.184329] name failslab, interval 1, probability 0, space 0, times 0
[ 3489.184879] Call Trace:
[ 3489.184907]  dump_stack+0x107/0x167
[ 3489.184930]  should_fail.cold+0x5/0xa
[ 3489.184955]  ? vm_area_dup+0x78/0x290
[ 3489.190136]  should_failslab+0x5/0x20
[ 3489.190938]  kmem_cache_alloc+0x5b/0x310
[ 3489.191801]  vm_area_dup+0x78/0x290
[ 3489.192585]  ? lock_release+0x680/0x680
[ 3489.193434]  ? mark_lock+0xf5/0x2df0
[ 3489.194223]  ? lock_chain_count+0x20/0x20
[ 3489.195099]  ? mark_lock+0xf5/0x2df0
[ 3489.195892]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3489.197008]  ? lock_chain_count+0x20/0x20
[ 3489.197891]  ? mark_lock+0xf5/0x2df0
[ 3489.198675]  ? vm_area_alloc+0x110/0x110
[ 3489.199540]  ? __lock_acquire+0x1657/0x5b00
[ 3489.200478]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3489.201577]  ? SOFTIRQ_verbose+0x10/0x10
[ 3489.202434]  ? vmacache_find+0x55/0x2a0
[ 3489.203279]  __split_vma+0xa8/0x4e0
[ 3489.204048]  __do_munmap+0x365/0x1260
[ 3489.204862]  ? arch_get_unmapped_area+0x450/0x450
[ 3489.205877]  ? lock_release+0x680/0x680
[ 3489.206719]  mmap_region+0x7cc/0x1500
[ 3489.207540]  do_mmap+0x868/0x1370
[ 3489.208292]  vm_mmap_pgoff+0x198/0x1f0
[ 3489.209113]  ? randomize_page+0xb0/0xb0
[ 3489.209963]  ksys_mmap_pgoff+0x41c/0x560
[ 3489.210818]  ? find_mergeable_anon_vma+0x250/0x250
[ 3489.211859]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3489.212988]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3489.214086]  do_syscall_64+0x33/0x40
[ 3489.214879]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3489.215959] RIP: 0033:0x7f3b78954b62
[ 3489.216758] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 3489.220657] RSP: 002b:00007f3b75eca0f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 3489.222256] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f3b78954b62
[ 3489.223790] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000
[ 3489.225293] RBP: 0000000020ffc000 R08: 0000000000000005 R09: 0000000000000000
[ 3489.226807] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200000c0
[ 3489.228310] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3489.229845] CPU: 0 PID: 17366 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3489.231318] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3489.233096] Call Trace:
[ 3489.233663]  dump_stack+0x107/0x167
[ 3489.234457]  should_fail.cold+0x5/0xa
04:34:05 executing program 0:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x200000, 0x4, &(0x7f0000000140)=[{&(0x7f0000010000)="200000000002000019000000900100000f000000000000000200000006000000000008000080000020000000e2f4655fe2f4655f0100ffff53ef010001000000e1f4655f000000000000000001000000000000000b0000000004000008000000d2c200001203", 0x66, 0x400}, {&(0x7f0000010100)="000000000000000000000000fc8e0b4946704d25a0f18393550c433b010040", 0x1f, 0x4e0}, {&(0x7f00000000c0)="02000000030000000400000019000f000300040000000000000000000f002e69", 0x20, 0x1003}, {&(0x7f0000000040)="ed41000000100000e1f4655fe2f4f4655f008cd70000000000e2040080000098d12ab99d18", 0x25, 0x43ff}], 0x0, &(0x7f00000001c0))
r0 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r0, 0x13, &(0x7f0000000100)=[r1, r1], 0x2)
ioctl$AUTOFS_IOC_EXPIRE(r0, 0x810c9365, &(0x7f0000000200)={{0x2, 0x3}, 0x100, './file0\x00'})

04:34:05 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0xfe80, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

[ 3489.235277]  ? create_object.isra.0+0x3a/0xa30
[ 3489.236433]  should_failslab+0x5/0x20
[ 3489.237242]  kmem_cache_alloc+0x5b/0x310
[ 3489.238111]  ? mark_held_locks+0x9e/0xe0
[ 3489.238986]  create_object.isra.0+0x3a/0xa30
[ 3489.239920]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3489.241022]  kmem_cache_alloc+0x159/0x310
[ 3489.241927]  xas_alloc+0x336/0x440
[ 3489.242697]  xas_create+0x34a/0x10d0
[ 3489.243516]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3489.244645]  xas_store+0x8c/0x1c40
[ 3489.245440]  __xa_store+0x164/0x2d0
[ 3489.246220]  ? xa_delete_node+0x280/0x280
[ 3489.247116]  ? trace_hardirqs_on+0x5b/0x180
[ 3489.248052]  xa_store+0x31/0x50
[ 3489.248776]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3489.249797]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3489.250898]  ? alloc_fd+0x2e7/0x670
[ 3489.251698]  io_uring_setup+0x1fbb/0x2980
[ 3489.252601]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3489.253664]  ? wait_for_completion_io+0x270/0x270
[ 3489.254727]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3489.255838]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3489.256952]  do_syscall_64+0x33/0x40
[ 3489.257740]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3489.258817] RIP: 0033:0x7f4cd02cab19
[ 3489.259609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3489.263456] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3489.265069] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3489.266575] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3489.268078] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3489.269589] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3489.271087] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:34:05 executing program 7:
perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$bt_BT_VOICE(0xffffffffffffffff, 0x112, 0xb, 0x0, 0x0)
r0 = getpgrp(0x0)
pidfd_open(r0, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
perf_event_open(&(0x7f0000000000)={0x5, 0x80, 0x6, 0x8, 0x7, 0x9, 0x0, 0x10000, 0x16013, 0xe, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x2, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x7, 0x1, @perf_config_ext={0x100, 0x8001}, 0x8000, 0xa1f, 0x4, 0x4, 0x9, 0xfffff004, 0x5, 0x0, 0x0, 0x0, 0x6}, r0, 0x5, r2, 0x1)
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='statm\x00')
pread64(r3, &(0x7f0000000140)=""/74, 0x4a, 0x0)

04:34:05 executing program 0:
syz_open_dev$mouse(&(0x7f0000000040), 0x6, 0x325800)

04:34:05 executing program 1:
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="00022abd7000fcdbdf250e0000003c00028008000300020000000800030075fb01120500050009000000080003000400000008000500040000000800070002000000080006000600000008000500"/90], 0x60}}, 0x4040000)
syz_genetlink_get_family_id$batadv(&(0x7f0000000340), 0xffffffffffffffff)
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
getsockopt$netlink(0xffffffffffffffff, 0x10e, 0x4, &(0x7f0000000240)=""/167, &(0x7f0000000300)=0xa7)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r1, 0x400454cd, 0x0)
r2 = socket$inet(0x2, 0xa, 0x0)
ioctl$TIOCL_SELLOADLUT(0xffffffffffffffff, 0x541c, &(0x7f0000000080)={0x5, 0x4, 0x401, 0x1, 0x26d})
dup3(r2, r1, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)

04:34:24 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0x5, 0x1)
dup3(r1, r0, 0x0)

04:34:24 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, 0x0)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:34:24 executing program 7:
r0 = syz_open_dev$sg(&(0x7f0000000100), 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000140), 0x24000, 0x0)
ioctl$SCSI_IOCTL_DOORUNLOCK(r1, 0x5381)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x2284, &(0x7f0000000180)=ANY=[@ANYBLOB="020000000000000000000000c8720254cf965d7b3d89f057592ef2ec1826531b01ee15e74cf9a0ab38998977e023c6a2d8538910a52e185b81f417817ca6cacdca1b02bd010e586fdfb09c8075b6f97ba44c95452e3d66aa43fdf984ea912f7148547a8c2cb1e935a57ec7bac1bdb9598c849f10adce1dcd40684ced050621be105385cef227641fc6b562b0a853a84d96d6dc38ab20656ae3a4ab79fd4d5300"/172])
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000040)={0xb4, 0x66c7, 0x5, "707f62ed09f5ed0ff0fe7bbe7d5700e3baa3724718904fbcb460a2a20404cbcb46c06ead8a4bbecc59404c336add9ee14f20102bb593d70aebc06b8972b0bd8c75564cfa4ce05c0f82271418b6b4fdfd31a91f8903827fbbfaea2df85940bb4136968aebf9102f2cbc381a0780594a203982946b6ccb3f9dcd59682d3b74908949856d56097fbcb10f480c6b8dfa3075e4fc634cb3e32765bf89cf3e9e89985f0a59f0a71cf488c915ecd648ee785a642a0982ee"})

04:34:24 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0xfec0, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:34:24 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
write(0xffffffffffffffff, &(0x7f0000000040)="22bd64cb512b6c74905d257e15396434f4b945ccbe8cb3f79ba73e326be0df769aef6d53db3b19c5781318", 0x2b)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:34:24 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 61)

04:34:24 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 62)

[ 3508.249295] FAULT_INJECTION: forcing a failure.
[ 3508.249295] name failslab, interval 1, probability 0, space 0, times 0
[ 3508.251957] CPU: 1 PID: 17405 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3508.253559] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3508.255466] Call Trace:
[ 3508.256079]  dump_stack+0x107/0x167
[ 3508.256928]  should_fail.cold+0x5/0xa
[ 3508.257807]  ? create_object.isra.0+0x3a/0xa30
[ 3508.258853]  should_failslab+0x5/0x20
04:34:24 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r1, 0x0)
r2 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r2, 0x13, &(0x7f0000000100)=[r3, r3], 0x2)
pwritev2(r2, &(0x7f0000000180)=[{&(0x7f0000000040)="66338113eddf6e2d22ac384281735eab8836e030deef30319af3e37b775d28d42c411537348895f01ca86f26cc715d67026ef7eceea71b1c534d874cdc113d5b134a6e033095f738c5e93a0587d343a8014c572d00b034f68e0298521e9fe3552bbc760d626578ff3a4bf4", 0x6b}, {&(0x7f0000000100)="0b322fd8930ee16227286bf680aae8e2b848ae51c64a8febac8e71ea83960eadd540ff03e76aa859cb078d54fa76bfa534fd34c49c6302e90669f7759b7d45fcf9459d87c850b40c7a7d290005ff1ed29f5533ba9ac3a92216f435fa", 0x5c}, {&(0x7f00000002c0)="27179d6ce1ca7bd59b5399a9c7d7cc9d6219fcbad383336bb0eefbecd1d0b8346b8693dfebc50ec679bca97af104dacedae0cfd131bd5e201441fc7d94d9d9b0d836dd23744c39d5de6903bf5082a3f05fd00ebf0cdc30ca4b25757feae11dbeabd3de5d80c969b6be27c0732444b2bd49ad626e7db52026727ee4782687bd738e34f152c6532bed28f4961f344f26c47a731017152a250f41e6cfa44eba2d4e480cf210d52b1d143f941983506606ce5fce11743599e7225fd7c414969c948785dd1d5ec37eda16149c8d7c3aee4641fd76098189b5061d5b49702b", 0xdc}], 0x3, 0x7fffffff, 0x4, 0x14)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
ioctl$BTRFS_IOC_QGROUP_CREATE(r0, 0x4010942a, &(0x7f00000000c0)={0x0, 0x6})
openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x1f012, r4, 0x0)

[ 3508.259727]  kmem_cache_alloc+0x5b/0x310
[ 3508.260987]  ? mark_held_locks+0x9e/0xe0
[ 3508.261933]  create_object.isra.0+0x3a/0xa30
[ 3508.262950]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3508.264137]  kmem_cache_alloc+0x159/0x310
[ 3508.265116]  xas_alloc+0x336/0x440
[ 3508.265943]  xas_create+0x34a/0x10d0
[ 3508.266823]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3508.268036]  xas_store+0x8c/0x1c40
[ 3508.268885]  __xa_store+0x164/0x2d0
[ 3508.269731]  ? xa_delete_node+0x280/0x280
[ 3508.270698]  ? trace_hardirqs_on+0x5b/0x180
[ 3508.271705]  xa_store+0x31/0x50
[ 3508.272487]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3508.273604]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3508.274815]  ? alloc_fd+0x2e7/0x670
[ 3508.275676]  io_uring_setup+0x1fbb/0x2980
[ 3508.276648]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3508.277814]  ? wait_for_completion_io+0x270/0x270
[ 3508.278954]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3508.280162]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3508.281365]  do_syscall_64+0x33/0x40
[ 3508.282229]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3508.283412] RIP: 0033:0x7f4cd02cab19
[ 3508.284275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3508.288542] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3508.290307] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3508.291958] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3508.293611] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
04:34:24 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x20)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

[ 3508.295257] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3508.297072] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:34:24 executing program 7:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0xc02c2, 0x59)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
mmap$perf(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000280))
r1 = open(&(0x7f00000000c0)='./file0\x00', 0x1811c1, 0x12)
r2 = creat(&(0x7f00000003c0)='./file0\x00', 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000040)=@FILEID_INO32_GEN_PARENT={0x10, 0x2, {{0x101, 0xfffff001}, 0x2}}, 0x300)
r4 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x100000001)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105142, 0x0)
ioctl$CDROMPAUSE(0xffffffffffffffff, 0x5301)
r5 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r6 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r5, 0x13, &(0x7f0000000100)=[r6, r6], 0x2)
ioctl$FIGETBSZ(r5, 0x2, &(0x7f0000000100))
open_by_handle_at(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYBLOB="0c000000dc58809149756aa094d4df233af2e251000024651c593c8da22e8569000000441ffd0eabb4d75aeb0b63771b7713720b26bf416f285ef4daa04c6a85dfe8625b6721d8b298a9ccae1b99168c212b8fcc7840fa918932a6973279556cde8aa43b2d3ea121a4ad8a7d76c94d19a9e2ade46f6bff256b3be35306b7675acd473ef0767bbc"], 0xa4080)
fallocate(r2, 0x0, 0x0, 0x8000)
perf_event_open(&(0x7f0000000500)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x10000, 0x7ff, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f00000001c0)={0x0, r1})

[ 3508.321276] FAULT_INJECTION: forcing a failure.
[ 3508.321276] name failslab, interval 1, probability 0, space 0, times 0
[ 3508.323997] CPU: 1 PID: 17413 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3508.325605] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3508.327524] Call Trace:
[ 3508.328137]  dump_stack+0x107/0x167
[ 3508.328988]  should_fail.cold+0x5/0xa
[ 3508.329874]  ? create_object.isra.0+0x3a/0xa30
[ 3508.330933]  should_failslab+0x5/0x20
[ 3508.331815]  kmem_cache_alloc+0x5b/0x310
[ 3508.332786]  create_object.isra.0+0x3a/0xa30
[ 3508.333802]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3508.334986]  kmem_cache_alloc+0x159/0x310
[ 3508.335957]  vm_area_dup+0x78/0x290
[ 3508.336814]  ? lock_release+0x680/0x680
[ 3508.337743]  ? mark_lock+0xf5/0x2df0
[ 3508.338617]  ? lock_chain_count+0x20/0x20
[ 3508.339582]  ? mark_lock+0xf5/0x2df0
[ 3508.340465]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3508.341681]  ? lock_chain_count+0x20/0x20
[ 3508.342655]  ? mark_lock+0xf5/0x2df0
[ 3508.343527]  ? vm_area_alloc+0x110/0x110
[ 3508.344482]  ? __lock_acquire+0x1657/0x5b00
[ 3508.345511]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3508.346730]  ? SOFTIRQ_verbose+0x10/0x10
[ 3508.347677]  ? vmacache_find+0x55/0x2a0
[ 3508.348608]  __split_vma+0xa8/0x4e0
[ 3508.349457]  __do_munmap+0x365/0x1260
[ 3508.350346]  ? arch_get_unmapped_area+0x450/0x450
[ 3508.351466]  ? lock_release+0x680/0x680
[ 3508.352402]  mmap_region+0x7cc/0x1500
[ 3508.353280]  do_mmap+0x868/0x1370
[ 3508.354077]  vm_mmap_pgoff+0x198/0x1f0
[ 3508.354968]  ? randomize_page+0xb0/0xb0
[ 3508.355895]  ksys_mmap_pgoff+0x41c/0x560
[ 3508.356823]  ? find_mergeable_anon_vma+0x250/0x250
[ 3508.357938]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3508.359123]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3508.360288]  do_syscall_64+0x33/0x40
[ 3508.361142]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3508.362306] RIP: 0033:0x7f3b78954b62
[ 3508.363148] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 3508.367591] RSP: 002b:00007f3b75eca0f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 3508.369320] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f3b78954b62
[ 3508.370916] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000
[ 3508.372524] RBP: 0000000020ffc000 R08: 0000000000000005 R09: 0000000000000000
[ 3508.374133] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200000c0
[ 3508.375733] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:34:24 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 63)

04:34:24 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 62)

04:34:24 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x20)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:34:24 executing program 3:
r0 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r0, 0x13, &(0x7f0000000100)=[r1, r1], 0x2)
ioctl$TCSETSF2(r1, 0x402c542d, &(0x7f0000000040)={0x8, 0x3, 0x0, 0xfffffffe, 0x81, "77000180000008012000", 0x0, 0x1})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r2, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r2, 0x400454cd, 0x0)
r3 = socket$inet(0x2, 0xa, 0x0)
r4 = dup3(r3, r2, 0x0)
ioctl$TUNGETFEATURES(r4, 0x800454cf, &(0x7f0000000180))
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r1, 0x80045301, &(0x7f0000000140))

04:34:24 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x3)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
r1 = signalfd4(r0, &(0x7f0000000040)={[0x6]}, 0x8, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000080)={'geneve0\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r2 = socket$inet(0x2, 0xa, 0x0)
dup3(r2, r0, 0x0)

[ 3508.596938] FAULT_INJECTION: forcing a failure.
[ 3508.596938] name failslab, interval 1, probability 0, space 0, times 0
[ 3508.598988] CPU: 0 PID: 17433 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3508.600192] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3508.601505] Call Trace:
[ 3508.601928]  dump_stack+0x107/0x167
[ 3508.602508]  should_fail.cold+0x5/0xa
[ 3508.603112]  ? anon_vma_clone+0xdc/0x590
[ 3508.603750]  should_failslab+0x5/0x20
[ 3508.604347]  kmem_cache_alloc+0x5b/0x310
[ 3508.604995]  anon_vma_clone+0xdc/0x590
[ 3508.605625]  __split_vma+0x17c/0x4e0
[ 3508.606214]  __do_munmap+0x365/0x1260
[ 3508.606825]  ? arch_get_unmapped_area+0x450/0x450
[ 3508.607465]  ? lock_release+0x680/0x680
[ 3508.608088]  mmap_region+0x7cc/0x1500
[ 3508.608713]  do_mmap+0x868/0x1370
[ 3508.609283]  vm_mmap_pgoff+0x198/0x1f0
[ 3508.609904]  ? randomize_page+0xb0/0xb0
[ 3508.610548]  ksys_mmap_pgoff+0x41c/0x560
[ 3508.611191]  ? find_mergeable_anon_vma+0x250/0x250
[ 3508.611970]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3508.612804]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3508.613623]  do_syscall_64+0x33/0x40
[ 3508.614206]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3508.615010] RIP: 0033:0x7f3b78954b62
[ 3508.615596] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 3508.618430] RSP: 002b:00007f3b75eca0f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 3508.619609] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f3b78954b62
[ 3508.620717] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000
[ 3508.621820] RBP: 0000000020ffc000 R08: 0000000000000005 R09: 0000000000000000
[ 3508.622930] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200000c0
[ 3508.624027] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3508.637919] FAULT_INJECTION: forcing a failure.
[ 3508.637919] name failslab, interval 1, probability 0, space 0, times 0
[ 3508.640768] CPU: 1 PID: 17435 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3508.642331] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3508.644202] Call Trace:
[ 3508.644812]  dump_stack+0x107/0x167
[ 3508.645636]  should_fail.cold+0x5/0xa
[ 3508.646502]  ? create_object.isra.0+0x3a/0xa30
[ 3508.647533]  should_failslab+0x5/0x20
[ 3508.648396]  kmem_cache_alloc+0x5b/0x310
[ 3508.649310]  ? mark_held_locks+0x9e/0xe0
[ 3508.650228]  create_object.isra.0+0x3a/0xa30
[ 3508.651225]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3508.652394]  kmem_cache_alloc+0x159/0x310
[ 3508.653329]  xas_alloc+0x336/0x440
[ 3508.654140]  xas_create+0x34a/0x10d0
[ 3508.654997]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3508.656179]  xas_store+0x8c/0x1c40
[ 3508.657004]  __xa_store+0x164/0x2d0
[ 3508.657834]  ? xa_delete_node+0x280/0x280
[ 3508.658780]  ? trace_hardirqs_on+0x5b/0x180
[ 3508.659757]  xa_store+0x31/0x50
[ 3508.660511]  __io_uring_add_tctx_node+0x1cf/0x520
[ 3508.661599]  ? io_uring_alloc_task_context+0x6a0/0x6a0
[ 3508.662779]  ? alloc_fd+0x2e7/0x670
[ 3508.663618]  io_uring_setup+0x1fbb/0x2980
[ 3508.664572]  ? __do_sys_io_uring_enter+0x1890/0x1890
[ 3508.665712]  ? wait_for_completion_io+0x270/0x270
[ 3508.666833]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3508.668021]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3508.669199]  do_syscall_64+0x33/0x40
[ 3508.670040]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3508.671195] RIP: 0033:0x7f4cd02cab19
[ 3508.672039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 3508.676178] RSP: 002b:00007f4ccd840108 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[ 3508.677910] RAX: ffffffffffffffda RBX: 00007f4cd03ddf60 RCX: 00007f4cd02cab19
[ 3508.679532] RDX: 0000000020ffc000 RSI: 0000000020000000 RDI: 0000000000004a77
[ 3508.681144] RBP: 0000000020000000 R08: 00000000200000c0 R09: 00000000200000c0
[ 3508.682744] R10: 0000000020000080 R11: 0000000000000202 R12: 00000000200000c0
[ 3508.684359] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:34:24 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0xff00, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:34:24 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 64)

[ 3508.715143] FAULT_INJECTION: forcing a failure.
[ 3508.715143] name failslab, interval 1, probability 0, space 0, times 0
[ 3508.717747] CPU: 1 PID: 17446 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3508.719297] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3508.721180] Call Trace:
[ 3508.721784]  dump_stack+0x107/0x167
[ 3508.722607]  should_fail.cold+0x5/0xa
[ 3508.723475]  ? create_object.isra.0+0x3a/0xa30
[ 3508.724515]  should_failslab+0x5/0x20
[ 3508.725376]  kmem_cache_alloc+0x5b/0x310
[ 3508.726300]  create_object.isra.0+0x3a/0xa30
[ 3508.727304]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3508.728466]  kmem_cache_alloc+0x159/0x310
[ 3508.729419]  anon_vma_clone+0xdc/0x590
[ 3508.730304]  __split_vma+0x17c/0x4e0
[ 3508.731150]  __do_munmap+0x365/0x1260
[ 3508.732017]  ? arch_get_unmapped_area+0x450/0x450
[ 3508.733120]  ? lock_release+0x680/0x680
[ 3508.734019]  mmap_region+0x7cc/0x1500
[ 3508.734895]  do_mmap+0x868/0x1370
[ 3508.735693]  vm_mmap_pgoff+0x198/0x1f0
[ 3508.736590]  ? randomize_page+0xb0/0xb0
[ 3508.737501]  ksys_mmap_pgoff+0x41c/0x560
[ 3508.738416]  ? find_mergeable_anon_vma+0x250/0x250
[ 3508.739530]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3508.740732]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3508.741904]  do_syscall_64+0x33/0x40
[ 3508.742751]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3508.743908] RIP: 0033:0x7f3b78954b62
[ 3508.744757] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 3508.748939] RSP: 002b:00007f3b75eca0f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 3508.750663] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f3b78954b62
[ 3508.752278] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000
[ 3508.753899] RBP: 0000000020ffc000 R08: 0000000000000005 R09: 0000000000000000
[ 3508.755514] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200000c0
[ 3508.757130] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:34:24 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 63)

04:34:24 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 65)

04:34:24 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x20)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

[ 3508.861006] FAULT_INJECTION: forcing a failure.
[ 3508.861006] name failslab, interval 1, probability 0, space 0, times 0
[ 3508.862302] CPU: 0 PID: 17454 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3508.863090] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3508.863990] Call Trace:
[ 3508.864300]  dump_stack+0x107/0x167
[ 3508.864714]  should_fail.cold+0x5/0xa
[ 3508.865134]  ? create_object.isra.0+0x3a/0xa30
[ 3508.865631]  should_failslab+0x5/0x20
[ 3508.866045]  kmem_cache_alloc+0x5b/0x310
[ 3508.866496]  create_object.isra.0+0x3a/0xa30
[ 3508.866973]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3508.867555]  __kmalloc_node+0x1ae/0x420
[ 3508.867998]  memcg_alloc_page_obj_cgroups+0x73/0x100
[ 3508.868557]  memcg_slab_post_alloc_hook+0x1f0/0x430
[ 3508.869101]  ? trace_hardirqs_on+0x5b/0x180
[ 3508.869599]  kmem_cache_alloc+0x171/0x310
[ 3508.870062]  vm_area_dup+0x78/0x290
[ 3508.870474]  ? mark_lock+0xf5/0x2df0
[ 3508.870879]  ? perf_tp_event+0x5ce/0xc00
[ 3508.871327]  ? lock_chain_count+0x20/0x20
[ 3508.871783]  ? perf_event_switch_output+0x7d0/0x7d0
[ 3508.872326]  ? lock_chain_count+0x20/0x20
[ 3508.872794]  ? mark_lock+0xf5/0x2df0
[ 3508.873201]  ? vm_area_alloc+0x110/0x110
[ 3508.873654]  ? __lock_acquire+0x1657/0x5b00
[ 3508.874145]  ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 3508.874738]  ? SOFTIRQ_verbose+0x10/0x10
[ 3508.875183]  ? vmacache_find+0x55/0x2a0
[ 3508.875620]  __split_vma+0xa8/0x4e0
[ 3508.876027]  __do_munmap+0x365/0x1260
[ 3508.876452]  ? arch_get_unmapped_area+0x450/0x450
[ 3508.876975]  ? lock_release+0x680/0x680
[ 3508.877410]  mmap_region+0x7cc/0x1500
[ 3508.877844]  do_mmap+0x868/0x1370
[ 3508.878233]  vm_mmap_pgoff+0x198/0x1f0
[ 3508.878663]  ? randomize_page+0xb0/0xb0
[ 3508.879118]  ksys_mmap_pgoff+0x41c/0x560
[ 3508.879564]  ? find_mergeable_anon_vma+0x250/0x250
[ 3508.880103]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3508.880701]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3508.881266]  do_syscall_64+0x33/0x40
[ 3508.881674]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3508.882230] RIP: 0033:0x7f3b78954b62
[ 3508.882636] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 3508.884609] RSP: 002b:00007f3b75eca0f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 3508.885437] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f3b78954b62
[ 3508.886204] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000
[ 3508.886970] RBP: 0000000020ffc000 R08: 0000000000000005 R09: 0000000000000000
[ 3508.887734] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200000c0
[ 3508.888514] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3508.904924] FAULT_INJECTION: forcing a failure.
[ 3508.904924] name failslab, interval 1, probability 0, space 0, times 0
[ 3508.906174] CPU: 0 PID: 17456 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3508.906922] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3508.907872] Call Trace:
[ 3508.908165]  dump_stack+0x107/0x167
[ 3508.908576]  should_fail.cold+0x5/0xa
[ 3508.908994]  ? anon_vma_clone+0xdc/0x590
[ 3508.909440]  should_failslab+0x5/0x20
[ 3508.909854]  kmem_cache_alloc+0x5b/0x310
[ 3508.910305]  anon_vma_clone+0xdc/0x590
[ 3508.910742]  __split_vma+0x17c/0x4e0
[ 3508.911172]  __do_munmap+0x365/0x1260
[ 3508.911592]  ? arch_get_unmapped_area+0x450/0x450
[ 3508.912118]  ? lock_release+0x680/0x680
[ 3508.912585]  mmap_region+0x7cc/0x1500
[ 3508.913026]  do_mmap+0x868/0x1370
[ 3508.913424]  vm_mmap_pgoff+0x198/0x1f0
[ 3508.913856]  ? randomize_page+0xb0/0xb0
[ 3508.914309]  ksys_mmap_pgoff+0x41c/0x560
[ 3508.914755]  ? find_mergeable_anon_vma+0x250/0x250
[ 3508.915293]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3508.915892]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3508.916472]  do_syscall_64+0x33/0x40
[ 3508.916883]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3508.917438] RIP: 0033:0x7f4cd02cab62
[ 3508.917844] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 3508.919817] RSP: 002b:00007f4ccd8400f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 3508.920687] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4cd02cab62
[ 3508.921457] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000
[ 3508.922226] RBP: 0000000020ffc000 R08: 0000000000000005 R09: 0000000000000000
[ 3508.922994] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200000c0
[ 3508.923763] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:34:25 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000200)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
ioctl$TIOCGISO7816(r2, 0x80285442, &(0x7f0000000040))
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r3 = syz_open_dev$mouse(&(0x7f0000000140), 0x2, 0x24cb83)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f0000000180)={0x20})
r5 = socket$inet(0x2, 0xa, 0x0)
dup3(r5, r0, 0x0)
r6 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r7 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r6, 0x13, &(0x7f0000000100)=[r7, r7], 0x2)
fsmount(r7, 0x1, 0x3)

04:34:25 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:34:25 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
socket$inet(0x2, 0xa, 0x3)
r1 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x43, 0x2)
r2 = socket$inet(0x2, 0x5, 0x9)
dup3(r2, r1, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x100, 0x0)

04:34:25 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x800000, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:34:40 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x6, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
r2 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
getsockopt$sock_buf(r1, 0x1, 0x3b, &(0x7f0000000140)=""/56, &(0x7f0000000180)=0x38)
r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r2, 0x13, &(0x7f0000000100)=[r3, r3], 0x2)
ioctl$TUNSETQUEUE(r3, 0x400454d9, &(0x7f0000000100)={'vlan0\x00'})
dup3(r1, r0, 0x0)
r4 = open(&(0x7f00000000c0)='./file0\x00', 0xbe61576b07cdbb68, 0x12)
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0xf6, 0x1, 0x4, 0x5, 0x0, 0x0, 0x800c, 0x3, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffa, 0x1, @perf_config_ext={0x0, 0x7ff}, 0x10042, 0x8, 0x9, 0x9, 0x54, 0x401, 0x7, 0x0, 0x7ff, 0x0, 0x7}, 0xffffffffffffffff, 0xe, r4, 0x0)

04:34:40 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0xf0ff7f, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:34:40 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 64)

04:34:40 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

04:34:40 executing program 7:
mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f0000ffc000/0x4000)=nil)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r0, 0x13, &(0x7f0000000100)=[r1, r1], 0x2)
mmap(&(0x7f00000d4000/0x1000)=nil, 0x1000, 0x100000c, 0x340ecc06037cd8db, r0, 0x88030000)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0xa, &(0x7f0000000080)=0x90, 0x4)
mlock2(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0)
bind$inet6(r2, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
mlock2(&(0x7f0000731000/0x3000)=nil, 0x3000, 0x1)
r3 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
dup2(r3, r4)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
sendmsg$inet6(r2, &(0x7f00000006c0)={0x0, 0x31, &(0x7f0000000540)=[{&(0x7f0000000100)=':\x00', 0xfffffdef}], 0x1}, 0x10044008)
perf_event_open(&(0x7f0000000200)={0x0, 0x80, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x4001, 0x775f1c7054a2719d, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x3, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x9, 0x0, @perf_bp={&(0x7f00000001c0), 0x2}, 0x8000, 0x1, 0x0, 0x1, 0x7, 0x0, 0x1, 0x0, 0x8, 0x0, 0x100000000}, 0x0, 0x10, 0xffffffffffffffff, 0x8)
mbind(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2, &(0x7f00000000c0)=0x2, 0x4, 0x5)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x1f012, r5, 0x0)

04:34:40 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 66)

04:34:40 executing program 3:
dup(0xffffffffffffffff)
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
ioctl$TUNSETQUEUE(r2, 0x400454d9, &(0x7f0000000040)={'netpci0\x00'})
ioctl$TUNDETACHFILTER(r0, 0x401054d6, 0x0)
r3 = socket$inet(0x2, 0xa, 0x0)
dup3(r3, r0, 0x0)

04:34:40 executing program 0:
sendmsg$BATADV_CMD_GET_BLA_CLAIM(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYRES32=0x0], 0x4c}, 0x1, 0x0, 0x0, 0x400}, 0x10)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r1 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r2=>r1}, './file1\x00'})
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r2, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x38, r3, 0x100, 0x70bd27, 0x25dfdbff, {}, [@DEVLINK_ATTR_RATE_TX_SHARE={0xc, 0xa6, 0x7ff}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @DEVLINK_ATTR_RATE_PARENT_NODE_NAME={0xf, 0xa9, @name2}]}, 0x38}, 0x1, 0x0, 0x0, 0x24040000}, 0x4000010)
sendmsg$DEVLINK_CMD_TRAP_GET(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000800)={&(0x7f0000000640)={0x1a8, r3, 0x8, 0x70bd29, 0x25dfdbfc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}}, {@pci={{0x8}, {0x11}}, {0x1c}}, {@pci={{0x8}, {0x11}}, {0x1c}}, {@pci={{0x8}, {0x11}}, {0x1c}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}}, {@pci={{0x8}, {0x11}}, {0x1c}}]}, 0x1a8}, 0x1, 0x0, 0x0, 0x48010}, 0x8000)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x6, &(0x7f0000000580)=[{&(0x7f0000000040)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {0x0, 0x0, 0xffffffffdffffff8}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000011600)="ed41000000080000dff46552e0f4655fe0f4655f000000000000040004", 0x1d, 0x2100}, {&(0x7f0000000440)="0561df790eca9bfec0cae95e3c6933deacf001d559dc12ee5a99cf286fc3d682a1d745f5e4bd044f1d987689fd14706e6ad41bcea986c77d6c1a71c5b7e561cba16d323752ee5ffcf3188c76", 0x4c, 0x1}, {&(0x7f00000004c0)="6b2288c973bbb4d1ac464a708005e0c80701523e726f3d134c8cd05d57b10cfada4c4b9baf463f2adf1db486d2b33f16d9f209f089843437ab6df3b2c5302ee51e44c5008773dc0c06c79782518a798ed1abdc9811165ae0d6589f356263923951f1bea66dd2286b850b27e62e031c448825a519d8a8ea0059f089cbc0a3b9936de0df90750c7d70570a7328f6405c62b8a0fb0567f850e5", 0x98, 0x3}], 0x0, &(0x7f0000000100))
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000180)={'virt_wifi0\x00', &(0x7f00000003c0)=ANY=[@ANYBLOB="ecc6635c3a0000000300000000000000000000000000000000000000000000000000000000000000000000dc04f78a634a2540e85be9a7a648af00"/71]})
syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), r4)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000002c0)={{0x1, 0x1, 0x18, <r5=>r0, {0x7}}, './file0\x00'})
syz_genetlink_get_family_id$wireguard(&(0x7f0000000280), r5)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'wpan4\x00'})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'wpan1\x00'})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

[ 3524.647580] FAULT_INJECTION: forcing a failure.
[ 3524.647580] name failslab, interval 1, probability 0, space 0, times 0
[ 3524.648929] CPU: 1 PID: 17491 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3524.649730] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3524.650682] Call Trace:
[ 3524.650992]  dump_stack+0x107/0x167
[ 3524.651418]  should_fail.cold+0x5/0xa
[ 3524.651871]  ? create_object.isra.0+0x3a/0xa30
[ 3524.652397]  should_failslab+0x5/0x20
[ 3524.652846]  kmem_cache_alloc+0x5b/0x310
[ 3524.653318]  create_object.isra.0+0x3a/0xa30
[ 3524.653823]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3524.654412]  kmem_cache_alloc+0x159/0x310
[ 3524.654893]  anon_vma_clone+0xdc/0x590
[ 3524.655345]  __split_vma+0x17c/0x4e0
[ 3524.655781]  __do_munmap+0x365/0x1260
[ 3524.656223]  ? arch_get_unmapped_area+0x450/0x450
[ 3524.656786]  ? lock_release+0x680/0x680
[ 3524.657246]  mmap_region+0x7cc/0x1500
[ 3524.657693]  do_mmap+0x868/0x1370
[ 3524.658100]  vm_mmap_pgoff+0x198/0x1f0
[ 3524.658550]  ? randomize_page+0xb0/0xb0
[ 3524.659017]  ksys_mmap_pgoff+0x41c/0x560
[ 3524.659488]  ? find_mergeable_anon_vma+0x250/0x250
[ 3524.660060]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3524.660676]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3524.661274]  do_syscall_64+0x33/0x40
[ 3524.661711]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3524.662296] RIP: 0033:0x7f4cd02cab62
[ 3524.662727] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 3524.664834] RSP: 002b:00007f4ccd8400f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 3524.665703] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4cd02cab62
[ 3524.666515] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000
[ 3524.667330] RBP: 0000000020ffc000 R08: 0000000000000005 R09: 0000000000000000
[ 3524.668147] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200000c0
[ 3524.668971] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3524.676055] FAULT_INJECTION: forcing a failure.
[ 3524.676055] name failslab, interval 1, probability 0, space 0, times 0
[ 3524.679108] CPU: 0 PID: 17497 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3524.680877] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3524.682990] Call Trace:
[ 3524.683677]  dump_stack+0x107/0x167
[ 3524.684634]  should_fail.cold+0x5/0xa
[ 3524.685614]  ? create_object.isra.0+0x3a/0xa30
[ 3524.686782]  should_failslab+0x5/0x20
[ 3524.687747]  kmem_cache_alloc+0x5b/0x310
[ 3524.688816]  create_object.isra.0+0x3a/0xa30
04:34:40 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 65)

[ 3524.689880]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3524.691135]  kmem_cache_alloc+0x159/0x310
[ 3524.692030]  vm_area_alloc+0x1c/0x110
[ 3524.692857]  mmap_region+0x982/0x1500
[ 3524.693703]  do_mmap+0x868/0x1370
[ 3524.694462]  vm_mmap_pgoff+0x198/0x1f0
[ 3524.695301]  ? randomize_page+0xb0/0xb0
[ 3524.696177]  ksys_mmap_pgoff+0x41c/0x560
[ 3524.697055]  ? find_mergeable_anon_vma+0x250/0x250
[ 3524.698107]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3524.699232]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3524.700329]  do_syscall_64+0x33/0x40
[ 3524.701132]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3524.702227] RIP: 0033:0x7f3b78954b62
[ 3524.703018] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 3524.706918] RSP: 002b:00007f3b75eca0f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 3524.708548] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f3b78954b62
[ 3524.710065] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000
[ 3524.711580] RBP: 0000000020ffc000 R08: 0000000000000005 R09: 0000000000000000
[ 3524.712199] FAULT_INJECTION: forcing a failure.
[ 3524.712199] name failslab, interval 1, probability 0, space 0, times 0
[ 3524.713104] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200000c0
[ 3524.713118] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3524.716222] CPU: 1 PID: 17504 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3524.717016] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3524.717955] Call Trace:
[ 3524.718261]  dump_stack+0x107/0x167
[ 3524.718677]  should_fail.cold+0x5/0xa
[ 3524.719109]  ? vm_area_alloc+0x1c/0x110
[ 3524.719563]  should_failslab+0x5/0x20
[ 3524.719997]  kmem_cache_alloc+0x5b/0x310
[ 3524.720461]  vm_area_alloc+0x1c/0x110
[ 3524.720912]  mmap_region+0x982/0x1500
[ 3524.721354]  do_mmap+0x868/0x1370
[ 3524.721762]  vm_mmap_pgoff+0x198/0x1f0
[ 3524.722223]  ? randomize_page+0xb0/0xb0
[ 3524.722685]  ksys_mmap_pgoff+0x41c/0x560
[ 3524.723147]  ? find_mergeable_anon_vma+0x250/0x250
[ 3524.723707]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3524.724314]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3524.724909]  do_syscall_64+0x33/0x40
[ 3524.725328]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3524.725905] RIP: 0033:0x7f4cd02cab62
[ 3524.726335] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 3524.728413] RSP: 002b:00007f4ccd8400f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 3524.729298] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4cd02cab62
[ 3524.730126] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000
[ 3524.730955] RBP: 0000000020ffc000 R08: 0000000000000005 R09: 0000000000000000
[ 3524.731774] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200000c0
[ 3524.732614] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:34:56 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 66)

04:34:56 executing program 0:
r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x20010, r0, 0x0)
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0xbd9b5ec7f80c9c2e, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000240)=@IORING_OP_STATX={0x15, 0x3, 0x0, r4, &(0x7f0000000340), &(0x7f00000000c0)='./file0\x00', 0x10, 0x0, 0x1}, 0x85)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, 0x0}, 0x0)
pipe2(&(0x7f0000000040), 0x0)
syz_io_uring_setup(0x694d, &(0x7f0000000180), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = getpgrp(0x0)
pidfd_open(r6, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
io_uring_enter(r0, 0x10058ab, 0x0, 0x0, 0x0, 0x0)

04:34:56 executing program 7:
r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f00000002c0)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xfffffffffffffff8, 0xffffffffffffffff, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500"], 0x24}}, 0x0)
r2 = openat(0xffffffffffffffff, &(0x7f0000000400)='./file1\x00', 0x0, 0x4)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100))
socket$inet_tcp(0x2, 0x1, 0x0)
perf_event_open(&(0x7f0000000480)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8001, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xfffffffc, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
accept4$bt_l2cap(0xffffffffffffffff, 0x0, &(0x7f0000000280), 0x800)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20}, 0xc, 0x0}, 0x0)
connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x1, @none, 0x4}, 0xe)
pidfd_open(0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x2)

04:34:56 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x1000000, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

[ 3540.722269] FAULT_INJECTION: forcing a failure.
[ 3540.722269] name failslab, interval 1, probability 0, space 0, times 0
[ 3540.724789] CPU: 0 PID: 17528 Comm: syz-executor.5 Not tainted 5.10.253 #1
[ 3540.726258] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3540.728010] Call Trace:
[ 3540.728581]  dump_stack+0x107/0x167
[ 3540.729379]  should_fail.cold+0x5/0xa
[ 3540.730202]  ? create_object.isra.0+0x3a/0xa30
[ 3540.731169]  should_failslab+0x5/0x20
[ 3540.731978]  kmem_cache_alloc+0x5b/0x310
[ 3540.732869]  create_object.isra.0+0x3a/0xa30
[ 3540.733804]  ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 3540.734892]  kmem_cache_alloc+0x159/0x310
[ 3540.735790]  vm_area_alloc+0x1c/0x110
[ 3540.736599]  mmap_region+0x982/0x1500
[ 3540.737454]  do_mmap+0x868/0x1370
[ 3540.738222]  vm_mmap_pgoff+0x198/0x1f0
[ 3540.739074]  ? randomize_page+0xb0/0xb0
[ 3540.739964]  ksys_mmap_pgoff+0x41c/0x560
[ 3540.740840]  ? find_mergeable_anon_vma+0x250/0x250
[ 3540.741893]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3540.743010]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3540.744117]  do_syscall_64+0x33/0x40
[ 3540.744923]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3540.746005] RIP: 0033:0x7f4cd02cab62
[ 3540.746804] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 3540.750738] RSP: 002b:00007f4ccd8400f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 3540.752423] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4cd02cab62
[ 3540.753952] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000
[ 3540.755460] RBP: 0000000020ffc000 R08: 0000000000000005 R09: 0000000000000000
[ 3540.756988] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200000c0
[ 3540.758488] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3540.772757] FAULT_INJECTION: forcing a failure.
[ 3540.772757] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3540.775307] CPU: 0 PID: 17535 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3540.776774] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3540.778527] Call Trace:
[ 3540.779097]  dump_stack+0x107/0x167
[ 3540.779878]  should_fail.cold+0x5/0xa
[ 3540.780717]  __alloc_pages_nodemask+0x182/0x600
[ 3540.781717]  ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320
[ 3540.783005]  ? walk_mem_res+0x170/0x170
[ 3540.783865]  alloc_pages_current+0x187/0x280
[ 3540.784813]  pte_alloc_one+0x16/0x1a0
[ 3540.785628]  __pte_alloc+0x1d/0x330
[ 3540.786411]  remap_pfn_range_internal+0x9a3/0xf60
[ 3540.787453]  ? lookup_memtype+0x5b/0x200
[ 3540.788341]  ? apply_to_existing_page_range+0x40/0x40
[ 3540.789474]  remap_pfn_range+0xcd/0x160
[ 3540.790324]  ? remap_pfn_range_notrack+0x70/0x70
[ 3540.791324]  ? memcg_slab_post_alloc_hook+0x17a/0x430
[ 3540.792455]  io_uring_mmap+0x398/0x530
[ 3540.793306]  mmap_file+0x5e/0xe0
[ 3540.794024]  mmap_region+0xc4d/0x1500
[ 3540.794859]  do_mmap+0x868/0x1370
[ 3540.795614]  vm_mmap_pgoff+0x198/0x1f0
[ 3540.796448]  ? randomize_page+0xb0/0xb0
[ 3540.797333]  ksys_mmap_pgoff+0x41c/0x560
[ 3540.798196]  ? find_mergeable_anon_vma+0x250/0x250
[ 3540.799499]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3540.800607]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3540.801711]  do_syscall_64+0x33/0x40
[ 3540.802499]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3540.803582] RIP: 0033:0x7f3b78954b62
[ 3540.804365] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 3540.808242] RSP: 002b:00007f3b75eca0f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 3540.809868] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f3b78954b62
[ 3540.811362] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000
[ 3540.812876] RBP: 0000000020ffc000 R08: 0000000000000005 R09: 0000000000000000
[ 3540.814373] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200000c0
[ 3540.815865] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
04:34:56 executing program 1:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x80042, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r3, 0x13, &(0x7f0000000100)=[r4, r4], 0x2)
ioctl$TIOCL_PASTESEL(r4, 0x541c, &(0x7f0000000140))
r5 = accept$packet(r4, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000200)=0x14)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r5], 0x2)
ioctl$TIOCGISO7816(r2, 0x80285442, &(0x7f0000000100))
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r6 = socket$inet(0x2, 0xa, 0x0)
r7 = dup3(r6, r0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r7, 0xc018937e, &(0x7f0000000380)=ANY=[@ANYBLOB="010000000900000000000000d00be0a0356283b8a5eb0292626dfd137020943e87d98de2041b004e73df1ac68641c6d810d33d34f209a19aaedab20736122813a87c4cfaa7f4ed6c702a16153956507cb0da86507539fb2920cbdcbf4c1b448d35ab3d2eb155ee7f1a17e7c1b75c9291caf7ce7fd1d447e84f29034f6098de980f31e408896aec79266bd54b4ccdc9f269b52b53ceadc42ffab5febba4dc431ac489e2592424432c4db53aee16555a65c91ca2a3d73a049c173972365e43e81ad48f592ea504c66219279f511c5d1a8117de94497e003b0e00ab36477bb61db7a3a9e7a271c97f69c99f", @ANYRES32=r0, @ANYBLOB="00000000000000002e2f66696c65300071113e7c39f59f2495cda5da647cc91c2d52c37c946a2fbe6ac5765ab22e11b12263def7e72c3b7f2b79d5520622d6c894fe1b12a74ae881bdbaa609504d789cf5f10b7d4a36c19313a568d7f774a8cf08d8222fb9f0840c6ecd5338cf73ba49629d11c13ba5124303a7a9fc3c57d9e021bafd3f609ab30000000000"])
fcntl$setownex(r7, 0xf, &(0x7f0000000040)={0x1})

04:34:56 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 67)

04:34:56 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x0, 0x24f, 0xec1, 0x0, 0x2, "77004a6ed9dd01da1b2c8eff2600", 0x0, 0x9})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
r1 = creat(&(0x7f0000000140)='./file0\x00', 0x82)
socket$inet(0x2, 0xa, 0x0)
r2 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r3 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r5 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r4, 0x13, &(0x7f0000000100)=[r5, r5], 0x2)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, &(0x7f0000003000)={'sit0\x00', &(0x7f0000002f80)={'syztnl2\x00', <r6=>0x0, 0x4, 0xb3, 0x7f, 0x3ff, 0xa, @private2, @remote, 0x7800, 0x40, 0x800, 0x4}})
r7 = socket$packet(0x11, 0x3, 0x300)
r8 = socket$packet(0x11, 0x3, 0x300)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000004b00)={&(0x7f0000004700)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000004ac0)={&(0x7f0000004740)={0x44, 0x2b, 0x300, 0x70bd28, 0x25dfdbfe, {0xa}, [@nested={0x2d, 0x84, 0x0, 0x1, [@generic="95444722ee76f258c4ec2945dea4b4d45f70233719450f63f1c7641c08c4003159", @typed={0x8, 0x7a, 0x0, 0x0, @u32=0x3}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r9=>0x0})
setsockopt$packet_add_memb(r7, 0x107, 0x1, &(0x7f0000000040)={r9, 0x1, 0x6, @local}, 0x10)
sendmmsg$inet(r5, &(0x7f00000047c0)=[{{&(0x7f0000000180)={0x2, 0x4e24, @private=0xa010100}, 0x10, &(0x7f0000000580)=[{&(0x7f0000000200)="49579f51845c60fbf1822cb7239e045a76c9746dc6e4136dfac727c76d370d3563d92e7a8183fa39151f043ca9aabaa27d9893b8bf35f25b5111a39f0b251d95b7c878308b01f65f4845ff3559d53f1759f998d5c1994595ddb63c1a8e99291f365b3169b7ba0583888712134919bd8cd96b27d12aa2554bc3673d1f0da2ab81c106e1d826d98422475e2ce6dcabe34ba9b7b903408c4eb7a3d0772f163e17d6f8557b084b146de66b57bfb5078a3a808fcf43870ff9389a98015debb96a4f1f830176f20eb8e26364d056c3eb9b8993b5d4917df7c5637aa3b039d602", 0xdd}, {&(0x7f0000000300)="10745fafbd6f94a466eb5cfb2c4974f39e5f9638353dda9b1910db285bf4ed45e0b941027aa66fab9ddc284a3b581835877b756dca3aaae404570a7ff30d8a770bd9bea995b545f74e8ee8c8f4836bc1158b9414f3ba2a81cacd00a4fdcf7cea383d6c458034aa2e71379023a5d19e89d6de2b87d856c81e355100342bd7799be3e819f9fe8f885015813b2e26f06d90f2db4d84bd49e27fc3cb4cac57e7b1761d4d310524", 0xa5}, {&(0x7f00000003c0)="cc529aa4cebb6db7d3cdb8122be0dd549338bfd68cb0191dd2c0506254a8e3a13fbdda9ce66d41a0053e0b3d5b1c1ff91df600c081f5047bffb348ee708f963df77fbd5bc6a041b4d8170bfc6edb9a7e505f73c1c800717ced3507d371f4baa0f783e5fbb73dec5fca83a08252c10c3ee9bfe139971d14aa7a860ccc20b957f0aacba4049a8cad71c4095493a7", 0x8d}, {&(0x7f0000000480)="7be0e14a8409b6780ec04af61c0e7631d89633a1937f36da7d7ac49b9b6d30eefd2432b2db715b20a7f15d9df69716d39365f3a7ca7aa74648b90313257797f41d46a7958f72aee7e17530b0e43952b9a1610923d32f32f0655856dfde12fc82173d49a9663425d06a2155cf08b782f79fc808f556128a2f0fb105f03a16bbe19e6ff2a5caec5124804bfd44142240259a936d18acccc872176a9612fb993dc0577cd76836108d77fb36a8c3f760a0a780300a4ada3f81dde627847290c5db5aa5359fcbfe712102babaf031d6f2fde1dd7c", 0xd2}], 0x4, &(0x7f00000005c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0xfff}}], 0x18}}, {{&(0x7f0000000600)={0x2, 0x4e23, @multicast1}, 0x10, &(0x7f0000000840)=[{&(0x7f0000000640)="8ceb96bfa77796a875e9c4d29da379bd0e1cc55853eff108b75d6fe9ac31733afc624b8ae229a2d2a4cde60d9d6c4da03d41bc808819e1126c35358e24474edd29820a2f1297", 0x46}, {&(0x7f00000006c0)="5efb4f64fa7f3e2a92dbd13230e36f8d4e9bb8c087ff89bc7eba942335d04591", 0x20}, {&(0x7f0000000700)="a7356356e3faea8e1d5711abe1fd315da73dc92301eb9524094a11ff053d2cd1f53b5cfe36498932394dc59f6d06c4d3fcc26c7bf78625e5442d192f92977668762703abd3d69bdc4175779ac798ef2567ac5b316495a184e9524293aafe59a3a1805349bb650cd9e06373cddc61328bb69f2b182ca9d32153a7ad40da6d866c29f5cf73cc1b12b44791199c53d30085c91ddb84088df04360eb1b4a0c9a697b701923c083e708b6", 0xa8}, {&(0x7f00000007c0)="9668f7dfc94d9d56c1ab7eab5c964b6fae637efeb09d85487e376a3de509328916936ccd58898aa25574ae357620809dc70d247321edeecaef607b43176efb56bc94b87c0ff9de818c0a4a4c32c1ddfc877327db48298491531d63fd80679e16b18f15eba421b6f6ad4d000860c0", 0x6e}], 0x4, &(0x7f0000000880)=[@ip_retopts={{0x9c, 0x0, 0x7, {[@rr={0x7, 0xf, 0x96, [@broadcast, @local, @dev={0xac, 0x14, 0x14, 0x11}]}, @timestamp_addr={0x44, 0x34, 0xca, 0x1, 0x6, [{@multicast1, 0x6}, {@empty, 0x4}, {@private=0xa010100, 0x7}, {@broadcast, 0x140000}, {@local, 0x3}, {@local, 0x6}]}, @timestamp_addr={0x44, 0x2c, 0xdc, 0x1, 0xb, [{@dev={0xac, 0x14, 0x14, 0x13}, 0x3}, {@rand_addr=0x64010101}, {@local, 0xc74}, {@private=0xa010100, 0xfffffffd}, {@empty, 0x4}]}, @timestamp_addr={0x44, 0xc, 0xde, 0x1, 0x5, [{@multicast2, 0x8}]}, @timestamp={0x44, 0x10, 0xff, 0x0, 0x9, [0x1f, 0xffff, 0xfffffffa]}]}}}], 0xa0}}, {{&(0x7f0000000940)={0x2, 0x4e23, @local}, 0x10, &(0x7f0000000b80)=[{&(0x7f0000000980)="3557dbf73beb8e04a3cca6598a19b3739c8fa9d0a39f21b2e6b3e5e21187799cbf8eb668eddfaa0a70ba7e762289116e5733ee0980917aa1075a7a8203a0ae8602e110c9cc6b5ded628fa2ac31148272da574c77fe13d0e93c4007e2ef41f419ce39ef49b121f1a9a604a3b3cab25bb4ae812e47462d45a78eb87eeef86f5fdff0059da667b1e818ff95c969e228bad009d8f2a2f657dc971f98828706717f284148b7", 0xa3}, {&(0x7f0000000a40)="bb1c21a9", 0x4}, {&(0x7f0000000a80)="d0ff945515a452bd7fc9517bed", 0xd}, {&(0x7f0000000ac0)="07745412ec0737890f80474b13f10ce64c7846b50a309055290cd107d3da13ceec00d24cf0", 0x25}, {&(0x7f0000000b00)="972e657c5b7c00ce191582cb0c54c3c1a4cde18201a36685e1364f413a688e18cfcdefdbfcec2dc364a02863b83fe3adf3b0fc9b0bc38522d8b60a34470e542d3aeb91614931e392ae0cc21bf6f8f44df612332004274bceac13b3c3cbe1", 0x5e}], 0x5}}, {{&(0x7f0000000c00)={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x36}}, 0x10, &(0x7f0000000c40), 0x0, &(0x7f0000000c80)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0x9}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x27}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x3}}], 0x48}}, {{&(0x7f0000000d00)={0x2, 0x4e22, @loopback}, 0x10, &(0x7f0000001300)=[{&(0x7f0000000d40)="ec685161fb8137a7062333ecdb2dfa563094166dafa2f76c7ab9575cb07679f1d5c5e78aa505d342fc248e4f66d004f420b5fc98d065b5ea25662fdde6cc41825d289dc8b1ccb4405461a0d33988e8c73bd47806232faed5", 0x58}, {&(0x7f0000000dc0)="d38724248b5a581bf0cecd4d1e27a8", 0xf}, {&(0x7f0000000e00)="064ed089b25104555744966189450562ffd6d85fc2564f82ed92169b86f2683701432e7dc3bec1d83f8ebb1d8736e38e3e9725b6d0f0f4e734878c0b2da7757c4efae6c90c7ae6698452dbe5776c9fdbab210345064cfbcc04562f15ddc10386033f644269448f61a04f06543101692c5d7375a994c4d1515a983f6f3f09804f4fd1386f9e8f93a8b64537cb72d77f56927a69a5b6851323538acc742330c2d9ad3c18695ac085500402c822a82b8e675e319b05b797f77e786f62ca671be6ff5da78e7447a03ed61d04", 0xca}, {&(0x7f0000000f00)="61cf5748c045e8398435881a16d7dcce0d33809a97f4de12d71ff7f813e286fbef5951288157261ac57ea4c99760bda90fa59df1074c452a62f3e270c4a4fabec8d0d0520dbf50b2f39abc83a449517dabef3cbf0ca7d8f4176bf4d5ab11dfed02e087dc264ba3d2d5abc810c89e3b64d249d49b24e49dfc86fa24778ab098dd347a4f901de6e69c596b6a71e2ea094af4c71bdc793a18c7d159508fc6fafdf65fc3a7ec89219a91ab7ef7efb81ed4440dfd555920d716d2f87d1034088cf06cda1544d571a9ee7ad2d7a1fde380235cd420b13a25287667d27c0c17a181dfa74434e9247be9", 0xe6}, {&(0x7f0000001000)="8b677584a3da3a11400e5502222b7f2dfa54d259aac97f11122e1e1ad281", 0x1e}, {&(0x7f0000001040)="e06ec6c3d7df5711383973d90c6ea670d275e42f96e429434d0ff2835d3074d2a02ea01905b9e8cb874c7fb2eb3c8874219b3611191505c01b16e2dc122db408f9b5b2c0c9890d2ea1d4462e754d4ac4ff716ec9af805b92bb7e416ad076bdc938a815ff7380c03c686fa3621f1cd8f8db77e559ae4b375a6df9267f3cb8ed54c87296b159", 0x85}, {&(0x7f0000001100)="819e61a79938a0aec3af0744744f5056c6f2b5d9fd6e175446e3a66281f05e97c4ea1b07e5595384bd86aad5a60a279c3cec7ed6a806c6e0b297c113ba97e157643ebb3bb668603c5cf4d8c8f78ffcb0ccd23d6a2fc2639e816247b65ea0abca382989be5370ac7f2bb77cd9d5dba33d9d81cbacb7ef507e54ed11c9ead300616100568a71110bee3b26a69236ae5faea3b2a3188f9182c9c45d415852c7a702f18a275cde1db5c4d7a3f7c2c230485029b8e88469833406ed90fe007935fc051ec3a55623b26b8a25fd9cc5a62a596576611a2f67fa82d2df15494b98bcb4db2c52731f7ca795b4c24b8a9bfa62d91264eac7c97ce59b7cc172d7a302bd", 0xfe}, {&(0x7f0000001200)="74466ca99eaccfc58c17916f21a1fc508e5db2598dd25c3267f859c11f3e8d15d39a8dcd14d90b29f1f4864f83d0e673eb35bfd9ba051c948624e63a7853fc3761d11cd32e01eb583c4859", 0x4b}, {&(0x7f0000001280)="31e78125a2d70fd4cbad3fdee213eb5618", 0x11}, {&(0x7f00000012c0)="5532011bb32e475d44adbe6452", 0xd}], 0xa}}, {{0x0, 0x0, &(0x7f0000002580)=[{&(0x7f00000013c0)="a36ee4d5501de2d9f897be59e27eaf6d60b35d790135c5e84436d3aa440443e9adeb1fa6c9ef0acf10e8c9db1980610e8fe165de210096fc91276d74537afca81c3a5c46d1fcd37156a52bdb1303967d88d9463bc87f8b472a23389626ce69384cf9ebc173a4fd3b929eea3b269d0d6a5547c345e030c10002ea1fd6d04ff07a36e263659055e32e615ee49cb3060559bc18f784f1b9087e0ceb2e5058995ea6a685774de01b7d4f42d097bcd3ffa451d2cea030a7da1db2f90c573e6a038ade12b43ff067060fc03956174d55dcb2b2e0937adfd23171d3c1f55de00dd5c083ca5defeda12a1ced92cf4828beda78", 0xef}, {&(0x7f00000014c0)="b483533163421d0b421f0ac449556296d4aadf350b55283dd2c9307da383ac2a19ba7c5b447e16e5169402e845901ff874713398171c4d82f20e60ad658045a2c4e89e58ebba9be326330adce40090f2281c3dc2ac6135bbb02bc7c3267bd4d3b6351bada0110ed871d792035415d276ea0f269b7feca92a79c20738da5774729f7ef72104acdf444103cab820d72eb2891c98a7d7c4f18c127cb4ed05b552d9da2527c09d335719476805363a0c464d17f8fe27b50d9ccf9084730b04e9cba3213df30a75e2c6a4ebc624cd827630e817ecc8648ef8df4c7f76bb11993ea15d3fdbebcae02125231de1ca3a772f74536b1ee19022461f363cc98aac8290485774815cc3cc183e212dfb824badd4f0fe730e457370f058f0a5cfec1f9e557f548b5bf96305f2c9147292a2eb83bf17334efff4f5af41b577b7336831ea31e85c40ce6222aa4804cea894e67081302d8481a7fb8aaf0447e1f17c660cf8972ed74f6dcafb26ff18f707d47bc6b2cae9b9a90752fd8699a9cd3153564271b4c92fefec45eb84c4237cd4bec74b2188439319696d01f01495a81f5b832cc7afb89491ab1c2fa469eb5e0065f6b09621efae1fab22fb31f3d983f45a6c9cb3c3e58d88df77896fdf30d466b753dd4351e2b76595e2f1460780b1df12643238d7bef42df71c8a6490e3ff234fc6ab8ccf2104c2cf31cef9418009c0d0e7cf9434476bd85dd7ea0e2e314d869463e8532816c0a5559cda120fe9d5de00fa269d7fa2912f1be862256afdaf2f0fd377feb009bf44f36109233f48e161c86e549d64539212213166c871371357c40828b4b58fd749e2f97f103d184df7676e5e2e19abe208d4d95fcdcc0f8900fb40b0615b2e03822fa3d5504f3cebc037521f4a5ff402732562977c9c7ebf61343c9cd290ac3da023855c08d147158b356b2ccb672a077bb8c259bc8cf8bbdc2a37672d57a1e1b1ce6dc990d9249c89c8291d2c6bf4a6e43a58c20d40cc4a5a875ec1b28639cf9dae7bf775180aaa976eef2d34b7c382365cb7e69e254cc2b4aaca8409668a4810c59ff44e551df67bd73ccb61dea8fb29ea8fce02505ac772c60721dbdb815e63d6848cf7aafec2d2faa067d11fcc37fe985f12bcd9b3d59c02ce7d9dce68ba7df87f775b04b77c26ea216cb69f0d489a30be412b486365c22b03e58311b8beb0f4b153ace8a773dce1718bb9fd0d0358a6a5c5974e5e454879b21c331e171ef04d47495025bdb559ed1ade05e1afba5e7b92a9c71a63af7d6323d6df62924302681a12d8311435f3c96527cdbbeded0c03452fa50ca0efa972a5ed5cf9ecabae7742715e036ee937423630ff5b2ff14f7bc994c8a8d02b71058fdce715249ead3738df5bb70dfd9db1cacf757bb529bce29affbb9895de685eb911b6774bdceba35ea7fb33cd6c1d38d69133c2fb1bf32df4435d3ab31e5c7287d3ec518cc7a74ce6c1c2dbd34f22df62bae5c1690a3edb5ff46c287f657926d8e3b9b3d631cde08aa5193d8a93e7003406555cc295b19a82e3083e03dacbec96ad3bd8a3d018cbfeb783ac522336aafa971acb7d901b87dec082de352e083fcac4b3cfbdb258f581b8d481243d4643a0509bd6af463ad8af6cb34dd4ecc42c65198e0fa0f3aec085b5e810fbc477ebb8c13a32f4a56433cee3830f456cfafbf219dc5d9337d00582566cbd5a985618d0d30608dcf47f87d70f3d6d8d6ee578f2988b2e5fb120f2511ae304949163c425d93bdc1898c310ceb47cda776f32d94e9c6022b8564c413fa2d102ae2114d48a8579e07fc794adfd1a34f4efaa9655a003e9d5a3acea61f6851c82d73de6858fb33ee1f77002000ff3028e252ed780a014401e9006b9b9d2d40d76d216d369540d9b7c350c8e84c728ca65003f3db1853e6ddfa4d35b508fd13825347fb108b8f78be4d4cdbba89a0108de73c4ea3dcbd6739b2ae166a014d66b80a00829a8a79be38007bb4ab8073d928756c13f14c03d1e04902d3eb9500a716ac9fad6e6991bb89c583a236c02b0fe4c75bdf07bd13bd3f2f1a49915877bcb2a83224e6c86ab17e960ecde75ca1aa4cb02a212093403f21e26cc41c7d12735fb22e65cff56f8793ae9be2cb29b193546b311f4869a043bce1f1b00de22a7e691106a3997011b584d10c5599271e5af71f25794b9c2e67e658b2e3fd71e5b1ea2dd26eccd869f5f18c6f327b3f5be2eecad4942756177c96380a5a83bdf6baa108cc3dfa14f168ff6474de953b88e6da2553b748c7b0a85e75921b0ed2cc35c98d21d771443b80068fb98005093ed0cec4390f239dba54918ac7b19a1695cdcdb2d96a44cf8b197dca668bdc59480feeae51a2e018c604fbab2d49cd55e217b1d1a3dc1741b1599e09a42c7c19d5849754495e76d93d5f35b6d70062224855c506fab67ea13eb0750820d2c77d6095901588b6118313a7bd49bb9e15f2e9e9bc90849e5b259d0daa16561a5f133847509e8e713c118e508192e977eb1688429300b2bfcac47d5372f73834ecec2a6b72bfd0b652cb1dd78eb84e0cadce8dea20909486f648cc8ee5a5a0bb516e75cc8ac11c29edf6611cebfc9e7e679ced8c3c27e110d674e9d53e2fb44b676f05c45217fbe9d2d3eaf38484d938e28f68a901bc4690fff12f4ea04aeeecfad0760b84b43687317182c8ea414e5faf7d5b06fe4292a1682ec19874089ae7b29956ceb02090516446139cf28e25f228f9aa1f7d100b984820e27dd85c7405864fe29877b5c58ef46b288f53eb4f5935693d67d7ef4f69d9f641fb9c7292818a0232c63d01559e833c186873132e9ae404e418afa09813409b415bb8290e672e99dc126f28a485da6ef78d46acfa41af5fca5ef3f04becdacddd18160545204806267d09eeefba7cee81ac728d40c99d64a8dd03a4e4b78ecd8c8c7d9d7625695f68da9a5ac1b52a3687fe715279bd2873e1c58eb926ec2f5d8df4cb77df6998192031f77d37297a86c896c72fdfb22d91ed7ed568cb9569e4996fd480da726000da6fb82735822d1e690597532edc5ee09260295713036fab7784454983c99efb6039d1d2d6b9f78f9b67c07e631ea5b94407c78c5e9a6665af12f1675cbb3db1e08444c0c7545ff8c930f36a6782d84285ac15999d46c33ffb3f1f0d7b54627449fc2c10fe72f7844ad38654343ca82fd00089166b9a6e0e459632d9aefaf43c14c2b70153782c06a03cf6d562cbcd00b18de412f4cbc78bb89596ead9765b84d451a34d4eb2c6181d12ceed15a742806bfb8404a56e6babaef6b4a3600846fdfa48e29c6b064a927539d6293b9c184339256b2ee92ceab7342204c77cd8d060cb42640d3a52fdbdae0f97a4ffca80206bc342ba2d01fdf7da3b9e0f64ccae47fd503eb62f1e5087cc2828129d8830edeb0af05cbe3bdaf9ad5ebb381e804ad4ad2d21458100f9c0b85370e3b7eb567c879c51b2e3ad3ee164d98784b9ca8dab7da62fc376217e416933a7daa04f4a965ae2409b61c7457f37697bd25752635e4e0a505c20deb845f8d5706d5d1ac1cd7b383eceb25691b92cbeec114bf6c60eee80212967dfe081ab481458cbc7f4ae5b81d2c2999ba91e8488897aeae91baf992933a991f936f01b1c80d6440eef88ecbc40f2a728a90813a995617eafb9855698fce9a338aa74041219e34e441d2b06a9f98aafab918bee2d52d4906a35e465a84e1fa4c38be2448adf0f091c28aabfbf32affa0520dad5c414ecc537d0a6ad65b2326499e08fa45cc8ded8f2214724f105137dadebdd0439c59e47f6d7a9c88565c211d86262e81ea134f536f42c9a3bd65821b05e87c583db504d500486be8f0998ec6e23f7882c096736e75c6b2a530eeb58d01617a13dc4724d104024f61319861d9ed5ae84deccaabea632f5ce7761735f807a2fca4e2ef426ec1631f74d0b0578b9e63d20fd2d5f3fe1a00a06b61c7fc3ce359f949cbf7113f989d5229052aa26f994724f77f2e0fdc33b914bbeb2d0e05529223f3a1a0c2aa673298518dd3f659ebce3eb99fdc99e26df8985dfaf68840146f01a36fbc8de327021fdcdbb4d02dbb241b8e502c5a05d6ae77249bb42db7c5f4487db65a87564a10cfc630c8152b02d3deda4b13a9417c83c92216a5790d0459f86590028e71fe02b90178d7019b8306116ea63013a504a10cf23a45eeefc9fa694fce62e0dd597bf6f0e3900ab2f7e0c976d28cb2acd80604a0139369aea560e23162b6e23e53f49cb59092e09b967d24fd940520a8dfe3b3ff67fd7b1f89882fd4016db3af98ae012ffbcf284495132834b21d6ef8d68adce590ffeb2b79b4b16a871d719bd9d2db0367982a1321f9ec33c676fc06e9fd4c7733bb4616c68cbebcb5a4a436121799bac0ae3afa8ab2207af976726fc63fe51c3d79f860757e992d7ab39b05425be19b6f907386482e2383e9fb790d2d0cbb3d08054e8abfa36ca425fedaebbfd0400a5f35d3c027c7a5108a1b9a754fd8dc94d55a3a9fbc830e773062fda4d9d1ed59f1b0d803b5449a1a04c4e7cf44af6c589923d2bbb441e8e69bef36b6044afc91d4349127aded421640bff3a3670577ea1ae2315cbfa53c0ac49fe02fb742dc5fc33add08b6a0a6afbf4f460453c544ad06c76dbf5967c0c05678858e227b6b095b881b0245b70a1ae851c123f26251bf947dea2e2d116b66e9b7f36e414273cd7e1fc5ce6af1377100fb8ce7628b770bf21d262b759c0cc97beb470109395f7e0f95953471afdaaa87618e08656eff0fd1f5a6419d8657026a3ce534d2e6b4b6cd950497c3478d6c026eb2b506e2c743626bcd57df4278ee7afb3b11aa8036c167aa74e7d1e49becd235db0ea5d48b2c386e3b26534aba47b14dc502a7e8296a67ccb4256efa3cae53c9446a9d722ee74f79f1ed72b6e80ad691a80ed2648b480d6a518ddfcfd03913f6f40d657b6e974501ec571bf56bf971c7153eb437cba7b22f0d33309e7f871d6ee15cb38065f3053c48e161ae0536b14dc145060cc7bd840863f0c56ad566f16a1e892f2f6ea54f4a78e5fcae07d87cc82e1a9fe95234509f30e20ef6873ef39c63cb7446e28761e8cd6b2e4d229a28e33adfdcff41089ed2b9bca99999a1ce9b9327e4bc39c67b8bb41ebda184db183a1027b6669efadef93a3c54c6bb0920d835bbbeafcb44b6b8c07d4b75b2158a740a8b88e1e62fdb8d7fee51cc753f657702250ff7f8697caec13b748fa05090776bed253f8e4cda7268c5d973c4b3bd23bc8c418d0467e3602c29a30828b762efce86c67f0d9e78c3003a1b9639d2054f9fd61b8ea2944d5bf411304c73f637ede2b4dda586cecd19c2131ec106f6140c3c651690cba002eccfc9b73e15afea1b13ba2da0da56a4de40fd26fcc80afb981d06f4736460e156c31732ad517056272122d32bc042dae17125d33fc54798706b961f16d36c1781fcef874a014cddd3cc1b0e51a5a5c13ff0830bd4fce1e96ee78da520ac48d00b911323695aef1a5429b6a350c6954e968df9d6c7bc6c2cd95d038907263378c927684dbf2ca5c1144776fe317d4a637b862b6e82e7b311165b6c17ffedd84d02b9f48a5d95f12aac790b5f6e7507fe12e332ea4e3a28b11f7fd15c254e604281b3054c30762ff0a3578f73f644d1fce7f7f07131742b2514a5d5698dc2700a461ae07c9385b4cd41614a56514f0a3ec143c6f5cc38462c13fb878969d2be3c0840165dd908b743d90fe44d40fa326db6123dc4f3ec69782f85b02d5c8829d095cbb3b30f069f9ba3a7ef", 0x1000}, {&(0x7f00000024c0)="71ca32e3a3e702e664664b35869e42c30644c6388d1b3e38370fadaf1fcdeabe859c24b52d8d06d21fbabe307f9b7445abe209215232110bae2fabb3ee996cdd305033fc567df8d04b5a39dd59e511f615dfc67b89a8dea039345bf4fcecdb3c76d2a8ac365ed5fd204125dfbcbce0b8de3230e7b578911c0f964bf5386b58088bab06be628e23ff648dbed35ec79835f093b330a0d46e2a5362c2463638fb1f2d597cbd08cc073a9708255f163e3f3afa8abc6542662347fe9f2fa0", 0xbc}], 0x3, &(0x7f00000025c0)=[@ip_ttl={{0x14, 0x0, 0x2, 0x7fff}}], 0x18}}, {{&(0x7f0000002600)={0x2, 0x4e22, @empty}, 0x10, &(0x7f0000002ac0)=[{&(0x7f0000002640)="b756951cc9be970021c617b6ad31a4ce1989228dc6da0066517252a7de929adfb645edaa4e5947b64c303bfb01ecd0d0e64aede10cef3b79c37d0d1409cdbf4314f05bf91e524900132c2510902007da574f22344c434c13c5b0998bc0726cee6c6ba3b6bc3acd795e2075cae9892307474efb1b06474cb2a862feccbf87134b2e04cf6926737b5cb184a654d1f750ec4fc86e2638aaa0f11313c04853f8cf9833805f21dbf40d40ee0d62867a1d23b4f28a7573067e7ed89a5817a0d8973c19e2cce8131ab8b77476ae8e2d838720ac066791da572cc0c5cf3e5e2e98f681e40bc7f8adfbab4f9b5d47bb899e7610e7d3c54dd75815fb9cb72da328", 0xfc}, {&(0x7f0000002740)="7fc0c942e4fc96a5dbc6dfb756bade9b33e70691bdcee83d695d461577f82ee4aa1a4900517d69328fd947b623a3c58a8a51e7ba18d063fe1d1fd9f2ac064807b04d79cfa2af4e5085d014cd1753ca118639e129a225324ed0897cfee34c99601d373157d9772652306006abcbf87685a9b360580d2febbf7ea7baa99f9b7e54d6ba57559bb7a9ee3c1d281e7097f26bb73231eb33d072a801faf448ad999730de088d00a535e659c0bffed146e478aefc253a537edc9a", 0xb7}, {&(0x7f0000002800)="62520d69843e75e7039523a2b2326c72063648f00b939397db9c336e5396105a88a4a40d4a03aa55e407ca0fb320bdb2aa7ad50141a3b743e0c519ee208a0c583e009abccf5dc66065e25c6da30a33070f352fd3115f1a0de3c9a771ba6a03a35f14a7e96d0e3b075630e420912e73a1586642d175ecec762284975aa2c948cd1981b1ae602acdf1742fb8b7ff032bd3709790aa917d735d3f4bb9ce80b5c1c71ed099cf53c7c8ddcefef260bd337096a033ab14f1677aa759be1eb4778ca3a2b3ad895e93563befa00aa76677a10baee2b6ab8c6b4f3b20a83961", 0xdb}, {&(0x7f0000002900)="b2ba2a3c273e573680a88d2b0a851972bb2d1f05d9cda171872d2ac14ce881f91f7058", 0x23}, {&(0x7f0000002940)="50671b68c9f110b9a91482ae512d3c978c8b86c3e31f9b6aef64dace71d3f5d00456c2986645c3a6e9af489501dd769b5e375273c30a3f74afa534d072f2cecdd0d9d738a302a10dfc607919bac57bb7df844f50d5d8e8dbeb7ca58c1fb00dc6102b42e6f5f7e360292fe1b2318d982f091a15a398318811e157fdb10086ff39525af7b46fcf7f42aa3e269089a32027be48fe923e4b87cdb39bbb597698a13162103d3ca0244850735b7ca17e758b776b86afcf6e8cccda", 0xb8}, {&(0x7f0000002a00)="b7ab182bdaf99c82c4a7ab3b88e60766ea59d6514fe91ea823a9b9db0a6494c1e5a18fbcf4941b9cb5f04ae9b0da78f3c6874290f24fdd6f61d12f503cd4eafb382c0352722ebea9b9850439723bb25a251c2482093efa1b7bc0d620fc7828bb3d58f1c8bbec6346dd197ed645592b8203ede26be73cbc89f4849a16354feba93cdeae760dcb3c3fe073684026ce7064", 0x90}], 0x6, &(0x7f0000002b40)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @loopback, @dev={0xac, 0x14, 0x14, 0x1b}}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x2}}], 0x38}}, {{&(0x7f0000002b80)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10, &(0x7f0000002f00)=[{&(0x7f0000002bc0)="896957d59ae233b470faab63403b319e09a72cd58740dc0a9dd87a89bea0cdb6966590235fef8485a864749bb92bd8e6a3cb8ea66cb3907c1d", 0x39}, {&(0x7f0000002c00)="9503bb76fedbb5265ef886a78e050052ad5e0911c8e81deee9a1c6e613a5483f05de512fd57f6c0a84b279b60f1d526271da0e9067327d32394e710779dc01aa1869659c3f129720", 0x48}, {&(0x7f0000002c80)="18ba3e5fc4900d6f44819b6cd81843daa8650277a3b8b1ffdf550dd3a58316607aeabc86683c989e84d69ef3047e330a2784ee177a08c9690be5ad401420c21ebc64171f8f2030a70b19c941b77c177f536969a2c051c21fede1bdbc347128ae9735c8039bdb884fb3388e08a85fbc8b7c184e7280636affe826607fb838a5701d3c296346d04fe63fcf8b46cd70f81a86273304ebd7f0e0666e7c9afaa3581ab34241db1b96ba0046d0512a0cdb3f74d4d57e3d5d76a4a77d73", 0xba}, {&(0x7f0000002d40)="6c7ddfd2631319e9a8be339c282f684e5568139b4a263688638eb506c3c86f1d273cfbbe9b8275c881af1d78bf5e228d3143fb78484d68da2f2476cae9decb1e639c5eaf43190049fa8bc4e23dbd8822987d6969e829ca2c9f2e3300fb2db497b212e05c6d0dadb32b9fb966c9aee425f46c34089e93756173a12c5f6a772db0f8124fa6dc7439002ae3415cd26cefd00770a08d1e354670cbf41aa2", 0x9c}, {&(0x7f0000002e00)="9329aad6280cee6edc338d747912fde23f3db022ca13f69f249754b00bf09180d0644c1fd15a31cd49c6bd9682eb1342eba07461fa12c1c3797c1f3a907bad39bdda3c3459669b9c4511a6604599113572421f2519c5ce63ba57c7443d223d195a0cd193df28ba77b8f884fc9729362b1cb6c721a2f0e63c7f209ff8bc067f040331891d8395f58976c4952dbfaeef9ef75d04469997150b33684e66b3dd5082827cb6c9a3dcbde82205080b1a95788437d2f4197cd14961964db602c3bdf3e3e71b1e25f76ee87b788ba83ffc", 0xcd}], 0x5, &(0x7f0000003040)=[@ip_tos_u8={{0x11}}, @ip_retopts={{0x4c, 0x0, 0x7, {[@timestamp={0x44, 0x10, 0xa1, 0x0, 0x6, [0x4, 0x3, 0x5]}, @timestamp_prespec={0x44, 0x1c, 0xd8, 0x3, 0x9, [{@private=0xa010102, 0x2}, {@empty, 0x34}, {@initdev={0xac, 0x1e, 0x1, 0x0}}]}, @timestamp={0x44, 0x10, 0x21, 0x0, 0x8, [0x7, 0x7, 0x3]}]}}}, @ip_retopts={{0x34, 0x0, 0x7, {[@timestamp_addr={0x44, 0x24, 0xf3, 0x1, 0x1, [{@private=0xa010102, 0x9}, {@multicast2, 0x7f}, {@loopback, 0x10000}, {@multicast1, 0x1ff}]}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @multicast1, @loopback}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x7}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x9}}, @ip_retopts={{0x80, 0x0, 0x7, {[@ssrr={0x89, 0x1b, 0x4, [@multicast2, @empty, @broadcast, @multicast1, @dev={0xac, 0x14, 0x14, 0x2e}, @broadcast]}, @timestamp_addr={0x44, 0x54, 0x15, 0x1, 0x3, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x8}, {@dev={0xac, 0x14, 0x14, 0x13}, 0x1000}, {@private=0xa010102, 0xff}, {@loopback, 0x1}, {@broadcast, 0x6}, {@empty, 0x200}, {@rand_addr=0x64010100, 0x1}, {@broadcast, 0x9da7}, {@broadcast, 0x7}, {@local, 0x4}]}]}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x8de1}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0x21}}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0xd1}}], 0x1c0}}, {{&(0x7f0000003200)={0x2, 0x4e24, @private=0xa010100}, 0x10, &(0x7f0000004680)=[{&(0x7f0000003240)="e40297ba7b57373a958fd92321f61f8fcda82c09975a75810b27b130a575df54dff207c8e995ad71bb2d6274927d573e2d886933a6b7731e62682e55d0b35999d314e3c444b0b5082ccbb9d653b762cc6953aa4d3d5aabf72972c26cb24f66a81c357534005df36350944721cecfa982aae51dc962d3de6f8b40a17676c42879b0d02e17cde193f795d9011cd9eba7441874d0e0f130b021dea843a4159959000e354145ad254de4918149f0ab6376968bc93a94d5806c32d3e206f5cdcbb996e33854ae7c272ba93e94f82a1c972e374bdc6839d4fc06751faff15baa17cef62f1f58115f0520b70c2993b4e8ae20205872c3e746308ce24beb2181", 0xfc}, {&(0x7f0000003340)="af5da9376c7c5c51a34affb839d92a1b8bd2f7326035aa825f9d434e0ae93329707377cc585df118da37e08241cf687e3b42e6229b0aecebf217551e19cf7446c17d712fe5b072e25a9878007d02ff4e9573f60d4fe73c59a36deef39d351f0b8ed8385a", 0x64}, {&(0x7f00000033c0)="a7f86d25bdd1b169ea470a83da71d03ca6dea59f0cffaaa941da24984eb2ff67db3bcc4d312c1598de43d8787eb496abf1a9e9498ac89868d5da4f6df5230ce457f15a2ed7fd14333fcae01576f048727e84276bb6818421daf364ee783022c2892f1d80b5ed605d5a85bceeeba0caef8532b641f11188ff1a5550290bdbf612f3939a9ecc", 0x85}, {&(0x7f0000003480)="ad798f34d1944528f8698704e0f475318757de1db95d1dbf9b977b1e75c74a6b3d6081da92cdb07b33e6315b52cd8a", 0x2f}, {&(0x7f00000034c0)="628b4bbefc1ec97e8f70929a5ae58bcb8d4c3b93c8f7186969988c06dd5c9a62cbbe62cc4149d181756e12d9e420f634c31065e251bebfdda45eae6a26e0fb32980bb088a61f76ee334611159455afd8370541f1e48c07b3201e55624790bec939124bc3077dad610b07149e7d02e76f638ecbf56a73863ea4fba301df6e31b158bb3cc2644bb41e75a220de7ffb", 0x8e}, {&(0x7f0000003580)="f9bb327db7dc80641c9b894d7adc5b00564a764d3bd5ce186f8d85502da384d981b7db030031156fbff72bb289d60a55ea06b9815ee71a0bb85ecafc2f4332ca2009fd0ba733d23cde42e1b62530bbaed1797fba920c89ead1f58c57ebc8132019b28edd89f16f7a8113429304012198d5890ff5dc24717a29866f64b829706bcbc51fba0293e82d80cc3db128dcbaebe55d9a98e8ae2592fc4c74b4fd7cf2d58fa6a8fdcd2c1c6c97efdd1b49cf54ddfa7de13ea2620adc5c988894426bcd2aca6ce632297e13328150fb48bdc5234f045d9fe2fd663e93a36024cbc5cc01b05bad55b0f270c4b62920e413c4c365e093737c684ccd1fb7a478a5012e04a5a8650a24febeef210c684055fe8a890d768883d1b825b049a622ee4cf337c2e7dedac81bb3f3197a6e256e372f9208c81d2833b743df3bfd62a1eb0cc490cdaf82d49f9d647307d1649680f733d20a93a0bf4415e162988d0013dc5715f5f010d125c1c1f1381733f5a15279ad31df2c019949d45167b90fef2f6f74a0ed89be10847553fe7a0edbb36b3b0f6e7e0d7a9976a6bb32ae962e87f99d986c5ea16beebc7aa2c39151362a73f1c1a63c555b108fedc4679864a73be25e394859a9512f6fc72e5d728993662e2a227ab9d1ce5975886905fba80e83c41cabe1d389526f8b972596fb66d0d620a93d81662897bf1328ef9f8173e533c90305040af886764675c53a2829727e660f9f85fc609cb059edb14374ac23671e7dd5aaad63c112b879685dbfd8d068fc8535ddb101fbf9299ecf986055258182c4ec3a17016c56e91e9e2bca1edff805a2cb7af542256abf9603e818917c73847400f26711388c5cf2c1cdbee3fdaa9c9d29d2f150f1671c9c0ffdc70630a28227a2a751b6b9adb9744cd4827c29cee65b21fe77f8dfa9163ef7b1e69419931235383fb2b1d89ba374b2626580d20dcadb54be9c1a503d683b3435cf1a3c071fff48ad6e4f7674c21dcb4d5907de294e24f13d4a7a4226b97fbd0a82e303bded9e8edba4293c9a1e95436c98e4d58f5001cdd4bd8d7438cc262f0e4420f9cd23955d3bfe58fd2766bb25bdcc9ee07c22a61f4ed45fd681f328b4679d3205ce16eea3e1f1ca8b671d4020dbc288dea5b819c69270d1b2c570575c65c4fe6c73c82051faa9b2b257a77f4ec108250b4fa266d8b0fd7ce2ffca6587eaf9e9d58371aaa4f97f9aea8a75e395c1d8399de4b3da738b7c7588c1102eaae77d078a1f98e9916194d82fcb2f374f021741745511ba5634af19d4e2e170b72c0f80dfcabaf31fb2cb267bb348b3a26ab9b7f9b01409680a49455298dfb95515fbf381e5e921f049afadec76fe292d6c4c020fde5998ad7a8c9a510fbd966f320769f70e99c3c4dfc6088ac79c0d7e37185d976ef8fc0c0de91ec3b340dac7f102c76bcf2ce86e2c76297c31b26fe9c0607a4a6dbee43b9a9059698c142a23bd2173d9c2db5cee79f8258e4649218526f0319834f939695db3c02400ef86451c83d10ca3c163fb991bc2403e5c96ed57cc95d58c1d06a2b7224172c57f961ed035ee58d553a86be3a984f228758fa0af136b683c931030a05a1c4b447826270a6efba1bc62888520ee3d88403b788c6abf4e7086a5cec6436390d25969fecfaf573cc3f71afdf46d361b6fbd007f9c814aef78e46d866d15f4f1913a494b9cbbfc352b7d2515fbd01b82d2af8aa18614f9f99e1d8313f4e19aa01508120d27f4737ca59205fc3ffe3045480a830a6bf1ae3037de69bbc13cd7a5b1a10594bf64cc32f1aaa4303bbfbfc1b96627f23d2c71d4d436aa80a70b46c766e46ce6a4b8db9d81696c0791aae906cd2baadf777dc5009d28e7cd9938f33b4b48c5062c080af4ee85d287140e86ef5a429533f2de0059605ca48f38b92790fa0d648ca53277c563f8227a42a10f2068d881a453ea6e166b7a7b72f73f427f05e65029f73ee1193a7f2b36f2226be58368849802ea924da059d6281bf5f2a103f89897de51682bc239a7f6c870f615e779d8b8c0d8d4638c665ef3aef2e9181b3923876a956b2073ea8f1180edafde7c061edf0d74f59a1adf5898a07846a343e2dd3588041c83193706147588bac96b443f62103f36e8d2b64c5b30ef1705272a7b3b367b718dfbf2d1886d8d625259fa55a8fe781cc5e206b30d3a85041259991f7d083920f3babd589aca56b8333d650e9a52f1bbeb7bdb011a811e453b168bc219117fe6bc0f36ecacad60417e02e855433d4465a263e682df95fd2c4aa39b1d5c24f5a56c298c4513bbaee2a3c1ac7c4d4d06adc23321dd5e15d2fb78ad7d02a562755e48d847d669ebf064d1c64f08d64fe86f7a4d33b99494a5e28fe673efc9b485bb9ef061bdd1c237b833df608f85efaae73eb8df4049adebb168db6710f788f6c72d38df0ec9d65777dc4090c8c4377e00d45c06fbc0b2db09fb22f42d46e97b7096567d68ddb98eb6cee47e5b6aa048538c09be05cd58d8198c23d5430f12687cfadfedb441c9670a86c328aa17bd816aea7268793f9d617ff38da245f163fbad4743081bafde5607d7c1e43ba6920132be103dd14c7c65f6ce3b5072368ec56e607e81d74118b1648e4599952d0bc0b01e9b78f1ade88406f320087c14a80a77574c0716bd9e55bfe6b0cb8e5b8996c979a3d40dec1e027649882e93210529a32e2ca0286f08ffd9c9a4585c7a222776fb70bf1470a2df2bb0198b5534de5adc5d0020bbcda21b953dd27ca6e2a7b5df1bfb95f0f58be9c8b34043ed35b866704a36da5a82ebbd0c1a415c0c64e1f70c33a7b451050918d77dc391b9c00218973a53873deee21dc08c64a78c2f307cc810ef2ca584d3ab2fb9c77c1639bb087316c6b0b4ce3d4eee0006fb8e04e8e7cc08603ee06333b27f25c0e6b014ad28a1ddd40279f92c4d40fbfaac8252665995c7269ca0bb2824fa4aba9f1ac3aaae844cf5175246d5362e62127bb38375c5ad4017cadd08302fb68cb8c1d5cca97c4eab116c015f3b4ad75fed75b07b8cc4cf5a5e00155142a3671980d0489694a9898337fb6fd743d735b4ae97c8e512c1151f092ebaaa8d4e3aef5467726efa08e485325d6bc1d1e35e2e986fcf927944fc3f4382ff50cbcf6538d8efd9cad74d2208a840a8aca46e8d8960bd903a3b6529a36c14397055e635b99744026eda403fe57a7e1e3df56dea9ecccb6809a87193e56d0c1cd194c5aca7ff537041b5ec1bb972adfe68bb8bde0e1a560205e4a2472cf506fa62b9eeb6c96716f216faaf1404e76f08b7bbaa8fc0b689abe793adfcfee3d0c22bd4354963ef27f26bced7efec448e79594adef2dec91609ba0bfe3b8e0afae5aa1eeec35238568ac5ebf1bf8d2ecc0ba66f3bb679b462d9924d1366c1138aab9fc0ba3e6402326714763a0b136279aff3a8497a28fdbb76db97c7689ac10947eb3c39a5710421cd57ab802293a1e16fd25bf2dc8089e9957d2eaa267ffe240a5446d7d77e361583779df09c48475a3f9ea58bb61504664a6261a1c6c5dcb52dc6ae1ab715b8f3de9664df9455449583416f2eb0da12f3be2496513bb0a58fefc01c211d03292100466484ce930628dabfec29027e23a53618f69408164f63a28951843e1f52078bba6c55ec7d075089e61fc509f826737bd40d07e2bcb9397511d0922852527049adff2ae8508520bea54895c2ad0a7c5723e897e8df18ea124c057998b95adf4fc5c37f14013ebfc822f80ceec94dc65a72acb7f91fcc0f2f3f59ef617660647786bbeef03bc38c84d8ed01b638108485ce6d0c0132af0235d717a29435c8187f21891b135db1144f1c226b9cb8ecb8a4421d58c13a5d7ee99f01127e94415eb63efa7d5538ecff83469e1d37c4f3e791103b6c4afa495cab82420ca437e64dfcdf0cea24fec04b8d709de4ce66ac80d8f15879fe9d83fe3f1190a91e04418461b82c7bd76e0d1151c0a47a50b672f9b4798b60c412160679a68f5162db6efc700d65199cb057f70f47f7de0d9fdce342c71f95f9599240c0decd557fa03c28e255144cec5d3ad7766b7eba30f41dba79f11f9310555da2f1526bf53cc2017bbd0c0f03505a8d1752ced8e388b2105de534670aab0a0839218211afd656e040dc5422c1bce18ed4c6eaeae8af17ff0c4b0a34b8edd30b86b8590e3664a56003f054a55df846c1295c7fb60a805e4bd1d28a1fc4a91e5896be6e0be6bdd40e777d8f33dce6f006692458dab78c32f71bf00351613e68c2989f4301dd8239f75afb084a4780ac73f85053ccbd35a1f25c2894a67484e6070837caaa4355d38779d884727a0ca07ff3d09b036c29a7eed602906253fad592186597987cf887ccf670516927a90c6c56a41e3145676641b85ed1ae2cde786684bebe62aff4c592ba79a6a6b4eb3dee16822f0c7d309293fa4c78a750fd91ec2998938c9cbd5a151d01de76ee27177e3761de7b6e745f673793b4a017199fbe30a1a4521602dbb99c1751895488b35b911f41481aa7fdc95b14ea5b047d751a03e5967d123a028748b94b351c0872f3ca2c00eed0e36e22b726d8eb8d3d1131d47561f94ec4db3e9b96950a34c5e8dd21b9b77bf9af0b9a68ea2a472dfcb2ff36a97e473c2eed966ea2acf2419c02f547708c45b71593be7d2969144c7a2fafa8d068f661f2fdb9717db1afbad236fa5724593646fb428c2cbcf5dc34b56a1e6892d2ad81006b06a414fc0db88ce7d5155e04b5cf40ec6e5d06acbeb321f26917d8e62bd57d4db33e976bbcd32b9fc4f4f45ca33116a0466bacd220a5516e3b2d2812d82a827116f5b379f47ebe0aa23dea3d0ddd533054ca978c3e3b003d1df7def02fde49e25cd844f9ce3cc87097cd77998260b5dfbefc6337e682ad1af31b6fec96c8bbe325acb129364861b84c906f6451ae0658bc013ad9de45726514e51c97f62b92e5eae0c336dc3be8ca2984a24d458200d43823cffea0b53ece22ffa4cb6651508f4c76bd0cec030e8b86c6219466f7532df9e278d764df15a888ada07ec2a95d7696afd1cec70d923b580c28867276bf3dcf8cfc9d7559d82bcdb9c52f3ff41a09b90abcefd2c324bbd443c06d8a3ab4f886f7a8655e4c204e7f745960e1380837476a6550f43e6094ebb96ba4a361776faadbd23ee040ba33a7fbbe9e9ff9059d1a1fef1e4c2c45d1610bc82b7e02d27048198616cdee54512207d582b906642026c41b00b4e8476c93c1160f3697458b9bbba9f325adb52ef5568cda497625489a38a209ebd2bf9c31754b7c6ac75a4ede7225597933d94ee2e524fb000e091c76bedfb0c7065cf09d76c398056a8bfa1c7d94634df5dba6fbca28f564485dba71507459522969995f4141ece50e4f1aeb616019116978288f6c5d9ea6a1f9db76b32dadf36c520972b4ae8e4fa618802dbd88bc5b051ec40fce6d22d53652fed9652206d13b42b64c87704029ef00b471a334031cce7524f27dc108a9b8284b6629a39aa7fa4e1595ef019f18f7ccc7b470d47a9c6e6e103dbc226106965f31e1278d82f8b377b48acc55f5e49a3b91cad615cc5301976339f4de76ad7f6dd8155d1594ce59d62967810b8b51f9f3d27d2c71dab4d5dbb0846ca842e5b3e5f9c9332666c6504c7a22e9b3300b5f176cb3460ac3af3d41fbc9598824a6ec38714492ec19d7383e7c8ccc2231d8543e5de60d4a1eecc7437ae87b67f3774e4de7d2617663a0166673747264ab551a271bb6d5885bdc00445cb5ce2ed8b5a0f274c69d8a97617322c5b9fed0ae4dadfab6dcb1", 0x1000}, {&(0x7f0000004580)="66d267ee8f4ca4bae28b0260f0f364f843cf4748b21cb3a4d50b8b21a964c2bc100964b6f052d6927a7f4c2b2eaf21062a59fcea13112700fde6212dde00077abca3d7c3356ec348756d6376853e9b872fa9c71c664394d8c6d32ebdddc502dcd1de456d50fc94e9ffa4f49b86c6e78f77bd6ba7fa6268b06177f3d0bdc373e0efa8559ec1e2ecc45a313a3de37d6518156ac76af0114ca35c238fd49c7207a68084f375e188522910fd328ba26556eff40fa20792850726795c818acaa9ba082b896183614edb383d746522020eff063333d73bfe8b9e8bbcd9e8a27c549c1056445bca004cad217b62c15359df742d9c9c75", 0xf3}], 0x7, &(0x7f0000004a00)=ANY=[@ANYBLOB="1400000000000000002000020000000f5ac4ebf70400331024730a7f000000000000001c000000000000000000", @ANYRES32=r9, @ANYBLOB="ac14140fac1e00010000000028000000000000000000000007000000820af16a90848781172c440c2e83e0000002000009a900004400000000000000000000000700000007231ee0000002ac1414337f000001e0000002ac1414bbe0000001ac1e0101ac1414bb44108b90fffffffe0000005c00007fff0000000000"], 0xa8}}], 0x9, 0x0)
io_uring_register$IORING_REGISTER_FILES(r3, 0x13, &(0x7f0000000100)=[r3, 0xffffffffffffffff], 0x2)
r10 = dup3(r2, r0, 0x0)
ioctl$KDSKBLED(r10, 0x4b65, 0x400)

04:34:56 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = socket$inet(0x2, 0xa, 0x0)
dup3(r1, r0, 0x0)

[ 3540.827251] ------------[ cut here ]------------
[ 3540.828361] WARNING: CPU: 0 PID: 17535 at arch/x86/mm/pat/memtype.c:1019 get_pat_info+0x216/0x270
[ 3540.830275] Modules linked in:
[ 3540.831034] CPU: 0 PID: 17535 Comm: syz-executor.4 Not tainted 5.10.253 #1
[ 3540.832544] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3540.834360] RIP: 0010:get_pat_info+0x216/0x270
[ 3540.835376] Code: c1 ea 03 80 3c 02 00 75 71 49 89 1e eb 8e e8 51 89 2e 00 0f 0b e9 97 fe ff ff 41 bc ea ff ff ff e9 77 ff ff ff e8 3a 89 2e 00 <0f> 0b 41 bc ea ff ff ff e9 65 ff ff ff 4c 89 ff e8 15 ad 5a 00 e9
[ 3540.839313] RSP: 0018:ffff88804bd67890 EFLAGS: 00010216
[ 3540.840490] RAX: 000000000001ec61 RBX: ffff88803e097e00 RCX: ffffc9000883f000
[ 3540.846072] RDX: 0000000000040000 RSI: ffffffff81125456 RDI: 0000000000000007
[ 3540.847624] RBP: ffff88804bd67948 R08: 0000000000000000 R09: ffff88804bd67818
[ 3540.849190] R10: 0000000000000020 R11: 0000000000000001 R12: 0000000000000028
[ 3540.850732] R13: 1ffff110097acf12 R14: 0000000000000000 R15: ffff88803e097e50
[ 3540.853939] FS:  00007f3b75eca700(0000) GS:ffff88806ce00000(0000) knlGS:0000000000000000
[ 3540.855887] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 3540.857172] CR2: 000055556e544708 CR3: 000000001d2ce000 CR4: 0000000000350ef0
[ 3540.858714] Call Trace:
[ 3540.859284]  ? pgprot_writethrough+0xc0/0xc0
[ 3540.860254]  ? finish_task_switch+0x126/0x5d0
[ 3540.861265]  ? finish_task_switch+0xef/0x5d0
[ 3540.862268]  untrack_pfn+0xdc/0x240
[ 3540.863080]  ? track_pfn_insert+0x150/0x150
[ 3540.864042]  ? lock_downgrade+0x6d0/0x6d0
[ 3540.864970]  ? uprobe_munmap+0x95/0x560
[ 3540.865866]  unmap_single_vma+0x1bc/0x300
[ 3540.866809]  zap_page_range_single+0x2ce/0x450
[ 3540.867819]  ? unmap_single_vma+0x300/0x300
[ 3540.868784]  ? remap_pfn_range_internal+0xc56/0xf60
[ 3540.869902]  ? lookup_memtype+0x5b/0x200
[ 3540.870829]  ? apply_to_existing_page_range+0x40/0x40
[ 3540.872003]  remap_pfn_range+0x139/0x160
[ 3540.872921]  ? remap_pfn_range_notrack+0x70/0x70
[ 3540.873970]  ? memcg_slab_post_alloc_hook+0x17a/0x430
[ 3540.875180]  io_uring_mmap+0x398/0x530
[ 3540.876177]  mmap_file+0x5e/0xe0
[ 3540.876959]  mmap_region+0xc4d/0x1500
[ 3540.877840]  do_mmap+0x868/0x1370
[ 3540.878640]  vm_mmap_pgoff+0x198/0x1f0
[ 3540.879524]  ? randomize_page+0xb0/0xb0
[ 3540.880446]  ksys_mmap_pgoff+0x41c/0x560
[ 3540.881332]  ? find_mergeable_anon_vma+0x250/0x250
[ 3540.882445]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3540.883586]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3540.884723]  do_syscall_64+0x33/0x40
[ 3540.885550]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3540.886681] RIP: 0033:0x7f3b78954b62
[ 3540.887504] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 3540.891428] RSP: 002b:00007f3b75eca0f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 3540.893075] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f3b78954b62
[ 3540.894630] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000
[ 3540.896183] RBP: 0000000020ffc000 R08: 0000000000000005 R09: 0000000000000000
[ 3540.897745] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200000c0
[ 3540.899290] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3540.900849] irq event stamp: 1961
[ 3540.901647] hardirqs last  enabled at (1971): [<ffffffff8129bf5d>] console_unlock+0x92d/0xb40
[ 3540.903477] hardirqs last disabled at (1980): [<ffffffff8129be69>] console_unlock+0x839/0xb40
[ 3540.905310] softirqs last  enabled at (1558): [<ffffffff84001092>] asm_call_irq_on_stack+0x12/0x20
[ 3540.907214] softirqs last disabled at (1469): [<ffffffff84001092>] asm_call_irq_on_stack+0x12/0x20
[ 3540.909131] ---[ end trace 677ce40c327c3d0b ]---
[ 3540.972027] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.7'.
[ 3540.974286] device wlan1 entered promiscuous mode
04:34:57 executing program 2:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x20)
r1 = socket$inet(0x2, 0x0, 0x0)
dup3(r1, r0, 0x0)

[ 3540.988002] device wlan1 left promiscuous mode
04:34:57 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(r1, r2, &(0x7f0000000080)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f0000000c80)=[{0x0}, {&(0x7f0000000500)="f10c8d3e2a50fb779827d969264088b31c9395b770b6ca60de52d4b9b5b5bb90bd1552fb44f7f03f46ff93e74db7a7d2bb9d8757c1b99d3c60da7e38cfb7aa0689f52395556cd3a7a4864eb154d13d1c9e12aa83affda2548208e132c5a086cfcb418f6fce9ef07e1584ea1e2998d6fab9071f81e244bcd0ca3818", 0x7b}, {&(0x7f0000000600)='{', 0x1}, {0x0}, {0x0}], 0x5}, 0x0, 0x8000}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x2000000, 0x0, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

04:34:57 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 67)

04:34:57 executing program 0:
r0 = memfd_create(&(0x7f0000000000)='\x00', 0x2)
ioctl$BTRFS_IOC_SUBVOL_CREATE(r0, 0x5000940e, &(0x7f0000000040)={{}, "6e4445a46715ba643861465938c90237f614b7d2845475449ddb25685051c509300c7ae52ad7cb43d79bd8c2df9ca8bc6643dd8812770acfe78a06386d09ae3e730c8af4d15fef279276329c65f5891bb58c6288e19a0d847ce34b144cfca0e26a5488f7f4acf53d3f8ecef6bdac3f32548d15f4dac954753f80554d384ce382780b745a07418b1c010aa8fdc0e9b165bd9178819f179aa4c8112534a5d6d2e65709a697e269a2a41098cb3c38df8dde64ef8fd3b8fe579075b3533e1b10cd6b464d5e55e91f22f9975783f8f1507bdbad792b61746d9df745e4b4384dd4f965bedc5788d2aba97f6c048a86a35947db6b8cad20d410b3ad3d6596762f91caf3c7ce494d8e2ea9c231d956da583acc0db0664fa60aac57ec010c264ddeedbc8b48b9429ca7bb329c27707ff2878a32b96ad3fb01349baafa3b49bd87397e0e4ceeb7fe62f520670fac0b646fdc3c84fadd4c8d7335f70479c484f376c3143b2fa9c2426b0e6897fa569c9e3fe908bbcd2823e3ef93e69ec015fdd3c2c3d839655128e3426443112d3056f7c9b9073b38b3355889919189bb592ac6a78d0bd1c67f7af731b583c44828a25c76c20cf7eb82a97d3bbcd39fe5694b13195e85f1c61d020f4bec943ef29f2734b64103597fc5beff7042ad4bfb80b735c7ae4fb6eeba8627b6c22e612a9e26ca454bbcf92be498d76f125db7fc777794ad6c7827199d70b039a58016196420f51b243a3d0fe9937834529c98c33556fc594644028b65e4d4cfe8ac6e1e6fea984e5b5f576d229bbbb2caf1d859ec524762c521cbd26d6a472c22f814352513e50950f755e528b77e13d48cb9ac4486557012e390f23f22f1f488ef5b3cdb0add2b3fc64b32436194c6bf83ad34d67b04ee91af11ecdaa2080ec75f2a755beebfb35e6b949fa92fb1f5b96f12f9b8368e64d36845af443d2a29e880b91b328bc72b9c17268653e103d9ccc307412c73b7a87263ef62400aa072e7b210df733841d1c69eb7465432f6ea1541097d72f4756c022586d18b391906b1cdc94c0528b5f5b15fb474803208c7cd5cd3293bc45b6f1c1da251358b30b9d8b401c79442b4cc8dfa578c082d436937fd108bcdb85e112cf1a6845d48e8615475962f1ab84feeaac21faf049045493c86a3b4022323e62354c4154979238e5d7370455d76d8eabc0cfd375f1b8a1b3dd6a6519bbb89159b1aea1db472040d417e4eeb859b61adabdff141588fc8fba1e0dc5d480157bc18fc5293ec85fe3b82f21fd4a4556d8c79c3687bbfd5a43da9725a65bf1976f9316db88357a791a616217ebf051da56ba1576322fbd1b05f21edfa7da025018b40d846d048954d114163be5ddecab2a1b12e30178623fa3458857226dd46fa04aaff03086f37745b2e276f39d369be2e733e5d3a07e3c2aa983a892376ccd04300822534ee7764be4a92a5fccc973a1d7c140925fbb2c6ed8d78996b12a85c13517fc1748e177930fd75efb0b3016ea01485716b425cb82b0e9f7116e75080fe3d60b0da362c4707779eb042dacd696ea21d80a9ae21e936eb1470e7bdf2244563e3259ba71054309c53ef0b7191d7ad4fd92ad4b02ca657a9da42844281f4a7f1ad6a56252d5eb1a70ffe4c48e04fb21b7069742fa737c82d5a4b0c27ecb733ae4596d5e50702c736bea77f78a422c6f18753e03ad5ba6633d0cdc3465a8eb84f314aa245edc6394f7d29d5877e5041518c0a8931dc5c0d95ef9794d8e3b84350c21b0aba8f31c29382fbce149cfa586f3e9fac38202d2eca4020276f62ce9196b9eda177310dab2b5156bbaf3ef86c5a26087916f250308252d4d16f8440ad806b7649309b24ad9f9e580da3547a22b108c615a685028e7106f362a5286d71c59b57fca55c636af9d8eb773e9d45315df1d5300d3ef414644bc8eb06363d868c446eb534dedbc1eaeddc042a71beb240ba6f2ec8eb798c2eaddfbdc4d0a2039ef55d871d998efbcd3f095d3c926f9e69115d6ee76a769b374bc3016f6bc77307e085b3ee5236953c9ea0a98300d6743fab7cf6f070233f9ddd10423b01b9bee1dca407523fe2fce582bc525ea70839974072a3310ee867192bda72d7df3b693da420f60f2f18deffb5c33cea466f3107b83edae05fcddb34ede8bbe78a962bc628c2f654c9c744504900254515ce6fe9fadce97328912f9826cef7e0b1c93845a0f6510e6304929340b0b29b2225f1dcb083fc6d2acf7d3312c435549d582422b511354d1be030b5e03fc7cc6356e1af22d55ee06806fba582fb62430fe045b38326c3a871fd3fa7094795834153b99a96696967fbcb68398459efad86850f32012efe46411c76011e5d92be3371b7881060a0e4d5c59d9a3e55f1adbc90adff1aec939b2e72ee39e88d9eced9da6990878933d4d78922a9ac855d9ba7463a576547240645a1bf938de982d412af08980bb05534f9978cd62706fed4524ffae7019797d190bf907617772253279256d9a7184f9e47f745394bc1eb29a1791e779d8e24e2e2260399db6d615f0a5087b31908fdcc0e30fa141d0c4680d3ce1da0349d21d63962e0acc2fb567630f21bc44f2a282d6b7099812bd58996546575b3f7bb3d8c9fec62ff2fe1d9d24ef6c863c26249567b4aab70d608af2a9bf5ed9a9cc44d90ee13324cfc3eaaa03c7c3a6cbcfc3cb5f9a27f927bdbb719c3eed42410e099058ca96b079191fc4327a93718f817d48348d08d7cf58102ba2ba43652e00c05fc4740bf7586b5948ef2eeee9ed44bf9d29043d73a02d394d40b5f67aeff3cbe12af98730f86b0b0ce595a86f4c794100f7fd1d06c724aad5276164efdf593cdefc2f464cbe084439144f1b90c44707e02482bf7db3918e78e1a9a99375e5a06a2d4dc34e3daf444eb0015b9caf3937f940522c3e0a91ea86319c9326358205a3caf0b157dd1706bee880d655d13d7ce30bea17b0c8634d336b1992fbfe5463958454a704e4568bfcf06866d2ef2d29b9c597b2150e8eac963687abdf025b9b6131dbf9af471fc4dc4f80adee876863875211dab581bf31e5b6975c1db630d0ba0ba8b36c0422e77d93fb4cb85a80d4ec4d409dc7dcbc7e59a9c4bcbec2a2e64f06378856ebcbc4d66110c5459273eed6d0343e54270e8f8a36f37a271c598f36bcfcfeae1829757d528c4f9fd1769a4badd18d2f768755e3754698c8722c5da522bf6d3eeca0408e1c32d9f5e5e9677a3b55f8fa221d2310022f1f0d3f8d80cad753665df69d8e7c168842a21c0922ede2bf786e0693790ec313a6d1f11179ac536c5b550c92bf2bb1222613d14ae5454d33be23c83cf44be3d82f567f5aba95fef4f179384a988fac80772d7d834e581508b84bb103091614924fd0abc16b47dc25c15fdbe494ad4b4f02dd6f92285c54318d4b701b77c219215ab1285985c72d801c96d5472694f4e853911058b3b7610530d6195ccc5cb3fb468c240e59aedb137090c5ea499339164ae8d4f7385df3a0ee95c766ce6e85bffa7f11e74cfdb813690e1801b893520aaa45e6d014dec0e4e6166bc39b11ac3fde90adeb16e3063481f648865b985e08b82859ff7482322b972c86fcdbe3486fa7f7f6a6492bfe474d41557b56123ee1090c51ef2aa9cf14c7167b3fdacf220d032295e7fa4de769e060c911906e946b72e34b3212719960632289b777e69d1602057d0e29d17483806c3c1c66189aff68f39d874adf18ae72a51ac6b37a395623ed131ded6ba5d846e5eb0541c917702eff09e3cabbaa0863dbe1b66ac639de65485f7545f34d05995a5276ca5052ff873beea54c91a13530e50a227a81ae87e451f573fe381c081a253ca559bcb52ace25a95db82f369d388f1f6270802ad4e55d4460587a39fd4035a58c430dff339e71e7756eaf0f82c8eabd59e77f3aae185076c78a20878440fa4943413f0ce8e8291182c76433940c6eb2b6eff55d1ab77acb304e7ac9ba8272f85bd33d041da54a7be57d29602c9b645fe5059d05b9081555d125d796cdb2ef3ff0ad2d5b71ace4a92023982f749956f81ef515a53d23f51f98e74530f69f5fc2da358429670be7eed48865376d8da2895f2c7837aa0ca8712e5212328f0c69329942da027bf83ff6460bd01b1e364d89540414dcbe42100083801e28056d607ea0e21be86fe2469334ba83370b39619756c2be3882460686a93b3b8692be792f92b2271225b551d533cc0330c443db3845bb6e5f04fb79f714a5945507ed0463b41fbbdf3da254ff6cccbcabb738b0412d5e6c3f49e4c6cb7d3c8c2f2c29ae31e3feec578e4f28a93a7efb25b86a5a57059ff52a43751c277b21a287b424c2490c5a191ba8039c61f39e321bb85049d9b6ca68ecfe8cc721b8d3253cc92ab37608785797affefef57abff6bc8cd42eb2cb02496d2a125acfc01329dcb17ad1ed43a7531e5d557de4941b1960c823265caecd8de3d16ef29e380076ac84bee31def616b5930b65e979bc81127099587991d6864e7159e9e17f093f33a0b7eff6f29b2a8705fa19d5222f5298e8b27f717f6977f31fa655f54bd163f16b777657dfd6f5dada175e39dc18853ea0947d94fe31ceb7d3612d86fc29f71db87ba2ed07a0ed2ee7df4056dc1c04facb8e3decade7a599a347601ca356019c245118b371b8da15bc675d36c080eedc1600123c0bc759d643bd034ac97629af34fed96ffa0c2552ff8791e69ef9a683fb0334434c98c74fdf105480cca6dc83f6bee05c62cc4b99c8b70744c8057e2b7f5b3e80d5d77b305b00075b67f9b378b0d771d71f40a1f32554333ed972446cdd9103d98cd39046dd5d810be331ee4d3e34b2b722fdbc19b991bdad80b5160a347e91ec8238c771461561c2fcd735edee9e8d578463ac3e683fa37ce4b98b367d362671e543f57d5a454c126396826201deafac15d8ac0e63dd25433dd224daca459f0c49a759707ba49e701efe3bad2e6628a7282bd2f677576191e6b92ba8011c53372d49edb81209df488fddff8550a29527facfa62b97c7b193684c89714fba6a8d209c9b623a1cd0c7c974395807fe930b672d387c3298da56878aaa36f471b15ecbb1f115a1b6270331f83ef601cb4a6f844856ba2a045f4b4c977197f681c3f23248903f381423be1791c870ed193e5cbfc39df4144e8a9a0357ac0ffe557ce2311f92462a7717abf0f39bbfaf2ab6939e2e654ac71624a144c752a9d243d24d23c88c8b028603d93bb308e39cdfb5f27408b242713604b96efb43febb308ab908a8fa7ee08eec9f7e1756564d2a54fbab5b74db53b2249554152d8fe433437998edb7e925530608c3453cec25b8777d025f5ced7ce08e182d9f11ab4787e0b97daf79434f6139e19a26edcb60f11346d358d0f3b32cdf0278e275e738cf13159172c2c5d2edbcfd65cb3df4e8c5114a631677767a9955addf4fb2d9ed8492913d35e50cde601fd7807ea862b1965eb9feb8dfd9f4e10d032036f20a843eb7f75729e1f9028a2102a14d3396e90e3535ab0c5e4ca7954ae43f066dde7100564924199ae0b1179854112d06e10dd8c577ee567191cdbc5eb5a5977796c3e36d032c667e445a1c97f048204a4868b2a0341a6e62544309caccdeb9df883eda608bc9f0380d4279926cb22174f3d52d07a9faa99b1fd313ccc512c28334e85004e1cf3ba15238d5bd07c642626bc397eb65775407707ae20187bdd94f706bb7a5fab5cad1a302dda38af0638d004ad4df641d2aede282f3de1d9a265c6a018762f989c8d5"})
r1 = openat$null(0xffffffffffffff9c, &(0x7f0000001040), 0x3, 0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000001080), 0x400000)
pwritev2(r2, &(0x7f0000002480)=[{&(0x7f00000010c0)="1a190a74ab1bfce140152cbabc0f2c5d6340f20690ab27a97f05ce8c02ec71f2e3d42a9ce11fbb43ac1a66b2c6fe5479c1b41e894e2bbe8250539b55d1476f9969785d1458785f75dc050cbd775c96cd788c6e1fdebc63fa52be379129df6c1248f5bf8fade48d79620d53f24b8220a849b967e388bab840ca2ba5d27caaae9a6966c8e25da62acda27c371f4f66e44c5bcc1395c35f307349520f38c88cefc696eabfbdb9ad82325e9ee4a210348669685c7602ce19ec35af95e50e2e03e009f77dbc3c3bc6bdec5021a91a02680c43d90797128634614831d48ee70d17a8ce706e935c34f17caa9556820e54fea429dd5c", 0xf2}, {&(0x7f00000011c0)="c68b29ab09611417a426a679aafff43f0c76cbc0b205d4ba4eab03d3a9313714bdc7446820ceaa6a36527bbe9d218c2c7d77879a924ca1e4d3df241ec2d7a37e5606f313c030f82489c426677eb183548c1fa748629eff6b", 0x58}, {&(0x7f0000001240)="33bf253d640b524cfa6f9649f35c69742d9863ee9e861f1491b178354908b961f456f8dfc5a0ee12b71904ab1b2d7c23336abc0931bb50a14e006151dfdbf65630b44b07e9cb859bcdf8c65c39ea479564f42125c2ca403e4b0fc9fd8f3a1ebd82f4a0645430444516cca111088e79e085ff4dbf23186254e84fcaff7d90572313c14a9af51a4efbc7b0ac730a3b754ebc6b734933fa273676397e8891a8367be23c34a61fb82664fb9938514af650dcfe9b635bd6ba324ec0966ed9691e15a0897b31bdce8f7de18265acbb9e8cf1aee17733229aa1bd12184785ecd45818d56f9cbabcb388e7780efd", 0xea}, {&(0x7f0000001340)="bafe18245d05709ec3ceccdb8fe91d35a6af681e9878800dfa945a2e1abd8fbdf23bd8033d33d05960ed9262262a53591fbaccb41f9ef49ac5309e1a603e7b22bafb9c351ff3d9fe80e39a2d1ecccbaa70a73dd752f30b34f03ea1f5ea5532984e7560ce8dc8a380484062a0d9b63db9cfb7c022d31300e226c492fd82a0f2ddfb4d67b241844e48e1a9a6526abfec932937c29aece3d579db582d7f8e2147a92c2ac08adca3a7411fe8f078ffd0fcdaee88d11bd00137a9646d718885714615816fcd65a1f9ed53a1ea8503df3b4885d05fb939759d3175c2f0e1e4a5a59ddc4a280c1e45b76c838b7bcd032c7fae23abcfcab57889b956fceaeee6a72f92037c26884403f9efad2f327ccf910be0d30ee4db74b9f05d3729ec79d53da301c15c4c29121e8cb88d83c6540c33ef78dd68f60e813575478e20a556b330d09489ab9b7869d5acca71114ccb316601224e02df1a5f0dc372300573f65a5d17f1546e970fbb89d648985497870393eac17c5538a81ff3cb2cafd2943ad13723a99a2243e55886c1b287013b564475b8eafb975c41bdaa2049ee36f461c05716da1a0f4d6b2d57f61591ca7da72de0df0022a0825b75d5e48c73c7bbb5e93f5b09e62184ecc53cf6c401e9a2b98152830181333ef1c206054e1d97e70151a4f044d6feb1e4b98734c049d716d830aea4232e346d3bcd68e0ac87d287437eb09f89e999f98b3629c2bcb47e326027652fc03b3af808c579a918a7d3942e1507e256d624ebe276d814c7186978ac0f44160c1fd7fdd5a443dc5b480a6548b9b8ef8e04cf17d886b45710e94b32bd9e381ca4eca1810b1524925f52598a5bc8bd3c6cdd4c1a0377647e6135fed24f85447a4d9703d7b6a8340ae4422caec6a2c023a7b4b82d3ce653c4248d9c64f661fb8a7cc954eff805f67a5b77b7a055b682f0daa4f7339261b1841fcad1d021808c22c04bc24d25bd21632b05d06b72928313774f970150e83d7964d5b3295c8f9f7d14d89ee1a7bfd93dd8eac67c9f3c214561fcce9bf03246544d2fc63d396c1191846e0dc14cd19c5cae9ca204966652f54e4f59f5f817711021cc6fc3ff424eac7977726a145c37616b2022efbbe599ab4441aa075ea9bf66fdb99259980e514f682635dd245814098989094b5c52b5e2f25647e31c1b5cb05fe6c4d8687438671239d39acc500f6ead0dd33a1965cdca2021122ac60e0e133f8f85d559ecd49d107ac1288ebc68c2b58b2277a78c29453ca9e42de9d434ec97680881bbfa91380110abc7af715c9a524533f21727318f142865cd59cdb1c0ec6cc483d1bcb8a53fdc8411939f2423b4243dc72b7e977d762fe3d109ae9469fb7f9c576e057c4490cd883f2044b46a28376aeefa93b34917361b83392d818bc4d9251dc115f50b40f8590f599b538f42842428fe9182ebac94bb78eea3c7b1ee78194a3177465217efd1b46acdfcfd83e98725ac3f9d57939afc5e305152fb6255c3db700e699a2c78809bc964af0d8494a094ab3cfe962567d71a96ab8dd45361a0e17c0bf6d81027c483b184fb0938326d07571814c251ab325fd0f612cb232b3f33627e948e065a191bf03fb727bb1324b4eb61ce2a743465a49f66d12fdb1f04cf87eca2356513a7bad12db09035a2cd513a73e9203dd027834d64c86d839e78f1915044d67bb6aa70e37d5f111345f71f4c8ff824828cf78888f81e8659b3f68d4d6ff9e4157a0699793db878ac282e62fa2e2924f948fbc4267308d9f8c59c614ff51e2f126c25138930a8dc037c797ad34305d0b0372ceb710a207359145545a88ab442376ee1e0360f06f2b7bee38bdcb48bbea1aff0229da84760d33712e3b44cbcb12f317ca31e098e2ae529d262189253ca97fb1471ce0fb8fc3d4bd2da00bccd8304332924eb33083b71f6653648ce004527691cbd9b22951dd5a7f56d49a5c58d3ac31647bb07587eec451bfb19fb2ad9d0b06177c5afa5b4e14d6cbcc23db03751aa118afcb4705bb9e46b61213cce958cacf7c3d52ddd1076f97b36c673dbfb59106bf4d35cd2767a57d891565e1b65f78ee0707ef2919fa0991a500b212c099e44b48645f1bad4127b2a9e1976b5358ef9a7ef6dae2a50e0b5a9e95d8b672a34a40faa35820e5b1e2bb8b3888184335878397fe13af19449c7004b378be844ac3549bf8b962ed59897db80c43f082b721a40ea8fca7902725316529159f91b8b2aef1166511370973d250c776895d4e84bb5b6d09f9553030a4693770d9e94c3f10a6d0d229ffb816173d06c82a87a17c0ac17c7b3e4f7b48a4097ae8e201835f91d878a972018065dcca2ace6fd5827362246980e03bad4af218c0982965752504c2bdc74bd294981e118f9c1d3d69e29c4a8368988c4bc59c6e76c1814dfbc512fa848d0361542e400d24fda362ca78c703beae627f5a1ba8a3a10ebed21bf10aad0af36194db3c54e06b2da4ca13d04e954ed162196f3164ab28bbcac1a4935b3791d1e3e5ff2ae07e45d46aca4fa5b275c0ffeef92f9961c4904cd5700e902e81dfc414c05d940e64cda30af6bd0a4bdd2b7aa1c87888f2428f0bd241da578b3b9284743262aa0b61081bb7df26387ee15856f2a0c35339e75029698a8400e5f3ee6797c98cf7d851ad77ddd4eccefdd7c782d95f80fd6a71b5b20c5dfe8f9a1e227cea69bb597161d4c394dc2c7251bbb2fd1f7f34f184181ee69982c89a3d940502738e8e4a712391e5d4d2e5266c21b3a9471fa741c5ce2d4c644d70ac74db0db3fc5f9ba228f0eb56c5d3c48d90ecbcaddee0cbd38514978146870f0bed42c434265143bbdb5a4363bc5bed221886f8055ebfa9b2081104363119d4b4f8fe5085d72da7b5f776bee5a5238c740f888a7fb2eb5586ee4ce58384206b5654ffbb8e17469e9d22873a81f324f8fca73670f8ee1ed9ff491f16d07394eb0852a02c3727e2f02b32d3e9ea5f2b2164d682168529723dbd48a139ce8e5b1977332249794ca4937eee727f686c9f0207a8d4179d80dc65fcfc8bda5c0c28a8315af6912a6032d90eb566b5a634b37f928e330ada1d118efcbeaa8764555d9ecb737820c42428f307525b8e9843d80783e5aaae0e57a3cf32b3a8a46bcf1101f5dd4cf3dd990f25ce8edc8647c405b97b6df1564c0367984fbb93d9dd684933566609962ebf6f56989dafe30756c8fa612056d3a46fd39c45c49bf27cd92170e1f4c64e33d7f357c7d387ad1163ab0c610f7c56f91222e334146e38403390f8af7e84059dd117199594034a88e65ea9226a13ae1e0d71523740d395e9641f2603a9b239d28db95b2edfb43cbbaa8765399da1719e50872464d65b9fb4ac03be7c9c6853fa7b18ad1e3b8e85a488de00dbecf41228726c4df5437ecf44e87b2f308978982c5dde707451ca3ed552b932e41e766132f2d8bbcb41347287f80f1afade20b78f0c7fcb9a6db6b63f338b960dbccbdf1374e77c3ceeb274f822c7d8fd77d40235d7e4ab979451208240bbe00fdda4cfcd3d29fc8030348e9295b2954389907e40a5cec119a180577ea984cb850218f6b5ade460eaa0bc867c9a2f6337f535694722fe2e0d695671c74fbe57ed13a87f95538f452d85f0c4115ee447814c0d305348bdd50c34ffc50e23f81e899c2b31d47eacea9eba3b84811ff55a86752e47d46f413d3d918447423541313e8a91b78892376b534fd3ea6dd57f3c6e27fe2758bbf83d1bdb954134d83877cdf526d806d5d0af8b6b111219c4e43455cb9872396f10f9708c8e00b279d177c6670a61864b27cdc98378aaa26a3dc195943abd9915f303feaf3b2ed1a31963e17ce4b5e1013a3d044ba785448a5cf2c93ff6451bc808665abf6e2ae18724df81c19f6183124dd1a8236ead2caaf8ed3af66edf2ff01628a1f6f5eac34605551386946a8b5224cb8fb438f4accc38504f0d22ed2ade90fbb3363f54ca54a1a358d29343b0fae230d1b61dc240e851b4352a07860894795dc3fa1c389827186fa572924933bae0fd80a00edd2d57574e84932249e143c535883ead42eb5a0a567add48c2b7b80b86f1c983f11073b62335f4d8d59f8be9ff3eeafce55e08d1e03bda7ef7497b9f3c518a13d584c5c0e7e6420ab4b91def66339eb5aa08686e169e7979b67fbac1583a44226764c1afe51178a0dcff3f96469d7dc0344529df776f3705c90e203a57da5a4eefdad561860049d0df2109ae586892c14c0e128b28dfbd521ec778060db9d97eb3036cb665690a69cbbf6192b2336252440fe5eddcfbb16791d208bbe179e6697dd2c2610023444e13670b1dbf39466a68283852460d1adc4652125addea65bb2777922d9f2b2ce4d91ba59689c522d69012fcc85181d9f9d4c33290f99e0888aede4acc6bf935f0d2ef028bfaaf10f78d76b222ec509d89e7e7c5a4afe634c529dd0acd425bb0369ff5a5d608f0584b5b30dedba346de646e291ec107852fbf0e443250532c491ac24ff740ab61514f21f97ce45a741183ef3355f88e206f2346b9fdc2e48bbcc14e15c0e7fee9ce8b64aca602de6fb330296f26aaf98671683e09c4663d9f5d6e5e75066d56337f9b73c8135d2f8b2721d7b4f1b939c379a4db10e246e0f4783f8b7dd871769a37ea312ce4d47cdc636be006d72f5c45bc1cf4be4da77361367ef0b7c50cba90a5153b20ec36428d07fa2f14a138220ad0cbaee2852b1b75f35fe80e5a78b58d48809cbeac61bf50ca8e77eb69774ebd33d0034b0bea0357e0a919d4d95b32e083e35bf4e3afefe28da08c3513ce0bbed805a449bf1261e9837ab4b688c157e615899f7e8ebe1624fef3f78ae7e6a7cf1e2a8c33928300dd4e647d02a27c9501916847355c9205d5ce925e8d20f4d14b702e7c7940cb68eda65b6523089b80bccda20e90c4444dc1c47f78f62147e9b87dbfabe852d938c34898cfb55925e9d47366b646eba492180e54a7da1432bed057551049890b437185ebdae5a467ecc87913bd437ef8d55a7e2ebf463f30bbcabcaf4f02ccc9f5f57d306b2fad2dccda15e0522e8db506ba76ff7d10e21ce704df94f0109272469c5de72b38c30990b4cc2cc9c17dbe0ad8d81227601468328f0bfb94096501cab9ca864dd97e1bbab10f77dfe938e8e5b4bf827b1280cad5295a01b61e55e3d3243091079742d3074219403ddcabf52f7cc5d9dcc70156abcda14d0121ac1de94319c80fad2161abdaa5be4d890bf414dac71327bf939c0a9d9a404691f1c88b4bd6a18151092b93f232fda52eac2d2c06778e433ac7b871b581f78f196e06affe0854752edc3a4831f3c8f07ab406101737b6c1ee8650ab198381aae8973ed0eb32d0949f2abf94002f794e9d3dd37f5505751f30ee22985bebbfddab166374922bbc44702e3e1a7a56114bf505ab39a925a6af91ca96b43e3243fa1684cb446418d574737e485056a0535d036dc1fd6dbe259c2ce1fcdd1a69a74dbc086ea2830853800fd19af26a793d2888dde1ee3e25aa8d2508da5166ce04262d80ac5a2c23a03a402f4b5b8a4e8522a254a860eb2e6fb5b8cf64dde80dc832b2f7c77b12dcbde8274fc6e3e45e4dfbad935b7ea3d181b36924601eefbaa8f949730f4c0573e0e7f10ad68c8e80e6452a31d1ab18ec52d6952f14da7bf7e74764411e16af812c44cbfc2f9e974f11660dd7843b9ee20fef5d0583f9566c800c830db4d35e7bb4b9645b1b623c71dac7078aad14af7d816db5940c0b143e9bf29f6896c125b06a9817cc6eef660dfa5091ff5435491", 0x1000}, {&(0x7f0000002340)="5c807f69829f209aece4e7e7231f55bf8b7b46b3794f89ad5cb26e352b8b0bf98b62d18a7abc09", 0x27}, {&(0x7f0000002380)="1438349991b4094dec5463e16fabca4edc910a1c7a9cf308d65af09b83ff542d3d75b7e80da2a42c5b477572022b3d29766c12ba0b12c5d16403b1f3ea5c5249b34bec2599878b260299a04d789a06102904325041dfc8f7245ffdfe24760bf6e05392a1f6b3184df112e579a82222258c3fb87ff0378bbe00fd68047049b0e1505eba9f3ea29782656e3bc35b3e359608adc795de3562297ed3fd45043022bb0c74566f1ad00ceb15e9f04aa190877129faa7193645cf055b8fc8cb86cc8c015e8eb410ee266d127fe4e01d3ca9ecc84ad38b3f3a56fc03e24615d9d03ce989f524d9d86c38ea00049fa5", 0xeb}], 0x6, 0x2, 0x7fff, 0x12)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000002500)={0x20, @tick=0x7f, 0x1, {0x2, 0x1f}, 0x4, 0x2})
r3 = ioctl$TUNGETDEVNETNS(r1, 0x54e3, 0x0)
r4 = open_tree(r1, &(0x7f0000003800)='./file0\x00', 0x0)
poll(&(0x7f0000003840)=[{r2, 0x603d}, {0xffffffffffffffff, 0x200}, {r2, 0x2033}, {r3, 0x40}, {r4, 0x100}, {r2, 0x4}], 0x6, 0x0)
r5 = pidfd_getfd(0xffffffffffffffff, r0, 0x0)
r6 = openat$null(0xffffffffffffff9c, &(0x7f0000003880), 0x402040, 0x0)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000003900), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r6, &(0x7f00000039c0)={&(0x7f00000038c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000003980)={&(0x7f0000003940)={0x40, r7, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @broadcast}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x5}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x5}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000000}, 0x810)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000003a00)={0xff, 0x3, 0x0, 0x7, 0x3ff}, 0x14)
ioctl$AUTOFS_IOC_EXPIRE(r2, 0x810c9365, &(0x7f0000003a40)={{0x4, 0x5}, 0x100, './file0\x00'})
syz_genetlink_get_family_id$batadv(&(0x7f0000003b80), r4)
r8 = dup3(r5, r4, 0x0)
perf_event_open$cgroup(&(0x7f0000003c00)={0x4, 0x80, 0x20, 0x7f, 0x8, 0xaa, 0x0, 0x4, 0x2088, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000003bc0), 0x2}, 0x0, 0x80000000000, 0x1f, 0xc, 0x3f, 0x6, 0x8, 0x0, 0x7, 0x0, 0x400}, r8, 0x2, r4, 0x4)
r9 = openat$bsg(0xffffffffffffff9c, &(0x7f0000003c80), 0xe01, 0x0)
ioctl$PTP_EXTTS_REQUEST(r9, 0x40103d02, &(0x7f0000003cc0)={0x7, 0x1})

04:34:57 executing program 4:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 68)

[ 3541.072909] FAULT_INJECTION: forcing a failure.
[ 3541.072909] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 3541.075734] CPU: 0 PID: 17558 Comm: syz-executor.5 Tainted: G        W         5.10.253 #1
[ 3541.077498] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3541.079253] Call Trace:
[ 3541.079823]  dump_stack+0x107/0x167
[ 3541.080604]  should_fail.cold+0x5/0xa
[ 3541.081474]  __alloc_pages_nodemask+0x182/0x600
[ 3541.082467]  ? __alloc_pages_slowpath.constprop.0+0x2320/0x2320
[ 3541.083769]  ? walk_mem_res+0x170/0x170
[ 3541.084651]  alloc_pages_current+0x187/0x280
[ 3541.085602]  pte_alloc_one+0x16/0x1a0
[ 3541.086421]  __pte_alloc+0x1d/0x330
[ 3541.087205]  remap_pfn_range_internal+0x9a3/0xf60
[ 3541.088246]  ? lookup_memtype+0x5b/0x200
[ 3541.089148]  ? apply_to_existing_page_range+0x40/0x40
[ 3541.090286]  remap_pfn_range+0xcd/0x160
[ 3541.091133]  ? remap_pfn_range_notrack+0x70/0x70
[ 3541.092159]  ? memcg_slab_post_alloc_hook+0x17a/0x430
[ 3541.093285]  io_uring_mmap+0x398/0x530
[ 3541.094128]  mmap_file+0x5e/0xe0
[ 3541.094854]  mmap_region+0xc4d/0x1500
[ 3541.095697]  do_mmap+0x868/0x1370
[ 3541.096455]  vm_mmap_pgoff+0x198/0x1f0
[ 3541.097345]  ? randomize_page+0xb0/0xb0
[ 3541.098287]  ksys_mmap_pgoff+0x41c/0x560
[ 3541.099415]  ? find_mergeable_anon_vma+0x250/0x250
[ 3541.100782]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3541.102199]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3541.103615]  do_syscall_64+0x33/0x40
[ 3541.104667]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3541.106063] RIP: 0033:0x7f4cd02cab62
[ 3541.107080] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 3541.110184] FAULT_INJECTION: forcing a failure.
[ 3541.110184] name failslab, interval 1, probability 0, space 0, times 0
[ 3541.111707] RSP: 002b:00007f4ccd8400f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 3541.111734] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4cd02cab62
[ 3541.111748] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000
[ 3541.111772] RBP: 0000000020ffc000 R08: 0000000000000005 R09: 0000000000000000
[ 3541.120412] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200000c0
[ 3541.121933] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3541.123506] CPU: 1 PID: 17566 Comm: syz-executor.4 Tainted: G        W         5.10.253 #1
[ 3541.125387] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3541.127242] Call Trace:
[ 3541.127847]  dump_stack+0x107/0x167
[ 3541.128681]  should_fail.cold+0x5/0xa
[ 3541.129544]  ? ptlock_alloc+0x1d/0x70
[ 3541.130394]  should_failslab+0x5/0x20
[ 3541.131245]  kmem_cache_alloc+0x5b/0x310
[ 3541.132176]  ptlock_alloc+0x1d/0x70
[ 3541.133019]  pte_alloc_one+0x68/0x1a0
[ 3541.133883]  __pte_alloc+0x1d/0x330
[ 3541.134713]  remap_pfn_range_internal+0x9a3/0xf60
[ 3541.135817]  ? lookup_memtype+0x5b/0x200
[ 3541.136758]  ? apply_to_existing_page_range+0x40/0x40
[ 3541.137929]  remap_pfn_range+0xcd/0x160
[ 3541.138830]  ? remap_pfn_range_notrack+0x70/0x70
[ 3541.139895]  ? memcg_slab_post_alloc_hook+0x17a/0x430
[ 3541.141069]  io_uring_mmap+0x398/0x530
[ 3541.141950]  mmap_file+0x5e/0xe0
[ 3541.142717]  mmap_region+0xc4d/0x1500
[ 3541.143590]  do_mmap+0x868/0x1370
[ 3541.144386]  vm_mmap_pgoff+0x198/0x1f0
[ 3541.145279]  ? randomize_page+0xb0/0xb0
[ 3541.146194]  ksys_mmap_pgoff+0x41c/0x560
[ 3541.147110]  ? find_mergeable_anon_vma+0x250/0x250
[ 3541.148211]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3541.149393]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3541.150552]  do_syscall_64+0x33/0x40
[ 3541.151393]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3541.152535] RIP: 0033:0x7f3b78954b62
[ 3541.153387] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 3541.157486] RSP: 002b:00007f3b75eca0f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 3541.159185] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f3b78954b62
[ 3541.160790] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000
[ 3541.162383] RBP: 0000000020ffc000 R08: 0000000000000005 R09: 0000000000000000
[ 3541.163973] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200000c0
[ 3541.165608] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3541.175301] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3541.176862] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3541.201397] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 3541.205476] device wlan1 entered promiscuous mode
[ 3541.264947] device wlan1 left promiscuous mode
[ 3541.334922] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.7'.
04:34:57 executing program 0:
r0 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
dup3(r0, r0, 0x0)

[ 3541.375543] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3541.377180] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3541.379170] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
04:34:57 executing program 1:
r0 = syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f0000000240)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
r3 = syz_io_uring_setup(0x346d, &(0x7f0000000680), &(0x7f0000fee000/0x1000)=nil, &(0x7f0000fec000/0x14000)=nil, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
io_uring_enter(r3, 0x1ebb, 0x0, 0x1, 0x0, 0x0)
r4 = syz_open_dev$sg(&(0x7f0000000100), 0x0, 0xc0182)
ioctl$SG_NEXT_CMD_LEN(r4, 0x2283, &(0x7f0000000140)=0x87)
write$binfmt_aout(r4, &(0x7f0000000180)={{0x0, 0x0, 0x0, 0x1000000}, "", ['\x00']}, 0x120)
pipe2(&(0x7f0000000040), 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/stat\x00', 0x0, 0x0)
r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48ed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r5, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
syz_io_uring_setup(0x6efb, &(0x7f0000000080)={0x0, 0x98dc, 0x4, 0x1, 0x36c, 0x0, r3}, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ff2000/0x7000)=nil, &(0x7f00000001c0), &(0x7f0000000280))
syz_io_uring_setup(0x7d04, &(0x7f00000002c0), &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200), &(0x7f0000000140))
io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0)
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600", 0x4})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r6, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'})
ioctl$TUNSETLINK(r6, 0x400454cd, 0x0)

04:34:57 executing program 3:
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x2, "77004a6efdff0000000008002600"})
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)={'gre0\x00'})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x0)
r1 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r2 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r1, 0x13, &(0x7f0000000100)=[r2, r2], 0x2)
ioctl$TUNSETTXFILTER(r2, 0x400454d1, &(0x7f0000000200)={0x1, 0x8, [@broadcast, @multicast, @link_local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x14}, @link_local, @empty, @broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x18}]})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r2, 0xc018937c, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="0000030000000000000066696c653000"])
r3 = io_uring_setup(0x2501, &(0x7f0000000080)={0x0, 0x0, 0x2})
r4 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(r3, 0x13, &(0x7f0000000100)=[r4, r4], 0x2)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r2, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x18, <r5=>r2, {0x10000}}, './file0\x00'})
openat(r5, &(0x7f0000000180)='./file0\x00', 0x44000, 0x1)
r6 = socket$inet(0x2, 0xa, 0x0)
dup3(r6, r0, 0x0)

[ 3541.435028] sg_write: data in/out 16777180/117 bytes for SCSI command 0x0-- guessing data in;
[ 3541.435028]    program syz-executor.1 not setting count and/or reply_len properly
04:34:57 executing program 5:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x13, r0, 0x0)
mmap(&(0x7f0000234000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)
syz_io_uring_setup(0x4a77, &(0x7f0000000000)={0x0, 0xd2c1}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f00000000c0)) (fail_nth: 68)

[ 3541.488666] FAULT_INJECTION: forcing a failure.
[ 3541.488666] name failslab, interval 1, probability 0, space 0, times 0
[ 3541.491313] CPU: 0 PID: 17589 Comm: syz-executor.5 Tainted: G        W         5.10.253 #1
[ 3541.493122] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 3541.494929] Call Trace:
[ 3541.495499]  dump_stack+0x107/0x167
[ 3541.496278]  should_fail.cold+0x5/0xa
[ 3541.497108]  ? ptlock_alloc+0x1d/0x70
[ 3541.497920]  should_failslab+0x5/0x20
[ 3541.498725]  kmem_cache_alloc+0x5b/0x310
[ 3541.499604]  ptlock_alloc+0x1d/0x70
[ 3541.500389]  pte_alloc_one+0x68/0x1a0
[ 3541.501210]  __pte_alloc+0x1d/0x330
[ 3541.501994]  remap_pfn_range_internal+0x9a3/0xf60
[ 3541.503034]  ? lookup_memtype+0x5b/0x200
[ 3541.503933]  ? apply_to_existing_page_range+0x40/0x40
[ 3541.505079]  remap_pfn_range+0xcd/0x160
[ 3541.505923]  ? remap_pfn_range_notrack+0x70/0x70
[ 3541.506931]  ? memcg_slab_post_alloc_hook+0x17a/0x430
[ 3541.508035]  io_uring_mmap+0x398/0x530
[ 3541.508892]  mmap_file+0x5e/0xe0
[ 3541.509611]  mmap_region+0xc4d/0x1500
[ 3541.510459]  do_mmap+0x868/0x1370
[ 3541.511221]  vm_mmap_pgoff+0x198/0x1f0
[ 3541.512063]  ? randomize_page+0xb0/0xb0
[ 3541.512959]  ksys_mmap_pgoff+0x41c/0x560
[ 3541.513845]  ? find_mergeable_anon_vma+0x250/0x250
[ 3541.514901]  ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 3541.516021]  ? syscall_enter_from_user_mode+0x1d/0x50
[ 3541.517138]  do_syscall_64+0x33/0x40
[ 3541.517933]  entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 3541.519023] RIP: 0033:0x7f4cd02cab62
[ 3541.519824] Code: 00 00 00 00 00 0f 1f 00 41 f7 c1 ff 0f 00 00 75 27 55 48 89 fd 53 89 cb 48 85 ff 74 3b 41 89 da 48 89 ef b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 66 5b 5d c3 0f 1f 00 48 c7 c0 bc ff ff ff 64
[ 3541.523720] RSP: 002b:00007f4ccd8400f8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[ 3541.525349] RAX: ffffffffffffffda RBX: 0000000000008011 RCX: 00007f4cd02cab62
[ 3541.526865] RDX: 0000000000000003 RSI: 0000000000120140 RDI: 0000000020ffc000
[ 3541.528378] RBP: 0000000020ffc000 R08: 0000000000000005 R09: 0000000000000000
[ 3541.529902] R10: 0000000000008011 R11: 0000000000000206 R12: 00000000200000c0
[ 3541.531411] R13: 0000000020ffc000 R14: 0000000020000080 R15: 0000000020ffc000
[ 3541.559055] sg_write: data in/out 16777180/117 bytes for SCSI command 0x0-- guessing data in;
[ 3541.559055]    program syz-executor.1 not setting count and/or reply_len properly

VM DIAGNOSIS:
04:34:57  Registers:
info registers vcpu 0
RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=ffffffff822e8bcc RDI=ffffffff879fa240 RBP=ffffffff879fa200 RSP=ffff88804bd67250
R8 =0000000000000001 R9 =0000000000000003 R10=000000000000000a R11=0000000000000001
R12=0000000000000020 R13=fffffbfff0f3f495 R14=fffffbfff0f3f44a R15=dffffc0000000000
RIP=ffffffff822e8c20 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f3b75eca700 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe4300000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055556e544708 CR3=000000001d2ce000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=ffffffffffffffffffffffffffff0000 XMM05=00000000000000000000000000000000
XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000
XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=00000000000000c1 RBX=000055ad04941d60 RCX=ffffffffffffffff RDX=00007f0875554260
RSI=00000000ffffffff RDI=00007f08761a3cf0 RBP=000055ad04943428 RSP=00007ffe857c0d38
R8 =000055ad04948780 R9 =ffffffffffffff01 R10=0000000000000000 R11=0000000000000000
R12=00000000ffffffff R13=00000000fffffffa R14=000055ad04983930 R15=00000000fffffffe
RIP=00007f08761c04f9 RFL=00000202 [-------] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0033 0000000000000000 ffffffff 00a0fb00 DPL=3 CS64 [-RA]
SS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f0875553900 00000000 00000000
GS =0000 0000000000000000 00000000 00000000
LDT=0000 fffffe1900000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f08734d1c90 CR3=000000000d47e000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ffffffffffffffffffffffffffffffff XMM01=30306234386136303638616663356134
XMM02=38303062343861363036386166633561 XMM03=2f6c616e72756f6a2f676f6c2f6e7572
XMM04=00000000000000000000000000000000 XMM05=ffffffffffffffffffffffffffffffff
XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000
XMM08=44495f474f4c5359530069253d595449 XMM09=00000000000000000000000000000000
XMM10=00000000000000000020000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000