6d0 [ 2309.419534] io_setup_async_rw+0x180/0x580 [ 2309.420066] io_read+0xe98/0x11e0 [ 2309.420496] ? __lock_acquire+0x1657/0x5b00 [ 2309.421036] ? kiocb_done+0xc90/0xc90 [ 2309.421511] ? mark_lock+0xf5/0x2df0 [ 2309.421977] ? lock_chain_count+0x20/0x20 [ 2309.422518] ? __lock_acquire+0xbb1/0x5b00 [ 2309.423044] io_issue_sqe+0x2e8a/0x77b0 [ 2309.423535] ? find_held_lock+0x2c/0x110 [ 2309.424036] ? perf_trace_lock+0xac/0x490 [ 2309.424549] ? SOFTIRQ_verbose+0x10/0x10 [ 2309.425044] ? __io_arm_poll_handler+0x59b/0x9e0 [ 2309.425638] ? io_connect+0x610/0x610 [ 2309.426121] ? lock_acquire+0x197/0x470 [ 2309.426617] ? find_held_lock+0x2c/0x110 [ 2309.427126] ? __fget_files+0x2cf/0x520 [ 2309.427614] ? lock_downgrade+0x6d0/0x6d0 [ 2309.428129] __io_queue_sqe+0x90/0x9d0 [ 2309.428619] ? io_issue_sqe+0x77b0/0x77b0 [ 2309.429139] ? __fget_files+0x2f8/0x520 [ 2309.429632] ? io_prep_rw+0x7f5/0x1050 [ 2309.430119] io_submit_sqes+0x44aa/0x8610 [ 2309.430659] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2309.431272] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2309.431873] ? find_held_lock+0x2c/0x110 [ 2309.432378] ? io_submit_sqes+0x8610/0x8610 [ 2309.432922] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2309.433534] ? wait_for_completion_io+0x270/0x270 [ 2309.434134] ? rcu_read_lock_any_held+0x75/0xa0 [ 2309.434703] ? vfs_write+0x354/0xb10 [ 2309.435163] ? fput_many+0x2f/0x1a0 [ 2309.435610] ? ksys_write+0x1a9/0x260 [ 2309.436087] ? __ia32_sys_read+0xb0/0xb0 [ 2309.436591] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2309.437245] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2309.437882] do_syscall_64+0x33/0x40 [ 2309.438340] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2309.438973] RIP: 0033:0x7ff7fbbbbb19 [ 2309.439432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2309.441694] RSP: 002b:00007ff7f9131188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2309.442632] RAX: ffffffffffffffda RBX: 00007ff7fbccef60 RCX: 00007ff7fbbbbb19 [ 2309.443510] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2309.444425] RBP: 00007ff7f91311d0 R08: 0000000000000000 R09: 0000000000000000 [ 2309.445437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2309.446316] R13: 00007ffd6f9efb5f R14: 00007ff7f9131300 R15: 0000000000022000 [ 2309.458380] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2309.460407] FAULT_INJECTION: forcing a failure. [ 2309.460407] name failslab, interval 1, probability 0, space 0, times 0 [ 2309.462009] CPU: 0 PID: 12142 Comm: syz-executor.3 Not tainted 5.10.234 #1 [ 2309.462860] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2309.463861] Call Trace: [ 2309.464185] dump_stack+0x107/0x167 [ 2309.464629] should_fail.cold+0x5/0xa [ 2309.465108] ? create_object.isra.0+0x3a/0xa20 [ 2309.465670] should_failslab+0x5/0x20 [ 2309.466133] kmem_cache_alloc+0x5b/0x310 [ 2309.466641] create_object.isra.0+0x3a/0xa20 [ 2309.467178] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2309.467803] __kmalloc+0x16e/0x390 [ 2309.468241] ? lock_downgrade+0x6d0/0x6d0 [ 2309.468757] io_setup_async_rw+0x180/0x580 [ 2309.469295] io_read+0xe98/0x11e0 [ 2309.469724] ? __lock_acquire+0x1657/0x5b00 [ 2309.470271] ? kiocb_done+0xc90/0xc90 [ 2309.470735] ? mark_lock+0xf5/0x2df0 [ 2309.471204] ? lock_chain_count+0x20/0x20 [ 2309.471738] ? __lock_acquire+0xbb1/0x5b00 [ 2309.472290] io_issue_sqe+0x2e8a/0x77b0 [ 2309.472787] ? find_held_lock+0x2c/0x110 [ 2309.473304] ? perf_trace_lock+0xac/0x490 [ 2309.473905] ? SOFTIRQ_verbose+0x10/0x10 [ 2309.474507] ? __io_arm_poll_handler+0x59b/0x9e0 [ 2309.475108] ? io_connect+0x610/0x610 [ 2309.475593] ? lock_acquire+0x197/0x470 [ 2309.476101] ? find_held_lock+0x2c/0x110 [ 2309.476613] ? __fget_files+0x2cf/0x520 [ 2309.477120] ? lock_downgrade+0x6d0/0x6d0 [ 2309.477636] __io_queue_sqe+0x90/0x9d0 [ 2309.478117] ? io_issue_sqe+0x77b0/0x77b0 [ 2309.478623] ? __fget_files+0x2f8/0x520 [ 2309.479115] ? io_prep_rw+0x7f5/0x1050 [ 2309.479605] io_submit_sqes+0x44aa/0x8610 [ 2309.480142] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2309.480755] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2309.481358] ? find_held_lock+0x2c/0x110 [ 2309.481872] ? io_submit_sqes+0x8610/0x8610 [ 2309.482407] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2309.483003] ? wait_for_completion_io+0x270/0x270 [ 2309.483604] ? rcu_read_lock_any_held+0x75/0xa0 [ 2309.484173] ? vfs_write+0x354/0xb10 [ 2309.484628] ? fput_many+0x2f/0x1a0 [ 2309.485086] ? ksys_write+0x1a9/0x260 [ 2309.485552] ? __ia32_sys_read+0xb0/0xb0 [ 2309.486051] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2309.486694] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2309.487327] do_syscall_64+0x33/0x40 [ 2309.487784] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2309.488411] RIP: 0033:0x7f6d2ff1eb19 [ 2309.488865] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2309.491175] RSP: 002b:00007f6d2d494188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2309.492124] RAX: ffffffffffffffda RBX: 00007f6d30031f60 RCX: 00007f6d2ff1eb19 [ 2309.493004] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2309.493885] RBP: 00007f6d2d4941d0 R08: 0000000000000000 R09: 0000000000000000 [ 2309.494761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2309.495635] R13: 00007fffd21e992f R14: 00007f6d2d494300 R15: 0000000000022000 [ 2309.508485] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2309.524169] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:50:28 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) r2 = open(&(0x7f0000000140)='./file1\x00', 0x100, 0x38) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r2, 0x54a2) r3 = open(&(0x7f0000000100)='./cgroup/cgroup.procs\x00', 0x141000, 0x80) r4 = fsmount(r2, 0x0, 0x74) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r3, 0xc0189375, &(0x7f0000000300)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r4, @ANYBLOB="00000000000000004c2f729dd7730025"]) getsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f00000004c0)={{{@in, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@loopback}}, 0x0) getsockopt$inet_mtu(r3, 0x0, 0xa, &(0x7f0000000000), &(0x7f0000000240)=0x4) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:50:28 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:50:28 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x401f0, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:50:28 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x5, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_config_ext={0x0, 0x4}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0x2, 0xffffffffffffffff, 0x0) fallocate(r1, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:50:28 executing program 7: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = signalfd4(r0, &(0x7f00000000c0)={[0x1]}, 0x8, 0x80000) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x14810, r4, 0x8000000) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2310.019011] loop5: detected capacity change from 0 to 262144 02:50:28 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 37) [ 2310.058025] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2310.090102] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2310.108584] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:50:29 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 41) 02:50:29 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 60) 02:50:29 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x401fc, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:50:29 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f0000000340)={0x8, 0x4, 0x1, 'queue1\x00', 0x5}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000001, 0x12, r3, 0x0) [ 2310.301486] FAULT_INJECTION: forcing a failure. [ 2310.301486] name failslab, interval 1, probability 0, space 0, times 0 [ 2310.304345] CPU: 0 PID: 12175 Comm: syz-executor.3 Not tainted 5.10.234 #1 [ 2310.305938] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2310.307829] Call Trace: [ 2310.308437] dump_stack+0x107/0x167 [ 2310.309290] should_fail.cold+0x5/0xa [ 2310.310166] ? io_setup_async_rw+0x180/0x580 [ 2310.311176] should_failslab+0x5/0x20 [ 2310.312046] __kmalloc+0x72/0x390 [ 2310.312846] ? lock_downgrade+0x6d0/0x6d0 [ 2310.313812] io_setup_async_rw+0x180/0x580 [ 2310.314785] io_read+0xe98/0x11e0 [ 2310.315585] ? __lock_acquire+0x1657/0x5b00 [ 2310.316583] ? kiocb_done+0xc90/0xc90 [ 2310.317459] ? mark_lock+0xf5/0x2df0 [ 2310.318319] ? lock_chain_count+0x20/0x20 [ 2310.319318] ? __lock_acquire+0xbb1/0x5b00 [ 2310.320299] io_issue_sqe+0x2e8a/0x77b0 [ 2310.321226] ? find_held_lock+0x2c/0x110 [ 2310.322160] ? perf_trace_lock+0xac/0x490 [ 2310.323108] ? SOFTIRQ_verbose+0x10/0x10 [ 2310.324037] ? __io_arm_poll_handler+0x59b/0x9e0 [ 2310.325131] ? io_connect+0x610/0x610 [ 2310.326007] ? lock_acquire+0x197/0x470 [ 2310.326918] ? find_held_lock+0x2c/0x110 [ 2310.327853] ? __fget_files+0x2cf/0x520 [ 2310.328763] ? lock_downgrade+0x6d0/0x6d0 [ 2310.329729] __io_queue_sqe+0x90/0x9d0 [ 2310.330631] ? io_issue_sqe+0x77b0/0x77b0 [ 2310.331574] ? __fget_files+0x2f8/0x520 [ 2310.332490] ? io_prep_rw+0x7f5/0x1050 [ 2310.333402] io_submit_sqes+0x44aa/0x8610 [ 2310.334390] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2310.335530] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2310.336639] ? find_held_lock+0x2c/0x110 [ 2310.337586] ? io_submit_sqes+0x8610/0x8610 [ 2310.338584] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2310.339692] ? wait_for_completion_io+0x270/0x270 [ 2310.340795] ? rcu_read_lock_any_held+0x75/0xa0 [ 2310.341864] ? vfs_write+0x354/0xb10 [ 2310.342719] ? fput_many+0x2f/0x1a0 [ 2310.343551] ? ksys_write+0x1a9/0x260 [ 2310.344420] ? __ia32_sys_read+0xb0/0xb0 [ 2310.345358] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2310.346550] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2310.347734] do_syscall_64+0x33/0x40 [ 2310.348582] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2310.349759] RIP: 0033:0x7f6d2ff1eb19 [ 2310.350610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2310.354819] RSP: 002b:00007f6d2d494188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2310.356553] RAX: ffffffffffffffda RBX: 00007f6d30031f60 RCX: 00007f6d2ff1eb19 [ 2310.358184] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2310.359805] RBP: 00007f6d2d4941d0 R08: 0000000000000000 R09: 0000000000000000 [ 2310.361437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2310.363064] R13: 00007fffd21e992f R14: 00007f6d2d494300 R15: 0000000000022000 02:50:29 executing program 6: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='mountstats\x00') pread64(r1, &(0x7f0000000240)=""/83, 0x53, 0x200000048) r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) r3 = mmap$IORING_OFF_SQES(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1, 0x40010, r2, 0x10000000) r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$FS_IOC_GETFSMAP(r4, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r3, &(0x7f0000000480)=@IORING_OP_ACCEPT={0xd, 0x4, 0x0, 0xffffffffffffffff, &(0x7f0000000440)=0x80, &(0x7f0000000840)=@qipcrtr, 0x0, 0x0, 0x0, {0x0, r5}}, 0x81) write$binfmt_elf32(r2, &(0x7f0000000200)=ANY=[], 0x31b) fallocate(r1, 0x20, 0x5, 0x4fe) signalfd4(0xffffffffffffffff, &(0x7f0000000080)={[0x8001]}, 0x8, 0x100000) msgrcv(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="b0c8ff207300000000000000ebff00000000a7024a65f4afb58645d7653cf3775d0000140000000000000000000000000000000000c8eb98c6968371f6857938de5f105163d0fff324c161dfe955b6426ab2cc5fa78b44ba7e8175d5d66dfeb45c2cdc15f0e535749f4bf672cc1a9d900c0443c429a8d00fb81b006f73aa7b93ce2d79daea2f862f1b55b37ee8d399ddfff1823a5184fb0053d51ce94b98e4ed42b86a49bdd6885e642a4cd09da2b93c9e941bd5817e14c97657ca0064b4b7a43a492e41644d1cdd72519902138bb646612ebc517d6d5cda1d9700b3434aa7393d0717cb2756d9dc2e7df8a6f102e6c04eff03df234cd2f3376636506ff06997ad4070c52bd02ab014f583248d91fc382e21c69c214787b514365e235af6997745013a0d3c7421b7fe8339b80a75befde32c4c752f8d0d0e"], 0x26, 0x0, 0x1000) sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="3314c7e159f443f90b1aff04f119f95d3028d94a2fc37de8b95aa96d0c7aadc8095936db1b57694aa29e3ddd20c31f5539a8d7ce6bfdb32c22707cd13a6489c417", @ANYRESHEX=r0, @ANYBLOB="0b0b000000000000000001000000"], 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x0) recvmsg(r4, &(0x7f00000006c0)={&(0x7f0000000640)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x80, &(0x7f0000000f40)=[{&(0x7f0000000940)=""/165, 0xa5}, {&(0x7f0000000a00)=""/166, 0xa6}, {&(0x7f0000000ac0)=""/203, 0xcb}, {&(0x7f00000007c0)=""/114, 0x72}, {&(0x7f0000000bc0)=""/196, 0xc4}, {&(0x7f0000000cc0)=""/225, 0xe1}, {&(0x7f0000001e00)=""/4096, 0x1000}, {&(0x7f0000000dc0)=""/130, 0x82}, {&(0x7f0000000e80)=""/155, 0x9b}], 0x9, &(0x7f0000001000)=""/143, 0x8f}, 0x60010000) mount$9p_fd(0x0, &(0x7f00000005c0)='./file1\x00', &(0x7f0000000600), 0x4826, &(0x7f00000010c0)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@posixacl}, {@privport}, {@version_u}], [{@hash}, {@dont_appraise}, {@euid_gt={'euid>', 0xee01}}]}}) r7 = syz_open_dev$vcsn(&(0x7f0000000000), 0x7fff, 0x200100) ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r7, 0x80286722, &(0x7f0000000200)={&(0x7f00000004c0)=""/246, 0xf6, 0x6}) [ 2310.433693] FAULT_INJECTION: forcing a failure. [ 2310.433693] name failslab, interval 1, probability 0, space 0, times 0 [ 2310.436231] CPU: 1 PID: 12183 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2310.437490] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2310.438989] Call Trace: [ 2310.439479] dump_stack+0x107/0x167 [ 2310.440147] should_fail.cold+0x5/0xa [ 2310.440849] ? create_object.isra.0+0x3a/0xa20 [ 2310.441693] should_failslab+0x5/0x20 [ 2310.442391] kmem_cache_alloc+0x5b/0x310 [ 2310.443131] create_object.isra.0+0x3a/0xa20 [ 2310.443913] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2310.444821] kmem_cache_alloc_trace+0x151/0x320 [ 2310.445662] ? lock_downgrade+0x6d0/0x6d0 [ 2310.446408] __io_queue_sqe+0x666/0x9d0 [ 2310.447120] ? io_issue_sqe+0x77b0/0x77b0 [ 2310.447846] ? __fget_files+0x2f8/0x520 [ 2310.448552] ? io_prep_rw+0x7f5/0x1050 [ 2310.449272] io_submit_sqes+0x44aa/0x8610 [ 2310.450047] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2310.450928] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2310.451772] ? find_held_lock+0x2c/0x110 [ 2310.452493] ? io_submit_sqes+0x8610/0x8610 [ 2310.453276] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2310.454155] ? wait_for_completion_io+0x270/0x270 [ 2310.455008] ? rcu_read_lock_any_held+0x75/0xa0 [ 2310.455816] ? vfs_write+0x354/0xb10 [ 2310.456476] ? fput_many+0x2f/0x1a0 [ 2310.457133] ? ksys_write+0x1a9/0x260 [ 2310.457795] ? __ia32_sys_read+0xb0/0xb0 [ 2310.458522] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 02:50:29 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) pipe(&(0x7f0000000000)) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) [ 2310.459456] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2310.460567] do_syscall_64+0x33/0x40 [ 2310.461232] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2310.462139] RIP: 0033:0x7fc0e8027b19 [ 2310.462794] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2310.466045] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2310.467365] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2310.468609] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2310.469861] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2310.471101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2310.472357] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 [ 2310.477205] FAULT_INJECTION: forcing a failure. [ 2310.477205] name failslab, interval 1, probability 0, space 0, times 0 [ 2310.479342] CPU: 1 PID: 12184 Comm: syz-executor.0 Not tainted 5.10.234 #1 [ 2310.480546] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2310.481977] Call Trace: [ 2310.482432] dump_stack+0x107/0x167 [ 2310.483066] should_fail.cold+0x5/0xa [ 2310.483728] ? create_object.isra.0+0x3a/0xa20 [ 2310.484519] should_failslab+0x5/0x20 [ 2310.485184] kmem_cache_alloc+0x5b/0x310 [ 2310.485895] create_object.isra.0+0x3a/0xa20 [ 2310.486650] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2310.487527] kmem_cache_alloc_trace+0x151/0x320 [ 2310.488339] __io_queue_sqe+0x666/0x9d0 [ 2310.489036] ? io_issue_sqe+0x77b0/0x77b0 [ 2310.489757] ? __fget_files+0x2f8/0x520 [ 2310.490457] ? io_prep_rw+0x7f5/0x1050 [ 2310.491154] io_submit_sqes+0x44aa/0x8610 [ 2310.491904] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2310.492755] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2310.493612] ? find_held_lock+0x2c/0x110 [ 2310.494321] ? io_submit_sqes+0x8610/0x8610 [ 2310.495083] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2310.495925] ? wait_for_completion_io+0x270/0x270 [ 2310.496755] ? rcu_read_lock_any_held+0x75/0xa0 [ 2310.497556] ? vfs_write+0x354/0xb10 [ 2310.498199] ? fput_many+0x2f/0x1a0 [ 2310.498815] ? ksys_write+0x1a9/0x260 [ 2310.499473] ? __ia32_sys_read+0xb0/0xb0 [ 2310.500179] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2310.501090] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2310.501979] do_syscall_64+0x33/0x40 [ 2310.502615] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2310.503499] RIP: 0033:0x7ff7fbbbbb19 [ 2310.504143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2310.507292] RSP: 002b:00007ff7f9131188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2310.508595] RAX: ffffffffffffffda RBX: 00007ff7fbccef60 RCX: 00007ff7fbbbbb19 [ 2310.509832] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2310.511059] RBP: 00007ff7f91311d0 R08: 0000000000000000 R09: 0000000000000000 [ 2310.512263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2310.513470] R13: 00007ffd6f9efb5f R14: 00007ff7f9131300 R15: 0000000000022000 [ 2310.653123] loop5: detected capacity change from 0 to 262144 [ 2310.725531] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2310.757356] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2310.793897] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:50:44 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 42) 02:50:44 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x48ab, 0x0, 0x3, 0x0, 0xfffffffffffffd7c) 02:50:44 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000600), 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setpriority(0x2, 0xffffffffffffffff, 0x5) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)={0x14, 0x10, 0x10, 0x80}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, &(0x7f0000000140)) setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0) openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x82280, 0x0) syz_open_dev$vcsa(&(0x7f0000000100), 0x0, 0x401) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='map_files\x00') r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x248e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r3, &(0x7f00000000c0), 0x12) accept$packet(r1, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14) ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f00000002c0)={@local, 0x1f, r4}) flock(r2, 0x6) mmap$perf(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4, 0x10, r2, 0x6) getdents64(r1, &(0x7f00000007c0)=""/180, 0x200007d8) getdents64(r1, 0x0, 0x0) lseek(0xffffffffffffffff, 0x1, 0x4) unshare(0x48020200) 02:50:44 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 61) 02:50:44 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40201, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:50:44 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)={0x800, 0x147, 0x10}, 0x18) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:50:44 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 38) 02:50:44 executing program 7: r0 = socket$inet6_udp(0xa, 0x2, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @dev, 0x2}, 0xfffffffffffffeb8) connect$inet6(r0, &(0x7f0000000280)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}}, 0x1c) socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) [ 2325.739589] FAULT_INJECTION: forcing a failure. [ 2325.739589] name failslab, interval 1, probability 0, space 0, times 0 [ 2325.741278] CPU: 0 PID: 12214 Comm: syz-executor.0 Not tainted 5.10.234 #1 [ 2325.742236] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2325.743363] Call Trace: [ 2325.743724] dump_stack+0x107/0x167 [ 2325.744214] should_fail.cold+0x5/0xa [ 2325.744731] should_failslab+0x5/0x20 [ 2325.745256] kmem_cache_alloc_bulk+0x4b/0x320 [ 2325.745863] io_submit_sqes+0x6fe6/0x8610 [ 2325.746437] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2325.747101] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2325.747765] ? find_held_lock+0x2c/0x110 [ 2325.748324] ? io_submit_sqes+0x8610/0x8610 [ 2325.748443] FAULT_INJECTION: forcing a failure. [ 2325.748443] name failslab, interval 1, probability 0, space 0, times 0 [ 2325.748902] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2325.748919] ? wait_for_completion_io+0x270/0x270 [ 2325.748935] ? rcu_read_lock_any_held+0x75/0xa0 [ 2325.748947] ? vfs_write+0x354/0xb10 [ 2325.748959] ? fput_many+0x2f/0x1a0 [ 2325.748971] ? ksys_write+0x1a9/0x260 [ 2325.748983] ? __ia32_sys_read+0xb0/0xb0 [ 2325.748998] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2325.749010] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2325.749024] do_syscall_64+0x33/0x40 [ 2325.749035] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2325.749043] RIP: 0033:0x7ff7fbbbbb19 [ 2325.749055] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2325.749062] RSP: 002b:00007ff7f9131188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2325.749074] RAX: ffffffffffffffda RBX: 00007ff7fbccef60 RCX: 00007ff7fbbbbb19 [ 2325.749081] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2325.749087] RBP: 00007ff7f91311d0 R08: 0000000000000000 R09: 0000000000000000 [ 2325.749094] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2325.749101] R13: 00007ffd6f9efb5f R14: 00007ff7f9131300 R15: 0000000000022000 [ 2325.792000] CPU: 1 PID: 12213 Comm: syz-executor.3 Not tainted 5.10.234 #1 [ 2325.793387] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2325.795030] Call Trace: [ 2325.795571] dump_stack+0x107/0x167 [ 2325.796307] should_fail.cold+0x5/0xa [ 2325.797073] ? io_setup_async_rw+0x180/0x580 [ 2325.797937] ? io_setup_async_rw+0x180/0x580 [ 2325.798906] should_failslab+0x5/0x20 [ 2325.799613] __kmalloc+0x72/0x390 [ 2325.800399] io_setup_async_rw+0x180/0x580 [ 2325.801253] io_read+0xe98/0x11e0 02:50:44 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 43) [ 2325.801910] ? __lock_acquire+0x1657/0x5b00 [ 2325.802907] ? kiocb_done+0xc90/0xc90 [ 2325.803824] ? mark_lock+0xf5/0x2df0 [ 2325.804722] ? lock_chain_count+0x20/0x20 [ 2325.805631] ? mark_lock+0xf5/0x2df0 [ 2325.806339] ? lock_chain_count+0x20/0x20 [ 2325.807312] io_issue_sqe+0x2e8a/0x77b0 [ 2325.808321] ? find_held_lock+0x2c/0x110 [ 2325.809073] ? perf_trace_lock+0xac/0x490 [ 2325.809989] ? SOFTIRQ_verbose+0x10/0x10 [ 2325.810857] ? __io_arm_poll_handler+0x59b/0x9e0 [ 2325.811882] ? io_connect+0x610/0x610 [ 2325.812651] ? mark_held_locks+0x9e/0xe0 [ 2325.813396] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2325.814796] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2325.815883] ? trace_hardirqs_on+0x5b/0x180 [ 2325.817000] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2325.818368] __io_queue_sqe+0x90/0x9d0 [ 2325.819414] ? lock_release+0x3f6/0x680 [ 2325.820338] ? io_issue_sqe+0x77b0/0x77b0 [ 2325.821456] ? __fget_files+0x2f8/0x520 [ 2325.822481] ? io_prep_rw+0x7f5/0x1050 [ 2325.823444] io_submit_sqes+0x44aa/0x8610 [ 2325.824465] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2325.825740] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2325.827053] ? find_held_lock+0x2c/0x110 [ 2325.828007] ? io_submit_sqes+0x8610/0x8610 [ 2325.829199] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2325.830307] ? wait_for_completion_io+0x270/0x270 [ 2325.831562] ? rcu_read_lock_any_held+0x75/0xa0 [ 2325.832548] ? vfs_write+0x354/0xb10 [ 2325.833594] ? fput_many+0x2f/0x1a0 [ 2325.834407] ? ksys_write+0x1a9/0x260 [ 2325.835196] ? __ia32_sys_read+0xb0/0xb0 [ 2325.836041] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2325.837122] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2325.838208] do_syscall_64+0x33/0x40 [ 2325.838984] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2325.840049] RIP: 0033:0x7f6d2ff1eb19 [ 2325.840831] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2325.845011] RSP: 002b:00007f6d2d494188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2325.846970] RAX: ffffffffffffffda RBX: 00007f6d30031f60 RCX: 00007f6d2ff1eb19 [ 2325.848468] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2325.850089] RBP: 00007f6d2d4941d0 R08: 0000000000000000 R09: 0000000000000000 [ 2325.851861] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2325.853703] R13: 00007fffd21e992f R14: 00007f6d2d494300 R15: 0000000000022000 [ 2325.898465] loop5: detected capacity change from 0 to 262656 [ 2325.907254] FAULT_INJECTION: forcing a failure. [ 2325.907254] name failslab, interval 1, probability 0, space 0, times 0 [ 2325.910161] CPU: 1 PID: 12220 Comm: syz-executor.0 Not tainted 5.10.234 #1 [ 2325.911774] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2325.913724] Call Trace: [ 2325.914340] dump_stack+0x107/0x167 [ 2325.915164] should_fail.cold+0x5/0xa [ 2325.916059] ? create_object.isra.0+0x3a/0xa20 [ 2325.917145] should_failslab+0x5/0x20 [ 2325.918066] kmem_cache_alloc+0x5b/0x310 [ 2325.919094] create_object.isra.0+0x3a/0xa20 [ 2325.920318] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2325.921670] kmem_cache_alloc_bulk+0x168/0x320 [ 2325.922697] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2325.922841] io_submit_sqes+0x6fe6/0x8610 [ 2325.924879] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2325.926287] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2325.927646] ? find_held_lock+0x2c/0x110 [ 2325.928755] ? io_submit_sqes+0x8610/0x8610 [ 2325.929922] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2325.931933] ? wait_for_completion_io+0x270/0x270 [ 2325.933332] ? rcu_read_lock_any_held+0x75/0xa0 [ 2325.934612] ? vfs_write+0x354/0xb10 [ 2325.935523] ? fput_many+0x2f/0x1a0 [ 2325.936378] ? ksys_write+0x1a9/0x260 [ 2325.937291] ? __ia32_sys_read+0xb0/0xb0 [ 2325.938245] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2325.939474] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2325.940684] do_syscall_64+0x33/0x40 [ 2325.941572] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2325.942762] RIP: 0033:0x7ff7fbbbbb19 [ 2325.943632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2325.947915] RSP: 002b:00007ff7f9131188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2325.949725] RAX: ffffffffffffffda RBX: 00007ff7fbccef60 RCX: 00007ff7fbbbbb19 [ 2325.951519] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2325.953163] RBP: 00007ff7f91311d0 R08: 0000000000000000 R09: 0000000000000000 [ 2325.954812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2325.956455] R13: 00007ffd6f9efb5f R14: 00007ff7f9131300 R15: 0000000000022000 [ 2325.962669] FAULT_INJECTION: forcing a failure. [ 2325.962669] name failslab, interval 1, probability 0, space 0, times 0 [ 2325.965493] CPU: 0 PID: 12223 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2325.967231] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2325.969351] Call Trace: [ 2325.970021] dump_stack+0x107/0x167 [ 2325.970951] should_fail.cold+0x5/0xa [ 2325.971924] ? create_object.isra.0+0x3a/0xa20 [ 2325.973088] should_failslab+0x5/0x20 [ 2325.974064] kmem_cache_alloc+0x5b/0x310 [ 2325.975104] create_object.isra.0+0x3a/0xa20 [ 2325.976209] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2325.977515] kmem_cache_alloc_trace+0x151/0x320 [ 2325.978698] __io_queue_sqe+0x666/0x9d0 [ 2325.979712] ? io_issue_sqe+0x77b0/0x77b0 [ 2325.980755] ? __fget_files+0x2f8/0x520 [ 2325.981788] ? io_prep_rw+0x7f5/0x1050 [ 2325.982783] io_submit_sqes+0x44aa/0x8610 [ 2325.983875] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2325.985133] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2325.986376] ? find_held_lock+0x2c/0x110 [ 2325.987411] ? io_submit_sqes+0x8610/0x8610 [ 2325.988511] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2325.989756] ? wait_for_completion_io+0x270/0x270 [ 2325.990985] ? rcu_read_lock_any_held+0x75/0xa0 [ 2325.992156] ? vfs_write+0x354/0xb10 [ 2325.993093] ? fput_many+0x2f/0x1a0 [ 2325.994034] ? ksys_write+0x1a9/0x260 [ 2325.995124] ? __ia32_sys_read+0xb0/0xb0 [ 2325.996273] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2325.997617] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2325.998918] do_syscall_64+0x33/0x40 [ 2325.999862] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2326.001157] RIP: 0033:0x7fc0e8027b19 [ 2326.002123] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2326.006561] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2326.008404] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2326.010166] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2326.011896] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2326.013654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2326.015393] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 [ 2326.057075] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended 02:50:45 executing program 7: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x0, 0x0, @private1, 0x2}, 0x1c) r1 = syz_io_uring_complete(0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4ea0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) ftruncate(r2, 0x1000003) ioctl$FS_IOC_FSSETXATTR(r2, 0x40086602, &(0x7f0000000000)) fcntl$setflags(r1, 0x2, 0x0) writev(r2, &(0x7f00000002c0)=[{&(0x7f0000000500)}, {&(0x7f0000000040)='Z', 0x1}], 0x2) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000080)={0x0, 0x1000}, 0x4) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r4, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000900)}}], 0x2, 0x8080) sendmsg$inet6(r4, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x4000890) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'sit0\x00'}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) [ 2326.088973] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:50:45 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40202, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:50:45 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) r1 = accept$packet(r0, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000440)=0x14) fremovexattr(r1, &(0x7f0000000480)=@known='security.apparmor\x00') sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r3, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) r4 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x220400, 0x0) sendmsg$nl_netfilter(r4, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2028020a}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x1c, 0x13, 0x5, 0x201, 0x70bd28, 0x25dfdbfe, {0x3, 0x0, 0x3}, [@typed={0x8, 0xf, 0x0, 0x0, @pid=0xffffffffffffffff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x40000) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r3, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f00000004c0)={{0x1, 0x1, 0x18, r0, {0x2}}, './file0\x00'}) r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), r2) sendmsg$ETHTOOL_MSG_LINKINFO_GET(r5, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x9}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)={0x3c, r6, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvtap0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x84}, 0x4000880) fallocate(r3, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:50:45 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000000)=0x20000000) fstatfs(r4, &(0x7f00000004c0)=""/89) fcntl$notify(r4, 0x402, 0x80000000) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2326.514396] loop5: detected capacity change from 0 to 262656 [ 2326.577215] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2326.631194] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2326.644664] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:50:59 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 44) 02:50:59 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 62) 02:50:59 executing program 2: r0 = syz_io_uring_setup(0x20004d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000380)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_WRITE_FIXED={0x5, 0x4, 0x6000, @fd_index=0x7, 0x89, 0x2, 0x4, 0x9, 0x1}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) fcntl$getflags(r0, 0x40a) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000001d00210c004c588a0c0000000400020008000c0000000000"], 0x1c}}, 0x0) accept4(0xffffffffffffffff, &(0x7f0000000240)=@pppoe, &(0x7f0000000340)=0x8d, 0x80000) io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0xfff, 0x6}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r4 = open(&(0x7f0000000140)='./file1\x00', 0x100, 0x38) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r4, 0x54a2) r5 = open(&(0x7f0000000100)='./cgroup/cgroup.procs\x00', 0x141000, 0x80) r6 = fsmount(r4, 0x0, 0x74) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r5, 0xc0189375, &(0x7f0000000300)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r6, @ANYBLOB="00000000000000004c2f729dd7730025"]) write$char_usb(r6, &(0x7f00000000c0)="618bcf11593d393a07cffe02169ae0caa40dcfc403373af389ff71e650b1878cbfd427d45e9cae775595d387029fb5b6cd381be5261a9a8913be", 0x3a) 02:50:59 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40203, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:50:59 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 39) 02:50:59 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x4047e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20044007}, 0x41) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000000), 0x8}, 0x841, 0xffffffffffffff01, 0xffffffe, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:50:59 executing program 7: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000040)=0x9) r1 = socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) fcntl$setstatus(r3, 0x4, 0x2c00) connect$unix(r3, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x7, 0xf2, 0x9, 0x8, 0x0, 0xbee8, 0x4, 0xb, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x2, @perf_config_ext={0x4, 0x3}, 0x2, 0x401, 0x0, 0x4, 0xffff, 0x3, 0x8, 0x0, 0x1, 0x0, 0x7955}, 0x0, 0x8, r3, 0x8) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff) openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x48001, 0x42) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0, r1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff}) r6 = fcntl$dupfd(r5, 0x0, r5) fcntl$setstatus(r3, 0x4, 0x6800) fcntl$setstatus(r6, 0x4, 0x2c00) connect$unix(r6, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e) sendmsg$NL80211_CMD_GET_SURVEY(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x24040080) sendmsg$NL80211_CMD_GET_SCAN(r1, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000000)={0x1c, r4, 0x301, 0x0, 0x0, {{0x5}, {@val={0xeac}, @void}}}, 0x1c}}, 0x0) 02:50:59 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) ftruncate(r0, 0x1000003) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) r2 = creat(&(0x7f0000000000)='./file2\x00', 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="34010000170001000000000000000000fe8800000000000000000000000000010000000000000000e00000010000000000000000000000007f000001000000000000000000000000fc00000000000000000000000000000000000000000000000000000062000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="200100000000000000000000000000027f00000100000000000000000000000000000000000000000a00000067000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000e0000000000000000000000000000000c0008000800080000000000"], 0x134}}, 0x0) close(r2) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x200000a, 0x13, 0xffffffffffffffff, 0x0) connect$inet6(r2, &(0x7f0000000100)={0xa, 0x4e22, 0x9, @private2, 0x9}, 0x1c) r5 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$PTP_PEROUT_REQUEST2(r5, 0x40383d0c, 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x4, 0x0, @fd=r5, 0x6, &(0x7f0000000600), 0x0, 0x0, 0x1}, 0x5) mmap$IORING_OFF_SQES(&(0x7f0000ff9000/0x5000)=nil, 0x5000, 0x4, 0xabe023afc5a1eeb9, r2, 0x10000000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x104, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000040)}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) lseek(r1, 0x0, 0x2) fstatfs(0xffffffffffffffff, &(0x7f00000004c0)=""/89) pread64(0xffffffffffffffff, &(0x7f0000000140)=""/67, 0x43, 0x1) r6 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x128) copy_file_range(r6, 0x0, r1, 0x0, 0x200f5ef, 0x0) [ 2340.895070] loop5: detected capacity change from 0 to 262656 [ 2340.942416] FAULT_INJECTION: forcing a failure. [ 2340.942416] name failslab, interval 1, probability 0, space 0, times 0 [ 2340.944087] CPU: 0 PID: 12267 Comm: syz-executor.0 Not tainted 5.10.234 #1 [ 2340.944960] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2340.946006] Call Trace: [ 2340.946341] dump_stack+0x107/0x167 [ 2340.946794] should_fail.cold+0x5/0xa [ 2340.947275] ? create_object.isra.0+0x3a/0xa20 [ 2340.947843] should_failslab+0x5/0x20 [ 2340.948186] FAULT_INJECTION: forcing a failure. [ 2340.948186] name failslab, interval 1, probability 0, space 0, times 0 [ 2340.948314] kmem_cache_alloc+0x5b/0x310 [ 2340.948337] ? mark_held_locks+0x9e/0xe0 [ 2340.951661] create_object.isra.0+0x3a/0xa20 [ 2340.952205] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2340.952843] kmem_cache_alloc_bulk+0x168/0x320 [ 2340.953427] io_submit_sqes+0x6fe6/0x8610 [ 2340.953974] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2340.954591] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2340.955191] ? find_held_lock+0x2c/0x110 [ 2340.955697] ? io_submit_sqes+0x8610/0x8610 [ 2340.956243] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2340.956845] ? wait_for_completion_io+0x270/0x270 [ 2340.957457] ? rcu_read_lock_any_held+0x75/0xa0 [ 2340.958035] ? vfs_write+0x354/0xb10 [ 2340.958495] ? fput_many+0x2f/0x1a0 [ 2340.958955] ? ksys_write+0x1a9/0x260 [ 2340.959430] ? __ia32_sys_read+0xb0/0xb0 [ 2340.959940] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2340.960590] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2340.961236] do_syscall_64+0x33/0x40 [ 2340.961705] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2340.962342] RIP: 0033:0x7ff7fbbbbb19 [ 2340.962801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2340.965085] RSP: 002b:00007ff7f9131188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2340.966045] RAX: ffffffffffffffda RBX: 00007ff7fbccef60 RCX: 00007ff7fbbbbb19 [ 2340.966928] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2340.967807] RBP: 00007ff7f91311d0 R08: 0000000000000000 R09: 0000000000000000 [ 2340.968684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2340.969581] R13: 00007ffd6f9efb5f R14: 00007ff7f9131300 R15: 0000000000022000 [ 2340.970507] CPU: 1 PID: 12269 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2340.971971] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2340.973705] Call Trace: [ 2340.974281] dump_stack+0x107/0x167 [ 2340.975065] should_fail.cold+0x5/0xa [ 2340.975879] ? create_object.isra.0+0x3a/0xa20 [ 2340.976840] should_failslab+0x5/0x20 [ 2340.977640] kmem_cache_alloc+0x5b/0x310 [ 2340.978513] create_object.isra.0+0x3a/0xa20 [ 2340.979437] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2340.980523] kmem_cache_alloc_trace+0x151/0x320 [ 2340.981504] ? lock_downgrade+0x6d0/0x6d0 [ 2340.982392] __io_queue_sqe+0x666/0x9d0 [ 2340.983225] ? io_issue_sqe+0x77b0/0x77b0 [ 2340.984091] ? __fget_files+0x2f8/0x520 [ 2340.984933] ? io_prep_rw+0x7f5/0x1050 [ 2340.985761] io_submit_sqes+0x44aa/0x8610 [ 2340.986693] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2340.987724] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2340.988724] ? find_held_lock+0x2c/0x110 [ 2340.989580] ? io_submit_sqes+0x8610/0x8610 [ 2340.990487] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2340.991487] ? wait_for_completion_io+0x270/0x270 [ 2340.992480] ? rcu_read_lock_any_held+0x75/0xa0 [ 2340.993455] ? vfs_write+0x354/0xb10 [ 2340.994240] ? fput_many+0x2f/0x1a0 [ 2340.995000] ? ksys_write+0x1a9/0x260 [ 2340.995789] ? __ia32_sys_read+0xb0/0xb0 [ 2340.996645] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2340.997746] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2340.998841] do_syscall_64+0x33/0x40 [ 2340.999621] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2341.000806] RIP: 0033:0x7fc0e8027b19 [ 2341.001793] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 02:50:59 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 45) [ 2341.006070] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2341.008400] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2341.010126] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2341.011622] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2341.013135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2341.014640] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 [ 2341.030941] FAULT_INJECTION: forcing a failure. [ 2341.030941] name failslab, interval 1, probability 0, space 0, times 0 [ 2341.032492] CPU: 0 PID: 12273 Comm: syz-executor.3 Not tainted 5.10.234 #1 [ 2341.033369] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2341.034417] Call Trace: [ 2341.034757] dump_stack+0x107/0x167 [ 2341.035212] should_fail.cold+0x5/0xa [ 2341.035691] ? create_object.isra.0+0x3a/0xa20 [ 2341.036263] should_failslab+0x5/0x20 [ 2341.036738] kmem_cache_alloc+0x5b/0x310 [ 2341.037247] create_object.isra.0+0x3a/0xa20 [ 2341.037801] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2341.038438] __kmalloc+0x16e/0x390 [ 2341.038890] io_setup_async_rw+0x180/0x580 [ 2341.039439] io_read+0xe98/0x11e0 [ 2341.039884] ? __lock_acquire+0x1657/0x5b00 [ 2341.040432] ? kiocb_done+0xc90/0xc90 [ 2341.040903] ? mark_lock+0xf5/0x2df0 [ 2341.041371] ? lock_chain_count+0x20/0x20 [ 2341.041932] ? __lock_acquire+0xbb1/0x5b00 [ 2341.042464] io_issue_sqe+0x2e8a/0x77b0 [ 2341.042967] ? find_held_lock+0x2c/0x110 [ 2341.043476] ? perf_trace_lock+0xac/0x490 [ 2341.043992] ? SOFTIRQ_verbose+0x10/0x10 [ 2341.044502] ? __io_arm_poll_handler+0x59b/0x9e0 [ 2341.045094] ? io_connect+0x610/0x610 [ 2341.045606] ? lock_acquire+0x197/0x470 [ 2341.046100] ? find_held_lock+0x2c/0x110 [ 2341.046612] ? __fget_files+0x2cf/0x520 [ 2341.047108] ? lock_downgrade+0x6d0/0x6d0 [ 2341.047629] __io_queue_sqe+0x90/0x9d0 [ 2341.048120] ? io_issue_sqe+0x77b0/0x77b0 [ 2341.048633] ? __fget_files+0x2f8/0x520 [ 2341.049134] ? io_prep_rw+0x7f5/0x1050 [ 2341.049627] io_submit_sqes+0x44aa/0x8610 [ 2341.050173] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2341.050797] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2341.051408] ? find_held_lock+0x2c/0x110 [ 2341.051921] ? io_submit_sqes+0x8610/0x8610 [ 2341.052470] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2341.053078] ? wait_for_completion_io+0x270/0x270 [ 2341.053707] ? rcu_read_lock_any_held+0x75/0xa0 [ 2341.054286] ? vfs_write+0x354/0xb10 [ 2341.054754] ? fput_many+0x2f/0x1a0 [ 2341.055209] ? ksys_write+0x1a9/0x260 [ 2341.055695] ? __ia32_sys_read+0xb0/0xb0 [ 2341.056206] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2341.056858] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2341.057516] do_syscall_64+0x33/0x40 [ 2341.057977] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2341.058620] RIP: 0033:0x7f6d2ff1eb19 [ 2341.059087] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2341.061381] RSP: 002b:00007f6d2d494188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2341.062347] RAX: ffffffffffffffda RBX: 00007f6d30031f60 RCX: 00007f6d2ff1eb19 [ 2341.063250] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2341.064146] RBP: 00007f6d2d4941d0 R08: 0000000000000000 R09: 0000000000000000 [ 2341.065039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2341.065936] R13: 00007fffd21e992f R14: 00007f6d2d494300 R15: 0000000000022000 [ 2341.067252] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2341.110528] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2341.119204] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.7'. [ 2341.126540] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue [ 2341.166124] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.7'. [ 2341.171497] FAULT_INJECTION: forcing a failure. [ 2341.171497] name failslab, interval 1, probability 0, space 0, times 0 [ 2341.173067] CPU: 0 PID: 12284 Comm: syz-executor.0 Not tainted 5.10.234 #1 [ 2341.173948] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2341.174999] Call Trace: [ 2341.175339] dump_stack+0x107/0x167 [ 2341.175791] should_fail.cold+0x5/0xa [ 2341.176262] ? create_object.isra.0+0x3a/0xa20 [ 2341.176832] should_failslab+0x5/0x20 [ 2341.177320] kmem_cache_alloc+0x5b/0x310 [ 2341.177845] ? mark_held_locks+0x9e/0xe0 [ 2341.178345] create_object.isra.0+0x3a/0xa20 [ 2341.178905] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2341.179545] kmem_cache_alloc_bulk+0x168/0x320 [ 2341.180120] io_submit_sqes+0x6fe6/0x8610 [ 2341.180671] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2341.181287] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2341.181906] ? find_held_lock+0x2c/0x110 [ 2341.182422] ? io_submit_sqes+0x8610/0x8610 [ 2341.182979] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2341.183591] ? wait_for_completion_io+0x270/0x270 [ 2341.184197] ? rcu_read_lock_any_held+0x75/0xa0 [ 2341.184771] ? vfs_write+0x354/0xb10 [ 2341.185236] ? fput_many+0x2f/0x1a0 [ 2341.185706] ? ksys_write+0x1a9/0x260 [ 2341.186178] ? __ia32_sys_read+0xb0/0xb0 [ 2341.186685] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2341.187340] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2341.187990] do_syscall_64+0x33/0x40 [ 2341.188456] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2341.189098] RIP: 0033:0x7ff7fbbbbb19 [ 2341.189572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2341.191882] RSP: 002b:00007ff7f9131188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2341.192838] RAX: ffffffffffffffda RBX: 00007ff7fbccef60 RCX: 00007ff7fbbbbb19 [ 2341.193732] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2341.194625] RBP: 00007ff7f91311d0 R08: 0000000000000000 R09: 0000000000000000 [ 2341.195524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2341.196412] R13: 00007ffd6f9efb5f R14: 00007ff7f9131300 R15: 0000000000022000 02:51:00 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0xb4) 02:51:00 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40300, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:51:00 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 40) 02:51:00 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000000)=0x20000000) fstatfs(r4, &(0x7f00000004c0)=""/89) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000000)=0x20000000) fstatfs(r5, &(0x7f00000004c0)=""/89) dup2(r4, r5) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:51:00 executing program 7: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000040)=0x9) r1 = socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x0, r2) fcntl$setstatus(r3, 0x4, 0x2c00) connect$unix(r3, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e) perf_event_open(&(0x7f00000001c0)={0x1, 0x80, 0x7, 0xf2, 0x9, 0x8, 0x0, 0xbee8, 0x4, 0xb, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x2, @perf_config_ext={0x4, 0x3}, 0x2, 0x401, 0x0, 0x4, 0xffff, 0x3, 0x8, 0x0, 0x1, 0x0, 0x7955}, 0x0, 0x8, r3, 0x8) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001540), 0xffffffffffffffff) openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x48001, 0x42) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0, r1) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff}) r6 = fcntl$dupfd(r5, 0x0, r5) fcntl$setstatus(r3, 0x4, 0x6800) fcntl$setstatus(r6, 0x4, 0x2c00) connect$unix(r6, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e) sendmsg$NL80211_CMD_GET_SURVEY(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x24040080) sendmsg$NL80211_CMD_GET_SCAN(r1, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000000)={0x1c, r4, 0x301, 0x0, 0x0, {{0x5}, {@val={0xeac}, @void}}}, 0x1c}}, 0x0) 02:51:00 executing program 6: sendmsg$NL80211_CMD_GET_SURVEY(0xffffffffffffffff, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) dup2(0xffffffffffffffff, 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB="20010000", @ANYRES16=r1, @ANYBLOB="000428bd7000fbdbdf25110000000500e40000000000060012002e0500000c00118004000300040001000600120108000200080011800400050006003600030000000c0043000000000001000000cb00ac00228245dcbdd8e7fe5dab5651e789ac41d8fc0a294d1ba17a5b8c1e8a8ef6ada2a5be15d0ad009791d5b3c8f9375db830c598327864097b25c445b086043cc1bf0c4e9f2051cced10a6fad1683f7f68dcca66872649eee420575143e53db5ce83b16e95879d1e0b2d0c72c69e57026803885d7f97d42c812fd4567f0cd055fa47b9eab6c02760993ae982a54cc6768ec5a4ac828fa5fc476376c692511c5fa6b8fddc955dc593c5351cdf2f93eb5588383abcfe7cfeb948bd160103b4132c687a91cbaea38ef4cd00"], 0x120}, 0x1, 0x0, 0x0, 0xc011}, 0x20000840) r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0) fallocate(r3, 0x0, 0x0, 0x1000002) r4 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3) writev(0xffffffffffffffff, &(0x7f0000000200)=[{&(0x7f0000000040)='7', 0x1}], 0x1) socket$inet6_tcp(0xa, 0x1, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) newfstatat(0xffffffffffffff9c, 0x0, &(0x7f0000000340), 0x0) bind(0xffffffffffffffff, &(0x7f00000002c0)=@nfc={0x27, 0x0, 0x0, 0x1}, 0x80) r5 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r4, r5, 0x0, 0x100000001) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r3, 0x0) [ 2341.377337] loop5: detected capacity change from 0 to 262656 [ 2341.380624] FAULT_INJECTION: forcing a failure. [ 2341.380624] name failslab, interval 1, probability 0, space 0, times 0 [ 2341.383614] CPU: 1 PID: 12288 Comm: syz-executor.3 Not tainted 5.10.234 #1 [ 2341.385179] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2341.387169] Call Trace: [ 2341.387807] dump_stack+0x107/0x167 [ 2341.388756] should_fail.cold+0x5/0xa [ 2341.389728] ? __io_queue_sqe+0x666/0x9d0 [ 2341.390763] should_failslab+0x5/0x20 [ 2341.391750] kmem_cache_alloc_trace+0x55/0x320 [ 2341.392866] ? lock_downgrade+0x6d0/0x6d0 [ 2341.393968] __io_queue_sqe+0x666/0x9d0 [ 2341.394939] ? io_issue_sqe+0x77b0/0x77b0 [ 2341.395915] ? __fget_files+0x2f8/0x520 [ 2341.396900] ? io_prep_rw+0x7f5/0x1050 [ 2341.397840] io_submit_sqes+0x44aa/0x8610 [ 2341.398980] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2341.400166] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2341.401366] ? find_held_lock+0x2c/0x110 [ 2341.402361] ? io_submit_sqes+0x8610/0x8610 [ 2341.403471] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2341.404623] ? wait_for_completion_io+0x270/0x270 [ 2341.405847] ? rcu_read_lock_any_held+0x75/0xa0 [ 2341.406988] ? vfs_write+0x354/0xb10 [ 2341.407956] ? fput_many+0x2f/0x1a0 [ 2341.408799] ? ksys_write+0x1a9/0x260 [ 2341.409633] ? __ia32_sys_read+0xb0/0xb0 02:51:00 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 63) [ 2341.410527] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2341.411787] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2341.412971] do_syscall_64+0x33/0x40 [ 2341.413936] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2341.415324] RIP: 0033:0x7f6d2ff1eb19 [ 2341.416134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2341.421330] RSP: 002b:00007f6d2d494188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2341.422994] RAX: ffffffffffffffda RBX: 00007f6d30031f60 RCX: 00007f6d2ff1eb19 [ 2341.424525] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2341.426058] RBP: 00007f6d2d4941d0 R08: 0000000000000000 R09: 0000000000000000 [ 2341.427605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2341.429164] R13: 00007fffd21e992f R14: 00007f6d2d494300 R15: 0000000000022000 [ 2341.432460] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2341.472867] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2341.476205] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue [ 2341.491887] FAULT_INJECTION: forcing a failure. [ 2341.491887] name failslab, interval 1, probability 0, space 0, times 0 [ 2341.493518] CPU: 0 PID: 12300 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2341.494387] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2341.495424] Call Trace: [ 2341.495758] dump_stack+0x107/0x167 [ 2341.496221] should_fail.cold+0x5/0xa [ 2341.496706] ? __io_queue_sqe+0x666/0x9d0 [ 2341.497230] should_failslab+0x5/0x20 [ 2341.497717] kmem_cache_alloc_trace+0x55/0x320 [ 2341.498287] ? lock_downgrade+0x6d0/0x6d0 [ 2341.498814] __io_queue_sqe+0x666/0x9d0 [ 2341.499315] ? io_issue_sqe+0x77b0/0x77b0 [ 2341.499833] ? __fget_files+0x2f8/0x520 [ 2341.500332] ? io_prep_rw+0x7f5/0x1050 [ 2341.500824] io_submit_sqes+0x44aa/0x8610 [ 2341.501378] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2341.502004] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2341.502604] ? find_held_lock+0x2c/0x110 [ 2341.503117] ? io_submit_sqes+0x8610/0x8610 [ 2341.503660] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2341.504265] ? wait_for_completion_io+0x270/0x270 [ 2341.504869] ? rcu_read_lock_any_held+0x75/0xa0 [ 2341.505449] ? vfs_write+0x354/0xb10 [ 2341.505912] ? fput_many+0x2f/0x1a0 [ 2341.506363] ? ksys_write+0x1a9/0x260 [ 2341.506837] ? __ia32_sys_read+0xb0/0xb0 [ 2341.507342] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2341.507994] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2341.508638] do_syscall_64+0x33/0x40 [ 2341.509101] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2341.509737] RIP: 0033:0x7fc0e8027b19 [ 2341.510192] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2341.512463] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2341.513418] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2341.514307] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2341.515193] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2341.516076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2341.516962] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 [ 2341.526155] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.7'. 02:51:00 executing program 7: mknod$loop(&(0x7f0000000400)='./file0\x00', 0x6000, 0x0) r0 = open(&(0x7f0000000140)='./file1\x00', 0x100, 0x38) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) r1 = open(&(0x7f0000000100)='./cgroup/cgroup.procs\x00', 0x141000, 0x80) r2 = fsmount(r0, 0x0, 0x74) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000300)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r2, @ANYBLOB="00000000000000004c2f729dd7730025"]) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000004c0)={{{@in, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@loopback}}, 0x0) ioctl$AUTOFS_DEV_IOCTL_VERSION(r1, 0xc0189371, &(0x7f0000000040)={{0x1, 0x1, 0x18}, './file0\x00'}) r3 = creat(&(0x7f0000000000)='./file0\x00', 0x1bc) io_uring_register$IORING_UNREGISTER_BUFFERS(r3, 0x1, 0x0, 0x0) 02:51:00 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40301, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:51:00 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) ioctl$AUTOFS_IOC_EXPIRE_MULTI(r0, 0x40049366, &(0x7f0000000000)=0x2) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r2, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)={0x880000, 0xcd, 0x8}, 0x18) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r2, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc018937e, &(0x7f0000000240)={{0x1, 0x1, 0x18, r0, @out_args}, './file0\x00'}) fcntl$dupfd(r1, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r2, 0x3, 0x4077, 0x8000) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000000)=0x20000000) fstatfs(r3, &(0x7f00000004c0)=""/89) openat(r3, &(0x7f0000000300)='./file1\x00', 0x1, 0x142) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) ioctl$sock_inet6_SIOCADDRT(r2, 0x890b, &(0x7f00000003c0)={@mcast2, @remote, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x3, 0xa2, 0x6, 0x0, 0x8, 0xc3}) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:51:00 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 46) [ 2341.792480] loop5: detected capacity change from 0 to 262656 [ 2341.805807] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2341.817481] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2341.824037] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue [ 2341.896232] FAULT_INJECTION: forcing a failure. [ 2341.896232] name failslab, interval 1, probability 0, space 0, times 0 [ 2341.898914] CPU: 1 PID: 12320 Comm: syz-executor.0 Not tainted 5.10.234 #1 [ 2341.900579] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2341.902479] Call Trace: [ 2341.903064] dump_stack+0x107/0x167 [ 2341.903861] should_fail.cold+0x5/0xa [ 2341.904696] ? create_object.isra.0+0x3a/0xa20 [ 2341.905699] should_failslab+0x5/0x20 [ 2341.906519] kmem_cache_alloc+0x5b/0x310 [ 2341.907391] ? mark_held_locks+0x9e/0xe0 [ 2341.908275] create_object.isra.0+0x3a/0xa20 [ 2341.909197] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2341.910299] kmem_cache_alloc_bulk+0x168/0x320 [ 2341.911475] io_submit_sqes+0x6fe6/0x8610 [ 2341.912544] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2341.913631] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2341.914832] ? find_held_lock+0x2c/0x110 [ 2341.915738] ? io_submit_sqes+0x8610/0x8610 [ 2341.916656] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2341.917695] ? wait_for_completion_io+0x270/0x270 [ 2341.918722] ? rcu_read_lock_any_held+0x75/0xa0 [ 2341.919684] ? vfs_write+0x354/0xb10 [ 2341.920468] ? fput_many+0x2f/0x1a0 [ 2341.921103] ? ksys_write+0x1a9/0x260 [ 2341.921918] ? __ia32_sys_read+0xb0/0xb0 [ 2341.922774] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2341.923867] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2341.924956] do_syscall_64+0x33/0x40 [ 2341.925736] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2341.926813] RIP: 0033:0x7ff7fbbbbb19 [ 2341.927585] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2341.931392] RSP: 002b:00007ff7f9131188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2341.932971] RAX: ffffffffffffffda RBX: 00007ff7fbccef60 RCX: 00007ff7fbbbbb19 [ 2341.934295] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2341.935521] RBP: 00007ff7f91311d0 R08: 0000000000000000 R09: 0000000000000000 [ 2341.936747] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2341.937980] R13: 00007ffd6f9efb5f R14: 00007ff7f9131300 R15: 0000000000022000 02:51:18 executing program 6: preadv2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) pread64(0xffffffffffffffff, &(0x7f0000000180)=""/177, 0xb1, 0x1) pread64(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmsg$ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x40, 0x0, 0x100, 0x70bd2d, 0x25dfdbfd, {}, [@HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gretap0\x00'}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x24000041}, 0x4008040) r0 = creat(&(0x7f0000000100)='./file1\x00', 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_IOC_EXPIRE_MULTI(r0, 0x40049366, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)={0x114, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@nested={0xfd, 0x11, 0x0, 0x1, [@generic="cabdd69942ae86268a922047d9b931f72731084d0549ba3c39c937995472e7f2c4854ccde899bf6e5e124c44777b29b0c0368c91fc2f36ad312f94d2f47690f0c18af62f53c4dcf3c63e9bcd1d5b817bd1df8e075435d45ef1d2286d14eb74dc272eda069ed0643222101a57610aa97329fbf38aeb21dfafba4f9f7eaf2fee187358374fe1d2de0ba2e4c1538dd950a9535fa347d7fc5ef262742f21489e6596921275b4a695b2cae93696a18e7fb5b553883d7b4e819bdb4d64dc140405846c77ac7e53048e92848a8cee3f50520dab6d1b3fe0e39e058e4699c2a66242f0c4c4834aafa56cc708696bbc16024f9fe70f3f53fb6c4bec3fce"]}]}, 0x114}}, 0x0) 02:51:18 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40302, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:51:18 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 41) 02:51:18 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 47) 02:51:18 executing program 7: pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x82000) r1 = open(&(0x7f0000000140)='./file1\x00', 0x100, 0x38) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r1, 0x54a2) r2 = open(&(0x7f0000000100)='./file1\x00', 0x551902, 0x80) r3 = syz_open_dev$vcsn(0x0, 0x4, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000380)={'vxcan1\x00'}) r4 = openat(r0, &(0x7f0000000200)='./cgroup/cgroup.procs\x00', 0x80, 0x58) r5 = fsmount(r4, 0x0, 0xf4) stat(&(0x7f0000000080)='./cgroup/cgroup.procs\x00', &(0x7f0000000180)) setxattr$trusted_overlay_opaque(&(0x7f00000002c0)='./file1\x00', &(0x7f0000000240), &(0x7f0000000280), 0x2, 0x0) r6 = open(&(0x7f00000000c0)='./cgroup/cgroup.procs\x00', 0x35d003, 0x100) ioctl$CDROMREADAUDIO(r6, 0x530e, &(0x7f0000000480)={@lba=0x6, 0x0, 0x47, &(0x7f0000000300)=""/71}) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r2, 0xc0189375, &(0x7f00000003c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r5, @ANYBLOB="00000000000000004c2f729dd7730025ffad85acdd573b4f388c7ef89c8c55d7b0102bcec7dc12f74965341a46f616e70982bba511079f9ec41986470adade9c44c8ad3b61cb42649aa127d4cecb9406b8bd4f1ea46537c7fd55872b162774f982ee8c208e8b6d3d62c677b9abe2e5b70af48d552b48706a015ab110c6c4785caf9adbb5c0d1fbfbda1e4e951ddce0074a3096e631dec1dbf92f228da70360103acf00"/176]) syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r5) 02:51:18 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 64) 02:51:18 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = syz_open_dev$vcsn(0x0, 0x4, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000380)={'vxcan1\x00'}) io_uring_enter(r4, 0x1f21, 0xe243, 0x0, &(0x7f0000000400)={[0x2]}, 0x8) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x0, 0xffffffffffffffff, r3, 0x0) syz_io_uring_setup(0x49c6, &(0x7f00000000c0)={0x0, 0x9747, 0x1, 0x3, 0x159}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000180), &(0x7f0000000240)=0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000280)=@IORING_OP_ASYNC_CANCEL={0xe, 0x0, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0x1}, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) lsetxattr$security_evm(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380), &(0x7f00000003c0)=@md5={0x1, "40274f546abe94acb200d764bbe1fa59"}, 0x11, 0x3) unlinkat(r4, &(0x7f0000000440)='./file0\x00', 0x200) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000013c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x4000, @fd, 0x0, 0xf8, 0x80000001, 0xa, 0x1, {0x3, r7}}, 0x0) syz_io_uring_submit(0x0, r6, &(0x7f0000001940)=@IORING_OP_SENDMSG={0x9, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000001900)={&(0x7f0000000540)=@ll={0x11, 0x7, 0x0, 0x1, 0x8, 0x6, @remote}, 0x80, &(0x7f0000001780)=[{&(0x7f00000005c0)="6d8d5424a0173e71b89cbdf6fcf71f344961aa34b95b806bb82b5e963952c24d1de734aa978db39bd3700885d2b3f47499f9646d08477296e244b86da8645f3e1f2e41687b424131801e1ef26bbb9ce098df01fc019dcd511e01e180fcec41e8cd0581b136c528647a41f5c316797660a850b71bd8d1b6c96d81c029186990", 0x7f}, {&(0x7f0000000640)="5f1a924138", 0x5}, {&(0x7f0000000680)="5db91fe3aec0e054b9bf9059a2e37e05a655ae8fb968841d8f1032e34d1b59bd662545", 0x23}, {&(0x7f00000006c0)="99f72f87a8b3b52a324ff02f3b3b5bb5ec142a5babfaec51f388e65e115d490dd05805fabfca52e4393b42d39cd165395cf8a808f8d80897ca379d9ab8196a6366a28d97e06987104a4e40be6cb773821e739419980c8b56e72121bf48d05dd8e96e7cb69de6590dd4300c829a8b2cd7402328e0eeb73208c4e68d6805cf3b0d22b607eb4ce313ce109a2ac9c0ea878c58b99f9c48a4b847400ca9d453693d2bce234d007df386342406bc841b2a0a05d43566ebd70b45d4f61425d9580192a21f7856be861fb257c3ea49a98cb734ab0eee31f858d539e537c79bc8d448bd88fb999c04f91cfb5f609e7531a5921991d7cdc7e29536ec2856adf5214b28f2aa352fc7a0ab8218b40d188e35789059901f3aed78beee3278640c34d9294fb5549f360c9453b8f7b240d893c1aa839fadeb745ff26a4913b9869a56bb8d82bd0190afedda0a6124c224b823cebc6b82146d1a67274002c26e8ec952edb457c191947d36b6ae380c2fc2eebaccc5cea405fc1072f26c1c3aac855915e338bc6d6ac72dbd8d0ac3f42d49e7ea2a13f9407317c5eaed9c5bcf90b1958eb0d56cc6ac1a59c88e3f1c92bb84796da8c391e9abb92248ee17bb643ed1e2fcb97b3b5e54667e6a1f465776fd0055ab5e2c1a4fb08a5422ee4b39bb85c7cc701c5d812ccda4735c3940cb6b1c29ef34442c3387dcb73d0217473b4e7b7e7e90e1ed4272b270d9c9c88062880b2a382ef10d8c10c0afb6e1fe66d4e692f603dca4aeeef101e0d656c54a74b8a0fa25364c43bac7e159ff519fd68bbeb2d59e91b3a558438001a434f04b0d2d92bf2cf0054a47eb411f20bf1fbe587d7d808bdd683803aa1c0c9ca20fdaf62df5be7ef88d28100cada6bed9e1b19b8affb7a84ccb2a0fdb745e020b31bcbe0173e8c72db1b49df5c9637036b665125abe65e681a2447d5ca616a55cca56246b1adff254fb6748efe420af72609aca727adca638b6782069d21935d8e6d571c8396edd649645a8129f778f5f58d7795f3ae48dbdb12e67287166923f6fd15e08cb1ff1953006e40d8487430fa5ddf812ab28d3c488ae6a5f5500053e7f0ace6f72823b02ac0bf74747e7d7c4a0d4c5377e1f4f1287f3a02f30380674671e182ba97d3fad685ce299fff011cfae9a8459ef6796ed0a950043c27af5034bbbd2ea1f514acf3745bee91b4ec987c92637368440b44e3b2d3cf12071e7c16ba1d60c8a960ec055f99293ca56f91560fd0d6e9102f25822ddde64ace4b3532c9aa94dcad74a6af74ec9bdc7e9bef4757bd078880e3e82ba34729f8678504a401789d57e7688b43e0ec692c9c17dcd9dcd1992f9e331e0095228da846156652199a7f935699772fe851d2666e38b2744020f1e4d9284c19c53b212dacc341c6a1bcba6a821cfb8d0aa6edb4036507fdbcaa1eeba61aea16a9dcc9128dd4fd14fc270b49725957b871a9715187848f4563b6e0c41547ef47ee86a4badc651f60bf84ac337d3caae3ea14251b9845bf5c0a1d99df276ed5c0ae988b03d734d4a0f7906a083df9cda1a3e1cdcfb007c0d4b86094e699de12cbd79b8705af41791072cae4260bc6fa65cc83efda1d653e5273f8869038e72b26f44ea9473a0adbf60d5b6ad69b7383f9bdda4bfbeab365229b7595b226869fd104f914abf6b1dae4082a96337b4fe44cc021fb3bea7386f08989507550a53f1ed41b9e29e66638ca893fa0f5178dcbf08195fd681423a3817bc23a6b1ddb6629d0d61928568eebde40304820614bf35763a487c754a03ea817c768a0b8ea372fc4e0615f1e6921bd60036bbcdadb6aa09b38db1b1d750b06c1935eb913d5d4cf4a8846a2f4e502fc9c703a77b1fb8153a26fa09c23c26aace845885a8c5917bdca5cab4b74bc3cac71eaaa5bde30b1e62eff70d378183f328088cb1c856a32589849e71dd003efc1719f67cd0a4a08e37b4c0005831b9b866cd632d62b0cff69afdf76f35a84bba033f6a32e6423bda0f51ddea85846f5b5ae42ea514ffa543d49b20673ab4af810efca278ac6d38a043ce39ad9888f3e6d578b92da3ec03397109f33f25a568a311dea5209d63caa9ea80d48339987cc48ab5028c1243d0fe9ce77d0bba349666d3c00aee7efc48adb066ca287b435d6439b57b8c9145977a69e8d9cff5c59443020b52f5019443e280c2e0d0d66eb32fe8f092309eff8dbffd328e1112083d724a14136a5428b05cd112ceea4dbb769532d9e5513affe05568ed39d5d6f75890c69a2b01a7777d61264a810aea08cb9f95680d65076c8476bb2f801feb8752d2b599bc23d75ed22a3f2099b6ea25f49537862537d04e991f76a2006dc6a928c4b1b0919b012d5e0d98dd4eb1f3919d0b5cdddd5ca8d49f45c498021b5dd2cf7fd56085b184b1dabf82f1781b67b7c1fa07184a0b168e99f519fb3f94a1b01afb1283bb1aea12936002b0069516788b90e29948a8ae0f1639edd4144823e657dc9940626b434b836cdc40a73cb6f187bf1e2c1b2c56e7fa58fd42b18a9498f19ee7e218b3418f89637c889c98762d359ddc9712a7ff5585312339a57e373afb5bc3e2ffe3a87abf96d85c080f544d40542f6ebac5470a8a4d6a33a454533c785b99365cec66fa34578fb169af20d9e2da0d3c2436904be97aaf2c6072f07d23a29fcc23db12bd168e2948e031f73c38bfecea844d6134abc6d2c38bc8053b55be5c3b2ea1568963d34571abc3aaed53f6490936396192a93bb3629105fdb75c652a07829a3fb3f20134bba53a9de0c5f88762124e0828d663432063551ca6b3d914fe941aafb71dd1aadafc97c55a6880c876b11dcab9092d5dfa1f3c3d62338fd04dcb2febe9ea268bcbbf99cd9342b2c1c7e6776ae88e5808fca7e1f0667296bcc0a5c89a8f883e2736ef4912877fc616a00fbca044c9fb6d70c8c13edfd1467c82b8b00bcafe6fb1f7bddf16b3ff8610c56e122779795c7d5668c343eab31314395c39c290b83bb4355b2097b1a0b21015c2ed31fd759e3f69805e74b51de4e65f3125cbd42d6a3c8ffd37e0a3ad0c9232fcc1db9f7c13c0b75af23935ae82d3ff54d97511907dd9a1aed9837bd08797428d69a037deccc07f4782ba037d1990740bddb1dff4cf86346c7c0ec956f2cd376c8907c429ae31b4db91c1efb27b914386e9adda521684ddd74d7b103beb5f3a35656948d69373aa47c241ee1e1a315a12b34b29c7a10bacab13ceda6d906cada973038a2fafbe8de71c6b9c12181247796b2844a8114980180f98b2607aae06cbbb573485a13a66ca91fa2c82924ad1bafacf33a5cbac7405de3ac96fb4dfc42a67c02103ec44c540e0c56e8f98c77330b25dabe6559c25921fb4cbaad1403066b321bce9b57e66bfefb9894f879429c8037cbb61f227db01f78caa52f97cf806307a500550a4e20e3472dcfe70ee9215a53c9a355570c8c6ae407a89def08ec59ce3005ffab07df50115fcd76abdf32ef363d58e6e7d2a2e675c9ddd8a56b5ab9b289b59a3fce6a65df9316bf6bef1137e471d5253f711e6d2cdfaaf9e651691e71e58a125d90fa6dd88d0cf98268edb8cefcd1c1c051f6df2b095e4682467947345f4647a039db2a9ca2a409897ef47e927f58c636b64c784fd31959a7a25958193ffa8ec32add635b64c8b757843217a7374052f7b36fe90eb62ac4b08fcef85b3d86103c5cbb042406d593f01abf31650aa488fb8035f0d7408205160adea9b9bec03ee524406838526616692e5f90042a9fb10ec6dafd17738506527a4e5694846b6cf62ef9d3fd65ef0ce7c35a812fa79c0b74861c125e771620f355da43d1fb5f6b3abd88c0a98f38d9e184cc8872d9c3b142f0c9e8cb3b5afe77f7fe05ff1d973ced7fd89a21c7981c3e987db766f56069633f91d8700a63dfd28bbb3ee1ec331130a51041f077c7c839ebaef06f9afd57ac688e82a58595766dab3f77cc4ce99dd9b4ca228f52daf75dd2f4545523ac3eaaf7019c073211c0dd004794eae50a4bd1846f68974afad27dd000e425ce6152cca09fa5145f138ebafaea88bc3490879dac3f83f7e0a7ddda51aaf3aae7a796caf71de7f1daefdc5edab1ef7a0805a071d9f20caa986203398da1913e043fd4d6e6b549f35e6a10f6c5da15134c84b3577b7ffaafefacb9b37e29fb59ced11624368cdd7094612d093a69c6833fe65047d8842879377092982661001e8050b93d83ef740d642c5cecf7e00e9441651b97aeefc5716023d441148835d1a53cb9ba9d9f4164d6f73febcf0b856c775a6aa78422d8f63ff162c903e61ef895419a1dcd1ff449a915a6d116457d30758a986f8bc8afd2730c3155a08a75a51523c1607c9b3fec5d2b7052b88cb6ee1acdec0d156cd13f2de17dbfee382c06c01a49bcefe18c383244e133d6fe72c9afd0cef3b70e7832214895e798b3a9758e0650d9948b5a8d56372a145398ef52e13f57d09611ba9a95d4695b5349445ed2ce3c56ce4241dfc3f209b582d5cac12882f30fa44a00aecc05b1a528ed814c63af7c66b7547ea0caa46d4972667528dfef0d72ef4ab0e456286147b87bded137c8d1d08dc95b68fb4c86ad66d02abeeebf35dd8dfc17d6737a857b4c97f429340263d2729c07390666864e8f7b1cba3d1222d8a4718cb743d3eef346502b3cf872dee0b39671501c60f4c8a347c80a57f07c47a68dc9738273072badaec846f426cd99296493db3d61743953b689934c5211414916cd0774796a18d06ff3bc4e74211b9eedeceb92fdc4097b1d2a1849d14afecd21e203f00a7edcd2c75e0db7078d277249b40dd797b64127007ff66f1bd00593b71aad684d94fd08a7fe12ff2fea5ee23228ecac66b17992e83429691eafc0b626e98cdaa66fe9b6770b89327b4f93af596e5fb24ac0bc8fb199c5dceb3d18a64b5c6f58988ecef476016cd076aa0490d73c8bd422873bf997e5d6d6d83abbd29a73f3db0e76144ef80e2efeb3962c82c7ff663084715b5551ab40bde759ef427d3be6e5b019f4688ac4eb9b5346595581e2211870dd196d0ce36b2358caa774dc1fa8d0aef91b29a366486b013e00372a8b2dafef6fff1bac3319bc0fce6c88eed5f40f01a298b189883ecff60caed09a7b940eb465392465cc6b06a91ba53e77e42cdd05c6c7ef8a15bf59d3ff080eb17b8b19a6eb95125ff7c3985f6708f0122c270a08fd56db9cb5852a208c4c90d39377d8e8a04d89bf8608d0db2cffbbb36146de2a16afb1ceef0433a2cb8fb2425f2bd1bbda36d83940bb59f17f06a2179b8fa858325960393717cc3dc4c1a3f0d8b2a682bce267d3c8e29c385740265b61c2603d7dda854df6b8a5133ef90e146a47e5e4b408fa09c926a1f1c33a668366bb7bf229aa48d6ae0ee02a5e0143c11e069b42f99c5adda394caa8d625a40676385979b895953bde2b3405395860d0451af5675c6ffb4462450790debbfc4ef10ea8255aac970fd5771c2fe241089027ec5a95503203de43c540f2ceb1206d41bf67eda7ab995fa2c4dde599df4bbfd7f08dd1ce7a0fa7846dbfc61ba585d834fe0e20c28933ea96ebfa55f8906d83fd59887e42410d652ff1d73b61d5635deb17f1430170bd8d6bc48cf1f6cbed989ef444922381ccdbd728e58e9188b1a4465f364098acfe364707b2d728e150561563176ea95969d02f96339c335888beae30f03b7fb58a55e6c812868739824f381e3921b700b2b9775fc754d3e52fe7a134ee55ce7a7ff5830ba1f1956293d4e329063caeb95bd29c8afa2d42f44ca02066a", 0x1000}, {&(0x7f00000016c0)="e025c3a841b74bd66fcd0924a6ad0a5b22d7b12a5036eb11be2d4c410197b7", 0x1f}, {&(0x7f0000001700)="97351089dbd5183ebb531931980a00e3250835e660f34be44770dac7489b8bcc8b9ef18875c2433028e5a30450704b87ccac62da88d1ebb5b68a8af76fcf81d65ffff6eedc652d010f5d4dd7e2fee3576f452fbc8c2818f4377fc5b3b06f3ca9593ffe7e3ea426fdee1e9cc568c25e689e8727d98973533d1b57c0a0b5a131", 0x7f}], 0x6, &(0x7f0000001800)=[{0x78, 0x0, 0x7, "1d5ab0cf609df6729e019037c7d1f7c04c584f62f6549c6cfe8d43c1c268719a0890975106eb7a33f7632ece38606485fc168cf91cdbb0292d496377f1372f0b88ca6b3c0a0ecfd2108377a2f549b8138960ee292fa58b8befee6f51552d6f95c0"}, {0x50, 0x10a, 0x4, "26ea30287e8ab3af02433c7c83267bf204d2cb9f4dd7465a521202542cbd823e4eaa72123bcb3c986ac4130bdac674305dc5b0250a610e496606d849"}], 0xc8}, 0x0, 0x4000, 0x1, {0x0, r7}}, 0xffffff6a) 02:51:18 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) r2 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x3, 0x4077, 0x8000) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f00000003c0)) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) r4 = open(&(0x7f0000000140)='./file1\x00', 0x100, 0x38) ioctl$AUTOFS_IOC_EXPIRE_MULTI(r3, 0x40049366, &(0x7f0000000240)=0x1) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r4, 0x54a2) fsmount(r4, 0x0, 0x74) ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r4, 0x8982, &(0x7f0000000000)={0x0, 'veth1_to_batadv\x00', {0x2}, 0x3}) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) [ 2359.149411] loop5: detected capacity change from 0 to 262656 [ 2359.168315] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2359.191173] FAULT_INJECTION: forcing a failure. [ 2359.191173] name failslab, interval 1, probability 0, space 0, times 0 [ 2359.193980] CPU: 0 PID: 12343 Comm: syz-executor.0 Not tainted 5.10.234 #1 [ 2359.195520] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2359.197362] Call Trace: [ 2359.197962] dump_stack+0x107/0x167 [ 2359.198772] should_fail.cold+0x5/0xa [ 2359.199619] ? create_object.isra.0+0x3a/0xa20 [ 2359.200633] should_failslab+0x5/0x20 [ 2359.201475] kmem_cache_alloc+0x5b/0x310 [ 2359.202404] ? mark_held_locks+0x9e/0xe0 [ 2359.203311] create_object.isra.0+0x3a/0xa20 [ 2359.204288] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2359.205431] kmem_cache_alloc_bulk+0x168/0x320 [ 2359.206477] io_submit_sqes+0x6fe6/0x8610 [ 2359.207434] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2359.208570] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2359.209650] ? find_held_lock+0x2c/0x110 [ 2359.210573] ? io_submit_sqes+0x8610/0x8610 [ 2359.211567] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2359.212640] ? wait_for_completion_io+0x270/0x270 [ 2359.213750] ? rcu_read_lock_any_held+0x75/0xa0 [ 2359.214917] ? vfs_write+0x354/0xb10 [ 2359.215765] ? fput_many+0x2f/0x1a0 [ 2359.216589] ? ksys_write+0x1a9/0x260 [ 2359.217446] ? __ia32_sys_read+0xb0/0xb0 [ 2359.218382] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2359.219561] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2359.220730] do_syscall_64+0x33/0x40 [ 2359.221567] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2359.222739] RIP: 0033:0x7ff7fbbbbb19 [ 2359.223577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2359.228154] RSP: 002b:00007ff7f9131188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2359.230170] RAX: ffffffffffffffda RBX: 00007ff7fbccef60 RCX: 00007ff7fbbbbb19 [ 2359.231996] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2359.233869] RBP: 00007ff7f91311d0 R08: 0000000000000000 R09: 0000000000000000 [ 2359.235741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2359.237625] R13: 00007ffd6f9efb5f R14: 00007ff7f9131300 R15: 0000000000022000 [ 2359.249105] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2359.280652] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue [ 2359.285304] FAULT_INJECTION: forcing a failure. [ 2359.285304] name failslab, interval 1, probability 0, space 0, times 0 [ 2359.287994] CPU: 1 PID: 12357 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2359.288025] FAULT_INJECTION: forcing a failure. [ 2359.288025] name failslab, interval 1, probability 0, space 0, times 0 [ 2359.289369] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2359.289377] Call Trace: [ 2359.289403] dump_stack+0x107/0x167 [ 2359.289434] should_fail.cold+0x5/0xa [ 2359.289465] ? create_object.isra.0+0x3a/0xa20 [ 2359.289496] should_failslab+0x5/0x20 [ 2359.289518] kmem_cache_alloc+0x5b/0x310 [ 2359.289554] create_object.isra.0+0x3a/0xa20 [ 2359.289573] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2359.289623] __kmalloc+0x16e/0x390 [ 2359.289647] ? lock_downgrade+0x6d0/0x6d0 [ 2359.289678] io_setup_async_rw+0x180/0x580 [ 2359.289715] io_read+0xe98/0x11e0 [ 2359.302685] ? __lock_acquire+0x1657/0x5b00 [ 2359.303515] ? kiocb_done+0xc90/0xc90 [ 2359.304246] ? mark_lock+0xf5/0x2df0 [ 2359.304975] ? lock_chain_count+0x20/0x20 [ 2359.305813] ? __lock_acquire+0xbb1/0x5b00 [ 2359.306632] io_issue_sqe+0x2e8a/0x77b0 [ 2359.307397] ? find_held_lock+0x2c/0x110 [ 2359.308182] ? perf_trace_lock+0xac/0x490 [ 2359.308991] ? SOFTIRQ_verbose+0x10/0x10 [ 2359.309768] ? __io_arm_poll_handler+0x59b/0x9e0 [ 2359.310683] ? io_connect+0x610/0x610 [ 2359.311424] ? lock_acquire+0x197/0x470 [ 2359.312188] ? find_held_lock+0x2c/0x110 [ 2359.312977] ? __fget_files+0x2cf/0x520 [ 2359.313761] ? lock_downgrade+0x6d0/0x6d0 [ 2359.314565] __io_queue_sqe+0x90/0x9d0 [ 2359.315319] ? io_issue_sqe+0x77b0/0x77b0 [ 2359.316109] ? __fget_files+0x2f8/0x520 [ 2359.316880] ? io_prep_rw+0x7f5/0x1050 [ 2359.317648] io_submit_sqes+0x44aa/0x8610 [ 2359.318491] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2359.319445] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2359.320386] ? find_held_lock+0x2c/0x110 [ 2359.321166] ? io_submit_sqes+0x8610/0x8610 [ 2359.322024] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2359.322945] ? wait_for_completion_io+0x270/0x270 [ 2359.323851] ? rcu_read_lock_any_held+0x75/0xa0 [ 2359.324726] ? vfs_write+0x354/0xb10 [ 2359.325429] ? fput_many+0x2f/0x1a0 [ 2359.326130] ? ksys_write+0x1a9/0x260 [ 2359.326840] ? __ia32_sys_read+0xb0/0xb0 [ 2359.327602] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2359.328585] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2359.329660] do_syscall_64+0x33/0x40 [ 2359.330364] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2359.331332] RIP: 0033:0x7fc0e8027b19 [ 2359.332040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2359.335499] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2359.336927] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2359.338263] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2359.339611] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2359.340960] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2359.342309] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 [ 2359.343681] CPU: 0 PID: 12341 Comm: syz-executor.3 Not tainted 5.10.234 #1 [ 2359.345455] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2359.347340] Call Trace: [ 2359.347941] dump_stack+0x107/0x167 [ 2359.348764] should_fail.cold+0x5/0xa [ 2359.349637] ? create_object.isra.0+0x3a/0xa20 [ 2359.350669] should_failslab+0x5/0x20 [ 2359.351533] kmem_cache_alloc+0x5b/0x310 [ 2359.352467] create_object.isra.0+0x3a/0xa20 [ 2359.353467] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2359.354633] kmem_cache_alloc_trace+0x151/0x320 [ 2359.355693] ? lock_downgrade+0x6d0/0x6d0 [ 2359.356635] __io_queue_sqe+0x666/0x9d0 [ 2359.357545] ? io_issue_sqe+0x77b0/0x77b0 [ 2359.358493] ? __fget_files+0x2f8/0x520 [ 2359.359398] ? io_prep_rw+0x7f5/0x1050 [ 2359.360285] io_submit_sqes+0x44aa/0x8610 [ 2359.361254] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2359.362390] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2359.363480] ? find_held_lock+0x2c/0x110 [ 2359.364402] ? io_submit_sqes+0x8610/0x8610 [ 2359.365383] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2359.366488] ? wait_for_completion_io+0x270/0x270 [ 2359.367583] ? rcu_read_lock_any_held+0x75/0xa0 [ 2359.368630] ? vfs_write+0x354/0xb10 [ 2359.369481] ? fput_many+0x2f/0x1a0 [ 2359.370315] ? ksys_write+0x1a9/0x260 [ 2359.371184] ? __ia32_sys_read+0xb0/0xb0 [ 2359.372110] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2359.373310] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2359.374503] do_syscall_64+0x33/0x40 [ 2359.375343] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2359.376492] RIP: 0033:0x7f6d2ff1eb19 [ 2359.377341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2359.381531] RSP: 002b:00007f6d2d494188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2359.383265] RAX: ffffffffffffffda RBX: 00007f6d30031f60 RCX: 00007f6d2ff1eb19 [ 2359.384882] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2359.386510] RBP: 00007f6d2d4941d0 R08: 0000000000000000 R09: 0000000000000000 [ 2359.388132] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2359.389757] R13: 00007fffd21e992f R14: 00007f6d2d494300 R15: 0000000000022000 02:51:18 executing program 7: r0 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000140)=0x0) r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x80000000, 0xea}, 0x8000, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000010c0)='/proc/partitions\x00', 0x0, 0x0) pread64(r3, &(0x7f0000000040)=""/4126, 0x101e, 0x2000) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, r3) syz_io_uring_submit(0x0, r1, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}]}, 0x0) readv(r0, &(0x7f0000001080), 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff}) pipe2(&(0x7f0000000040), 0x0) r5 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000000280)=0x1000000, 0x4) sendmsg(r5, &(0x7f0000000100)={&(0x7f0000001100)=@nfc_llcp={0x27, 0x2, 0x0, 0x0, 0x0, 0x0, "473d7fcc115d845089a8e3eefc4327c35d5f4c097347fb24dc13068cf4ada46207000062ea0b5e364eee2b1dc94c1742ea96765c683f90df0000000100"}, 0x80, &(0x7f0000000240)}, 0x0) ioctl$AUTOFS_IOC_CATATONIC(r5, 0x9362, 0x0) r6 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x102) socket$nl_xfrm(0x10, 0x3, 0x6) tee(r4, 0xffffffffffffffff, 0x1f, 0x4) r7 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000180), 0x105c00, 0x0) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000240)=[r6, r6, r7, r4], 0x4) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f00000001c0)) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) 02:51:18 executing program 6: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$9p_unix(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f0000002f00)='./file0/../file0\x00', 0x0, 0x21000, 0x0) r0 = syz_mount_image$ext4(&(0x7f0000000280)='ext2\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x204047c, &(0x7f0000000400)=ANY=[@ANYBLOB="00bdd607142ebc23301e4be43b406d937eeee6db41b3d342383d"]) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000000)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xee00, 0xee00}}, './file0\x00'}) getresgid(&(0x7f00000002c0), &(0x7f0000000300), &(0x7f00000003c0)=0x0) setxattr$system_posix_acl(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='system.posix_acl_default\x00', &(0x7f0000000500)=ANY=[@ANYBLOB="023de53f230004000000000002000500", @ANYRES32=r2, @ANYBLOB="00ff7f20", @ANYRES32=r2, @ANYBLOB="040005000000000008000200", @ANYRES32=r3, @ANYBLOB="10000600000000002000010000000000"], 0x3c, 0x2) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'syz_tun\x00'}) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) read(r4, &(0x7f0000019340)=""/102400, 0x19000) move_mount(r0, &(0x7f0000000040)='./file0/../file0\x00', 0xffffffffffffffff, &(0x7f0000000100)='./file0/../file0\x00', 0x49) getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f00000006c0)={{{@in6=@mcast2, @in=@multicast1}}, {{@in=@dev}, 0x0, @in6=@private2}}, &(0x7f00000007c0)=0xe8) 02:51:18 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40303, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) [ 2359.679313] EXT4-fs (sda): re-mounted. Opts: ,errors=continue [ 2359.695842] loop5: detected capacity change from 0 to 262656 [ 2359.702063] EXT4-fs (sda): re-mounted. Opts: [ 2359.713051] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2359.724425] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2359.734763] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:51:37 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40402, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:51:37 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) truncate(&(0x7f0000000000)='./file0\x00', 0x7fff) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:51:37 executing program 6: perf_event_open(&(0x7f0000000440)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000000100)=@file={0x1, './file1\x00'}, 0x6e) bind$unix(r0, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e) r1 = socket$unix(0x1, 0x1, 0x0) connect$unix(r1, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e) epoll_create(0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000180)={{0x1, 0x1, 0x18, r1, {0x2}}, './file1\x00'}) stat(0x0, 0x0) setresuid(0xffffffffffffffff, 0x0, 0x0) fork() 02:51:37 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 42) 02:51:37 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 65) 02:51:37 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 48) 02:51:37 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000000c0)={0x0, 0x0, 0x2, 0x0, 0x1}, &(0x7f0000ff5000/0x4000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:51:37 executing program 7: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='net/fib_trie\x00') readv(r0, &(0x7f0000000280)=[{&(0x7f00000004c0)=""/4089, 0xff9}], 0x1) r1 = open(&(0x7f0000000140)='./file1\x00', 0x100, 0x38) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r1, 0x54a2) r2 = open(&(0x7f0000000100)='./cgroup/cgroup.procs\x00', 0x141000, 0x80) r3 = fsmount(r1, 0x0, 0x74) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r2, 0xc0189375, &(0x7f0000000300)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r3, @ANYBLOB="00000000000000004c2f729dd7730025"]) ioctl$GIO_SCRNMAP(r3, 0x4b40, &(0x7f0000000000)=""/177) [ 2378.209887] FAULT_INJECTION: forcing a failure. [ 2378.209887] name failslab, interval 1, probability 0, space 0, times 0 [ 2378.211905] CPU: 0 PID: 12389 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2378.212934] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2378.214142] Call Trace: [ 2378.214528] dump_stack+0x107/0x167 [ 2378.215060] should_fail.cold+0x5/0xa [ 2378.215615] ? __io_queue_sqe+0x666/0x9d0 [ 2378.216230] should_failslab+0x5/0x20 [ 2378.216798] kmem_cache_alloc_trace+0x55/0x320 [ 2378.217462] ? lock_downgrade+0x6d0/0x6d0 [ 2378.218337] __io_queue_sqe+0x666/0x9d0 [ 2378.218928] ? io_issue_sqe+0x77b0/0x77b0 [ 2378.219535] ? __fget_files+0x2f8/0x520 [ 2378.220120] ? io_prep_rw+0x7f5/0x1050 [ 2378.220688] io_submit_sqes+0x44aa/0x8610 [ 2378.221320] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2378.222060] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2378.222759] ? find_held_lock+0x2c/0x110 [ 2378.223349] ? io_submit_sqes+0x8610/0x8610 [ 2378.223984] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2378.224696] ? wait_for_completion_io+0x270/0x270 [ 2378.225392] ? rcu_read_lock_any_held+0x75/0xa0 [ 2378.226072] ? vfs_write+0x354/0xb10 [ 2378.226606] ? fput_many+0x2f/0x1a0 [ 2378.227129] ? ksys_write+0x1a9/0x260 [ 2378.227676] ? __ia32_sys_read+0xb0/0xb0 [ 2378.228266] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2378.229014] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2378.229773] do_syscall_64+0x33/0x40 [ 2378.230318] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2378.231054] RIP: 0033:0x7fc0e8027b19 [ 2378.231592] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2378.234245] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2378.235338] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2378.236367] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2378.237394] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2378.238437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2378.239460] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 [ 2378.254916] loop5: detected capacity change from 0 to 263168 [ 2378.290317] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2378.294576] FAULT_INJECTION: forcing a failure. [ 2378.294576] name failslab, interval 1, probability 0, space 0, times 0 [ 2378.296201] CPU: 0 PID: 12394 Comm: syz-executor.3 Not tainted 5.10.234 #1 [ 2378.297181] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2378.298365] Call Trace: [ 2378.298744] dump_stack+0x107/0x167 [ 2378.299288] should_fail.cold+0x5/0xa [ 2378.299855] ? create_object.isra.0+0x3a/0xa20 [ 2378.300529] should_failslab+0x5/0x20 [ 2378.301092] kmem_cache_alloc+0x5b/0x310 [ 2378.301698] create_object.isra.0+0x3a/0xa20 [ 2378.302359] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2378.303115] kmem_cache_alloc_trace+0x151/0x320 [ 2378.303798] ? lock_downgrade+0x6d0/0x6d0 [ 2378.304413] __io_queue_sqe+0x666/0x9d0 [ 2378.305005] ? io_issue_sqe+0x77b0/0x77b0 [ 2378.305612] ? __fget_files+0x2f8/0x520 [ 2378.306216] ? io_prep_rw+0x7f5/0x1050 [ 2378.306796] io_submit_sqes+0x44aa/0x8610 [ 2378.307442] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2378.308176] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2378.308896] ? find_held_lock+0x2c/0x110 [ 2378.309495] ? io_submit_sqes+0x8610/0x8610 [ 2378.310149] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2378.310861] ? wait_for_completion_io+0x270/0x270 [ 2378.311575] ? rcu_read_lock_any_held+0x75/0xa0 [ 2378.312301] ? vfs_write+0x354/0xb10 [ 2378.312951] ? fput_many+0x2f/0x1a0 [ 2378.313486] ? ksys_write+0x1a9/0x260 [ 2378.314059] ? __ia32_sys_read+0xb0/0xb0 [ 2378.314659] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2378.315433] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2378.316192] do_syscall_64+0x33/0x40 [ 2378.316740] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2378.317486] RIP: 0033:0x7f6d2ff1eb19 [ 2378.318034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2378.320730] RSP: 002b:00007f6d2d494188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2378.321849] RAX: ffffffffffffffda RBX: 00007f6d30031f60 RCX: 00007f6d2ff1eb19 [ 2378.322891] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2378.323930] RBP: 00007f6d2d4941d0 R08: 0000000000000000 R09: 0000000000000000 [ 2378.324971] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2378.326018] R13: 00007fffd21e992f R14: 00007f6d2d494300 R15: 0000000000022000 [ 2378.379538] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended 02:51:37 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 43) 02:51:37 executing program 7: semctl$SEM_INFO(0xffffffffffffffff, 0x1, 0x13, &(0x7f0000000880)=""/4084) perf_event_open(&(0x7f0000000640)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x100000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) add_key$keyring(0x0, &(0x7f0000000400)={'syz', 0x2}, 0x0, 0x0, 0x0) ioctl$KDGKBLED(r0, 0x4b64, &(0x7f0000000440)) r1 = add_key$keyring(&(0x7f0000000280), &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd) r2 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000500)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc) ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x1}]}) keyctl$KEYCTL_MOVE(0x1e, r2, 0xfffffffffffffffc, r1, 0x0) unshare(0x48020200) [ 2378.391147] FAULT_INJECTION: forcing a failure. [ 2378.391147] name failslab, interval 1, probability 0, space 0, times 0 [ 2378.393887] CPU: 1 PID: 12401 Comm: syz-executor.0 Not tainted 5.10.234 #1 [ 2378.395397] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2378.397209] Call Trace: [ 2378.397788] dump_stack+0x107/0x167 [ 2378.398596] should_fail.cold+0x5/0xa [ 2378.399431] ? create_object.isra.0+0x3a/0xa20 [ 2378.400431] should_failslab+0x5/0x20 [ 2378.401261] kmem_cache_alloc+0x5b/0x310 [ 2378.402157] ? mark_held_locks+0x9e/0xe0 [ 2378.403051] create_object.isra.0+0x3a/0xa20 [ 2378.404007] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2378.405131] kmem_cache_alloc_bulk+0x168/0x320 02:51:37 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000740)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_TIMEOUT={0xb, 0x4, 0x0, 0x0, 0x0, &(0x7f0000000780)}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r3, 0xc0189374, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r3, {0x8}}, './file0\x00'}) r5 = openat(r4, &(0x7f0000000100)='./file0\x00', 0x80001, 0x2) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) ioctl$BTRFS_IOC_FS_INFO(r5, 0x8400941f, &(0x7f0000000340)) r6 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r7 = fcntl$dupfd(r6, 0x406, r3) r8 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ff8000/0x8000)=nil, 0x8000, 0x5, 0x13, r0, 0x0) r9 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) ioctl$AUTOFS_IOC_PROTOSUBVER(r9, 0x80049367, 0x0) r10 = io_uring_register$IORING_REGISTER_PERSONALITY(r9, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000013c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x4000, @fd, 0x0, 0xf8, 0x80000001, 0xa, 0x1, {0x3, r10}}, 0x0) syz_io_uring_submit(r8, r2, &(0x7f0000000180)=@IORING_OP_CONNECT={0x10, 0x5, 0x0, r7, 0x80, &(0x7f0000000240)=@ethernet={0x306, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x22}}, 0x0, 0x0, 0x0, {0x0, r10}}, 0xfffffffb) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2378.406293] io_submit_sqes+0x6fe6/0x8610 [ 2378.407672] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2378.408925] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2378.410122] ? find_held_lock+0x2c/0x110 [ 2378.411190] ? io_submit_sqes+0x8610/0x8610 [ 2378.412155] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2378.413203] ? wait_for_completion_io+0x270/0x270 [ 2378.414266] ? rcu_read_lock_any_held+0x75/0xa0 [ 2378.415267] ? vfs_write+0x354/0xb10 [ 2378.416072] ? fput_many+0x2f/0x1a0 [ 2378.416856] ? ksys_write+0x1a9/0x260 [ 2378.417677] ? __ia32_sys_read+0xb0/0xb0 [ 2378.418569] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2378.419684] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2378.420778] do_syscall_64+0x33/0x40 [ 2378.420796] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue [ 2378.423252] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2378.424332] RIP: 0033:0x7ff7fbbbbb19 [ 2378.425116] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2378.428989] RSP: 002b:00007ff7f9131188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2378.430601] RAX: ffffffffffffffda RBX: 00007ff7fbccef60 RCX: 00007ff7fbbbbb19 [ 2378.432100] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2378.433598] RBP: 00007ff7f91311d0 R08: 0000000000000000 R09: 0000000000000000 [ 2378.435128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2378.436632] R13: 00007ffd6f9efb5f R14: 00007ff7f9131300 R15: 0000000000022000 02:51:37 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40403, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:51:37 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 66) 02:51:37 executing program 6: syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000180)='./mnt\x00', 0x0, 0x0, &(0x7f00000016c0), 0x0, &(0x7f00000002c0)={[{@fat=@allow_utime={'allow_utime', 0x3d, 0x80000001}}]}) mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x801010, &(0x7f00000000c0)={[{@clone_children}, {@release_agent={'release_agent', 0x3d, './mnt'}}], [{@dont_appraise}, {@dont_measure}, {@euid_gt}, {@subj_user={'subj_user', 0x3d, 'vfat\x00'}}, {@obj_role={'obj_role', 0x3d, 'vfat\x00'}}, {@dont_hash}]}) [ 2378.592931] FAULT_INJECTION: forcing a failure. [ 2378.592931] name failslab, interval 1, probability 0, space 0, times 0 [ 2378.594656] CPU: 0 PID: 12415 Comm: syz-executor.3 Not tainted 5.10.234 #1 [ 2378.595605] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2378.596657] Call Trace: [ 2378.596996] dump_stack+0x107/0x167 [ 2378.597467] should_fail.cold+0x5/0xa [ 2378.597966] ? __io_queue_sqe+0x666/0x9d0 [ 2378.598496] should_failslab+0x5/0x20 [ 2378.598980] kmem_cache_alloc_trace+0x55/0x320 [ 2378.599562] ? lock_downgrade+0x6d0/0x6d0 [ 2378.600095] __io_queue_sqe+0x666/0x9d0 [ 2378.600607] ? io_issue_sqe+0x77b0/0x77b0 [ 2378.601138] ? __fget_files+0x2f8/0x520 [ 2378.601652] ? io_prep_rw+0x7f5/0x1050 [ 2378.602162] io_submit_sqes+0x44aa/0x8610 [ 2378.602722] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2378.603361] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2378.603983] ? find_held_lock+0x2c/0x110 [ 2378.604510] ? io_submit_sqes+0x8610/0x8610 [ 2378.605077] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2378.605698] ? wait_for_completion_io+0x270/0x270 [ 2378.606316] ? rcu_read_lock_any_held+0x75/0xa0 [ 2378.606913] ? vfs_write+0x354/0xb10 [ 2378.607388] ? fput_many+0x2f/0x1a0 [ 2378.607854] ? ksys_write+0x1a9/0x260 [ 2378.608341] ? __ia32_sys_read+0xb0/0xb0 [ 2378.608871] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2378.609540] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2378.610211] do_syscall_64+0x33/0x40 [ 2378.610687] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2378.611346] RIP: 0033:0x7f6d2ff1eb19 [ 2378.611824] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2378.614197] RSP: 002b:00007f6d2d494188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2378.615168] RAX: ffffffffffffffda RBX: 00007f6d30031f60 RCX: 00007f6d2ff1eb19 [ 2378.616081] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2378.616994] RBP: 00007f6d2d4941d0 R08: 0000000000000000 R09: 0000000000000000 [ 2378.617914] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2378.618826] R13: 00007fffd21e992f R14: 00007f6d2d494300 R15: 0000000000022000 02:51:37 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 49) 02:51:37 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r1 = fork() ptrace(0x10, r1) ptrace$setsig(0x4203, r1, 0x8269, &(0x7f00000000c0)={0x1a, 0x5, 0x9}) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000005d00)={{{@in6=@ipv4={""/10, ""/2, @private}, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in6=@private1}}, &(0x7f0000005e00)=0xe8) statx(0xffffffffffffffff, &(0x7f0000000180)='./file1\x00', 0x100, 0x8, &(0x7f0000001940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchownat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', r3, r4, 0x1000) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000005e40)={{{@in6=@remote, @in=@private, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in=@multicast2}}, &(0x7f0000005f40)=0xe8) [ 2378.665418] loop5: detected capacity change from 0 to 263168 [ 2378.683071] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2378.695029] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2378.705073] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue [ 2378.709279] FAULT_INJECTION: forcing a failure. [ 2378.709279] name failslab, interval 1, probability 0, space 0, times 0 [ 2378.711379] CPU: 0 PID: 12426 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2378.712567] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2378.713882] Call Trace: [ 2378.714304] dump_stack+0x107/0x167 [ 2378.714821] should_fail.cold+0x5/0xa [ 2378.715297] ? io_setup_async_rw+0x180/0x580 [ 2378.715842] should_failslab+0x5/0x20 [ 2378.716316] __kmalloc+0x72/0x390 [ 2378.716745] ? lock_downgrade+0x6d0/0x6d0 [ 2378.717261] io_setup_async_rw+0x180/0x580 [ 2378.717791] io_read+0xe98/0x11e0 [ 2378.718240] ? __lock_acquire+0x1657/0x5b00 [ 2378.718793] ? kiocb_done+0xc90/0xc90 [ 2378.719261] ? mark_lock+0xf5/0x2df0 [ 2378.719729] ? lock_chain_count+0x20/0x20 [ 2378.720274] ? __lock_acquire+0xbb1/0x5b00 [ 2378.720809] io_issue_sqe+0x2e8a/0x77b0 [ 2378.721302] ? find_held_lock+0x2c/0x110 [ 2378.721820] ? perf_trace_lock+0xac/0x490 [ 2378.722334] ? SOFTIRQ_verbose+0x10/0x10 [ 2378.722845] ? __io_arm_poll_handler+0x59b/0x9e0 [ 2378.723436] ? io_connect+0x610/0x610 [ 2378.723918] ? lock_acquire+0x197/0x470 [ 2378.724410] ? find_held_lock+0x2c/0x110 [ 2378.724919] ? __fget_files+0x2cf/0x520 [ 2378.725412] ? lock_downgrade+0x6d0/0x6d0 [ 2378.725942] __io_queue_sqe+0x90/0x9d0 [ 2378.726430] ? io_issue_sqe+0x77b0/0x77b0 [ 2378.726945] ? __fget_files+0x2f8/0x520 [ 2378.727444] ? io_prep_rw+0x7f5/0x1050 [ 2378.727933] io_submit_sqes+0x44aa/0x8610 [ 2378.728477] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2378.729096] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2378.729697] ? find_held_lock+0x2c/0x110 [ 2378.730216] ? io_submit_sqes+0x8610/0x8610 [ 2378.730758] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2378.731362] ? wait_for_completion_io+0x270/0x270 [ 2378.731962] ? rcu_read_lock_any_held+0x75/0xa0 [ 2378.732539] ? vfs_write+0x354/0xb10 [ 2378.733005] ? fput_many+0x2f/0x1a0 [ 2378.733462] ? ksys_write+0x1a9/0x260 [ 2378.733944] ? __ia32_sys_read+0xb0/0xb0 [ 2378.734457] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2378.735106] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2378.735750] do_syscall_64+0x33/0x40 [ 2378.736209] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2378.736848] RIP: 0033:0x7fc0e8027b19 [ 2378.737309] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2378.739614] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2378.740556] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2378.741442] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2378.742337] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2378.743221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2378.744109] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 sendmmsg$unix(0xffffffffffffffff, &(0x7f00000063c0)=[{{&(0x7f0000000300)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f0000000240)=[{&(0x7f00000003c0)="acb227050d70e3541559aac9e4abb082a486a5d9ee7f9e58661444e3c2dde0064d27793ecfc93512af5362d7d69ab5e7306c612ae769d9da7a4c4b28caf268d29af01137ca13b60bd41ab390e3fb5813719a5c27c2dcfdd08b98be9b5da8c33d8bd5e3ba2f6506dcdb34a21271928176ef1909c0570b2ad9185fc240", 0x7c}, {&(0x7f0000000440)="c3e37d39db791ce3154e85f00f2fd04e69c27f693d1f93435b51054c3b017b42bdac2ae4df4938697877c9a6a43f4678172975cd9b08b13758a59529f2708d4e0f08a47ce2260b15f92889cfc3d79280a49c5e2baaa98880da60bfc4f19777eecbc014e47ba380b01293097f2798350c8da4a76a1cef323ad802015d0f2c20476c529a39102b1a2b203f600150e01113d74fbedd53665509d5e6f5c84e0eb9b27432", 0xa2}, {&(0x7f0000000000)="4465f0ea63dcb02dc7a72c0043", 0xd}, {&(0x7f0000004740)="46862a1117ba90e4188034becaa2dfe994d8be971babdf3818ec6d9d2e74fb7c7a466838b7d9b99bbf789f86a59f9b80cf37db64b7a03c9554139150ef6dfb15cff2c1eb9e12fe8b37f820c8eed9a9a08bc32e0b5f4e6a59c9206fc4433eaff3aeb4cbaaa4744c58b15277a397f14d448b301961d338044558c043f1917c2afce647bfca7248982e15ba94db805a5241a15527c9067d645065bc3726325d3272fc1a269f1a495391092a4fa3a15424cba2129a6c7f5a885b6223e6d6c6a7896ddd63321e6f2ceea86957baa63b366c70432071956e97afe11cb1c663417561e324277670b92259ad29410c093fc937bd09e9f68efdfff25a2d20c21b103665990875bb89ceba08b05b7f59705a2446e0a514af5381d499806eab1c395813828c2b59c3f87b65bf4b1080691950557a09ec5d9b7e9262a29e4770fb440c4b798aff6d904279fb84ff72351ade7768accbdf0505703f00ead525ecdf513450049009649da857aa76344b31f30ab45576790665c09fc557052f530a66e93ef3190f208901a5fa91d462ed1bfdcfc675365a62ed249bfe145a09c0963183f58a1aa94ccb2e4029c9bdcb52077f1aa36b39ab8edf3075240b588262589411220b92445fe56deb72cb9689d7a5e19300aa87d2a546dba9e715d12eefe26fe41c09d275217a78172b978a206f6ac1ce07be5887ee39209ffa89e6303faae5a9676a73e04589c3564dc2f08ad21beb832ff4b20819b8884e934de2a1e6680cfe17c4413612e0ecb255dfe4c5a0b5186fd39124aea7577902587db59f5d2457b8d82da9e05ef63382745ab0b157f9e42d702158bef0f058f31e2a294ba69f355d2c1ba6f35209171c2bd0e402565aaba9f313399868c8fcb85336e38e21b9cf217fb0d1f1c06f9d77797ef3c4a8f3900b88da74e847fcedb845372628757e6cec3cc28a064c23d9c2adfd9f9202e15f205d9e2aa56d7ad68e8e932287ebc1cbc359535ee7605a8ad4e971640ad5d9fc2c03704f1d74794741247611ee491a97730f2ba76d1a65114ef28043e6e983bdef3e6f4b73ca49437e958fe8efdca690f32c3a3154a215d83ae84e1aef5b8e4d87fd8c3516f2e0f643b1d51e53aeb8f2b12ab8628f6b4bd7f77a81f54cf8a00f48358435845684755b4a05c1007766185ae4357448d51ec83325b22adfe0692e97810febb2c95484318167b5ded11914f563d5ba6134ab7a26ae27da85cbff0f908272fb4b07015d98f0c55052ad729303bd76a065f22cc1781e1382f40e8bd32077f9b9bd4f5bee30d91c1c3a35a3389d5702657456d73e66b4c936995d8f5de455e98e6a0c529418c398d3c57fe1329370612f340a0b232e3905c86db9decc8018d0cd654d20f94f2ceea0b8143bc23a201c8070a6761e42d2f8d9fe0a47e95de846850a5b3f0010634d8a047c1a07b3795819973ff88a6c47535b3af75cc1345f66e6bf34d28afd4541d07d48f0a06f9390d095fb60cc690f485ff5f88f4cf35cb18b07d647f5be0d4cafe42e67842c5207f956ffcf9ca0f3d425306b383520183dbc6382f5bdc2bd0be36a89c6129602f5ef303c8dabd1f371f188fabd9d43ea16ded41abcfa0d7390c8c0edd8fe2754c3a90e2bf4b4b277d58bf108c6e26795e12448bc6c2e1af5d4b2df196643ab4e20da18b382dd628b8ace74331ad0a9bfafc05664aecb5d90dd15dc3893ed89fffcdce073236ec0e8a89a29202a8b26a7aafa97fc06c377651c93e92788004b31e9c18dd4eb9873ce1fb348aba5474b159504c76c942f6379f9214e7d77342520734dd22e3402ae0d02df8ce5db3b6551a4fe8612168719006ada46fcc2201a88be4e471abea6736eaa4ba657441da3e0e2ae450e43a1f0e02037a90f8f025b1e041fa56ce795e73f51329868eb57c29c9d7ac3a0434d3130dbc402d7fc2b625b49915e785a30a610d7fb3ff9d64d1022380be21132d15da712c49f41ec6fc7fb4ca5491ff1b3758e68dcc161fd2033ab8a48ff93a14ffeb838d502572120c69c0a2afa66859f54cc20b3924947fec5bb39d2a36d38b45fc941699f8e470f347f7910f402ded479846b63e0dc472370fcfb47e4e2d0bc5f8539fb489cb42e499c480fedc3be7fe28ae711a274faa97745eaa710e9c21b7290eb5ae9ece4429e4d7a095b9eaafae32caf927ededa5b8a0faedd5924c24dc546e1c85e6d186fabc780d808913544c01ec8d89325c84338ea55239b67140ed3620f6260e11a7f3dc0605255bb2c8574e8b91e41f0f9edeba2a30f7ae56df7f835c956afb3709fd11bb535babc2ab095858b15bb5f99318bc84209c531025876e7e155432f9946e0a1f2cd0743dd9ce0a60608bd2f8ddfcc7986537b9115b0c1c13e4d0a28e629733aa4e048ce304142d2dd69413a8d423803596dacef23475c60b08a3c595cdd00bbab6a0e31190aa7d0bbc9635d2b8bf94a5d4e2ab0fceb480a4d2c51b8db6f7833a50973d896833334102a040e7e1bc32ac190cc59f2d874b63cc62a09b8a5f7971f035b93c725a6fd5e5f8d03bc8d014e0ed16e0969078bc1418ccb12cc635a86eb8f507d9383356ee00ae989f93e1755c118d50f55ada9ddb1b2ff1c26147422abe3f8860087ddf315580e05296594d2c528bfe9ea8ffe6e09089cb9251f0e5eef753dafe71b05fb15553b8beed5f175193c47d04343b0ff5fd2117e7fb3b94916892384d876c6203387ac874c3d26c34f38db4ae4cd7c00ddb0174c32e9fdd1992cc06226fdef12f3d7b5f67fa9c511b568818b1c62721d96df413d66ef9d8295b8e6071fc958345bef8312a76d0038c68d7b410277b1ba955b0a4fcdf38645efa76d1c64717ab0e70e8d4ed90e1a027ca59d1428943c6c0a1382252e45b8ce55bbf651f947a59469cf1071077e613169c370934726efe766fdedd513f10d7b5f02d34ddee38cf624226913353c6055ced0712139f2086e6a29a69db742db5f65afdc938e373790ee5427f9c69d5a5fc9bccdbaa17217c84dfe44f248c7b30fdc20c769e4cebcae0188e77614b02ebc3b489a00fcad61e6c473c254fa9a9c714e22ce7d14036279d7f3f8dac1b79e0f6cb2f03892abd8d6829369c6068afe8715a4f307d059b5351f1fa0113a1d8ba1e014112d5a1f32b868a28a259550c47b466f25ac3bb1e7fe33523eda6ff1b8df8c5be9e85f96b13a8a9e1f1d59870ef305cdd058dde31db8c2528a972f996c0d996b3883cc2632b9fef23774784d49bfe3c474cd566b6719d54b4e0f676749123c01ab1a9956a7551ea6296c4f07390c9b77f5899deff7aab0c95b18600d3b6ac98ab3cf3926edda2375db4482ad70055f41a907a56c2719996e3725b97b6c9cef3208ce6b03ee7457185ddf9fbd347a63244f94df486f7527db0201804916c1e04b2931717090fe3acc9ab3da6f361a4b8cc62d83311b42f1adfcbc9212f05e8a2331242abde0142bd6101eef36d94af26538f1bf6f9fee2e9199922c9b5dc3afd58ede97cfc7bf3dbbd8c630487b7a171dc3f948601b470da42d79fa86c6ddb78e4068f0ecb047d045d0bd8d283bcf68b0dfc15f26b6e4c236256b5b7f4b5d2be118b52559e4fa68da9fbc802d6a053959ce5f80bb382690b3e8b61d3e5eff276450912fc989fdf81689b4ff05eadeca2208cbe4f28b0244a2b9d0d95040ff9a16b9f8004fa98c05bb19280be7532b1237a61841b3d7d4e8b0c4b4529cafedabfd56d19be1d9322c1b93666a7149c258e684021510975744678a645e00ef9e3dd3b896bbcf2fd67315b016f28dc575c4b3980814fe67b420a3dfcff03ac404eabdaeff208ca0866c984bb4fe6e71550d66b7c05c624ecf6852d0d6bb4a96a306bf1fda63d738eded7283e15adfab39e3773e73ad537dc8472432ec765e05b7c3b11ebfa6aa47dfbbd0f8281397f814ff850b546c5265883ac92092752b38a88159e8726d37fc39772bfd2cf5590761021fe8e90edb8e031909ebd9da0cce4a194b87297fb274a1c91bd97e07e1b9a46f4c118b4217c7bc5037f1f9a6b7e4763ab40b6861952c15a063bf1258e74346cd6a6f96db1e076cdf905349c178f4ed974aba723e746dd5c620253c029c5c93b11fcaad3c02fbaf7e7a2afbcdb38486c304001d59bc66b6fd6dd3da6c970c8a16335d5586b279e0a0cf2e11232ef88eff7783d12e02d88a2afce8627d6040244693c4536c48a53af4a3bd042f6b0b6188163523c44ad7a5e7c6326f94f0c4f9c85654ff22d34d60c8ef74042b70a18c850da8b0e33d51b894e1d80c5bad78504389dfa1f1c2ed388db88c8b3b03f5833831aa36124d66905e4be810c84f752a0dba4aa8e20c252bca10be29c8531cb73691fd7fb8d59accbff1d01c215586e568dd44d0899afa8246f794d405cdbf7133afb50178f35e980220f57e21e1864d2719766a8e1779ee4cc6cf1a92a3456f27e62094efbf1870467e4dd4762c7e2e4765aa3a2e779afe88afd6427b609b83f702b0fa76c600f3c5072f2a00b8924ea8cccfe410e5bfaa58b63dad2aac97a7a1cf2b5ea42f3e7f9bb9f73af8775a0ac6a590c48505d7c13beeb13bff2d4eeb219d646035457ad25588092776792d63480c194b335ca11b0d722a9170838f02cd80ec0fce52a9c07579066692f0e5653f1d15bcae4af2725c74b1c84620b1630ef189ff2d924859d0d86c8af9ac5903e9eff20699601ccfe32e21a45a5ff27cea2c94ae7f1af9129e4ef21808738c002e7504aad3369de2f1f1de467b260c4a97879ceb7ad07ab5523f1fa86bfee2bff73e032254dd7b996122b26aaa598908a6108be3a18b51f11a49f3c5739904488e10d02e707ec3317a325727e044779779ce8e29eda2196319622ede2434050ad0088df3113e82512bb700d5e1e52fcc03b434307a3cfa5f0e18c995956ef265111065077cac9b1e10ef03b9b2ed64f1558018ce38f2da9ee1602bb3d75bc0000bec4aa16330f4f84d8083d7dbfafff067492a72089a129f89e04d97287d0ea5352ad672c14832498fa48a29958a7fe4ddc3ee43bf87d41c6e44d72f298645f8f6d245f548d3cc3cfc8ddd9bf5040ee11a1f12b65070060495169eb6941f58bbd23e2cb681cc7bc20212521d88aaff120dd625e7e824ef32c4c9fd3af3f37750d476288dad6709086edfca5aab61811af0a175166fba6edae44a337bba208497c2f1b86ef0c7b61b01d872bb1890503bda8c9088040b4a82224a4e797d672ae075be9e18c4e7245f5aae3634abe3a638b9860a05e770d68571203622b7683256e6791ec248f32b4726dd325b39dadd1a4b32a555c7941de29c5dc379e5301bab57ffbb4746d3f0634db8a2a61372dfb802bce6c1676324ba007caa848f6e49a8bc372d3a58c7446b56c78e7743bf24af7561897ba200c8ce0387de83a1ef95458a6d8773499648100b1f7fd65c777266955b327a3bc2a521c406b55315236856ed346a4612f18c1376bfa70e3a2421253cbf4dfb082a8df13b0878e40e6d0f3f2f2393d432da974ca77692445ba55785415d765620f6c1d9e1da6ac40704656b0ae3a70e778c89510906ee8ddaac9d6ec4569f3789eada5469f4f07b2ea5907fb0de3763bfa2ed3b740191c9a08ab1c16711a918e93e9d779e7a56a1328ea29d77bda85ee3630938a8248be07c4171d966725dc04e9ae4459019a3a6f53d236c2a1b6015d38ac69714f485a3bd5dc89579e629a8e95f360ac57c96c6db197dafc190b0f8ffeab5507101528c69be3b4c5df168a776522753841f5c23e6362536bfda68", 0x1000}], 0x4, &(0x7f0000001a40)=ANY=[@ANYBLOB="28000000000000000100000001000000", @ANYRES32=r0, @ANYRES32, @ANYRES32=r0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYRES32=0xee00, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="00000000dc9eb9533d87c81b51d74b0acafeafa27be4048a71c34f5aa62af03ec2b4f99b707b65b1728a93aa6fcee3ab702cd9a29a1181af9d005e9471e9e54e0781212fd7b13d9f6d1639b1e2e0219b7432e374871ab5ae708a9163e3534bdb354f91ff02d1482bd4b6868505c6a786012bd813fdafdab65da1a6b04deb2f9025cfb9d968b864c19364ae109426c3b0f9c8b99ca379ecc9e6930460316eb45c4089adcbd7ae80a46478432b5c63d564ab74228cb0c2eb7b5ab6951ed63ad2"], 0x88, 0x20004080}}, {{&(0x7f0000001640)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000001900)=[{&(0x7f00000016c0)="54c883987caccc62337d07d9fa9ad5b1d8154d53e5318cec52bbab9aca3b67074aad4a4a8055d7b8a25368f9fa613423ecb4c425c657d9ddd2a44bc1d54b356cc895a606a1d33b9258d305bdea61f9c4bc3570efe68c0da523002945c1bf8d67fce3a1f3f910ddfa6d7f5af6efa32dda0affb29abc9ddb37285ad366887b011141a944e4a91612", 0x87}, {&(0x7f0000001780)="3f74c001a8e477020f8ce0ffe8f7f112b221ef451a3e706b5e476579fcab14a0716730904e384659867ffb755aba33f1813ad2c5fe5a489296c389010704c7369af5b3416a9ed9b7c77a638b32d0ccebfcd6cc886db63cccb3eb73679f18331e9f34261630398ae58af51c66a3472c20c5c1b77402656ce2dc34a94a4d7142ca4de35fc2a1fbd12a35af07833538508735f20d07be2f1e82dabdd76aa1695aebed7f562dd8350f57059d2d183627c6c035a8f7c0ba7333d0341f150e13fbe84c834430b61a1427eebab9002dbe3d4195e82a61a5dc65c2120ee0594b066137f95ffe830aeff07bccb66ba09dff8b1e1be0e77d6a0b41", 0xf6}, {&(0x7f0000001880)="618f88da493113fedee5adac4354a37f1c3dff310daffcf993886ba60844817b0002d2f272aba90cf857d395814f2b3c2386f413dd23030ea9947649653402455ba36bd11b56f363677289869d0b57a4f0394251247d11da56b6479d7246bd1ecc7191d0c63622099e1c", 0x6a}], 0x3, &(0x7f00000023c0)=ANY=[@ANYBLOB="34000000000000000100000001000000", @ANYRES32, @ANYRES32=r0, @ANYRES32, @ANYRES32, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="004a0000000000000000000001000000018e8d00", @ANYRES32, @ANYRES32=r0, @ANYRES32, @ANYBLOB="72bf8c105ea88d051486aa9583edc66af53fb26860b213b31db347172dec8add0455f03fac436b6779c6ce7d405509ceed3ace56bb07d0470b580673ffc05986b2c736220e07fd140fa33cf85cb36d054f4b6caf3cb4d8fde6476f1dcca0043572a4530f19dadde9be6b51df840b0c8e1e067c839409c72787e73fe9a3ab60d8049a1350ee11c3cc2e4432fafda36ce98e72ff29c13aaf122899395bfddf764d7e1797f32de79259d1dca9a06ae7a6200486416cd5134c57c253aa9576647c638dad56df75c99bafc58817e7714c9a6b1e700cfdefeabfa01092cdec52a0599a49c03029f8a237720be8a83aa79f83046562f4b3f188887c81a355d498474aacd6ddfd969536b8e7a4ae0ff2bba9d187120b5ab3297ab76e026d82b3a92b08363eb385156909f61af0a9f9a04b8c9a89fa8ded7daea6588bfab2b4177c3a06e443288f09854fb70a1bb8a780cbc399d33deef9aaaaa4bd266726f64e6f3ca435cf129341a1ad5dda5aabf743bdcc2b0682b8c2d8e6a7441724c4671b937ced963ce242c7aedd9fd674df66213c268ba9b210cb7ecf7354960de46dd96310914ae627afe6e71fee62f16a21b8768b32ebeb6eb8236423455dd91bd612f14b2aba5d216150572f6d7a4d4dd294d3b2e1cbdcf6bbaf57da23255804e576535cd8cee7fdf819f9c26fb6fc5fd9c6ad3aafe51def43245235e6b1bc519ec2663480ce3acc8a2a1eb609136bd26bc1026cf97aa07c98ad24205ea30dd47488622a1065306fee00f76eadee7ea42c1ab411e213709ff5c6e3f17d2694fdab689a74f72b7575e9aaddc0632ee10e885fdfcc7f80a61a153e009c4d81735735e849a1fc0c92c9fe575337aad2ac11bb7a3c36a79975827bf3f3b4607b8da1c2252f47a92f5c73f86e1b520ebdddf241a8709d4bdad10b39fdcf7f24aa2e7a5365e296ac3e71e833d986cd8763394addca8dd015e19652d7ec9ac01cd5a96087ee597bc1a4903f7ed2fe420d04c82afa5b1efed949c0daa4f6591e56f4618d37763f348be666ef46aac11ba6516a8bfee31ac0456741e727b954a8d4984f35bbd7a624872dfdb5e2700ce58fb88e66f208aa0d5584557c395f3d6b0ecb661567e2257fd08727f65c0d76bfd0232c25bbe6d5fc962ed63d6cdeebb70ebd804c917ebb0eab2cd4a1c8ee691a63890f3d3853081d785d8d6929da32663ce5d236e321a62978555da4b1aa74b883f22f824af1911a290e17ed7c27d20ba6ac3f2fc565a6446de64cfb97e4fceacf512587420eb2c9d1a4bd49f0a71574dd096f9209bde377818e026014be4c86894063d6fb1e297c69ea2c6a93dd7e43f3ee8a30984c073106e4f32a937999f89a7680a0a444ba8482435d52176479425931c830458ed70b94162b03a253d3f8f5cbd4c8af749ccade3df6316d151d15b1b435d76562f3ab0b2c8ef1cd0fd9420ac60271ed3262d810739cb5d94794514268d36579e454d5c7b3a6b6cc908faae55c1938a93b94064aac7de3a6b4e899e52927129b0f42adcb7d2bce5765a05b6d0b1d5a123eb86af4c91b17c51b244fcc20dbadff9f8789ebb329189347913c7aa7b73df7e58da0a419d2f651d5cbd35b90c6a40aad1ca280597d06ed749580f925516c4a7a768858de8542c17ad67a10634fd0f0dc82a9f54619a6f3ce6778a2bf17f8f1e98a62f827a9189f155a9a08fc9799be44c02588fcb32bc2e6152815a00046aad583aecb7b666e1e872efa73271843c6d38c64b4dfb756c133b787ff37230ad8b62b23e66621640071d2f8a32346272e910a49094f262a0bf3e3a579ebff12a1f232098ca27f65dd68cff517b427895f46ae237da0b21a87d78aa2550b93cdc097e22d1e888e4bad26afe59f46e951aee96f1fedb19bc48d67cf8eeb4fb426f5b5d088140c645288ab0e74f3bd40d931b8634098f17efe88d100b4075b87cdb6aaacdd0d41306277d1b39f08e0bd1f1f1c645e27cb102f04c8959cf688b5828ae0a9b2d05697eae4d92ba43e7a71e2ea058822b52c7f4e312b95390320a08723f8fafb0683af43802634a35e75f5fb19981302b856cb5bc214cddd8c387ee28b505ee934a0e9305394f1bcd555d0c6ac5019f1941877fe531a71fd4b98af5b51789d5d087228a8fdd6a795906fc92dc8bb2eacb1e8c736234df85c3807fa4145570e743335bab9088a37d694031b985fa82439ed80cc13de7660696c9755cbce1acb3167dbf3ca7f0019e4d41e3bd95c98a377444a8b319e801fa4b1730f99c64bb34d5de3e308d9aa7d814321271988e961dbb5a3fe326161ee193af52e2d0c949174b335a658461d23431ddbc100b10b7f7490b4f8fdf3067b98fb2219675ab423af0aa4aeb6e4ec627ac51d9a5192cd8d7530fb25ee50843499af5bd48421a3707cebd0444469567b625adfcea026ab82e6af309b438b1163af4b15b2ece1a738b71c8b4c1d318ee7296e53dc898fa7f2df43b2a6d7a4e914ebe127c11b4022d971cf1a5b3878299581619a699f38d42292a322181c76644f4a54a868bb16521e26d45b01664b7de80159d0a0b986067d9670e7617ca01eb24c779449c56de357efb554efea9a0c70d39184db1b9e5a7e80101f31b4fd3688191bf728138f87bb89de65af8ca37178c3c8f79a3d2ad195bc9c830eeffcbc4ff66c4334c90bbbf2ee7e3408db9a305705ce617f8d74bab80f14664f2e2fd0bf784eb0a8819894389dfc1effa523a2ec1adfe574c850c9d31061a6683c1eb37b4dc97a4490076356a282954eae995ef92756f035063c85e3096e6acfcc156a0a83bde1ac854ad3888f27df9213143eb16b8f0834d20945055f822cbb50e5c62adeb124d6676a385ac236da9c8bb0d08d52655309ac20c9458e9d4e688d640e6398a202228c9832d0291653669943ab08adbf49a382532a55d77ca0b7c47a185b7439d8b22b09e5f0b2365917b41192da88a2485af51686d4ec082c5243050b0abc6c40e02c943cb787f239c72f8aa5cb1889e525f0cfbe346d72a59bd2da9bceb1cac239df953845c9f2573c16793393e4f987db94722ff4df6f4a47e752fa9ac49d232c4da740eb20eb0730cf2e49b49397898a051a3b0b7de888509e2543479d8dee7e3a14031631f444af42e69b35bf6ef193cc79693f0b4580c7b0108778331c841d419bcef9973e14c215ea39ad275e7ee25e90c94719431fdc851a90d6ad8ea9708f862cf5100431e39f3c4741f0fb4c756934f8ae8abe5cc9ec10e4693dae3ad72b509146305fe192d2e3df70bd7870a248381a188059b196f1aba65a54c2723684298ce17163c9bee8526242c9c7156241d2fbc43464dd30bb9e257dbcb063639b18eff8a4066364cb6c9a8d6b56d5e01801b7ce5baa0b553d93daef1fc1f2a03c43eee409c9730ce750c29c27816b7bbfe613cfb5b054d4dd342c800b78434d4877c91fa9345e35e1f4c2ce2b49793fcba826c0fc3f1cbc2e05b763cf8bbf9c198cd5c4e9e29715f3109e060f94282ca90ba9c0b3b40234abff3692a102a2ba9f886b57bd404e5b61e1678d46959c1292fc53dd0efd8d43f2e5a9b1fbd807007af3c967433843c4002806abb6930271c0585a3d57b66c6d0153b8950b6a40dc7dcc8b9a30200d0a624b090bc02de44113b1339ab49b2eaea83ced622e9f25f5ed1bc1aa3f5febc5ab305d12ea5df7443fca2fec649e1e1aa3af7d40f3ee9d7dcc7a2cbefa0f0068e18c2c78e30fb91083645d7e95f26ff0c8d9d0332f6d7862794ad1e0e4ae10a599e99c87af696574f46698c561a9803787ffab36d6ff339685a4d6c5050fc809e56f0eb42253d33963cf4cb627d586a13aecfe7f3a6c29a5d4075faeb335064b47d3d1cfedb5b1b06cd8c143378f7e69ef8fde4fd0d2ce07c2e25173b30bf118adde931a8c28dd362ccf7c4bc6088736ad5c7b2c2b6ac2e9bad2e873c8162e5c723b993d4884620c1ab6fe464fcc88e1ea4370a439a5123c86c46f8b319c65af549d887703fcfe0d56e60c97e0b0e7bd1aeac43d28454b25dce2aacbd8c95d4498e1ea15c0ad828385b763dbee5e3c71df3b070aa093cd86cb6bc040f09681bd56ebf16d3c406307b2c428b77d56d8ed78c5f669271ee6e56014aa8ede778541d4a84a8dab9f10c19a94625139964502513f43f14a219fea9e804809282a67698ae94175feeb61746980690a2ae24084a70bedca6486b66f5253c7f1bc8b3a510ed57a6ad5104d41a68bd6ba58bf8b44df21c3f091df56edf35abcca0caa9b65b9b22b05d13b4e8deed6b1072407dfce4dd95f9e93cf7526aef6ee257f253d692b702ba775a4a98d91e093e4b3e5d25c62299e69c808217c98f07be829e7e17bf189497f3961d1bb483084224034d011af8b2f2979a6b69e95c13ec9d72f0b499f82780ad2c457de2230c0b9c9660c4f294293e5edc7adfd774e1fa71331233c9ae6e7bd9ea2058ddf26a817f65d0483110e80fcd87c1ce1d33d5f58d78b613a3882d1b6970b5ff99694af5f290c262d7ec10a792dd095fedd5c3ea2b1255bf133ae512d4e4166deb4ce6caca747440b19072a35639c682dee963f64192a4b2110d383d1d91e963ad3afd15de32b7c032bde08a9d74e72c68b786bbb696965242d7ca8725af6534a548b1f1e748de2236565e9010504d2d332c49bb716ec10c43e5c8e82f26708d9f5fbac16fb06c778562aef66139e4a7d95f18e471ab931193033f98c1f7ab98d545a34b277a850d10ad0d91a520769949e99a3372d314d7df042a6bc5256dde36d110d04d25e66b9a61aaea37594ae11b00ba388cff7c37e8bc37fdc6a50d3c8b376956f739b130d7f0a8a2062b0df8b514fb2dab45c0c5821998584f8d68972c8dfd44008bf487c24fcbff9fce3313cdc415f87288750bf0f68d7ca26b0541ab540372d00ed973b2d3ab9f2c11bc8324a750e5d4229059bf70a756675c7a31bf2164ebdbbf118c3e7063daaf0bf04f74f7e3eafd4686d50ab756cb449e7100d5aeecaa552af6bb664716df294f9e0f2cb9c954849dcf76c0ca7dae8ed66793c549bcec6995670b7d02c26f308a9d65b2cbcec68a23557d64dd094c57660dff1086bace607a5fe113af3248a6b7567ace71125415d130d0a8436d5aa56a095576a4fa1c73e0d009a574fe13a8bc87c8cd95c378d2a10c79229d1c123481e223ff244f0576ea25325a72a2d48e58bcc6cb92f5ebe5655170596c98ac481346b28bbd671f30e846dbbe451c3ff2baf741f3406a9ab701409e8fe9c0792bd53c1536c9cfa28ed34d77a01a34ec592d4adcb69d5e84a5f232a312114f85794c7a9a859f38d05ba46ac16aa78064de392a87758516f26481c2b5046b8bdd5b64fb99b8bfede68bcfb96eb12b5ef9a85dee5ee6998907bcbada09e65b59ebc34fbd795c038483d908ee8107437dd3e84569467d39300e7f1e478808a53fd00129fe3aa0afe19d0941e3982b4567a6c14e9276b6a7426164f6cc92b8de3667e80bfbfbb38073099cf3f36736f6e38dbae2873c71b0507b7b44fd23ef6e6d1d3a194a1718785733393f1881dbc1938d5c2929bb731808b0a119fbc8359a0b64cc29e1921c6eee1d666a72722d66fe4dccbeac80ac25f0d9f245b025dfe8b0d15550892e231420b7b0ad7cdaf02ad407c276c65725f1025ca1fb0b3633e817fb815659d6141fe445be67231aa3cac345b087452faf70ccd4161c69fceb030fdff246c0570562d9278e59198504d06b1b9b8e78b96dceb8506f00dbaa653e980164ad9f99b2fa1c6916962e9", @ANYRES32, @ANYRESDEC=r0, @ANYRES32, @ANYBLOB="0000000028000000000000000100000001000000", @ANYRES32, @ANYRES32=r0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB='\x00\x00\x00\x00'], 0xc8, 0x50}}, {{0x0, 0x0, &(0x7f0000002340)=[{&(0x7f0000001e00)="061abd1c6d1b44d0c4e716a53bcb4482ae8821b351e246fd2f0d41515348c8", 0x1f}, {&(0x7f0000003740)="a3bfad830795cb77fc5cd5b44b526343898a667845d642efe68a9313ae1a2b6b545e5c42380233df5874f8441fcd87eb6def457964967a51b32d86b8df1049a31ed348a5e1b4c6ec2fc6e72735643cdfd5f98aa7f11904ee629acb797b37457e157b380be383ee35f4f4ff4688c666f36491f4569665b095f33eb7f17ef41a8cd860672f3ed36a5882846950fa4cc02caf27526e1d61c9205b2624e0c831118ea6eb2f27a1c1b0938fb309e984c2a38a7e26166302c2d6039f24556742b32ecafea80d8cfe5ac8d1a01cd2fdcb6d1ffd0efe9db445dedeb57a3ae0dd9b941bd02ad078c608b27cdcb865fcee1e0c06a14595105bd58b3b588d603ef55c87cb5779c396588a35370bf9665f8723bb836f0f23fa902702244142b3b884aae33a4a7348815978b5c7dac29c47f0a6881dd291b2fd3f0514d3f1c3054a16291511101c97775a3d9bf225baacc8fdbfaa26881027c84679682cb729838b80247fe0a08fddc4c55fc6477908aaaa6fd845dffff15a2251e4b81d3d652f007fba4e09b6cd65ebe67d6e1a067b123a4792e3217cc15fcb1da9d570cd544b72febcb9922a982418af8ecc0332ea4b320ade10dd974a3ff0a82eb138450f0997662d0174b67dc986239db8787676b345c40a43b26c2bc178597aeca4f0cb3cfad63a91a39b604a4c0ad74c1de16b6fd5f12c6ff1c129760101a7fa875995d29866f6defbccc707caa568f1ee98549e87081038c02874a18bd79f8bb315f88d984e557c3a7155701b8db427e7518e0ebdb8704842816bb68b9f8f6a879de7156a4910ada3daeefecd4110c9fce996fed18f99d89d32c36e7abd586da933770ef591cf3e38ca48bdabcfdb45e02914ff38d6d388c3692bf556099ca2b52d049bbd588904b0345d4d9d5a54189875b25d73204c413976a513de4f7cf7bfce3401ca1a57dc87404f0a04acd26fc1a0943b72a863f899682322cb0ac992bb66ccb6c4ad41238ff213834ad42c1ce62d3a0f4f202d94f4d84772201d884e4e6cb42da4c3b824d08acc93f1b62ce5442674358cf423fbbd53c2b2b8696ba16d79088f4f9e233efd98ac599da2c3588e160c9ebb1d289a6979f3de6bcc683ff48dbca905cabc3e03bed0812d8931675c5432ca8b63bb75794870f224616c92dd618b6fec594d8c186c51e47d93520c473f02e3048955164fe870ff5aa2cc4b22894ad5f42d16642f16f55ac604f28f78a299d696184c52ad48ed424ed2d1ff8622dccc83e3ba0ed236b1ad4ecebf647d77ca4c8c63e1a6d641e65b8da36f27095b7bfc749d355d52560d1c6e1cea6f1d7a7afdff8ac47d65976717507d14fe27ea241fbc972743992845e8e72ad0100cc31076259df22123804d35d42f8d495a4b5d3b8e0a6e364ac23d32589d8ba255c97eef7537a7daa091ea98b09a8c9db29871e73348aeb5255677db6247366fd457c43a9a2eaf01d648d89d01cc54fc9e9d1fa405e81f9c50e74279020984e0b66b41016d0f0e6eaa2f8049daa875d55728902ca1c5f55e10d992bdfdfcae897448d1616119c83e4d42e353e6258ed965dc119b49fb6750e216f03aa5c394bbe37628d2de0466d68ca4b881316690a6a571303124ec9487c402b809d002fab95015309a85f42cfc8f3eed3d4ddd394701648d34959c108481c53fb49c9d6d6b119f5a4c8c0d76d29015c487d9c68994a29589708ecec8fd47ad5513e72bc2f4283bea5cf68f20eaacc41d9cf283cc863d105fcdcfafa1a35681ceeb90294725bf0ca9d05bdb4ca8acf0d51b82d5954a7189cb4809cc142e1aef9cef44820a4d3d47d4e48f9641471d497942e62bd9f1d5a00e89e8dc523ef3eacb23722ee83a29d8ac6fc4327d1375985963978a57d34d6b99e5c52634def977c27100078dbafbcc5e1c21c4c1b3b1d38c4b27699e1b037cd821ff8557c6d6f99b80f6a97d1cf0717acdb97295d0cad6f55b070d028949a0202d9c9a436a955d25e50a62cdedfad83cbb95df610ecf35f5dd6a3c95d71bdc851df3d3804469e1226bd19fe98087044891beeab35f6cf1c59a5669e98ff55b754e7aa271a6e9856f8b8ccc5601373c6b1f88db21754535f0a3e5b92a491704086e40b09ef3215e726c6ab2e84afe075cec30b15678e43cdc5b8eff5151803b091d6e90389efeba0c43376d45b2c5ec87cad3ce4a79c68207ec6c598131386166917bb7d9da706332606cb63be6b5e6173326dbfd75bf411fa052ff78438686143b793268c7d6b2cbb200222dac9ccb5b0e1d6d00d470e40f730c8ca440536db39265d07ae70928afef925ed87272c8b7724fae862e0eaf979d4d4aa51bba101680b5d80ee5b70d4ff7658ceeb9f58aa28e3daa09ee9a15a6008d803825168a05de818a3e72e862f2f2d918c60a20ec3de736bc11cd874c3509905f794f5c999f928c253b96755c2c6a5deb24cd061d2d5353e179fe4aa106a0f11d72fb73676e900b1d62e678fd3ec1a6e0727b5e489e8e626cad2d310e9bbf49a4f9e9ae8b3cf1884035d73e24f078f9fb6b62f0da88952be463c9b3c242e609c101e7474e5c16989bcb92271b95ee172f4ea96d22be5c219ba1869f8d0024e4393d78f615b3e7e2c87e53f68d2cafca9a24375030576f16c5da15b8abce4d88956c9e36671464db319c1bc40cd354f516dae18727514328a7189831826a951a6c50ae1280519f4fa1ed7918dad20acb3685cff4677fdbb232ec837d1170e682bc5f3b248f7068b4728903655c87a7071b3a34f274a726a2433eef4675ae1a5c7733c987f90d3d6c8e82e8c723cd2bb20e7c6ac1d766580422f6056c6bb8347860756d6d264bcaed974c0f5b70871103bf0a6cd4af2303706d2b321b6edba9fd3cb88d57e4659261e2b0170f547a6d5f332581edf71dfadc3c9fa1c903bf47e1e28a60bd662902389d8a4c4e234ecfb360c33824b36de4f1b91110c818bf7ba7427866ad7590fe0dbf8fc2e512f96ad6cc833b805201e39838406390d2e9baaf1beba572594ec6004f63d9cfc5ef06bacd48318abe31e73326ab629dccf840ae76481242eeb9ccfa028288fc63e3d74c555305952ab4777a4d17acba387b240943790c5608a2f90d1bfac23648c37009af69fb077f9e8ed5b546f9e775d09333ab5b8da1a6060cf71d2a4718f564417835e9a6913e6c5debf2bc91975ec01a76582a377ad7581b311307ad12bc631dc066196af80fb58975f685e624027015923ce420f7d98da58eaedf14940e60b4c1c346d97a95cb9b4f73af3864445d0bccd983821a8d89aa1f17d215fef66d1c3306af917eebb97de4b29bd5ed55c43fec255b36a09243790254a0890e06d9665c1abdd7ae4c04f36abaedc1d180d1430fd0b632c7bd448a24cd107f88814be2b51a7ddc80fbef79ab6318179c11abf9c7bbb59080e6d4ca83feb9d27d33bb106ffc20b535014ada689c892115fc88c8118ace491a48119740f9a00e3ae7e745bf2e7bc93cae78b9bee830b36d04964c06754ea0631be47abf71d00b05bacac5aa0d8de2b5f3e92fb40fb65cca838b7eaec8e4fc27e3debbffd96bd56b69698c50fc281f9efab20a4e1d9785bf83a3e5da20a23ef9687869fbfefaeb43aba97830cd70d7959e0030e9cc9e25894328bd2cf58dcdd288d23729d25b765b317010194943445980e58dcc161c3e81b62ae67da8731db8cab5a71430c1f7457567c8fef69230e6c496b4e62d86bbf7e9b0d7a215a815bb13df65d51bd2fd154ced31773451a329e5b720c6c36fd98247c92dc5407b3b42aafe281736af673beae05f598bf4d944eecbc584940e81ea3dae6252e862cd2bc6ff589af85f6e340f675f9595c54e9c1b2caad0815d31e023a19660aad4ee238a75780922c1ff785c0b50194fa7d95e950317a06bd46dd7fefb783cf220cfd16ec0e3323697b2bfad5bd8d401ce7927dc5b59081685260de68e73cfca087e2741f4c02649dfcdce82f4ac94431caabd98f64d1e42f7e160133fdd238b5b127d9babf74e1314b61bed84a0f2169b1f0c3fe6be29e663f3d51b4ce7684480be1bb29c17a0d4c32ffbe4d4eb4c96126b2d6d532a9e9917e6fab68af904e3178909746a2462c6421bc9589e719be9ee23aa87af2ed8855336427357ba0afab66b30b390d73798d96ecff064fc3375d2fa26fc27e2dbb30b9dbd0029cc85b5c2946b8867cd19241e1c88c4a30a7d10bf111a2fb9691387b930ef0653762f4bc78d0be0a55078e000e5b32c0657b1de8755e9130420db223a5e112456d20ccedf28c0325f8615593d52a0920e6a755ca755d11c492880bb58adae47756c62a24be8c138739b52a924c00df52c4da14b93442d9ffbb2a856fc4dd264cffa22e3e47fc5a212b6bfee4dfd9c2ad9e9eab16e100566cb5f07046fde39a66c3269d613c303eafae59795bbcf5d3fa89de390631fb8cebdeb34385983b39ec9ae0befd50cd4a5d64f2998855a91a32ebac675baac280aa453f100ebcb5ef215ca6728b7c1ab7dbed80134fcaf67b28371044d3e10ec16415ced54d75a25f9d6e1a4a6928ac4dca33c139caa511224c828c317e5a859013c4efba0e01606389b462026257b24fa948e84e585ce7ddd37caaa80eff173c3016c14e7ba822d7c59cc982d1ac9ffe73c1b568b8a7548f283af5e00a823168cf8e41b24db288f4ff56152d82ad21cd074e321df2a8cbd16a60b0128f1e704ede3441cafda05e4af8c8df8763ab7cfa21804d56a5675aaddb4e849cabc4214c9bab221935c25fc97a215dc0b813f7fc54afd959fb62f8c947e4034374f3a9f5e4303fc1dbcc8b6ecb27867eb0f8b60ac8ee33513052806a74a5ef2279992a4caf2f591217ae56ed180524621873747d302f36706b706b9e39308e10348c401913be7bf6428d2cab499ecb5850b5ac2882ee231b184d23ef9e52378b712bff7180641d62a82a4079c1ecd0bdaa1ef1dc3269e143dbba96ea4aa36300f49cf02d4296d13d81bc742d49842c560ec20a5039a3905ed56897391798c416a2741c526ca17ce6229477571bf0864209513ac7e591108394163ec335a737112e94402d53a876bda0f1992108cd656c9b5fdc8aa3d5b251c958d31ea063d6b7fcb24cad3c2f3270fc8679900b0c0b729f27d747450cf0c5ee5fdb80b0218718461525bc9eecab9ee4d65770201e0e27f20117313fa96ac20dec9bee23a54c3fa2f3c2b5c5f37393261d78cd5a26c41d6a75f35b680b1e4df1e161047ba6b03b4328c9e12330af7d7e4f1ad2616fcdef4c64baefb77d37d7a34851172517d7d18a4c4287f74621a8a34377108a8f0134dc4e664ce672fd95b8414483657e542c686caf9c116189f00091a9c846f115fe8d1f54cc0ad2aa20f87837ac5459c8f0371d937e660888ddd487b8349731e33d3f4eb1d6963ddb479b33b6c3e99822049c9ee15e8cc55b2e84f479c887a7a99978d0e3f9664be6cf0a98df6c9db365746bb29c0c9175142df9fc20a8ab79e6a8649ca0b06ef197fb185115a1daf0ec15f4d08096d596bf4e887744cae6c55f09c577d22d0ad0fa9e37a0a7b1d0d0308d46625fe565716458726c2794a6f32cafdb1ffdf436035a18fa70bb441bdeb37fe18bc28ef69a24441051baeb35c977684f4b252e910c8a9ae0671862c664a342e2f66aaf2ff73f13943ea72c3eab8688ca40571b662a9761fb33adfbb669a18ace068b157c4f8505341f3e5c9899d07c9fece9dfcb47d1e5706c3fd2f8c5114a8acd28688a86c8ecae2523814b2fa229b5d336165c8913a12b0867569", 0x1000}, {&(0x7f0000001e40)="4592ec0324aa3907371ebbd88b0ba55dc238e6b23c87e1936d92beec46bfaa89e26690e26804789788b8eb618f0ca0974466612c5b021c3f996913548317f80992c70ff1d61ebd7ba8f8fb821926132f5673f986637f62a5354b74a8a621de67d9e059525c5718eab9fd0c1b08f464cdbed12fd03cb17d33db1558ad7f87dbb295227cd2a23788456af7410c64017515297c8d3179bf75002a3ebd26b1cbce1bd8d6507b40b4cab7f6137d73870c49ca543fa279a488ac93cf0201cdac17aeb398c9cf61d1ed9cdbd7f73f108128a871bf0c161f32", 0xd5}, {&(0x7f0000001f40)="6f6a513aa0348c523a569ce1d006ac540348b4ea132c6b45dbf35bcefd5c25e7c350f3c589912f13c66085b2d6c7e31c6e4a218f1d59803a9a2cf7ba6b5483948c4b66f12f704d6ce38c32a8c85426e19c882e435c581f935ad7b3518f92a6881f0c32b1a62b9ba4081d9d478ce490f98714ed5dc8a14acbfd7ee47854b3d2372fe365391c9c475df84588e253b8314af57de8fc2220ba75f5e820f0b71bc4099346f4d6f63f4baa89e792f8e78ef45dd39d1fe3641ef261fc602d83c1bbb639ca7b525ebb73c3d4633185fa8ae4b35d889f8a6b9306bc6a", 0xd8}, {&(0x7f0000002040)="2028505dae31018f9b808a151d30793df9d1bbce33ba927b4c3ddfe1ac6597a912c2068f2c83e3ac81cd6d5fa78a7b350588d44de9dd8b19059737ab1146eca886f199b05a5b74cee0515e609975419e4ecd714d5f2badc2b6b042f9bcb7ccd23c157f3e02cfa929ddf5b8722d1b03dd4e7f63a5d7d57f31307bcd78176ab22a2e5d46737de860855ecfad6cc73f2d5e3cf9fb21716a71444664a14e37013c7f03101d1ea2a90e8956cab477905eea8209228ebb0955eabcf045c2fa0996dff7c469344b9fddb36a2ebccdaa9ddc85ca88f42fb34cc17fa883e297d78f10ea14edfa03ce8dc6e7f2a3fa5c2785290c5204a17f365e32c6fe6c", 0xf9}, {&(0x7f0000002140)="19475db8e879ec8ae9a9fc47318d716d954bcca85578413a17ab3e1c988fe458d4ef5f497aab4fefaa49123ffbd3199177cee26a4b494a4bf924c4ef11834282892318acaec5fed478289ab1cad0655384e89768e93abc50a66ed9e755ed9b28b4d817bb42d779041d622c7b6fcd5ef69186872ea329b15b15fa0fbaaa069e29323931220f57273b154127bad164081fb26d0793fa35099b76c59c4a998a3bf348bb", 0xa2}, {&(0x7f0000002200)="981fe3e4c15d36ced793b5159887ef55cbf3398deccb9da7b04bef11bc55a5ed5da6224855bcdcec61922edd96c887c0199016e8270cf6c686db60057590d65a1a9bb7d259f3314faf7e3bdfacae32a1d28bfd55a2b444ba44442825", 0x5c}, {&(0x7f0000002280)="a7b773b6664297ff1b08cc2c9b5fd03f0ba0ab377f6691f86a5248e7627d6bbc5f713c4ace5e9f1413d7db8ee1bc815831089facc34769f5a41ac67b8ed8fc652c06008416757623ab844617e6baa9123793785c5d17b20644d08cd0c5d9e1b79139986a82a8fe7468e003b9592e16108dfea5adbfafde78b84eaf0b5b292f99f1aab8dede", 0x85}], 0x8, &(0x7f0000005840)=[@cred={{0x1c}}], 0x20, 0x4010049}}, {{&(0x7f0000005880)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000005b80)=[{&(0x7f0000005900)="b3d3dfefc99ada73f5dd6a4f4ff08e6bfebb80fc811512aab1c953ff2612c405739e832204772c1daf04d0a2a21e4ce9547943a4cfa495d4ac9cc4ca72601ef6d29a20236ac9b9248686aaa43065b526adfdace916e252ca26d471692832631ee589e7e3e844c91b580725f7ec90a9260cd4c8f107832537befad9badacf8060849566fd8f9ecbbb4c2e6154532354748708", 0x92}, {&(0x7f00000059c0)="9b56319837130309928a9822376fecdb6e948b9152a8954652509f64ccfaa76754f7f71d2d0f7ccee2ec3bf35115c7717158460365df85312986a241c90b720efdb2f1ac7502fa75fc57a00cda4271e5a09498ae5e5be5d782dc8332b84884c353b324da27ad7242acc2ad234134b2546e5fc0a901a0244c3a40e2e7c58a4c3d705e7480b439cde194eead8774e4bff2a9d0cabb9cc1f2701522c1b192ad2ee9eeda44e61ffef529645ede941cadfa01f146599648b6", 0xb6}, {&(0x7f0000005a80)="d6ee49ffff869b3d46984fe10d0bc418ca9b03848ec4afce3ae6997f78f8fc19a2fca473e959bf74f77711aac1174d52529ade63dc6a78e094a28bf733cfad940bcb1eeaa3c9079efddfbcd487a3314f87427e5763ec5404e41c788cb09ddd6f7480f79a63a4cb0d9f849fe29e3aabf3da4d16dc269506061d50f882611b63600b2d48df2c5dd945dfaf734246f2ef68ad067595ed14b8eb0df42e1f0f670e9f2de5408c152e5099f675d3f577d8009dd53413ee70bdbef6e18cef4d75065b7a14873c42051ed7e819fea08061db3e955912a7ec01934a9e43db0f29ee51dd5a92aca05e019ca8ff76c0d99e", 0xec}], 0x3, &(0x7f0000005f80)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff}}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r0, r0, 0xffffffffffffffff, r0, r0, r0, r0, r0]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00}}}, @cred={{0x1c, 0x1, 0x2, {r1, r2, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee00, r4}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r5}}}], 0xd8, 0x20048010}}, {{&(0x7f0000006080)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000006340)=[{&(0x7f0000006100)="ac0529cc9c60d3d04ba66f9989cc1182fa4f5d7d3389bb9ba474a4a4251567c4cfa3f174f9720ba4ee750c76d6410a68d98c0a85e43db6a785323fef35e4b9a6428db3840f367e93b0a94b3173b9b1d4b6517960d5787f1085", 0x59}, {&(0x7f0000006180)="30412345538f7c08038ccc3bcac9367222c81214ba2a40a57124499ad43790021a4a559b89babef22e0096a20b84f26447e1bdaf284c9f126092f99a0dca", 0x3e}, {&(0x7f00000061c0)="14378bfe6d98b6c413ca56d744def14f716e546194509bf3dffaec50e44211f4d5b3b17f1c9682d6361ef2e7a55d1a1f0baf7679897bbccc12d1202e17d638fa23fdeef0", 0x44}, {&(0x7f0000006240)="3b65adf27757cdf533d1cb79f613fd458b0806748f57cfc57b", 0x19}, {&(0x7f0000006280)="8f185ef1e4a52529ef5b9e53208a85eb93aed3ca07b6e106c75f1387c610cd1b31e8f1a89aec34fc6127cd1678f10000be8da739972f96bb1db0ce0767cd784d6f262ac2a2b94bae0e99c476eab5903ae3296bdb893de6b32b0e5febe2149da8b0d59cc5a72e3a4658294e202164f9bb46d6ec9869deecba9f58055bb40163e416efdab0dd60e3f5c1b73426b8031481053349c12a60bf861dfd72ecf46818d42ae713a5ac9282ca9efb2e6e06023732449aa62d07c615d2ea", 0xb9}], 0x5, 0x0, 0x0, 0x4010}}], 0x5, 0x4005) r6 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r6, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r7 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r7, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) syz_io_uring_submit(0x0, 0x0, &(0x7f0000001500)=@IORING_OP_WRITE_FIXED={0x5, 0x2, 0x4004, @fd_index=0x5, 0xda, 0x2, 0x47, 0x14, 0x1, {0x3}}, 0x5) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r7, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r7, 0x3, 0x4077, 0x8000) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:51:37 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40500, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:51:37 executing program 7: ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000040)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x9}}, './file0\x00'}) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='rpc_pipefs\x00', 0x0, 0x0) umount2(&(0x7f0000000080)='./file0\x00', 0x0) 02:51:37 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) pwritev(r0, &(0x7f0000000080)=[{&(0x7f0000001180)="f2", 0x1}], 0x1, 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000000c0)) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000000)=0x20000000) fstatfs(r1, &(0x7f00000004c0)=""/89) ioctl$BTRFS_IOC_BALANCE_PROGRESS(r1, 0x84009422, &(0x7f00000002c0)={0x0, 0x0, {0x0, @usage, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}}) r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(0xffffffffffffffff, r2, 0x0, 0x100000001) 02:51:37 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) r4 = syz_open_dev$vcsn(0x0, 0x4, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000380)={'vxcan1\x00'}) mmap$IORING_OFF_SQ_RING(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x200000d, 0x12, r4, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xe, 0x80010, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r5, {0x5, 0x6}}, './file0\x00'}) sendmsg$IPVS_CMD_NEW_DAEMON(r6, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000180)={&(0x7f00000003c0)={0xc4, 0x0, 0x1, 0x70bd26, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x9}, @IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e22}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @rand_addr=' \x01\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x9}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x8}, @IPVS_CMD_ATTR_DEST={0x1c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x1}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x5}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x7807}]}, @IPVS_CMD_ATTR_DEST={0x44, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x3}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x9}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x1}, @IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e23}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0xffff}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x8}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0xeb58}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xffff}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xfff}]}, 0xc4}, 0x1, 0x0, 0x0, 0x4}, 0x44000) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2378.888518] FAULT_INJECTION: forcing a failure. [ 2378.888518] name failslab, interval 1, probability 0, space 0, times 0 [ 2378.890088] CPU: 0 PID: 12433 Comm: syz-executor.0 Not tainted 5.10.234 #1 [ 2378.890954] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2378.891984] Call Trace: [ 2378.892318] dump_stack+0x107/0x167 [ 2378.892779] should_fail.cold+0x5/0xa [ 2378.893254] ? create_object.isra.0+0x3a/0xa20 [ 2378.893830] should_failslab+0x5/0x20 [ 2378.894309] kmem_cache_alloc+0x5b/0x310 [ 2378.894817] ? mark_held_locks+0x9e/0xe0 [ 2378.895329] create_object.isra.0+0x3a/0xa20 [ 2378.895880] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2378.896516] kmem_cache_alloc_bulk+0x168/0x320 [ 2378.897093] io_submit_sqes+0x6fe6/0x8610 [ 2378.897646] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2378.898280] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2378.898887] ? find_held_lock+0x2c/0x110 [ 2378.899401] ? io_submit_sqes+0x8610/0x8610 [ 2378.899958] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2378.900563] ? wait_for_completion_io+0x270/0x270 [ 2378.901167] ? rcu_read_lock_any_held+0x75/0xa0 [ 2378.901744] ? vfs_write+0x354/0xb10 [ 2378.902219] ? fput_many+0x2f/0x1a0 [ 2378.902671] ? ksys_write+0x1a9/0x260 [ 2378.903145] ? __ia32_sys_read+0xb0/0xb0 [ 2378.903654] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2378.904309] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2378.904954] do_syscall_64+0x33/0x40 [ 2378.905416] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2378.906066] RIP: 0033:0x7ff7fbbbbb19 [ 2378.906531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2378.908832] RSP: 002b:00007ff7f9131188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2378.909778] RAX: ffffffffffffffda RBX: 00007ff7fbccef60 RCX: 00007ff7fbbbbb19 [ 2378.910670] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2378.911558] RBP: 00007ff7f91311d0 R08: 0000000000000000 R09: 0000000000000000 [ 2378.912446] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2378.913334] R13: 00007ffd6f9efb5f R14: 00007ff7f9131300 R15: 0000000000022000 [ 2379.042131] loop5: detected capacity change from 0 to 263168 [ 2379.077137] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2379.133308] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2379.139818] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:51:57 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 67) 02:51:57 executing program 7: io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) ioctl$BTRFS_IOC_QGROUP_LIMIT(0xffffffffffffffff, 0x8030942b, &(0x7f00000000c0)={0x9, {0x0, 0x1000, 0x0, 0x0, 0xfffffffffffff090}}) io_uring_enter(0xffffffffffffffff, 0x4c05, 0xc463, 0x1, &(0x7f0000000180)={[0xffffffffffffff47]}, 0x8) shmat(0x0, &(0x7f0000ffe000/0x2000)=nil, 0x0) shmctl$SHM_STAT(0x0, 0xd, &(0x7f0000000480)=""/4096) r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) readv(0xffffffffffffffff, &(0x7f0000000280)=[{0x0}], 0x1) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f00000001c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000340)={{0x1, 0x1, 0x18, r1, {0xffffffff}}, './file0\x00'}) copy_file_range(r0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) shmat(0xffffffffffffffff, &(0x7f0000fff000/0x1000)=nil, 0x5000) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffc000/0x4000)=nil) shmat(r2, &(0x7f0000ffb000/0x3000)=nil, 0x7000) shmctl$IPC_RMID(r2, 0x0) shmctl$SHM_UNLOCK(r2, 0xc) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x9, &(0x7f0000000200)=[{&(0x7f0000001480)="20000000000100000c000000500000000f000000000000000200000006000000000008000080000020000000dcf4655fdcf4655f0100ffff53ef010001000000dbf4655f000000000000000001000000000000000b0000008000000018000000c20500002b82003f5ca722579edcb49fe227717c84e9934052213d0df041478eb16bc3b4d2965c865c329ca351ba1aa91aaa502bd99b929e8dd6b2d6c4ffb256cba509aabac24c16fcbbe9461d9dfe141d5950056d92f2cbe718e1af3bd2c9e77354cdb17075347cc6a24657f0ac8d5922a9ee2f24dc6a8de3cfb8aa78b46aaf250f74270f570317a679a9cf89e350b1fd73f3e46fc8a005bc7f2671d49ef9c58f30da6bed003a7deed3a6da7b5a8086718f232bc551473f81806bcec7ce8e8e2e325809c1d7164dcde2cbd216bdcb18f413da596797dbe95ecee0b7316b93c2b9311bf59318aae8ddd784472fd56c948d7f286c844d76e78f7c5219bda609474666fa", 0x163, 0x400}, {&(0x7f0000010100)="00000000000000000000000039c043f6970341999833e8e90d2470c4010040000c00000000", 0x25, 0x4e0}, {&(0x7f0000010200)="010000000000050040000000000000", 0xf, 0x560}, {&(0x7f0000010300)="020000000300000004000000", 0xc, 0x1000}, {&(0x7f0000012500)="ed41000000100000dbf4655fdcf4655fdcf4655f0000000000000400800000", 0x1f, 0x4080}, {0x0, 0x0, 0x8004500}, {0x0}, {0x0}, {&(0x7f0000013000)="504d4d00504d4dff", 0x8, 0x40000}], 0x0, &(0x7f0000000140)=ANY=[]) 02:51:57 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40501, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:51:57 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) io_uring_enter(r0, 0x28be, 0x8996, 0x1, &(0x7f00000000c0)={[0x6]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:51:57 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r2, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r2, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) syz_io_uring_setup(0x55c7, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1}, &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000140)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000300)=@IORING_OP_SPLICE, 0x0) syz_io_uring_submit(r3, 0x0, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x6dc8500a5b54e70f, 0x0, r2, 0x80, &(0x7f0000000300)=@tipc=@nameseq={0x1e, 0x1, 0x3, {0x1, 0x0, 0x2}}, 0x0, 0x0, 0x1}, 0x1) r5 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000440), 0x18000, 0x0) fcntl$F_SET_RW_HINT(r5, 0x40c, &(0x7f0000000480)) fallocate(r2, 0x3, 0x4077, 0x8000) r6 = openat$sr(0xffffffffffffff9c, &(0x7f0000000240), 0x8c301, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000003c0)={'batadv_slave_1\x00', 0x0}) ioctl$TUNSETIFINDEX(r6, 0x400454da, &(0x7f0000000400)=r7) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:51:57 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 50) 02:51:58 executing program 6: syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYBLOB="043c07ffffffffffff004eaebc2b6678954fd3fe25b438d5cf45c86d6976f36c3ad7b57794cf17c2427735cedbd9d6db48e6914e467bb4c75659174505631e821d8703a57efedd9c9be0c7ef3034d8e5b1ce0bdf3b8fd8b83a74063a9326b49cb2a20d6c72872da9538e8cdfc02b0e4be63dbe0b5283761d80d70624384e003b67a69f91017a3bf18cf6242f4b85e74664e75e1603dca64c044f1f4ab06f879c5f620b9f35c4c9b85fde2e693c78f2"], 0xa) openat(0xffffffffffffff9c, 0x0, 0x10181, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r0, &(0x7f00000000c0), 0x12) perf_event_open(&(0x7f0000000140)={0x3, 0x80, 0x1, 0x1, 0x0, 0x1, 0x0, 0x9, 0x18000, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x2, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x5, 0x4, @perf_config_ext={0x10000, 0x427}, 0x10, 0x3ce7c81, 0xffff0000, 0x4, 0x3, 0x0, 0x9, 0x0, 0x100, 0x0, 0x5}, 0xffffffffffffffff, 0x2, r0, 0x8) perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xc02, 0x0) write$binfmt_elf64(r1, &(0x7f0000000a00)=ANY=[], 0x98a) readv(r1, &(0x7f0000000100)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1) lseek(0xffffffffffffffff, 0x0, 0x0) 02:51:58 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 44) [ 2399.166591] FAULT_INJECTION: forcing a failure. [ 2399.166591] name failslab, interval 1, probability 0, space 0, times 0 [ 2399.169527] loop5: detected capacity change from 0 to 263168 [ 2399.169934] CPU: 0 PID: 12465 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2399.173248] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2399.175711] Call Trace: [ 2399.176500] dump_stack+0x107/0x167 [ 2399.177543] should_fail.cold+0x5/0xa [ 2399.178523] ? io_setup_async_rw+0x180/0x580 [ 2399.179602] should_failslab+0x5/0x20 [ 2399.180541] __kmalloc+0x72/0x390 [ 2399.181417] ? lock_downgrade+0x6d0/0x6d0 [ 2399.182561] io_setup_async_rw+0x180/0x580 [ 2399.183053] FAULT_INJECTION: forcing a failure. [ 2399.183053] name failslab, interval 1, probability 0, space 0, times 0 [ 2399.183745] io_read+0xe98/0x11e0 [ 2399.183777] ? __lock_acquire+0x1657/0x5b00 [ 2399.183815] ? kiocb_done+0xc90/0xc90 [ 2399.183837] ? mark_lock+0xf5/0x2df0 [ 2399.183873] ? lock_chain_count+0x20/0x20 [ 2399.183959] ? __lock_acquire+0xbb1/0x5b00 [ 2399.184000] io_issue_sqe+0x2e8a/0x77b0 [ 2399.193129] ? find_held_lock+0x2c/0x110 [ 2399.194141] ? perf_trace_lock+0xac/0x490 [ 2399.195171] ? SOFTIRQ_verbose+0x10/0x10 [ 2399.196172] ? __io_arm_poll_handler+0x59b/0x9e0 [ 2399.197362] ? io_connect+0x610/0x610 [ 2399.198328] ? lock_acquire+0x197/0x470 [ 2399.199317] ? find_held_lock+0x2c/0x110 [ 2399.200335] ? __fget_files+0x2cf/0x520 [ 2399.201327] ? lock_downgrade+0x6d0/0x6d0 [ 2399.202373] __io_queue_sqe+0x90/0x9d0 [ 2399.203354] ? io_issue_sqe+0x77b0/0x77b0 [ 2399.204382] ? __fget_files+0x2f8/0x520 [ 2399.205381] ? io_prep_rw+0x7f5/0x1050 [ 2399.206357] io_submit_sqes+0x44aa/0x8610 [ 2399.207436] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2399.208677] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2399.209901] ? find_held_lock+0x2c/0x110 [ 2399.210932] ? io_submit_sqes+0x8610/0x8610 [ 2399.212026] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2399.213237] ? wait_for_completion_io+0x270/0x270 [ 2399.214487] ? rcu_read_lock_any_held+0x75/0xa0 [ 2399.215624] ? vfs_write+0x354/0xb10 [ 2399.216557] ? fput_many+0x2f/0x1a0 [ 2399.217471] ? ksys_write+0x1a9/0x260 [ 2399.218459] ? __ia32_sys_read+0xb0/0xb0 [ 2399.219441] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2399.220768] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2399.222073] do_syscall_64+0x33/0x40 [ 2399.223004] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2399.224286] RIP: 0033:0x7fc0e8027b19 [ 2399.225170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2399.229874] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2399.231785] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2399.233592] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2399.235526] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2399.237336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2399.239195] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 [ 2399.241069] CPU: 1 PID: 12467 Comm: syz-executor.3 Not tainted 5.10.234 #1 [ 2399.242655] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2399.244413] Call Trace: [ 2399.244983] dump_stack+0x107/0x167 [ 2399.245764] should_fail.cold+0x5/0xa [ 2399.246586] ? create_object.isra.0+0x3a/0xa20 [ 2399.247565] should_failslab+0x5/0x20 [ 2399.248381] kmem_cache_alloc+0x5b/0x310 [ 2399.249247] ? mark_held_locks+0x9e/0xe0 [ 2399.250129] create_object.isra.0+0x3a/0xa20 [ 2399.251059] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2399.252169] kmem_cache_alloc_bulk+0x168/0x320 [ 2399.253287] io_submit_sqes+0x6fe6/0x8610 [ 2399.254438] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2399.255514] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2399.256555] ? find_held_lock+0x2c/0x110 [ 2399.257439] ? io_submit_sqes+0x8610/0x8610 [ 2399.258401] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2399.259443] ? wait_for_completion_io+0x270/0x270 [ 2399.260517] ? rcu_read_lock_any_held+0x75/0xa0 [ 2399.261555] ? vfs_write+0x354/0xb10 [ 2399.262397] ? fput_many+0x2f/0x1a0 [ 2399.263216] ? ksys_write+0x1a9/0x260 [ 2399.264083] ? __ia32_sys_read+0xb0/0xb0 [ 2399.265003] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2399.266316] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2399.267563] do_syscall_64+0x33/0x40 [ 2399.268475] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2399.269745] RIP: 0033:0x7f6d2ff1eb19 [ 2399.270558] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2399.274704] RSP: 002b:00007f6d2d494188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2399.276314] RAX: ffffffffffffffda RBX: 00007f6d30031f60 RCX: 00007f6d2ff1eb19 [ 2399.277800] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2399.279320] RBP: 00007f6d2d4941d0 R08: 0000000000000000 R09: 0000000000000000 [ 2399.280817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2399.282364] R13: 00007fffd21e992f R14: 00007f6d2d494300 R15: 0000000000022000 [ 2399.315169] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2399.340995] FAULT_INJECTION: forcing a failure. [ 2399.340995] name failslab, interval 1, probability 0, space 0, times 0 [ 2399.343649] CPU: 1 PID: 12459 Comm: syz-executor.0 Not tainted 5.10.234 #1 [ 2399.345182] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2399.346999] Call Trace: [ 2399.347567] dump_stack+0x107/0x167 [ 2399.348372] should_fail.cold+0x5/0xa [ 2399.349218] ? create_object.isra.0+0x3a/0xa20 [ 2399.350231] should_failslab+0x5/0x20 [ 2399.351063] kmem_cache_alloc+0x5b/0x310 [ 2399.351955] ? mark_held_locks+0x9e/0xe0 [ 2399.352840] create_object.isra.0+0x3a/0xa20 [ 2399.353801] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2399.354979] kmem_cache_alloc_bulk+0x168/0x320 [ 2399.355987] io_submit_sqes+0x6fe6/0x8610 [ 2399.356950] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2399.358053] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2399.359102] ? find_held_lock+0x2c/0x110 [ 2399.360001] ? io_submit_sqes+0x8610/0x8610 [ 2399.360967] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2399.362007] ? wait_for_completion_io+0x270/0x270 [ 2399.363074] ? rcu_read_lock_any_held+0x75/0xa0 [ 2399.364086] ? vfs_write+0x354/0xb10 [ 2399.364901] ? fput_many+0x2f/0x1a0 [ 2399.365696] ? ksys_write+0x1a9/0x260 [ 2399.366539] ? __ia32_sys_read+0xb0/0xb0 [ 2399.367433] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2399.368570] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2399.369896] do_syscall_64+0x33/0x40 [ 2399.370897] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2399.372261] RIP: 0033:0x7ff7fbbbbb19 [ 2399.373257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2399.377660] RSP: 002b:00007ff7f9131188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2399.379470] RAX: ffffffffffffffda RBX: 00007ff7fbccef60 RCX: 00007ff7fbbbbb19 [ 2399.381156] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2399.382872] RBP: 00007ff7f91311d0 R08: 0000000000000000 R09: 0000000000000000 [ 2399.384558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2399.386229] R13: 00007ffd6f9efb5f R14: 00007ff7f9131300 R15: 0000000000022000 [ 2399.402411] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2399.422436] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:51:58 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 68) 02:51:58 executing program 7: syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470000000f801", 0x17}, {0x0, 0x0, 0x1000a00}], 0x0, &(0x7f0000000040)=ANY=[]) chdir(&(0x7f00000000c0)='./file0\x00') r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) syz_io_uring_setup(0x1841, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x100000001) r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x40004, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r2, 0x0, 0x80000001) 02:51:58 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40502, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:51:58 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = dup(r0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_WIPHY(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x28, r2, 0x325, 0x0, 0x0, {{}, {@void, @val={0x8, 0x10}, @val={0xc}}}}, 0x28}}, 0x0) sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000), 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0xf8, r2, 0x1, 0x70bd2d, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_SCAN_FREQUENCIES={0x1c, 0x2c, 0x0, 0x1, [{0x8, 0x0, 0x20}, {0x8, 0x0, 0x1}, {0x8, 0x0, 0x6}]}, @NL80211_ATTR_SCHED_SCAN_MATCH={0x18, 0x84, 0x0, 0x1, [@NL80211_SCHED_SCAN_MATCH_ATTR_RSSI={0x8, 0x2, 0x7857}, @NL80211_SCHED_SCAN_MATCH_ATTR_BSSID={0xa}]}, @NL80211_ATTR_SCHED_SCAN_MATCH={0x60, 0x84, 0x0, 0x1, [@NL80211_SCHED_SCAN_MATCH_ATTR_RSSI={0x8, 0x2, 0x1}, @NL80211_SCHED_SCAN_MATCH_ATTR_SSID={0xf, 0x1, @random="547ac4f0494146ce0b1d17"}, @NL80211_SCHED_SCAN_MATCH_PER_BAND_RSSI={0x44, 0x6, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x8, 0x3, 0x9}, @NL80211_BAND_60GHZ={0x8, 0x2, 0x8}, @NL80211_BAND_6GHZ={0x8, 0x3, 0x8}, @NL80211_BAND_6GHZ={0x8, 0x3, 0x1}, @NL80211_BAND_2GHZ={0x8, 0x0, 0x7}, @NL80211_BAND_5GHZ={0x8, 0x1, 0x334}, @NL80211_BAND_5GHZ={0x8, 0x1, 0x1}, @NL80211_BAND_2GHZ={0x8, 0x0, 0x7}]}]}, @NL80211_ATTR_SCAN_SSIDS={0x50, 0x2d, 0x0, 0x1, [{0xa, 0x0, @default_ibss_ssid}, {0xa, 0x0, @default_ap_ssid}, {0x1a, 0x0, @random="8e97d595aac49fabee804370b33cd8540c909d36ea38"}, {0xa, 0x0, @default_ibss_ssid}, {0xa, 0x0, @default_ibss_ssid}]}]}, 0xf8}}, 0x0) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$NL80211_CMD_GET_SCAN(r0, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x20, r2, 0x300, 0x70bd25, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x58}}}}, ["", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x4000) pivot_root(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00') open_tree(r3, &(0x7f0000000280)='./file0\x00', 0x1) fadvise64(0xffffffffffffffff, 0x8, 0x4, 0x3) 02:51:58 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e0, 0x1d9) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) [ 2399.650630] netlink: 'syz-executor.6': attribute type 16 has an invalid length. 02:51:58 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_setup(0x3e34, &(0x7f00000000c0)={0x0, 0x573d, 0x8, 0x0, 0x351}, &(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff3000/0x4000)=nil, &(0x7f0000000180), &(0x7f0000000240)) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2399.735425] FAULT_INJECTION: forcing a failure. [ 2399.735425] name failslab, interval 1, probability 0, space 0, times 0 [ 2399.738394] CPU: 1 PID: 12487 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2399.739887] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2399.741671] Call Trace: [ 2399.742261] dump_stack+0x107/0x167 [ 2399.743046] should_fail.cold+0x5/0xa [ 2399.743873] ? create_object.isra.0+0x3a/0xa20 [ 2399.744863] should_failslab+0x5/0x20 [ 2399.745685] kmem_cache_alloc+0x5b/0x310 [ 2399.746571] create_object.isra.0+0x3a/0xa20 [ 2399.747507] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2399.748595] __kmalloc+0x16e/0x390 [ 2399.749454] ? lock_downgrade+0x6d0/0x6d0 [ 2399.750626] io_setup_async_rw+0x180/0x580 [ 2399.751795] io_read+0xe98/0x11e0 [ 2399.752579] ? __lock_acquire+0x1657/0x5b00 [ 2399.753583] ? kiocb_done+0xc90/0xc90 [ 2399.754491] ? mark_lock+0xf5/0x2df0 [ 2399.755300] ? lock_chain_count+0x20/0x20 [ 2399.756233] ? __lock_acquire+0xbb1/0x5b00 [ 2399.757150] io_issue_sqe+0x2e8a/0x77b0 [ 2399.758001] ? find_held_lock+0x2c/0x110 [ 2399.758885] ? perf_trace_lock+0xac/0x490 [ 2399.759765] ? SOFTIRQ_verbose+0x10/0x10 [ 2399.760636] ? __io_arm_poll_handler+0x59b/0x9e0 [ 2399.761647] ? io_connect+0x610/0x610 [ 2399.762477] ? lock_acquire+0x197/0x470 [ 2399.763321] ? find_held_lock+0x2c/0x110 [ 2399.764198] ? __fget_files+0x2cf/0x520 [ 2399.765044] ? lock_downgrade+0x6d0/0x6d0 [ 2399.765940] __io_queue_sqe+0x90/0x9d0 [ 2399.766784] ? io_issue_sqe+0x77b0/0x77b0 [ 2399.767667] ? __fget_files+0x2f8/0x520 [ 2399.768523] ? io_prep_rw+0x7f5/0x1050 [ 2399.769363] io_submit_sqes+0x44aa/0x8610 [ 2399.770296] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2399.771392] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2399.772449] ? find_held_lock+0x2c/0x110 [ 2399.773342] ? io_submit_sqes+0x8610/0x8610 [ 2399.774318] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2399.775395] ? wait_for_completion_io+0x270/0x270 [ 2399.776463] ? rcu_read_lock_any_held+0x75/0xa0 [ 2399.777475] ? vfs_write+0x354/0xb10 [ 2399.778313] ? fput_many+0x2f/0x1a0 [ 2399.779109] ? ksys_write+0x1a9/0x260 [ 2399.779952] ? __ia32_sys_read+0xb0/0xb0 [ 2399.780823] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2399.781940] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2399.783049] do_syscall_64+0x33/0x40 [ 2399.783840] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2399.784926] RIP: 0033:0x7fc0e8027b19 [ 2399.785720] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2399.789639] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2399.791278] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2399.792794] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2399.794368] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2399.795882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2399.797400] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 02:51:58 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 51) 02:51:58 executing program 7: sendmsg$DEVLINK_CMD_SB_GET(0xffffffffffffffff, &(0x7f0000000040)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[], 0x60}, 0x1, 0x0, 0x0, 0x80}, 0x20004010) semget$private(0x0, 0x0, 0x100) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4317, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unshare(0x48020200) 02:51:58 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 45) [ 2399.859798] loop5: detected capacity change from 0 to 263168 [ 2399.890389] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2399.903292] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2399.922422] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:51:58 executing program 6: ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f00000001c0)={0x1, 0x4, [@multicast, @broadcast, @remote, @local]}) r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_setup(0x3, &(0x7f0000000200)=0x0) r2 = fork() ptrace(0x10, r2) ptrace$setsig(0x4203, r2, 0x8269, &(0x7f00000000c0)={0x1a, 0x5, 0x9}) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x4, 0x9, 0xa9, 0x8, 0x0, 0x7, 0x28, 0xc, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x9, 0x2, @perf_bp={&(0x7f0000000000), 0xc}, 0x925eb4e7edebe674, 0x40008, 0x6, 0x9, 0x2, 0x9, 0x6, 0x0, 0x4, 0x0, 0x56f}, r2, 0x2, r0, 0x9) r3 = fork() ptrace(0x10, r3) ptrace$setsig(0x4203, r3, 0x8269, &(0x7f00000000c0)={0x1a, 0x5, 0x9}) ptrace$setsig(0x4203, r3, 0x1, &(0x7f00000002c0)={0x31, 0x1, 0x8}) r4 = fork() ptrace(0x10, r4) ptrace$setsig(0x4203, r4, 0x8269, &(0x7f00000000c0)={0x1a, 0x5, 0x9}) ptrace$peeksig(0x4209, r2, &(0x7f0000000340)={0x9}, &(0x7f00000003c0)) ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000003c0)={0x0, 0x0}) ptrace$getregset(0x4204, r5, 0x4, &(0x7f00000004c0)={&(0x7f0000000440)=""/77, 0x4d}) ptrace$peeksig(0x4209, r4, &(0x7f0000000180)={0x7, 0x1}, &(0x7f00000004c0)) r6 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) io_submit(r1, 0x2, &(0x7f0000000380)=[&(0x7f0000001080)={0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x3000000}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}]) [ 2400.071032] FAULT_INJECTION: forcing a failure. [ 2400.071032] name failslab, interval 1, probability 0, space 0, times 0 [ 2400.073972] CPU: 0 PID: 12505 Comm: syz-executor.3 Not tainted 5.10.234 #1 [ 2400.075521] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2400.077353] Call Trace: [ 2400.077940] dump_stack+0x107/0x167 [ 2400.078770] should_fail.cold+0x5/0xa [ 2400.079616] ? create_object.isra.0+0x3a/0xa20 [ 2400.080646] should_failslab+0x5/0x20 [ 2400.081493] kmem_cache_alloc+0x5b/0x310 [ 2400.082410] ? mark_held_locks+0x9e/0xe0 [ 2400.083319] create_object.isra.0+0x3a/0xa20 [ 2400.084293] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2400.085518] kmem_cache_alloc_bulk+0x168/0x320 [ 2400.086547] io_submit_sqes+0x6fe6/0x8610 [ 2400.087508] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2400.088500] FAULT_INJECTION: forcing a failure. [ 2400.088500] name failslab, interval 1, probability 0, space 0, times 0 [ 2400.088614] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2400.088643] ? find_held_lock+0x2c/0x110 [ 2400.092935] ? io_submit_sqes+0x8610/0x8610 [ 2400.093914] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2400.095005] ? wait_for_completion_io+0x270/0x270 [ 2400.096074] ? rcu_read_lock_any_held+0x75/0xa0 [ 2400.097111] ? vfs_write+0x354/0xb10 [ 2400.097937] ? fput_many+0x2f/0x1a0 [ 2400.098761] ? ksys_write+0x1a9/0x260 [ 2400.099617] ? __ia32_sys_read+0xb0/0xb0 [ 2400.100535] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2400.101710] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2400.102874] do_syscall_64+0x33/0x40 [ 2400.103711] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2400.104861] RIP: 0033:0x7f6d2ff1eb19 [ 2400.105691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2400.109808] RSP: 002b:00007f6d2d494188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2400.111515] RAX: ffffffffffffffda RBX: 00007f6d30031f60 RCX: 00007f6d2ff1eb19 [ 2400.113113] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2400.114719] RBP: 00007f6d2d4941d0 R08: 0000000000000000 R09: 0000000000000000 [ 2400.116318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2400.117922] R13: 00007fffd21e992f R14: 00007f6d2d494300 R15: 0000000000022000 [ 2400.119580] CPU: 1 PID: 12506 Comm: syz-executor.0 Not tainted 5.10.234 #1 [ 2400.121057] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2400.122787] Call Trace: [ 2400.123351] dump_stack+0x107/0x167 [ 2400.124115] should_fail.cold+0x5/0xa [ 2400.124920] ? create_object.isra.0+0x3a/0xa20 [ 2400.126012] should_failslab+0x5/0x20 [ 2400.126976] kmem_cache_alloc+0x5b/0x310 [ 2400.127985] ? mark_held_locks+0x9e/0xe0 [ 2400.128947] create_object.isra.0+0x3a/0xa20 [ 2400.130009] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2400.131247] kmem_cache_alloc_bulk+0x168/0x320 [ 2400.132327] io_submit_sqes+0x6fe6/0x8610 [ 2400.133287] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2400.134455] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2400.135499] ? find_held_lock+0x2c/0x110 [ 2400.136356] ? io_submit_sqes+0x8610/0x8610 [ 2400.137284] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2400.138429] ? wait_for_completion_io+0x270/0x270 [ 2400.139559] ? rcu_read_lock_any_held+0x75/0xa0 [ 2400.140513] ? vfs_write+0x354/0xb10 [ 2400.141284] ? fput_many+0x2f/0x1a0 [ 2400.142025] ? ksys_write+0x1a9/0x260 [ 2400.142920] ? __ia32_sys_read+0xb0/0xb0 [ 2400.143953] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2400.145306] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2400.146644] do_syscall_64+0x33/0x40 [ 2400.147625] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2400.148957] RIP: 0033:0x7ff7fbbbbb19 [ 2400.149907] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2400.153782] RSP: 002b:00007ff7f9131188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2400.155370] RAX: ffffffffffffffda RBX: 00007ff7fbccef60 RCX: 00007ff7fbbbbb19 [ 2400.156850] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2400.158350] RBP: 00007ff7f91311d0 R08: 0000000000000000 R09: 0000000000000000 [ 2400.159837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2400.161317] R13: 00007ffd6f9efb5f R14: 00007ff7f9131300 R15: 0000000000022000 02:51:59 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40503, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:51:59 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r0, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53b, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r0, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) mknod$loop(&(0x7f0000000400)='./file0\x00', 0x6000, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) lseek(r1, 0x0, 0x3) dup(0xffffffffffffffff) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) [ 2400.484483] loop5: detected capacity change from 0 to 263168 [ 2400.507304] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2400.523983] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2400.530571] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:52:18 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3, 0x0, 0x0, 0x0, 0x0, 0x1000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:52:18 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 52) 02:52:18 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 69) 02:52:18 executing program 6: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) socket$inet(0x2, 0xa, 0x1) r0 = syz_mount_image$ext4(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0, 0x100000, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = open(&(0x7f0000000140)='./file1\x00', 0x100, 0x38) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r3, 0x54a2) fsmount(r3, 0x0, 0x74) ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000000)) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000200)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYRES32, @ANYRES32=0xee01, @ANYBLOB="47a7e265e66726d54e9e2d71ac0589fc429f3485a86dfe53c97f20772926438ccd8dc37e82a00795f3d7b4683f"]) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x12, 0xffffffffffffffff, 0xc76cc000) mount$9p_fd(0x0, &(0x7f0000000380)='./file0/../file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000005c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@noextend}, {@fscache}, {@version_L}, {@cache_loose}, {@posixacl}, {@uname={'uname', 0x3d, 'hash'}}, {@version_9p2000}, {@version_L}]}}) getpeername$packet(r1, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000080)=0x14) r4 = open(&(0x7f0000000140)='./file1\x00', 0x100, 0x38) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r4, 0x54a2) r5 = open(&(0x7f0000000100)='./cgroup/cgroup.procs\x00', 0x141000, 0x80) r6 = fsmount(r4, 0x0, 0x74) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r5, 0xc0189375, &(0x7f0000000300)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r6, @ANYBLOB="00000000000000004c2f729dd7730025"]) sendmsg$nl_generic(r6, &(0x7f00000002c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000680)={0x560, 0x20, 0x300, 0x70bd26, 0x25dfdbfe, {0x18}, [@generic="68b75edbf619534dd2acb91fe14594883bf806b4c628723b24263f3a9f895b6cb412346b5d7cc3e5d4c0c1282942c794357abd83781b90ae5247f87fa3e20e0c1d84ef0fa1ca7abe7219dd6e", @nested={0x308, 0x84, 0x0, 0x1, [@typed={0x4, 0xc}, @generic="423b068b6a4fdee6f685b3413e212372d9411fce7fa06d7f22b59bfca2b188bf38c8b1eeab2adde260d03a80982bfa133448bfd9d8afdd17c1a6994d242420f465d2b62ee856d474096a81c25bda14f27327e381f61f2079ca999355782a20bfb376d2b746ecdc10938d3d3a1e98b9d93dfff83792305a1809d7bf09600f56f2ba8394106f853c9b2440d19d1b7bac629ed1d891632df42d1fa00fcc664112015238fb4b0184832b3be6bf946e33f5b8d76f3bbab5b7d37763316f39c2dad26c21014b8ad10eb941", @typed={0xf, 0x22, 0x0, 0x0, @str='cache=loose'}, @generic="8aa3d2a8ca901cbbb8df9a6e3aad955ad836a6a3b5aaed6fbfce17fb623858752bf08a67f7ab5740f816b8da820ce4e1e8eefc4914fc54e4191e0d463384ae6315ed0e29b84bc206fa2f4f72f81c6befdea311025b483637e907ae07c6afbcd1f105b0ef1e2ff35fdfb4d07f5ecc3329cc2cd8a77ddddc29d1a705541be62704fa2e4c93cb7344030037eb49e2ab9048912f1c411f118bb13f1531aa12d4e044ff85a9cfab7aaa0265f6263eb21ef37c1106d3bd3b0953375f69da9af6e504df1912001e77eaeeb17bc2aed6c561f8482c8e246ba8c881d1ad0b9ef8c10122fd09a00af1cbf5fa619edf61c05f0eea37c4a6c82afd3f2743cadb1b4c", @generic="617043e3b8dda29de0ab530903e68224e07c4b605ca6c323f5c730cbfbbba265f335ce4ff9f18857a78fa013ac849d315e29f219fca21bd2977a98a01446371e194c456b", @generic="bd150c4360d5db69fe6ce78d099ed80a93bb859d115d7f16a15bfe7f6d8cc1cd6114a5cc4a4857219542acf8c82eeae8dbcb2cae8b74aac3bc4dd2a2a6546fbf19e3b43bf7e43b126cdb4638507006a4b564d180d858c804602c4434e1a50157da3da0ea3f0f8c73a51ac598b1a4e2e0c369db3ea5035574c58cca362bf4b2a1dc096548c0ae0f004f85a175ec1510ea12d13271e2ce508ffa8b9da4b9452a5c3f5388f4f77a09548e60372839c4ca09f5f3993010bbd968e5aa4125b51e1db8c2bb533a6158e70b1515ff8cbf901a7b7375710e81fd31062333ace28d725ef9fc1e41c9b54e26f6"]}, @typed={0x4, 0x5f}, @nested={0xad, 0x87, 0x0, 0x1, [@typed={0xc, 0x6e, 0x0, 0x0, @u64=0xfffffffffffffff7}, @typed={0x4, 0x2e}, @generic="0b14707991a5232236af3c21e2bdc7ac80af96c1333660bfda4129d3e2e5880e818ea4a43ccfecba51c4a33301c2822a69ea7582c8546108bbc9abaf9321f2d17534f33fcf56373ced378e", @generic="f206be494596207587d0d3d63fa21eacbd04cf889d91b9a2dda8d28ecbadb06b9cdb95360449b4ee09b88955ee12091dbbc47ae1d78cbabae6d857b50e7e69ba9f0a4fe9998ee6e1f7e43f750c5b"]}, @nested={0x74, 0x42, 0x0, 0x1, [@typed={0x8, 0x86, 0x0, 0x0, @uid}, @typed={0x8, 0x91, 0x0, 0x0, @u32=0x8}, @typed={0x4, 0x46}, @typed={0x8, 0x50, 0x0, 0x0, @u32=0x2e17}, @generic="9965f5fc567e5421f47362114fd9b46c1ebde2d47015dd9852ea8d7c661bc7ee7108a648e19f15aa8e56cbc1f5694b", @generic="c0b34c3303daacd8a36b83f9cf", @typed={0xc, 0x46, 0x0, 0x0, @u64=0x8001}, @typed={0xc, 0x5d, 0x0, 0x0, @u64}]}, @generic="4b34908f964928548cf18fe8a372b9aea26c50aa2167c78cd670345ff74d67eb717fe9a750d7ed02114b82045e0f5d3eb9c093e27683c8db0d1cc19c5fe72f31f2ae69a9c92c7df4045e279786dac4", @typed={0x4}, @generic="6ae4dce3578d718ca41416bb218dda5e601aee36d55ab4ecf47b1778927a33539e215acbcbdeaa2bbafe5760d730a0c3c6827fdf1fdbb960bafd7d3482ee4b5a215b957f9845af6581bbe698cf956ae571934d0abb", @typed={0x14, 0x29, 0x0, 0x0, @ipv6=@loopback}, @typed={0x12, 0x17, 0x0, 0x0, @str='version=9p2000'}]}, 0x560}, 0x1, 0x0, 0x0, 0x40804}, 0x80) 02:52:18 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_setup(0x24, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000140)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000300)=@IORING_OP_SPLICE, 0x0) r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000000)=0x20000000) fstatfs(r6, &(0x7f00000004c0)=""/89) syz_io_uring_submit(r1, r5, &(0x7f0000000180)=@IORING_OP_OPENAT2={0x1c, 0x3, 0x0, r6, &(0x7f00000000c0)={0x2040, 0x11}, &(0x7f0000000100)='./file0\x00', 0x18, 0x0, 0x31713}, 0x1) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:52:18 executing program 7: perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x620c, &(0x7f0000000180)={0x0, 0x0, 0x2, 0x3, 0x9}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000100)=0x0, &(0x7f0000000140)=0x0) r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000240)="a1ae8fb5c4de3f79", 0x8}, {0x0}], 0x2}}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000) syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0}, 0x80000001) r5 = open(&(0x7f0000000140)='./file1\x00', 0x100, 0x38) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r5, 0x54a2) fsmount(r5, 0x0, 0x74) syz_io_uring_submit(r4, r2, &(0x7f0000000280)=@IORING_OP_RECVMSG={0xa, 0x1, 0x0, r5, 0x0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000300)=""/220, 0xdc}], 0x1, &(0x7f0000000080)=""/20, 0x14}, 0x0, 0xc46a437ef9366357, 0x0, {0x1}}, 0x5) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x10, 0xffffffffffffffff, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000001180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index, 0x9, 0x0}, 0x1) io_uring_enter(r0, 0x4c07, 0x8ab9, 0x0, 0x0, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) write$binfmt_elf64(r6, &(0x7f00000007c0)=ANY=[], 0x8f9) 02:52:18 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40509, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:52:18 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 46) [ 2419.267056] FAULT_INJECTION: forcing a failure. [ 2419.267056] name failslab, interval 1, probability 0, space 0, times 0 [ 2419.269934] CPU: 1 PID: 12542 Comm: syz-executor.0 Not tainted 5.10.234 #1 [ 2419.271455] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2419.273231] Call Trace: [ 2419.273796] dump_stack+0x107/0x167 [ 2419.274625] should_fail.cold+0x5/0xa [ 2419.275441] ? create_object.isra.0+0x3a/0xa20 [ 2419.276423] should_failslab+0x5/0x20 [ 2419.277246] kmem_cache_alloc+0x5b/0x310 [ 2419.278087] loop5: detected capacity change from 0 to 263168 [ 2419.278125] create_object.isra.0+0x3a/0xa20 [ 2419.280520] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2419.281610] __kmalloc+0x16e/0x390 [ 2419.282389] io_setup_async_rw+0x180/0x580 [ 2419.283294] io_read+0xe98/0x11e0 [ 2419.284050] ? kiocb_done+0xc90/0xc90 [ 2419.284857] ? mark_lock+0xf5/0x2df0 [ 2419.285653] ? lock_chain_count+0x20/0x20 [ 2419.286564] ? __lockdep_reset_lock+0x180/0x180 [ 2419.287566] ? lock_acquire+0x197/0x470 [ 2419.288422] ? __lock_acquire+0xbb1/0x5b00 [ 2419.289340] io_issue_sqe+0x2e8a/0x77b0 [ 2419.290199] ? perf_trace_lock+0xac/0x490 [ 2419.291099] ? SOFTIRQ_verbose+0x10/0x10 [ 2419.291959] ? lock_chain_count+0x20/0x20 [ 2419.292852] ? io_connect+0x610/0x610 [ 2419.293675] FAULT_INJECTION: forcing a failure. [ 2419.293675] name failslab, interval 1, probability 0, space 0, times 0 [ 2419.293694] ? lock_acquire+0x197/0x470 [ 2419.293713] ? find_held_lock+0x2c/0x110 [ 2419.293741] ? __fget_files+0x2cf/0x520 [ 2419.293761] ? lock_downgrade+0x6d0/0x6d0 [ 2419.293788] __io_queue_sqe+0x90/0x9d0 [ 2419.293816] ? io_issue_sqe+0x77b0/0x77b0 [ 2419.293832] ? __fget_files+0x2f8/0x520 [ 2419.293859] ? io_prep_rw+0x7f5/0x1050 [ 2419.304008] io_submit_sqes+0x44aa/0x8610 [ 2419.305059] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2419.306229] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2419.307425] ? find_held_lock+0x2c/0x110 [ 2419.308572] ? io_submit_sqes+0x8610/0x8610 [ 2419.309631] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2419.310936] ? wait_for_completion_io+0x270/0x270 [ 2419.312104] ? rcu_read_lock_any_held+0x75/0xa0 [ 2419.313107] ? vfs_write+0x354/0xb10 [ 2419.313906] ? fput_many+0x2f/0x1a0 [ 2419.314771] ? ksys_write+0x1a9/0x260 [ 2419.315762] ? __ia32_sys_read+0xb0/0xb0 [ 2419.316854] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2419.318228] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2419.319588] do_syscall_64+0x33/0x40 [ 2419.320560] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2419.321867] RIP: 0033:0x7ff7fbbbbb19 [ 2419.322754] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2419.327555] RSP: 002b:00007ff7f9131188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2419.329546] RAX: ffffffffffffffda RBX: 00007ff7fbccef60 RCX: 00007ff7fbbbbb19 [ 2419.331421] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2419.333275] RBP: 00007ff7f91311d0 R08: 0000000000000000 R09: 0000000000000000 [ 2419.335141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2419.337006] R13: 00007ffd6f9efb5f R14: 00007ff7f9131300 R15: 0000000000022000 [ 2419.339075] CPU: 0 PID: 12550 Comm: syz-executor.3 Not tainted 5.10.234 #1 [ 2419.341223] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2419.343724] Call Trace: [ 2419.344531] dump_stack+0x107/0x167 [ 2419.345875] should_fail.cold+0x5/0xa [ 2419.347051] ? create_object.isra.0+0x3a/0xa20 [ 2419.348432] should_failslab+0x5/0x20 [ 2419.349586] kmem_cache_alloc+0x5b/0x310 [ 2419.350835] ? mark_held_locks+0x9e/0xe0 [ 2419.352073] create_object.isra.0+0x3a/0xa20 [ 2419.353400] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2419.354978] kmem_cache_alloc_bulk+0x168/0x320 [ 2419.356388] io_submit_sqes+0x6fe6/0x8610 [ 2419.357703] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2419.359226] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2419.360699] ? find_held_lock+0x2c/0x110 [ 2419.361944] ? io_submit_sqes+0x8610/0x8610 [ 2419.363281] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2419.364750] ? wait_for_completion_io+0x270/0x270 [ 2419.366211] ? rcu_read_lock_any_held+0x75/0xa0 [ 2419.367620] ? vfs_write+0x354/0xb10 [ 2419.368743] ? fput_many+0x2f/0x1a0 [ 2419.369848] ? ksys_write+0x1a9/0x260 [ 2419.371011] ? __ia32_sys_read+0xb0/0xb0 [ 2419.372253] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2419.373835] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2419.375414] do_syscall_64+0x33/0x40 [ 2419.376546] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2419.378102] RIP: 0033:0x7f6d2ff1eb19 [ 2419.379245] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2419.379298] FAULT_INJECTION: forcing a failure. [ 2419.379298] name failslab, interval 1, probability 0, space 0, times 0 [ 2419.384758] RSP: 002b:00007f6d2d494188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2419.384794] RAX: ffffffffffffffda RBX: 00007f6d30031f60 RCX: 00007f6d2ff1eb19 [ 2419.384812] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2419.384832] RBP: 00007f6d2d4941d0 R08: 0000000000000000 R09: 0000000000000000 [ 2419.384849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2419.384868] R13: 00007fffd21e992f R14: 00007f6d2d494300 R15: 0000000000022000 [ 2419.401289] CPU: 1 PID: 12546 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2419.403113] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2419.405284] Call Trace: [ 2419.405990] dump_stack+0x107/0x167 [ 2419.406975] should_fail.cold+0x5/0xa [ 2419.407988] ? __io_queue_sqe+0x666/0x9d0 [ 2419.409107] should_failslab+0x5/0x20 [ 2419.410123] kmem_cache_alloc_trace+0x55/0x320 [ 2419.411350] ? lock_downgrade+0x6d0/0x6d0 [ 2419.412465] __io_queue_sqe+0x666/0x9d0 [ 2419.413529] ? io_issue_sqe+0x77b0/0x77b0 [ 2419.414636] ? __fget_files+0x2f8/0x520 [ 2419.415701] ? io_prep_rw+0x7f5/0x1050 [ 2419.416745] io_submit_sqes+0x44aa/0x8610 [ 2419.417903] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2419.419239] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2419.420530] ? find_held_lock+0x2c/0x110 [ 2419.421620] ? io_submit_sqes+0x8610/0x8610 [ 2419.422801] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2419.424093] ? wait_for_completion_io+0x270/0x270 [ 2419.425371] ? rcu_read_lock_any_held+0x75/0xa0 [ 2419.426555] ? vfs_write+0x354/0xb10 [ 2419.427495] ? fput_many+0x2f/0x1a0 [ 2419.428396] ? ksys_write+0x1a9/0x260 [ 2419.429314] ? __ia32_sys_read+0xb0/0xb0 [ 2419.430349] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2419.431609] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2419.432869] do_syscall_64+0x33/0x40 [ 2419.433788] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2419.435038] RIP: 0033:0x7fc0e8027b19 [ 2419.435942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2419.440369] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2419.442047] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2419.443746] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2419.445413] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2419.447048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2419.448579] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 [ 2419.486611] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem 02:52:18 executing program 7: open(&(0x7f0000000140)='./file1\x00', 0x100, 0x38) statx(0xffffffffffffffff, &(0x7f0000000180)='./file2\x00', 0x0, 0x8, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) lstat(&(0x7f00000002c0)='./file1\x00', 0x0) r2 = syz_open_dev$vcsn(0x0, 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r2, 0xc0189376, &(0x7f0000000100)={{0x1, 0x1, 0x18, r2, {0x80000000}}, './file2\x00'}) syz_io_uring_setup(0x6ec1, &(0x7f00000006c0)={0x0, 0xee67, 0x1, 0x2, 0x52, 0x0, r3}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000000400), &(0x7f0000000800)) stat(&(0x7f0000000080)='./cgroup/cgroup.procs\x00', &(0x7f0000000540)) fchownat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', r0, r1, 0x100) r4 = open(&(0x7f00000000c0)='./file1\x00', 0x100, 0x40) ioctl$BTRFS_IOC_QGROUP_ASSIGN(0xffffffffffffffff, 0x40189429, &(0x7f0000000140)={0x1, 0x8, 0x6}) sendmsg$nl_generic(r4, &(0x7f0000000500)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x14, 0x1d, 0xd14, 0x70bd29, 0x25dfdbff, {0x1}}, 0x14}}, 0x4040000) r5 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) fsmount(0xffffffffffffffff, 0x1, 0xd) getsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f0000000940)={{{@in, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@loopback}}, 0x0) accept4$unix(0xffffffffffffffff, &(0x7f0000000880)=@abs, &(0x7f0000000900)=0x6e, 0x80000) r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r6, &(0x7f00000000c0), 0x12) perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0xfe, 0x0, 0x0, 0x0, 0x4307, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000380), 0x8}, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xe) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1c0000001d0021f0ffffff00000000000400020008000c0000000000a0c06766b334a2ee27b6df321075d001bd4ba35bcc1dca2618bce597c156961a28b7956ff984698f7c6e3a2b7698ba04db7b7be61492e74417e73ff173685a2e4611b4d44f70a84f199ab89caa578fb92a77e34bc60d7bcfeedb5822b6e05172f41000003fd39b8c012b74a600000000"], 0x1c}}, 0x0) [ 2419.553381] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2419.581601] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:52:18 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/bus/input/devices\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:52:18 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40600, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:52:18 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 47) 02:52:18 executing program 7: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)={0x90, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_USE_RRM={0x4}, @NL80211_ATTR_USE_MFP={0x8}, @NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}, @NL80211_ATTR_HT_CAPABILITY={0x1e}, @NL80211_ATTR_MAC_HINT={0xa, 0xc8, @random="26b4ed9fe96b"}, @NL80211_ATTR_DISABLE_VHT={0x4}, @NL80211_ATTR_HT_CAPABILITY_MASK={0x1e}]}, 0x90}}, 0x0) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r3, 0x2, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x0, 0x3, r2}, @void}}}, 0x61}, 0x1, 0x0, 0x0, 0x440c0}, 0x8d4) [ 2419.993697] loop5: detected capacity change from 0 to 263680 [ 2420.007598] FAULT_INJECTION: forcing a failure. [ 2420.007598] name failslab, interval 1, probability 0, space 0, times 0 [ 2420.010660] CPU: 0 PID: 12574 Comm: syz-executor.3 Not tainted 5.10.234 #1 [ 2420.012289] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2420.014245] Call Trace: [ 2420.014893] dump_stack+0x107/0x167 [ 2420.015759] should_fail.cold+0x5/0xa [ 2420.016665] ? create_object.isra.0+0x3a/0xa20 [ 2420.017760] should_failslab+0x5/0x20 [ 2420.018673] kmem_cache_alloc+0x5b/0x310 [ 2420.019768] ? mark_held_locks+0x9e/0xe0 [ 2420.020741] create_object.isra.0+0x3a/0xa20 [ 2420.021784] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2420.023001] kmem_cache_alloc_bulk+0x168/0x320 [ 2420.024254] io_submit_sqes+0x6fe6/0x8610 [ 2420.025292] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2420.026580] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2420.027937] ? find_held_lock+0x2c/0x110 [ 2420.029068] ? io_submit_sqes+0x8610/0x8610 [ 2420.030338] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2420.031650] ? wait_for_completion_io+0x270/0x270 [ 2420.033011] ? rcu_read_lock_any_held+0x75/0xa0 [ 2420.034319] ? vfs_write+0x354/0xb10 [ 2420.035305] ? fput_many+0x2f/0x1a0 [ 2420.036340] ? ksys_write+0x1a9/0x260 [ 2420.037419] ? __ia32_sys_read+0xb0/0xb0 [ 2420.038591] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2420.040087] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2420.041519] do_syscall_64+0x33/0x40 [ 2420.042534] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2420.043888] RIP: 0033:0x7f6d2ff1eb19 [ 2420.044765] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2420.049274] RSP: 002b:00007f6d2d494188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2420.051290] RAX: ffffffffffffffda RBX: 00007f6d30031f60 RCX: 00007f6d2ff1eb19 [ 2420.053172] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2420.055189] RBP: 00007f6d2d4941d0 R08: 0000000000000000 R09: 0000000000000000 [ 2420.057196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2420.059234] R13: 00007fffd21e992f R14: 00007f6d2d494300 R15: 0000000000022000 [ 2420.078349] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2420.111648] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2420.137871] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:52:37 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x80) dup3(r0, r1, 0x80000) write$binfmt_elf64(r2, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r2, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) r3 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000000)=0x5, 0x4) fallocate(r2, 0x3d, 0xff, 0x7ffe) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) preadv(r3, &(0x7f0000000680)=[{&(0x7f0000000240)=""/24, 0x18}, {&(0x7f00000003c0)=""/214, 0xd6}, {&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f00000004c0)=""/154, 0x9a}, {&(0x7f0000000580)=""/245, 0xf5}], 0x5, 0xfff, 0x9) sendmsg$NFQNL_MSG_VERDICT(r4, &(0x7f0000000800)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000740)={0x64, 0x1, 0x3, 0x3, 0x0, 0x0, {0x0, 0x0, 0x6}, [@NFQA_EXP={0x50, 0xf, 0x0, 0x1, [@CTA_EXPECT_MASK={0x44, 0x3, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2={0xfc, 0x2, '\x00', 0x1}}, {0x14, 0x4, @empty}}}]}, @CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x9}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000001}, 0x40001) 02:52:37 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) r4 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_script(r4, &(0x7f0000000340)={'#! ', './file0', [{0x20, '/dev/snd/seq\x00'}, {}, {}, {}, {0x20, ',:-!-})'}, {0x20, '/dev/snd/seq\x00'}, {}, {0x20, '/dev/full\x00'}, {0x20, '/dev/full\x00'}], 0xa, "25b30b7108e210ea73f37210c6b061e9379c79d96459b0e7a1bd0846b008e09ae230b310faabce17edf2879063ea3ca86d177859d37699df94d9ff4ffee0678624a027dfa6ee097c760d336f05f096735013092cf4d06bc512e2222a08e603bf095202a0494af64ee8c102182aa15533603ec700bd5c271919ec3de74b6e87aebc1b7b332b72f824223e824114ee422f87a94af1f863d624358476c7ff7b6ca10d6b84c8ff9c5c6e8dd7dc832ae8ceec14618ff4fdf89972e83e5c43"}, 0x105) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) 02:52:37 executing program 7: r0 = syz_io_uring_setup(0x2a7b, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd=r0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r3}}, 0x0) r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000000)=0x20000000) fstatfs(r4, &(0x7f00000004c0)=""/89) fchdir(r4) add_key$fscrypt_v1(&(0x7f0000000180), 0x0, 0x0, 0x0, 0xfffffffffffffffe) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:52:37 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 70) 02:52:37 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 53) 02:52:37 executing program 6: getpgid(0x0) r0 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x22902, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000140)) syz_io_uring_complete(0x0) r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x5, 0x80010, r0, 0x0) syz_io_uring_setup(0x2e06, &(0x7f00000002c0)={0x0, 0x82a7, 0x10, 0x1, 0x28b, 0x0, r0}, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000000180), &(0x7f0000000340)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_POLL_REMOVE={0x7, 0x3, 0x0, 0x0, 0x0, 0x12345}, 0x2) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7fc}, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) preadv(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000080)=""/200, 0x20000148}], 0x1, 0x0, 0x0) sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="120000001600010d000000000000000081666c4879091a2a3ee577b6000000"], 0x14}}, 0x0) read(r3, &(0x7f0000000080)=""/65, 0x41) syz_open_dev$tty1(0xc, 0x4, 0x1) socket$nl_generic(0x10, 0x3, 0x10) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$BTRFS_IOC_QGROUP_ASSIGN(0xffffffffffffffff, 0x40189429, &(0x7f0000000040)={0x0, 0x7f, 0x5}) 02:52:37 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40601, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:52:37 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 48) [ 2438.359013] loop5: detected capacity change from 0 to 263680 [ 2438.391449] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2438.396791] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2438.403460] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue [ 2438.442100] FAULT_INJECTION: forcing a failure. [ 2438.442100] name failslab, interval 1, probability 0, space 0, times 0 [ 2438.445185] CPU: 0 PID: 12602 Comm: syz-executor.0 Not tainted 5.10.234 #1 [ 2438.446842] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2438.448787] Call Trace: [ 2438.449408] dump_stack+0x107/0x167 [ 2438.450268] should_fail.cold+0x5/0xa [ 2438.451214] ? __io_queue_sqe+0x666/0x9d0 [ 2438.452190] should_failslab+0x5/0x20 [ 2438.453088] kmem_cache_alloc_trace+0x55/0x320 [ 2438.454160] ? lock_downgrade+0x6d0/0x6d0 [ 2438.455152] __io_queue_sqe+0x666/0x9d0 [ 2438.456095] ? io_issue_sqe+0x77b0/0x77b0 [ 2438.457067] ? __fget_files+0x2f8/0x520 [ 2438.458005] ? io_prep_rw+0x7f5/0x1050 [ 2438.458976] io_submit_sqes+0x44aa/0x8610 [ 2438.459988] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2438.461150] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2438.462286] ? find_held_lock+0x2c/0x110 [ 2438.463258] ? io_submit_sqes+0x8610/0x8610 [ 2438.464276] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2438.465404] ? wait_for_completion_io+0x270/0x270 [ 2438.466564] ? rcu_read_lock_any_held+0x75/0xa0 [ 2438.467649] ? vfs_write+0x354/0xb10 [ 2438.468519] ? fput_many+0x2f/0x1a0 [ 2438.469371] ? ksys_write+0x1a9/0x260 [ 2438.470263] ? __ia32_sys_read+0xb0/0xb0 [ 2438.471231] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2438.472453] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2438.473666] do_syscall_64+0x33/0x40 [ 2438.474561] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2438.475799] RIP: 0033:0x7ff7fbbbbb19 [ 2438.476673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2438.481001] RSP: 002b:00007ff7f9131188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2438.482796] RAX: ffffffffffffffda RBX: 00007ff7fbccef60 RCX: 00007ff7fbbbbb19 [ 2438.484465] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2438.486132] RBP: 00007ff7f91311d0 R08: 0000000000000000 R09: 0000000000000000 [ 2438.487809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2438.489478] R13: 00007ffd6f9efb5f R14: 00007ff7f9131300 R15: 0000000000022000 [ 2438.500492] FAULT_INJECTION: forcing a failure. [ 2438.500492] name failslab, interval 1, probability 0, space 0, times 0 [ 2438.502450] FAULT_INJECTION: forcing a failure. [ 2438.502450] name failslab, interval 1, probability 0, space 0, times 0 [ 2438.503547] CPU: 0 PID: 12605 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2438.507290] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2438.509247] Call Trace: [ 2438.509863] dump_stack+0x107/0x167 [ 2438.510734] should_fail.cold+0x5/0xa [ 2438.511634] ? create_object.isra.0+0x3a/0xa20 [ 2438.512711] should_failslab+0x5/0x20 [ 2438.513605] kmem_cache_alloc+0x5b/0x310 [ 2438.514582] create_object.isra.0+0x3a/0xa20 [ 2438.515613] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2438.516814] kmem_cache_alloc_trace+0x151/0x320 [ 2438.517905] ? lock_downgrade+0x6d0/0x6d0 [ 2438.518906] __io_queue_sqe+0x666/0x9d0 [ 2438.519852] ? io_issue_sqe+0x77b0/0x77b0 [ 2438.520822] ? __fget_files+0x2f8/0x520 [ 2438.521784] ? io_prep_rw+0x7f5/0x1050 [ 2438.522722] io_submit_sqes+0x44aa/0x8610 [ 2438.523740] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2438.524911] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2438.526052] ? find_held_lock+0x2c/0x110 [ 2438.527026] ? io_submit_sqes+0x8610/0x8610 [ 2438.528052] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2438.529192] ? wait_for_completion_io+0x270/0x270 [ 2438.530328] ? rcu_read_lock_any_held+0x75/0xa0 [ 2438.531432] ? vfs_write+0x354/0xb10 [ 2438.532280] ? fput_many+0x2f/0x1a0 [ 2438.533134] ? ksys_write+0x1a9/0x260 [ 2438.534029] ? __ia32_sys_read+0xb0/0xb0 [ 2438.534997] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2438.536225] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2438.537444] do_syscall_64+0x33/0x40 [ 2438.543744] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2438.545146] RIP: 0033:0x7fc0e8027b19 [ 2438.546041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2438.550456] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2438.552299] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2438.553997] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2438.555717] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2438.557411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2438.559122] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 [ 2438.560911] CPU: 1 PID: 12604 Comm: syz-executor.3 Not tainted 5.10.234 #1 [ 2438.562535] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2438.564780] Call Trace: [ 2438.565379] dump_stack+0x107/0x167 [ 2438.566182] should_fail.cold+0x5/0xa [ 2438.567046] ? create_object.isra.0+0x3a/0xa20 [ 2438.568057] should_failslab+0x5/0x20 [ 2438.568896] kmem_cache_alloc+0x5b/0x310 [ 2438.569791] ? mark_held_locks+0x9e/0xe0 [ 2438.570697] create_object.isra.0+0x3a/0xa20 [ 2438.571659] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2438.572779] kmem_cache_alloc_bulk+0x168/0x320 [ 2438.573797] io_submit_sqes+0x6fe6/0x8610 [ 2438.574755] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2438.575854] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2438.576923] ? find_held_lock+0x2c/0x110 [ 2438.577835] ? io_submit_sqes+0x8610/0x8610 [ 2438.578805] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2438.579866] ? wait_for_completion_io+0x270/0x270 [ 2438.580933] ? rcu_read_lock_any_held+0x75/0xa0 [ 2438.581954] ? vfs_write+0x354/0xb10 [ 2438.582785] ? fput_many+0x2f/0x1a0 [ 2438.583591] ? ksys_write+0x1a9/0x260 [ 2438.584431] ? __ia32_sys_read+0xb0/0xb0 [ 2438.585332] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2438.586499] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2438.587638] do_syscall_64+0x33/0x40 [ 2438.588456] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2438.589588] RIP: 0033:0x7f6d2ff1eb19 [ 2438.590413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2438.594465] RSP: 002b:00007f6d2d494188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2438.596149] RAX: ffffffffffffffda RBX: 00007f6d30031f60 RCX: 00007f6d2ff1eb19 [ 2438.597713] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2438.599257] RBP: 00007f6d2d4941d0 R08: 0000000000000000 R09: 0000000000000000 [ 2438.600779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2438.602291] R13: 00007fffd21e992f R14: 00007f6d2d494300 R15: 0000000000022000 02:52:37 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) timer_settime(r0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) timer_gettime(r0, &(0x7f00000002c0)) timer_delete(r0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8004, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) clone3(&(0x7f0000000880)={0x20000, &(0x7f0000000640), &(0x7f00000003c0), &(0x7f0000000400), {0xd}, &(0x7f0000000700), 0x0, &(0x7f0000000740)=""/224, &(0x7f0000000840)=[0xffffffffffffffff], 0x1}, 0x58) fsetxattr$security_ima(0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000ac0)=ANY=[@ANYBLOB="040041b2042131d734a29ade8b0360792e8a53b0e02e668b3ca330f8b59aa7134170c5612d31161d11a6fbcd060200000024c5df091650478277b5405e62aba026eb436609209c45f379ded06400f18bcdde5eabc96bc52a72b288ef8e8d6c8201676b82e9ffc81985cabb4355c826bca259bd0dfd7397c81e880390f7118889a1b8f858430699a64f3107c5f47baebeaa56000000000000000029f7cfc5f87b6bb6d3c602f209a2aabeb298f08d65919ee41a214607c00774aa1c77e26391d2166fc59fc63a79db3192dfa1a84467ec07cb50e2ea1993a8bbbb1858e4422c6abd082b3754499174110315288ea4eff39a0f1406a6b9da003d50ec13a2a1633b83a0ac23914893e373000000e5f3dfd13672ea507188ac3799f84dc5feb7c30eccc2f8c3c6f6f390ed893e3df2d29efd9e3c471400a62cc65587d5ce2c4d723d2d02aa483147b430b361435e1f01dc5a3bf626957002a84006985e839e17639e0b607d5e50349af65f4f2bbd4d0346f1fdc1b2cffe4d20ca9404add59e86ba6adaaadf1d204882ab6c333951c4d1524ce9bcd4beaaa6b1d48329038ca4b24fdd5c7c0819d5c856a569abbe57c2c143709acff8b295c477a25e79eb3448c6a4e08a36402cd49229bd7f2832789d17c7e1e81a516f736faa5f78ca4ec4073f2b26e28f6edd1beb747919f888890f14b3fd7aec1f8bd4f3ae3327459786fb19842dae42aa95cb3f20619c51b098f0f13ca7a757b0cd23bdee854874363a11ff7b3784da3b78494040ab0e1c566c29cba52a7d0a20b11f98951e624b0cd5e1f2ee516bb3bdb0901fc92d53358c1562d539f040a9f920f052626b4dcc070663a9f2dcebbf0c233a2dc307975f5f48ee74d68a5b9b67b6b5f92cef18a93e656b15e3aca7031d9e2b7f139420b5f7dab41000"/665], 0x4, 0x1) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000100)=0x0) capset(&(0x7f0000000240)={0x20080522, r1}, &(0x7f0000000300)={0x800, 0x3, 0x7, 0xd7, 0x8000, 0x6}) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r2}, &(0x7f0000000340)=0x0) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYRES64=r3], 0x14}}, 0x0) ioctl$KDGKBMETA(0xffffffffffffffff, 0x4b62, &(0x7f00000000c0)) timer_create(0x5, &(0x7f00000005c0)={0x0, 0x0, 0x4}, &(0x7f0000000600)) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 02:52:37 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40602, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) [ 2438.804906] loop5: detected capacity change from 0 to 263680 [ 2438.827240] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem 02:52:37 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r2, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)={0x80000, 0x45, 0x15}, 0x18) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r2, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r2, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(r0, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x180) [ 2438.893185] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2438.898552] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:52:56 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 49) 02:52:56 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40603, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:52:56 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x92}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) syz_io_uring_setup(0x24, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000140)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000300)=@IORING_OP_SPLICE, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r5, &(0x7f0000000100)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r6, 0x0, 0x0, 0x0, {0x22c3}}, 0x3f) 02:52:56 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 71) 02:52:56 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5b, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x20040, 0x0) fallocate(r2, 0x27, 0x8, 0x7c) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:52:56 executing program 7: syz_open_dev$vcsa(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) write$P9_RATTACH(r0, &(0x7f00000000c0)={0x14}, 0xff24) ioctl$FIONREAD(r0, 0x541b, &(0x7f0000000040)) perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x3, 0x0, 0x20, 0x1, 0x0, 0x8, 0x1040, 0x9, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x7, 0x1, @perf_bp={&(0x7f0000000040), 0x2}, 0x1000, 0x1800000, 0x7, 0x8, 0x5, 0x6, 0x67a, 0x0, 0x0, 0x0, 0x4}, 0x0, 0xb, r0, 0x2) fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000002) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0x0) syz_open_procfs(0x0, &(0x7f0000000180)='net/ip_tables_matches\x00') r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='./file1\x00', 0x2c2901, 0x0) pipe(&(0x7f00000003c0)={0xffffffffffffffff}) fcntl$lock(r3, 0x6, &(0x7f0000000000)={0x1}) write$P9_RSETATTR(r3, &(0x7f0000000000)={0x7, 0x1b, 0x2}, 0x7) sendfile(r1, r2, 0x0, 0x100000001) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, 0xffffffffffffffff, 0x0) 02:52:56 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 54) 02:52:56 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) sendfile(r1, r2, 0x0, 0x100000001) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0) syz_io_uring_setup(0x20dd, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000001c0)={0x0}, &(0x7f0000000180)=0xc) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r4, &(0x7f00000000c0), 0x12) perf_event_open(&(0x7f0000000080)={0x3, 0x80, 0x3, 0x8, 0x1f, 0x8, 0x0, 0x6, 0x2, 0x5, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xffffffff, 0x0, @perf_bp={&(0x7f0000000040), 0x1}, 0x11, 0x0, 0x2, 0x4, 0xffffffffffffff01, 0x1, 0x7, 0x0, 0x8, 0x0, 0x5}, r3, 0x9, r4, 0x8) [ 2457.975535] FAULT_INJECTION: forcing a failure. [ 2457.975535] name failslab, interval 1, probability 0, space 0, times 0 [ 2457.978483] CPU: 0 PID: 12640 Comm: syz-executor.0 Not tainted 5.10.234 #1 [ 2457.980089] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2457.982049] Call Trace: [ 2457.982658] FAULT_INJECTION: forcing a failure. [ 2457.982658] name failslab, interval 1, probability 0, space 0, times 0 [ 2457.985268] dump_stack+0x107/0x167 [ 2457.986130] should_fail.cold+0x5/0xa [ 2457.987062] ? create_object.isra.0+0x3a/0xa20 [ 2457.988133] should_failslab+0x5/0x20 [ 2457.989081] kmem_cache_alloc+0x5b/0x310 [ 2457.990148] create_object.isra.0+0x3a/0xa20 [ 2457.991200] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2457.992363] kmem_cache_alloc_trace+0x151/0x320 [ 2457.993465] __io_queue_sqe+0x666/0x9d0 [ 2457.994364] ? io_issue_sqe+0x77b0/0x77b0 [ 2457.995325] ? __fget_files+0x2f8/0x520 [ 2457.996256] ? io_prep_rw+0x7f5/0x1050 [ 2457.997169] io_submit_sqes+0x44aa/0x8610 [ 2457.998155] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2457.999319] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2458.000420] ? find_held_lock+0x2c/0x110 [ 2458.001375] ? io_submit_sqes+0x8610/0x8610 [ 2458.002377] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2458.003510] ? wait_for_completion_io+0x270/0x270 [ 2458.004647] ? rcu_read_lock_any_held+0x75/0xa0 [ 2458.005717] ? vfs_write+0x354/0xb10 [ 2458.006582] ? fput_many+0x2f/0x1a0 [ 2458.007433] ? ksys_write+0x1a9/0x260 [ 2458.008320] ? __ia32_sys_read+0xb0/0xb0 [ 2458.009283] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2458.010496] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2458.011712] do_syscall_64+0x33/0x40 [ 2458.012578] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2458.013731] RIP: 0033:0x7ff7fbbbbb19 [ 2458.014575] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2458.018814] RSP: 002b:00007ff7f9131188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2458.020571] RAX: ffffffffffffffda RBX: 00007ff7fbccef60 RCX: 00007ff7fbbbbb19 [ 2458.022200] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2458.023872] RBP: 00007ff7f91311d0 R08: 0000000000000000 R09: 0000000000000000 [ 2458.025483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2458.027150] R13: 00007ffd6f9efb5f R14: 00007ff7f9131300 R15: 0000000000022000 [ 2458.028877] CPU: 1 PID: 12644 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2458.030425] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2458.032206] Call Trace: [ 2458.032776] dump_stack+0x107/0x167 [ 2458.033556] should_fail.cold+0x5/0xa [ 2458.034368] ? io_setup_async_rw+0x180/0x580 [ 2458.035315] should_failslab+0x5/0x20 [ 2458.036290] __kmalloc+0x72/0x390 [ 2458.037103] ? lock_downgrade+0x6d0/0x6d0 [ 2458.038123] io_setup_async_rw+0x180/0x580 [ 2458.039132] io_read+0xe98/0x11e0 [ 2458.039931] ? __lock_acquire+0x1657/0x5b00 [ 2458.040943] ? kiocb_done+0xc90/0xc90 [ 2458.041835] ? mark_lock+0xf5/0x2df0 [ 2458.042776] ? lock_chain_count+0x20/0x20 [ 2458.043793] ? __lock_acquire+0xbb1/0x5b00 [ 2458.044830] io_issue_sqe+0x2e8a/0x77b0 [ 2458.045975] ? find_held_lock+0x2c/0x110 [ 2458.046951] ? perf_trace_lock+0xac/0x490 [ 2458.047844] ? SOFTIRQ_verbose+0x10/0x10 [ 2458.048721] ? __io_arm_poll_handler+0x59b/0x9e0 [ 2458.049762] ? io_connect+0x610/0x610 [ 2458.050588] ? lock_acquire+0x197/0x470 [ 2458.051662] ? find_held_lock+0x2c/0x110 [ 2458.053165] ? __fget_files+0x2cf/0x520 [ 2458.054467] loop5: detected capacity change from 0 to 263680 [ 2458.054594] ? lock_downgrade+0x6d0/0x6d0 [ 2458.056819] __io_queue_sqe+0x90/0x9d0 [ 2458.057666] ? io_issue_sqe+0x77b0/0x77b0 [ 2458.058727] ? __fget_files+0x2f8/0x520 [ 2458.059646] ? io_prep_rw+0x7f5/0x1050 [ 2458.060687] io_submit_sqes+0x44aa/0x8610 [ 2458.061615] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2458.062679] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2458.063727] ? find_held_lock+0x2c/0x110 [ 2458.064611] ? io_submit_sqes+0x8610/0x8610 [ 2458.065548] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2458.066559] ? wait_for_completion_io+0x270/0x270 [ 2458.067581] ? rcu_read_lock_any_held+0x75/0xa0 [ 2458.068575] ? vfs_write+0x354/0xb10 [ 2458.069373] ? fput_many+0x2f/0x1a0 [ 2458.070159] ? ksys_write+0x1a9/0x260 [ 2458.070986] ? __ia32_sys_read+0xb0/0xb0 [ 2458.071846] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2458.072963] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2458.074065] do_syscall_64+0x33/0x40 [ 2458.074880] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2458.075972] RIP: 0033:0x7fc0e8027b19 [ 2458.076768] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2458.080725] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2458.082364] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2458.083546] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2458.083887] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2458.083899] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2458.083911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2458.083923] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 [ 2458.137167] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2458.146706] FAULT_INJECTION: forcing a failure. [ 2458.146706] name failslab, interval 1, probability 0, space 0, times 0 [ 2458.149638] CPU: 1 PID: 12648 Comm: syz-executor.3 Not tainted 5.10.234 #1 [ 2458.151127] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2458.152909] Call Trace: [ 2458.153482] dump_stack+0x107/0x167 [ 2458.154269] should_fail.cold+0x5/0xa [ 2458.155103] ? create_object.isra.0+0x3a/0xa20 [ 2458.156067] should_failslab+0x5/0x20 [ 2458.156883] kmem_cache_alloc+0x5b/0x310 [ 2458.157752] ? mark_held_locks+0x9e/0xe0 [ 2458.158618] create_object.isra.0+0x3a/0xa20 [ 2458.159555] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2458.160640] kmem_cache_alloc_bulk+0x168/0x320 [ 2458.161618] io_submit_sqes+0x6fe6/0x8610 [ 2458.162540] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2458.163600] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2458.164630] ? find_held_lock+0x2c/0x110 [ 2458.165505] ? io_submit_sqes+0x8610/0x8610 [ 2458.166434] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2458.167480] ? wait_for_completion_io+0x270/0x270 [ 2458.168545] ? rcu_read_lock_any_held+0x75/0xa0 [ 2458.169684] ? vfs_write+0x354/0xb10 [ 2458.170557] ? fput_many+0x2f/0x1a0 [ 2458.171401] ? ksys_write+0x1a9/0x260 [ 2458.172259] ? __ia32_sys_read+0xb0/0xb0 [ 2458.173419] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2458.174824] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2458.176266] do_syscall_64+0x33/0x40 [ 2458.177182] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2458.178681] RIP: 0033:0x7f6d2ff1eb19 [ 2458.179844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2458.184498] RSP: 002b:00007f6d2d494188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2458.186500] RAX: ffffffffffffffda RBX: 00007f6d30031f60 RCX: 00007f6d2ff1eb19 [ 2458.188304] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2458.190013] RBP: 00007f6d2d4941d0 R08: 0000000000000000 R09: 0000000000000000 [ 2458.191655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2458.193440] R13: 00007fffd21e992f R14: 00007f6d2d494300 R15: 0000000000022000 [ 2458.203315] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:52:57 executing program 7: r0 = add_key(&(0x7f0000000140)='rxrpc_s\x00', &(0x7f0000000180)={'syz', 0x1}, &(0x7f00000001c0)="e5f8a2c49909d422", 0x8, 0xfffffffffffffffe) keyctl$search(0xa, 0x0, &(0x7f00000000c0)='syzkaller\x00', &(0x7f0000000100)={'syz', 0x3}, r0) statx(0xffffffffffffffff, &(0x7f0000000180)='./file1\x00', 0x100, 0x8, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchownat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', r1, r2, 0x1000) statx(0xffffffffffffffff, &(0x7f0000000180)='./file1\x00', 0x100, 0x8, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchownat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', r3, r4, 0x1000) keyctl$chown(0x4, r0, r1, r4) perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x72, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)=ANY=[@ANYBLOB="200000001d00210c000000000000000004"], 0x20}}, 0x0) 02:52:57 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40700, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:52:57 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x35, 0x0, 0x1, 0x6}, {}, {0x6}]}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x20000000) fstatfs(r0, &(0x7f00000004c0)=""/89) ioctl$F2FS_IOC_FLUSH_DEVICE(r0, 0x4008f50a, &(0x7f00000000c0)={0x7, 0x4}) prctl$PR_SET_SECCOMP(0x16, 0x0, 0x0) r1 = openat$incfs(0xffffffffffffffff, &(0x7f0000000000)='.pending_reads\x00', 0x8281, 0x102) fsync(r1) [ 2458.386239] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.7'. 02:52:57 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x2, 0x0, 0x2, 0x2, &(0x7f0000000480)="899313099d0add3faf5417efd7921b", 0x800, 0x0, 0x1, {0x1}}, 0x4) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) r2 = fork() ptrace(0x10, r2) ptrace$setsig(0x4203, r2, 0x8269, &(0x7f00000000c0)={0x1a, 0x5, 0x9}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3d, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3, 0x0, 0x0, 0x1}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x3, 0x4077, 0x8000) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(r1, 0xc0189376, &(0x7f0000000240)={{0x1, 0x1, 0x18, r3}, './file1\x00'}) r4 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x38, r4, 0x2, 0x70bd28, 0x25dfdbff, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast1}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @empty}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}]}, 0x38}, 0x1, 0x0, 0x0, 0x40c4}, 0x8091) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) [ 2458.500088] loop5: detected capacity change from 0 to 263680 02:52:57 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 55) [ 2458.520146] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2458.526189] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2458.548891] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue [ 2458.565999] audit: type=1326 audit(1742007177.501:240): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12662 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f62f6401b19 code=0x0 02:52:57 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 50) 02:52:57 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40701, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:52:57 executing program 2: ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f00000000c0)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x7}}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_FAIL(r0, 0xc0189377, &(0x7f0000000100)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2, 0x1}}, './file0\x00'}) r1 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r4}, 0x0) r5 = syz_open_dev$vcsn(0x0, 0x4, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000380)={'vxcan1\x00'}) mmap$IORING_OFF_CQ_RING(&(0x7f0000fee000/0x12000)=nil, 0x12000, 0x1000000, 0x100010, r5, 0x8000000) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r4) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:52:57 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 72) 02:52:57 executing program 7: ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, 0x0) r0 = open(0x0, 0x0, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x1, 0x400}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c0000001d00210c00000000ffffffff0400020008000c00000000008be09799e77ec98966a0ed43c24ea904f5a032adb55584c246803afe0206a7d42165cb4a3d1e13a21c9d56619eccf63fdd10deadad1221a09cebcdb0fd719204863d8c4c48079a5e40f632b2d51b67ab6fc0a63c6029fe45d13572"], 0x1c}}, 0x0) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000100)={0x44, r4, 0x201, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r5}, @val={0xc}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'veth0_vlan\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x6}]}, 0x44}, 0x1, 0x0, 0x0, 0x84}, 0x4084) sendmsg$NL80211_CMD_DEL_KEY(r2, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x20, r4, 0x300, 0x70bd28, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x5, 0xa}}}}}, 0x20}, 0x1, 0x0, 0x0, 0x40000080}, 0x40801) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r0) sendmsg$NL80211_CMD_SET_MCAST_RATE(r2, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x30, r6, 0x300, 0x70bd2a, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x1, 0x20}}}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xa}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x400c000) 02:52:57 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000600), 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() setpriority(0x0, r0, 0x0) getpgrp(0x0) r1 = pidfd_open(r0, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)={0x30, 0x10, 0x1, 0x6, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}, @nested={0x11, 0x0, 0x0, 0x1, [@generic="487fec864b245e0f3f9be149f8"]}]}, 0x30}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) fcntl$setstatus(0xffffffffffffffff, 0x4, 0xc00) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r3 = syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff) fcntl$getownex(r1, 0x10, &(0x7f0000000040)={0x0, 0x0}) r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) getsockopt$bt_hci(r5, 0x0, 0x2, &(0x7f00000002c0)=""/220, &(0x7f0000000140)=0xdc) fcntl$F_SET_FILE_RW_HINT(r5, 0x40e, &(0x7f0000000180)=0x5) prlimit64(r4, 0x3, &(0x7f00000000c0)={0x3, 0x9}, &(0x7f0000000100)) sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000005c0), 0xc, &(0x7f0000000240)={&(0x7f0000000700)=ANY=[@ANYRES16=r3, @ANYBLOB="010029bd7000fcdbdf25040000004404004e24000014000300000000000000000000000000000000000c0007003000000004000000080005000400000008000b0e73697020060002005a00000038000280060002004e2100000800090000000000080006f54f00000014000100e000000200000000000000000000000008000900090000001c00038008000300000000000800010001000000080001000200000008000400200000004c000280080006000300000005000d00010000000800050005001c283171ff89dee001000800070086000000080009007c000000080004000900000006000f0002000078e00006000b000a00"], 0x100}, 0x1, 0x0, 0x0, 0x4804}, 0x44) sendmsg$IPVS_CMD_DEL_DAEMON(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000004c0)=ANY=[@ANYBLOB="c3083379", @ANYRES16=r3, @ANYBLOB="000100000000fcdbdf250a0000000c00028005000d0000000000200001801400030000000000000000000000000000000000060002002f000000080006000200000008000600cd000000"], 0x50}, 0x1, 0x0, 0x0, 0x800}, 0x4000) unshare(0x48020200) [ 2458.750158] FAULT_INJECTION: forcing a failure. [ 2458.750158] name failslab, interval 1, probability 0, space 0, times 0 [ 2458.753189] CPU: 1 PID: 12680 Comm: syz-executor.0 Not tainted 5.10.234 #1 [ 2458.754894] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2458.756641] Call Trace: [ 2458.757205] dump_stack+0x107/0x167 [ 2458.758105] should_fail.cold+0x5/0xa [ 2458.759151] ? create_object.isra.0+0x3a/0xa20 [ 2458.760115] should_failslab+0x5/0x20 [ 2458.760922] kmem_cache_alloc+0x5b/0x310 [ 2458.761782] create_object.isra.0+0x3a/0xa20 [ 2458.762713] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2458.763786] __kmalloc+0x16e/0x390 [ 2458.764630] io_setup_async_rw+0x180/0x580 [ 2458.765618] io_read+0xe98/0x11e0 [ 2458.766536] ? kiocb_done+0xc90/0xc90 [ 2458.767363] ? mark_lock+0xf5/0x2df0 [ 2458.768161] ? lock_chain_count+0x20/0x20 [ 2458.769051] ? __lockdep_reset_lock+0x180/0x180 [ 2458.770041] ? lock_acquire+0x197/0x470 [ 2458.770900] ? __lock_acquire+0xbb1/0x5b00 [ 2458.771799] io_issue_sqe+0x2e8a/0x77b0 [ 2458.772786] ? perf_trace_lock+0xac/0x490 [ 2458.773837] ? SOFTIRQ_verbose+0x10/0x10 [ 2458.774762] ? lock_chain_count+0x20/0x20 [ 2458.775642] ? io_connect+0x610/0x610 [ 2458.776453] ? lock_acquire+0x197/0x470 [ 2458.777288] ? find_held_lock+0x2c/0x110 [ 2458.778169] ? __fget_files+0x2cf/0x520 [ 2458.779138] ? lock_downgrade+0x6d0/0x6d0 [ 2458.780211] __io_queue_sqe+0x90/0x9d0 [ 2458.781037] ? io_issue_sqe+0x77b0/0x77b0 [ 2458.781900] ? __fget_files+0x2f8/0x520 [ 2458.782756] ? io_prep_rw+0x7f5/0x1050 [ 2458.783584] io_submit_sqes+0x44aa/0x8610 [ 2458.784566] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2458.785797] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2458.786895] ? find_held_lock+0x2c/0x110 [ 2458.787758] ? io_submit_sqes+0x8610/0x8610 [ 2458.788682] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2458.789704] ? wait_for_completion_io+0x270/0x270 [ 2458.790765] ? rcu_read_lock_any_held+0x75/0xa0 [ 2458.791920] ? vfs_write+0x354/0xb10 [ 2458.792867] ? fput_many+0x2f/0x1a0 [ 2458.793638] ? ksys_write+0x1a9/0x260 [ 2458.794438] ? __ia32_sys_read+0xb0/0xb0 [ 2458.795311] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2458.796413] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2458.797498] do_syscall_64+0x33/0x40 [ 2458.798426] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2458.799744] RIP: 0033:0x7ff7fbbbbb19 [ 2458.800528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2458.804481] RSP: 002b:00007ff7f9131188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2458.806140] RAX: ffffffffffffffda RBX: 00007ff7fbccef60 RCX: 00007ff7fbbbbb19 [ 2458.807834] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2458.809360] RBP: 00007ff7f91311d0 R08: 0000000000000000 R09: 0000000000000000 [ 2458.810869] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2458.812478] R13: 00007ffd6f9efb5f R14: 00007ff7f9131300 R15: 0000000000022000 [ 2458.859357] loop5: detected capacity change from 0 to 263680 [ 2458.871446] FAULT_INJECTION: forcing a failure. [ 2458.871446] name failslab, interval 1, probability 0, space 0, times 0 [ 2458.874075] CPU: 1 PID: 12690 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2458.875550] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2458.877301] Call Trace: [ 2458.877858] dump_stack+0x107/0x167 [ 2458.878841] should_fail.cold+0x5/0xa [ 2458.879714] ? create_object.isra.0+0x3a/0xa20 [ 2458.880732] should_failslab+0x5/0x20 [ 2458.881547] kmem_cache_alloc+0x5b/0x310 [ 2458.882417] create_object.isra.0+0x3a/0xa20 [ 2458.883356] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2458.884434] kmem_cache_alloc_trace+0x151/0x320 [ 2458.885416] ? lock_downgrade+0x6d0/0x6d0 [ 2458.886303] __io_queue_sqe+0x666/0x9d0 [ 2458.887177] ? io_issue_sqe+0x77b0/0x77b0 [ 2458.888052] ? __fget_files+0x2f8/0x520 [ 2458.888901] ? io_prep_rw+0x7f5/0x1050 [ 2458.889737] io_submit_sqes+0x44aa/0x8610 [ 2458.890659] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2458.891735] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2458.892759] ? find_held_lock+0x2c/0x110 [ 2458.893633] ? io_submit_sqes+0x8610/0x8610 [ 2458.894560] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2458.895602] ? wait_for_completion_io+0x270/0x270 [ 2458.896629] ? rcu_read_lock_any_held+0x75/0xa0 [ 2458.897613] ? vfs_write+0x354/0xb10 [ 2458.898406] ? fput_many+0x2f/0x1a0 [ 2458.899195] ? ksys_write+0x1a9/0x260 [ 2458.899999] ? __ia32_sys_read+0xb0/0xb0 [ 2458.900863] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2458.901969] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2458.903075] do_syscall_64+0x33/0x40 [ 2458.903862] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2458.904939] RIP: 0033:0x7fc0e8027b19 [ 2458.905726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2458.909620] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2458.911256] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2458.912810] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2458.914319] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2458.915836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2458.917345] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 [ 2458.932986] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2458.945660] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.6'. [ 2458.977132] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2458.983052] FAULT_INJECTION: forcing a failure. [ 2458.983052] name failslab, interval 1, probability 0, space 0, times 0 [ 2458.985583] CPU: 1 PID: 12697 Comm: syz-executor.3 Not tainted 5.10.234 #1 [ 2458.987053] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2458.988811] Call Trace: [ 2458.989377] dump_stack+0x107/0x167 [ 2458.990153] should_fail.cold+0x5/0xa [ 2458.990976] ? create_object.isra.0+0x3a/0xa20 [ 2458.991947] should_failslab+0x5/0x20 [ 2458.992750] kmem_cache_alloc+0x5b/0x310 [ 2458.993610] ? mark_held_locks+0x9e/0xe0 [ 2458.994003] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue [ 2458.994474] create_object.isra.0+0x3a/0xa20 [ 2458.994504] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2458.998404] kmem_cache_alloc_bulk+0x168/0x320 [ 2458.999400] io_submit_sqes+0x6fe6/0x8610 [ 2459.000323] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2459.001385] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2459.002425] ? find_held_lock+0x2c/0x110 [ 2459.003318] ? io_submit_sqes+0x8610/0x8610 [ 2459.004251] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2459.005289] ? wait_for_completion_io+0x270/0x270 [ 2459.006321] ? rcu_read_lock_any_held+0x75/0xa0 [ 2459.007326] ? vfs_write+0x354/0xb10 [ 2459.008121] ? fput_many+0x2f/0x1a0 [ 2459.008898] ? ksys_write+0x1a9/0x260 [ 2459.009711] ? __ia32_sys_read+0xb0/0xb0 [ 2459.010582] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2459.011709] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2459.012801] do_syscall_64+0x33/0x40 [ 2459.013591] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2459.014680] RIP: 0033:0x7f6d2ff1eb19 [ 2459.015506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2459.019428] RSP: 002b:00007f6d2d494188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2459.021048] RAX: ffffffffffffffda RBX: 00007f6d30031f60 RCX: 00007f6d2ff1eb19 [ 2459.022565] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2459.024096] RBP: 00007f6d2d4941d0 R08: 0000000000000000 R09: 0000000000000000 [ 2459.025603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2459.027134] R13: 00007fffd21e992f R14: 00007f6d2d494300 R15: 0000000000022000 02:52:58 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xfffffffffffffffe, 0xffffffffffffffff, 0x0) fallocate(r1, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x164) sendmsg$NFT_BATCH(r1, &(0x7f0000000340)={&(0x7f0000000000), 0xc, &(0x7f0000000300)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a140000001100010000000000000000000000000a73ae4fc426da00000000000000114e371ab8daaec00331b847c47c7c5fdc2560a7709187ae1eb90114e3db7cfc6d1878777697b83166c1bbe3fb79dcbae2de2efddd7c0dad0c0f0674c226cfcd99c9b3ac0c8b0f3334629c372c5a3ea7ee01c3"], 0x28}, 0x1, 0x0, 0x0, 0x44}, 0x40001) 02:52:58 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40702, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:52:58 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 51) 02:52:58 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 73) [ 2459.396377] loop5: detected capacity change from 0 to 263680 [ 2459.413619] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2459.422667] FAULT_INJECTION: forcing a failure. [ 2459.422667] name failslab, interval 1, probability 0, space 0, times 0 [ 2459.424866] CPU: 1 PID: 12714 Comm: syz-executor.3 Not tainted 5.10.234 #1 [ 2459.426085] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2459.427566] Call Trace: [ 2459.428048] dump_stack+0x107/0x167 [ 2459.428704] should_fail.cold+0x5/0xa [ 2459.429384] ? create_object.isra.0+0x3a/0xa20 [ 2459.430194] should_failslab+0x5/0x20 [ 2459.430913] kmem_cache_alloc+0x5b/0x310 [ 2459.431636] ? mark_held_locks+0x9e/0xe0 [ 2459.432348] create_object.isra.0+0x3a/0xa20 [ 2459.433117] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2459.434112] kmem_cache_alloc_bulk+0x168/0x320 [ 2459.434981] io_submit_sqes+0x6fe6/0x8610 [ 2459.435947] ? percpu_ref_tryget_many+0x142/0x2d0 [ 2459.436833] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2459.437687] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2459.438524] ? find_held_lock+0x2c/0x110 [ 2459.439247] ? io_submit_sqes+0x8610/0x8610 [ 2459.439995] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2459.440837] ? wait_for_completion_io+0x270/0x270 [ 2459.441674] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2459.442585] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2459.443648] ? trace_hardirqs_on+0x5b/0x180 [ 2459.444396] ? asm_sysvec_apic_timer_interrupt+0x12/0x20 [ 2459.445479] ? __io_uring_cancel+0x20/0x20 [ 2459.446344] do_syscall_64+0x33/0x40 [ 2459.446987] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2459.447877] RIP: 0033:0x7f6d2ff1eb19 [ 2459.448524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2459.452127] RSP: 002b:00007f6d2d494188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2459.453926] RAX: ffffffffffffffda RBX: 00007f6d30031f60 RCX: 00007f6d2ff1eb19 [ 2459.455744] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2459.457275] RBP: 00007f6d2d4941d0 R08: 0000000000000000 R09: 0000000000000000 [ 2459.458824] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2459.460353] R13: 00007fffd21e992f R14: 00007f6d2d494300 R15: 0000000000022000 [ 2459.494607] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2459.504272] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue [ 2459.506239] FAULT_INJECTION: forcing a failure. [ 2459.506239] name failslab, interval 1, probability 0, space 0, times 0 [ 2459.509514] CPU: 0 PID: 12716 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2459.511117] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2459.513006] Call Trace: [ 2459.513615] dump_stack+0x107/0x167 [ 2459.514447] should_fail.cold+0x5/0xa [ 2459.515337] ? create_object.isra.0+0x3a/0xa20 [ 2459.516393] should_failslab+0x5/0x20 [ 2459.517267] kmem_cache_alloc+0x5b/0x310 [ 2459.518195] create_object.isra.0+0x3a/0xa20 [ 2459.519208] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2459.520372] kmem_cache_alloc_trace+0x151/0x320 [ 2459.521444] ? lock_downgrade+0x6d0/0x6d0 [ 2459.522400] __io_queue_sqe+0x666/0x9d0 [ 2459.523334] ? io_issue_sqe+0x77b0/0x77b0 [ 2459.524282] ? __fget_files+0x2f8/0x520 [ 2459.525196] ? io_prep_rw+0x7f5/0x1050 [ 2459.526099] io_submit_sqes+0x44aa/0x8610 [ 2459.527096] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2459.528238] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2459.529353] ? find_held_lock+0x2c/0x110 [ 2459.530294] ? io_submit_sqes+0x8610/0x8610 [ 2459.531305] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2459.532418] ? wait_for_completion_io+0x270/0x270 [ 2459.533529] ? rcu_read_lock_any_held+0x75/0xa0 [ 2459.534599] ? vfs_write+0x354/0xb10 [ 2459.535475] ? fput_many+0x2f/0x1a0 [ 2459.536308] ? ksys_write+0x1a9/0x260 [ 2459.537174] ? __ia32_sys_read+0xb0/0xb0 [ 2459.538111] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2459.539328] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2459.540517] do_syscall_64+0x33/0x40 [ 2459.541373] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2459.542542] RIP: 0033:0x7fc0e8027b19 [ 2459.543416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2459.547633] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2459.549367] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2459.550998] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2459.552620] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2459.554259] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2459.555901] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 02:53:18 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 56) 02:53:18 executing program 7: ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'hsr0\x00', 0x0}) r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x32, &(0x7f0000000040)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, r0}, 0xfffffffffffffec8) fchmod(r1, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32, @ANYBLOB="00294ec4c6d96eca66696c65310085dbf22ce734008178d262832e001366249ca7d00805297fb6c498d77df6af20c891fc92ae010000002ac4283920101509e5e310d47fd866d438e9cc70"]) r2 = socket$netlink(0x10, 0x3, 0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x406e2, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="340000001000000100000000000000000000000014000000fe80000000000000ff25c9e5000000bb0c008500030000000000000042f291ac99af5b339311efca25db630857a74980c093376b5cfda19e888788a925dab88895b011fd2dc469428e6ab53d240685313d5a7e5501583b9f4d116028453c7cf973664f76eb98ce83f9d2fdc013ec33e02beb1cc375c02328ad8a152967313ee02c99853a639cb03509f8ceababfd5dcb61c97f9317361368ad6a6f61277bccd3e2c674b39026f14f21337dd558803d506225dc725c2ba097fe5541d0c5d176bbe4940a3fa9ebff34e346c884c0dcf36edf7d5c93f3f857d602e24754431c3bdaaeb5e047750caa868f5ce73d9810a14032cb41e55dedebafddd929979c96044f36aab387d73ae5bae07a88fb3295d227fd9e8374b1823726d70e9de6f4ac1137ef4691923a2277673f449763afec6d11be1539c512bbf3147937be4b1543b302dd1767e09c095de7748888b86496972420fa847e4530375ed8ee0c378cfe43c9f7df1d79f3"], 0x34}}, 0x0) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r4, 0x8914, &(0x7f0000000140)={'lo\x00'}) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x1a1001, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r3, 0x0, 0x2a, &(0x7f0000000800)={0x80000000, {{0x2, 0x4e22, @local}}}, 0x88) r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'lo\x00'}) r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0xfffffffffffffffb, 0xfffffffffffffffc}, 0x2, 0x0, 0x1004, 0x0, 0x0, 0xfffffffc}, 0x0, 0xffdfffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8914, &(0x7f0000000140)={'lo\x00'}) 02:53:18 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x7}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:53:18 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40703, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:53:18 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_setup(0x24, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000140)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000300)=@IORING_OP_SPLICE, 0x0) syz_io_uring_submit(r1, r5, &(0x7f00000000c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x2, 0x0, @fd_index=0x6, 0x6, 0x0, 0x1, 0x2}, 0x6d946619) r6 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x50, r3, 0x10000000) syz_io_uring_submit(0x0, r6, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x5}, 0x28, 0x0, 0x0, 0x0, 0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r7, 0x402c5342, &(0x7f0000000240)={0x8, 0x1ff, 0xe0, {0x4, 0x4}, 0x1, 0x740}) 02:53:18 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 74) 02:53:18 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 52) 02:53:18 executing program 6: r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x0, &(0x7f0000000080), &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, 0x0, &(0x7f0000000340)) r1 = syz_io_uring_setup(0x8c3, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000280)=0x0) perf_event_open(&(0x7f00000001c0)={0x30d02e87106e8f0d, 0x80, 0x80, 0x7c, 0x4, 0x13, 0x0, 0x0, 0x1810, 0x4, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x6, 0x1, @perf_bp={&(0x7f0000000180), 0x9}, 0x20, 0x5, 0x4, 0x0, 0x1, 0x4e6f, 0x6, 0x0, 0xd7c1, 0x0, 0x1}, 0x0, 0x1, r0, 0x9) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x4, 0x0, 0x1, 0x0, 0x0}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) r4 = eventfd(0x0) r5 = open(&(0x7f0000000140)='./file1\x00', 0x100, 0x38) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r5, 0x54a2) r6 = open(&(0x7f0000000100)='./cgroup/cgroup.procs\x00', 0x141000, 0x80) r7 = fsmount(r5, 0x0, 0x74) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r6, 0xc0189375, &(0x7f0000000300)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r7, @ANYBLOB="00000000000000004c2f729dd7730025"]) r8 = fcntl$getown(r4, 0x9) sendmsg$nl_generic(r7, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000300)={&(0x7f0000000500)={0x16f4, 0x1e, 0x200, 0x70bd2d, 0x25dfdbff, {0xf}, [@typed={0x8, 0x31, 0x0, 0x0, @u32=0x7}, @nested={0x166, 0x78, 0x0, 0x1, [@generic="f21da5c4bd9302b9c855e26c6c3f8db4977aa69899a5a387882eecf6e06d6b8efbaeeb09b664f515730e6883f058a240ea445e1106d138603d98da4c30cf7b0ae153cbb5e8c60ca9fe5d6f0becfca4fc9ea98cd6c5465e14d1d8bad9599cb6e13bca0296cc98f3f7f18d23b5e9635ac065cbdd89f642b2daa44bf295a342c1695ac30807dd028fe1dac397ff80dc002da428ac1e0aedb04cdce2323b534a5fb05d2a08958578ea6205efdf5e9b93a31a49ceac825556974136ad4f6ee14b0cce8ef13fa2456d4d37d43cc5260a3d6ff06297237679a127f1ec796ff729c0fc", @typed={0x4, 0x8c}, @generic="f37473e5a6f5946083cfbc9246b7a1148324269a566d559eb373b6b269d67f98218ff4cfcaae768d2e94beed29dd95baf25950b969fe4100e8ea6df10148172b8d6af955fc1eb822843f716d97258651a3601ca5762e5bbb0cef2d00c36baa5c560f334dff98c5de2455940f9b464605a802b7", @typed={0x4, 0x1f}, @typed={0x8, 0x1a, 0x0, 0x0, @pid=r8}]}, @nested={0x1105, 0x1c, 0x0, 0x1, [@generic="ca58cecca8155ce003ecd9c13029d686261098bae7a9a0bb2250be3a9ac44c08aeb470ddba356eb1e152b54501fa1aeebb56510fd49f399447bfe4ef0f050295c0db4964740ae5d2e5c6054161faa172925589e1266816859d9a4eae457942d973", @generic="05b3b1369833266705f5a441fbae30eb1c55ab08a4a9778ececcb385737cd1656a8eebf978bc3ed307518a093cf1079617296a993709ea35e01da1197b6832e49d9bb1c951a9f96db88b442bb01a004f352a61d2a0132680636d6426141be0b588502113a23506c8eda74b909521c332c1ed9d42a85a02836a6c302f38d41bf5e63a1fac1b7fc6961dfccf2ebbcf59b5e812ab296972733b5e4afeae28a9df8fe2819622d2996e9ec7549be45d6e556c7635eb22276101ab99eb033022dcf2d385e9406d541548afc8be7a366c0874d6a897bf64f3932d5a91f48fbd317cbfacd3dda61696d7a0beb2a6058271c008ee8c2029efc09612e1239335f5bdf105e60c2efe9cfd87fc549e25d7dd6c170361f1b136078d30755c145464868d077cbfdd5cf7f075f1e04bcb94f3bdc2e26d33fd8d04649b9fae2b4d7649b3ca3942fe3ef033bd9cfb0c6fe731d632cbe744c458900f24aef79e8dcd3c5b01bef7d2a163b84e876df6807c1f16e01bd97df15f4daadf15e36ce47c551c3c0a7dbefe59ecb446eefc1158448453579d21391d322073a41802179d7eb8a23c419b52f5df068b72c7cfe0a1cff76b392bafeb158aeb3990c96fd132337debaa2ff4f9b59c711f37a39d219e81e5e8b56cbd1b1441ea7ca0ca1e7625dbfb0520a74f36ab2871cb30f978f2599c0b0f4dbd92df0b768d0ce833dc3640864eaa07cfdb3f8cb003e9002ddb9957430bfa195b0656acec90adea20edbbc29618ea2e8692ddf4be966062175a437577562e421fdddf17505e16f03eaf5ae1ef51cd29b3980b46e13ee260ea2ba0e10f25efe9db08531a69665575d157ebaa51e92a0a491ae30a49780ac7a757d55ea383727d56afefe3eff60ec1f331e4844f48d39c5397aae35bed39a457d22240ebcedf2579fb85551682574d7df7e6473962266cd206531dbacdd13df6c1fb84560afdceec5b9ba12b0a675e12dbf661053d5b914e478fa19ddb0c4c33ff76991fdbc97c3f51b72b77890f61dffda0a508ee1618ed40d811fa7c0929bb4ae40c43d7ca33db77a9eb943a1cf5996cec2db8e60abd7566726eedf7232ebacd4bd408dae98f653e31ac02e6ef0b278edd44f02e0f2a3c38f92a32d6d11a3f36356b8b5492209a8f07b39d5556c456ab879d066be5ec749c9c8cea2d042d86155018939656509a74a1f9d30168d120813e8204a25be4a7cd0d39279865f17359543f4876c10777601e44fcfaae1154d7cd3173f7e7f80b5e2caec04ceeff37e4113050e33c905e3604dee0e9f29d3ff7804d8e621892f0b23e839406b614e97903562f6a385838ba4a17754bddf5eced5f89529266fe8ce42e3d05e359efcb095b72801b1d766bcb39eeee48ba2230a0e4f3ef3b17d3f9fe5010182bd0fd5df156e4295c45b439275e0a316e20222bd3e763c5e5140bcf2d6d89f11fade4c47a0ebb252320366d617bfd592688ed9e8cff7e52f48519835ef4cd1e221d92a9492d5f2ad9e47be7574d3a14ae769b38b65b116690753a70d03b2f2569864f3d480524a916b9a37f53a7121af716380abd56d6663e9d262bda0152fcbc0295adbad8818efebcb7ebfd79facad58386de2f1beb5832a4479a5454dcdb5d5dc66c984d4488a13a07d6ea767d0cd73c2daf91c601811d0cf0296a7de61dc349ddc9e0d88f737d4bf39b43cca7eae97c876cd423543f597581731bc5948f7f12854dc14c030cc410bcad7cc71e3313a54c20af8eaabb53b7710e15af95dc27ec11f452e0d0c1ce6190ce7e5466926f784df544398f4650c818ba8c4418d802ac16e327573e6ec2b300676bcf9893597dbfbfbbdb13f980b56e7dfc0219d86673bcec14261f5a1b70c46a3b8a6b562e83fd8f4aee354e40f1d2bcc06848b61ed732e61dc39fe830c450b119bccf6a425e1fbc2976bd0ab3d42f09f1c1940a3e26d10655925fb150ce03645d860438ecc82a248bffc9b09e29f8f0e428acd09befc3bd139aa640ea533ed7a108f1323121b371f43554b06e8eaea3727760aa1105c34200a95997d76da764cb6350e885956a5e0762dd32ce62f3c1a87df4404fdaefe0c0146bcb0061ede29160c28f3e91675d1bf3bffbf4bd1b1bd92a886a2113dc3132e0de8ef8e416a713f4907ecfc52b0975a06f32d96151430d02e86d488362c6f89a68fa7ea801d305a4ba64b5f8980443b0aad1d4c040e595a8d47cec4849c91b2d5b2f17f7203ab6ebf1619289a35cd107155b72ee6ac3bb4ba296272be1efe52e189294f42af91acb9ab6d7400305ce808884fc3c947e1ea3aeee1726239acae59be12be9419085ef1bbb922bc55d05d4e453366a5262592aa526567e727351eb29a3951911503d1e3d5b4737287918240137b525c30f12d12d5bb8805ffb7618df6a69110d014a859158c1490f8199d6109835fd9981651d600dea1a43243789f1dcef864df13ba247c9c3d6b81efcab6c9e6f48fb42376d3b1fec05fdffaa5f7b6135fb93069157375fa74fc26df73361fc9ae80e8025fa1153c8ac8e0be10513ec7ecdfc9510b4ecd1e9d0ef37ea4ddac170001c1d9999343a773b46595047bd6fe1906ebcacb4dbe8213969f858c6e9afe7880636e94bc8194ea47ef63da1c9e4bc02bde91721de110f742026287575695aacafb73e33a39d62ed242a5d0cef4b37fda3ff4db636076cd7e6de75dede1c9699673e929ec7822e4f18d983252effc4fbd58decc481d3a9530ebc628739699467d6d1b985d55b33791d463db80d32fc06d6ddcbe13b6fb9d83d88723422923e981bffc3df90cf7f924f6413f88861673862f60869554cd5143fce2300398f05e8763119e773e2b98793ccb9a2eb57f1ae1f9c4a29a06c419f76f135fe0fe9efe49f067df10148656b91c21751cb3869414dd9e475e296e8320a966ebf37e14e718ea51204f53cacd9b0b04b5518da225de2ad7d5b2872cbde98614c1042b12cfdab48e6341ffdfbfd6a9bd83654e194fd301a2a79ca97de7aadf396acd3a2450e46caebff8f2794713b19c0916ff4115c80b45bf8975996faf268db07ddc30b77e239a722322350b5a1020bd10ef514b7d31d298300590bd2abe9e19980a0ee2ebe90d98e5ba8ff8b43f4ea7b19cd5ebe61f09d533cac9c367eebc6c53c0a6e9084f58079d05396dc72086d0d154e7c8029a0eede9a23fa44f05539f84cbfccb99abb21ad8fabcb478890b94da3cea91739b4505642ba1ae200acf0bbdaa17cb5bd316e788458eda09bed0a146978fbfde6e98c0e4ac39274ec2b9928e9003603c3b2f74483cdb12c57411f609b27689c62c94859ceb91265f7ac5bb7f487221e9f191bb87b1478c9de42c1c87177adc0033d9f1e94c74cbd6b61cf3a32efc9a27e55143bcd92436d858ff8a998527042a3567fd8d178f784a825669a53dff52e79194d90330e94dc5443af9876bf547a348fed830a545cb9aef9c9f580f57e1aedbd69f29c4ffe89c8e88aaa7d3da3ab17d6b2b79f6a1d20b16c6960e4747a0d769f2440f19f9ac161dbf8b51074081290d2acb7813d2b7dbae7e64b2aace7e4bebb3fb660c872131d737a67f810baa1478680a28039ffd903eb18f3b638367fe9f23a25b2753337283d64feedd6a753928913aae83d302a290d212da7a81116fda9c81cddc955e2d900242189503998facb1c4d9158e2f0fa7b4258efa10fdecd7bb1bb3c8740a631b14f470fe63642baea42bb24bdb4eebb1341d0b2615c4cc6802ea167f932de8083b29b739c31167c62cbf6d2b6c54d03f44e308be7c3ffe8b55a74157e51a734f47b7f75753dd7dbf6757603feed2c3ea153f14aa3bc00c31ac40d810652c755872f1ed615f3ae34173733897bc9ac7d5f945e4dc34be97603d641df34dc583972fdd955f6d0fac1d198bb9a879a8c293de3d5791ceceb4b38f4dfdad1f3cc80c6b8f4413e63bb01e83f40106b9b1dfcfe0dfb08e73f79312015db4a7fc543cdee6631c014f79770864676d14facb122ef03a1085c672b481203e3fd7f1aa232961b377b24283ab7ec87633fd80d453812f971e0550ad4541b79acf95ca06a81b4c8e52799b848931ed2f37556694052226c29e88b9bf3732963c614115d50dcc528aa49ad5f4236528f7964f96e1f0a19ab9b9ca9a0f4c974a74ec384e21c8f2254ea57f38325c8300f282d28e3495490ac6f069893dcf1f7aef08b7bc8cb6fff69c569f763bf3d623958d4cec4bd2824c2620da0b77104495304c5cce94f3c75082db0be06ee3ff5dba7b9d6b9857ea00d50b84a2449140e61cbca2e63eed0d8d55994cd96207a39bcff33378aa2c549bb39eabf5851786bdadc8f0ef5630687a98a38ab93574fe4d8b446679f76af364f4ba53b226d3694c737156c100d8d1aa51315116ff7fdf5ca842129fdd58a19e245e36208e6f6f6a2e72cb1eb2bb9b37af1829bf7515ad4bdf9e5f835a45599a77f1e5e18a23bcd438569a88e927eb6205a008fde2e7c87d34b04443c875dfef2d0525bc45debfe6f6c42badc48202f3a35ecd5429ac0e5c138a7a575dd98d17b448b67d251a17aeb4cb06dce15fba4d7bb563cda4ec634b3d3ae3f6a84dfb0d01c27c54329406c04a05206ad4440dabf35fe3eb734d3cf3f26ba8b1aec438ba6941474bdeea49a69f1260b7eed79f91f82c6f6220040898464cab75ba29023ca1ffc50cd593b3e463d0685ffdf29f567924edd6e8d68b09f635758bb72c29ae6f74d8495095a2525b7e922c0d9e9ad0fa4417635e33fce5061beb0f83a4a70f01e3002fcba30f2d4a55514f67d9b420e2483471e0acf3537b253c7cfe82ac6ae82d9c114297270af0879aa3b0393bcca689415f58928814315d5155ab181815729b768ba2741806ad1cb1ee76f1d79356df47b967b497262ae445000145a19a01b8bf7a996b53992ba954810f69160b7a3dd43af6570746d61a31aae203768cec047f2304e772afbc7e50c8f4649085b1aca8607797ccfe5699ac026b85dec765bde9f3380a87b1e03aa9da7aa0f9875fd88989a861eb4c397190955d27e2669261b5ad214f7ef7a0fe09283caa2fae933175f100bbc74971a0cca432704eb577532064e72d6bcb4653040a7f7e8cbc797b55472d5fe36cddf8ea2a73e79f6fec8ee65c04af2a19a1b90229ec91220c985ebc72376f3ecf108dde0b6bbc6577cf9e3dc989775a912c7c1482bd570d351e72e6c18640d4b25f6701921eb39e20770a3b6822c1ef0b95981e622e7cb26956d3a2660b81c0b048cfac8f3718900be19d0fc628c72ec5a8e60307bbac7d50b22b68249046b733377b2cbed669039dfd501f6e6eb32b3fad60a31ac2dd758c2ce4f2520add54b76ff0c2193ed453cd8ae758ee3f278ec3b2823760846e7982163312039f36669b4c6a91f7a3f7b8bdc00645aea3c000a007305e71e507755e1bf62f5a99948abc2284f4a17637b721610f85b895077c015e921ba0e8402c42156b4e93b224216e36ff04b2deb828e60dc0c7242176f6827f3ea0c9021379879c4be106500d3770664d3ebc42fecdd40c6d5b9215eb53a2af78edcc0e0b12eeacad6516a0147140d691f7cbaee7056ca9f6bc375728932030e1830f20b98498749e7d999c1fb6e5178097a206d58bc44c67036e190aaf1b05aa0f0458fb398244260ef0631c2a99fad553018a5817657e4e3cbabbb741a7cad22eece80235ba173ebf77f0f6d76c9cfeb64e22daf2f817a360a4d612d401c411ef391b0667aaacd290b0a2d65da9a8078248b635f88b4ac5adbb7ef2df823490fba", @generic="332fba4414c05ab16d6ba48eb40856b8451528b1934421c34473a834df90606cd78ce197ffd4061f5c29afa947726c707820fff5e86ae39e611a8e0c97f53d84f88ce875a6f861cb330040fd40df0e47a1be951f91245df04d87e6f757b66629d6105726e6c4ddd34c5436c2d103c4cc09a41cd025c441befb793eaac774a3b938ee7ff3de9874a9571291b1c06f6c02961275aea7238b62958ae29aa843338d"]}, @generic="d57c9cfa8d3a57ac0ce72f91071ef9867cdbd47060f680058879d25d8550fc2fb8079a10ecc644d908632bcb45296d239dff26d04ab50e4cae54459cbca196c36a6d32cc160a12641ab024947ac98b987c19c069fbb0f3de52386aaa6b2ea4e022636070d615fc21a644800931b02afff30eab4476d53ae1dfae7b13654ed241196c3a447fcac7ccd59d4485016f7bf24df25b854d25b28d590492dc51202fdcd04d5227c3ae86d771c961f8f1", @typed={0x1f, 0x8e, 0x0, 0x0, @binary="9056642960218ac82b6d09b276d6300eba31d940e708b2b0363b9e"}, @typed={0x14, 0x5a, 0x0, 0x0, @ipv6=@local}, @typed={0x8, 0x92, 0x0, 0x0, @fd=r0}, @nested={0x283, 0x70, 0x0, 0x1, [@generic="14a8f70268fa5dcd5fd83010cde817e9aef2620fa7948869fb385d3bd1fa675989facd91e83e90ddb16e76df4371c949c56eb9eb0aa8291db94f7252ea74b31ec32f1e0c519edac5d67ba56b990b0cf282276e5c1e8c6d0750a117b3d567f569d0bd5a26b86ebe2cc99860c9904e8e36da60553ddf0d93c5e37d4401e6f4f42830396c6ad77b", @generic="68900e2ff54a6f9b346e5a887b62725b7833504712af0d7aa958288ddbfd72b116ece1b83e372dd71e09c9719b367ec49278a4f81b3d0503ba9466d77035b93071499b7a5112b5cfe9efb17c5aaab5c16f260865217f0887b65698c798dfbd633dc67ea9ed564070efe667722f77017f1537efbd028aa0ea96c13bdd11483d7d502848c4107a62ab719845894ff1b483c6010620250ffdae8cc5ae64de575a6dc00467dfeecb8d1ecab8c90b27e858515428aecdc364a7e1", @typed={0x8, 0x5b, 0x0, 0x0, @ipv4=@rand_addr=0x64010100}, @typed={0xa4, 0x5c, 0x0, 0x0, @binary="57a40a56abc7c5b35c894744dd85eef04d982f9719643f3252113227169f8a669267ef4eccd4d79fece06fcd2b1e624cce38933a22313e2867bdd5abeb97e13305a1a0269f8574d6762858e5c2db3ba5f7c31991898cf051044e578c236ddb0dfa826a3948b0339f6bd6f8ae2acc6705f6c940aa4e46709b0f20c4afdfa0e4f6e85529f6fb247182960c6b8e6791fafbd4a8b11d15be914abd42585bfb0d851c"}, @typed={0xc, 0x69, 0x0, 0x0, @u64=0x100000001}, @generic="ced4b552a8e69b428e187b4bbb607fff6eb59f41ee29d7bf34ea2aaee4dacf28b07349f2c737f5d6d525225a3475b0c00c488542c3c8b59a9cea16e85cfa3a9ccb332acd6335e637033951fbaef400995b3919d6b0c4b3479202674b9fdf15c2fd11975b", @typed={0x8, 0x8d, 0x0, 0x0, @pid}, @typed={0x8, 0x2a, 0x0, 0x0, @u32=0x8001}, @generic="e708b9cdd256e1b7de1909a161bf2d94a7d516ee29"]}, @generic="ff1e7c8750b55689b1cddfa61b5a473b62376178cc0e94b0e36cbdeda252fca17260a1bbda29ffd92b1d4fbafa4f3b186542dea5586d80e9b6e7547d3d740ba353fd368d1a876fa7379efa979228e5a4260aaed4c6b4a28f5295d7b425b448a51749dafe199c6ad617702fa3bb9b6a2b7dcaf7a66516406f95be05626d315f758a82f247c398326576f1f2df1d7866c6bc8c9489ac7730d6443843444e699f315d26f3faa437b8edf47beededd9891a99b7edb4a9fa884605c3f3afbbfc261d358b1cc29f63a8282027877490c3a55d9a287e9a756814869d656ff190997419e11307c0ef26176b3791aa32b07db8d30241f72bd6c98f011"]}, 0x16f4}, 0x1, 0x0, 0x0, 0x20004000}, 0x810) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r1, 0x7, &(0x7f0000000140)=r4, 0x1) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITE_FIXED={0x5, 0x4, 0x0, @fd_index, 0x0, 0x0, 0x0, 0x1}, 0x80000001) r9 = syz_open_dev$vcsn(0x0, 0x4, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r9, 0x8933, &(0x7f0000000380)={'vxcan1\x00'}) io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r9, 0x7, &(0x7f0000000100)=r4, 0x1) io_uring_enter(r1, 0x1c6, 0x0, 0x0, 0x0, 0x0) [ 2479.207321] loop5: detected capacity change from 0 to 263680 [ 2479.216100] FAULT_INJECTION: forcing a failure. [ 2479.216100] name failslab, interval 1, probability 0, space 0, times 0 [ 2479.218835] CPU: 1 PID: 12733 Comm: syz-executor.0 Not tainted 5.10.234 #1 [ 2479.220310] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2479.222077] Call Trace: [ 2479.222721] dump_stack+0x107/0x167 [ 2479.223595] should_fail.cold+0x5/0xa [ 2479.224498] ? create_object.isra.0+0x3a/0xa20 [ 2479.225580] should_failslab+0x5/0x20 [ 2479.226477] kmem_cache_alloc+0x5b/0x310 [ 2479.227446] create_object.isra.0+0x3a/0xa20 [ 2479.228483] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2479.229685] __kmalloc+0x16e/0x390 [ 2479.230517] ? lock_downgrade+0x6d0/0x6d0 [ 2479.231506] io_setup_async_rw+0x180/0x580 [ 2479.232504] io_read+0xe98/0x11e0 [ 2479.233324] ? __lock_acquire+0x1657/0x5b00 [ 2479.234344] ? kiocb_done+0xc90/0xc90 [ 2479.235245] ? mark_lock+0xf5/0x2df0 [ 2479.236128] ? lock_chain_count+0x20/0x20 [ 2479.237154] ? __lock_acquire+0xbb1/0x5b00 [ 2479.238150] io_issue_sqe+0x2e8a/0x77b0 [ 2479.239096] ? find_held_lock+0x2c/0x110 [ 2479.240091] ? perf_trace_lock+0xac/0x490 [ 2479.241129] ? SOFTIRQ_verbose+0x10/0x10 [ 2479.242078] ? __io_arm_poll_handler+0x59b/0x9e0 [ 2479.242397] FAULT_INJECTION: forcing a failure. [ 2479.242397] name failslab, interval 1, probability 0, space 0, times 0 [ 2479.243195] ? io_connect+0x610/0x610 [ 2479.243228] ? lock_acquire+0x197/0x470 [ 2479.243248] ? find_held_lock+0x2c/0x110 [ 2479.243280] ? __fget_files+0x2cf/0x520 [ 2479.243308] ? lock_downgrade+0x6d0/0x6d0 [ 2479.250341] __io_queue_sqe+0x90/0x9d0 [ 2479.251274] ? io_issue_sqe+0x77b0/0x77b0 [ 2479.252241] ? __fget_files+0x2f8/0x520 [ 2479.253179] ? io_prep_rw+0x7f5/0x1050 [ 2479.254101] io_submit_sqes+0x44aa/0x8610 [ 2479.255129] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2479.256291] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2479.257422] ? find_held_lock+0x2c/0x110 [ 2479.258380] ? io_submit_sqes+0x8610/0x8610 [ 2479.259415] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2479.260548] ? wait_for_completion_io+0x270/0x270 [ 2479.261678] ? rcu_read_lock_any_held+0x75/0xa0 [ 2479.262761] ? vfs_write+0x354/0xb10 [ 2479.263640] ? fput_many+0x2f/0x1a0 [ 2479.264492] ? ksys_write+0x1a9/0x260 [ 2479.265383] ? __ia32_sys_read+0xb0/0xb0 [ 2479.266339] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2479.267571] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2479.268782] do_syscall_64+0x33/0x40 [ 2479.269650] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2479.270847] RIP: 0033:0x7ff7fbbbbb19 [ 2479.271727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2479.276027] RSP: 002b:00007ff7f9131188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2479.277804] RAX: ffffffffffffffda RBX: 00007ff7fbccef60 RCX: 00007ff7fbbbbb19 [ 2479.279483] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2479.281153] RBP: 00007ff7f91311d0 R08: 0000000000000000 R09: 0000000000000000 [ 2479.282818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2479.284493] R13: 00007ffd6f9efb5f R14: 00007ff7f9131300 R15: 0000000000022000 [ 2479.286208] CPU: 0 PID: 12737 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2479.287757] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2479.289584] Call Trace: [ 2479.290169] dump_stack+0x107/0x167 [ 2479.290985] should_fail.cold+0x5/0xa [ 2479.291824] ? create_object.isra.0+0x3a/0xa20 [ 2479.292834] should_failslab+0x5/0x20 [ 2479.293669] kmem_cache_alloc+0x5b/0x310 [ 2479.294567] create_object.isra.0+0x3a/0xa20 [ 2479.295536] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2479.296657] kmem_cache_alloc_trace+0x151/0x320 [ 2479.297808] ? lock_downgrade+0x6d0/0x6d0 [ 2479.298741] __io_queue_sqe+0x666/0x9d0 [ 2479.299644] ? io_issue_sqe+0x77b0/0x77b0 [ 2479.300554] ? __fget_files+0x2f8/0x520 [ 2479.301440] ? io_prep_rw+0x7f5/0x1050 [ 2479.302310] io_submit_sqes+0x44aa/0x8610 [ 2479.303271] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2479.304353] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2479.305408] ? find_held_lock+0x2c/0x110 [ 2479.306300] ? io_submit_sqes+0x8610/0x8610 [ 2479.307261] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2479.308316] ? wait_for_completion_io+0x270/0x270 [ 2479.309368] ? rcu_read_lock_any_held+0x75/0xa0 [ 2479.310377] ? vfs_write+0x354/0xb10 [ 2479.311188] ? fput_many+0x2f/0x1a0 [ 2479.311980] ? ksys_write+0x1a9/0x260 [ 2479.312777] ? __ia32_sys_read+0xb0/0xb0 [ 2479.313637] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2479.314738] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2479.315840] do_syscall_64+0x33/0x40 [ 2479.316626] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2479.317698] RIP: 0033:0x7fc0e8027b19 [ 2479.318482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2479.322367] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2479.323953] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2479.325433] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2479.326914] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2479.328403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2479.329881] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 [ 2479.343475] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2479.349147] FAULT_INJECTION: forcing a failure. [ 2479.349147] name failslab, interval 1, probability 0, space 0, times 0 [ 2479.351959] CPU: 1 PID: 12735 Comm: syz-executor.3 Not tainted 5.10.234 #1 [ 2479.352476] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2479.353394] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2479.353401] Call Trace: [ 2479.353424] dump_stack+0x107/0x167 [ 2479.353448] should_fail.cold+0x5/0xa [ 2479.358906] ? create_object.isra.0+0x3a/0xa20 [ 2479.359888] should_failslab+0x5/0x20 [ 2479.360679] kmem_cache_alloc+0x5b/0x310 [ 2479.361529] ? mark_held_locks+0x9e/0xe0 [ 2479.362414] create_object.isra.0+0x3a/0xa20 [ 2479.363404] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2479.364500] kmem_cache_alloc_bulk+0x168/0x320 [ 2479.365539] io_submit_sqes+0x6fe6/0x8610 [ 2479.366460] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2479.367536] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2479.368582] ? find_held_lock+0x2c/0x110 [ 2479.369445] ? io_submit_sqes+0x8610/0x8610 [ 2479.370394] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2479.371463] ? wait_for_completion_io+0x270/0x270 [ 2479.372493] ? rcu_read_lock_any_held+0x75/0xa0 [ 2479.373496] ? vfs_write+0x354/0xb10 [ 2479.374308] ? fput_many+0x2f/0x1a0 [ 2479.375104] ? ksys_write+0x1a9/0x260 [ 2479.375896] ? __ia32_sys_read+0xb0/0xb0 [ 2479.376763] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2479.377874] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2479.379016] do_syscall_64+0x33/0x40 [ 2479.379811] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2479.380927] RIP: 0033:0x7f6d2ff1eb19 [ 2479.381747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2479.385682] RSP: 002b:00007f6d2d494188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2479.387364] RAX: ffffffffffffffda RBX: 00007f6d30031f60 RCX: 00007f6d2ff1eb19 [ 2479.388866] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2479.390429] RBP: 00007f6d2d4941d0 R08: 0000000000000000 R09: 0000000000000000 [ 2479.391990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2479.393485] R13: 00007fffd21e992f R14: 00007f6d2d494300 R15: 0000000000022000 [ 2479.417009] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:53:18 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40801, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:53:18 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = signalfd(r0, &(0x7f00000000c0)={[0x7f]}, 0x8) fchmodat(r4, &(0x7f0000000100)='./file0\x00', 0x20) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2479.605360] loop5: detected capacity change from 0 to 264192 [ 2479.637887] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2479.655750] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2479.665950] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:53:37 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 75) 02:53:37 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 57) 02:53:37 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x1d, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x9, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:53:37 executing program 6: perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x10) r1 = open_tree(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f00000005c0)=0x6, 0x4) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@local, @in=@dev}}, {{@in=@empty}, 0x0, @in6=@initdev}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, 0x0) sendmsg$inet6(r1, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000180)="48e4da9e783c9207b1074dc01fce9ea3f6d3a9534db730de463adf3c011d40e14783cccb17", 0x25}, {&(0x7f0000000340)="bf09f2d3780f413df5e7f41f06ebbf2d4ce5b9b40a2d2fc38f96c9777f315d90c4a33149e6d02cd105548ac9ed87c4807fc90f196c58af2edc85da9121ba97e163528bb4118f18ce91b4a8c29ba538a2d5784072c53e502b583ba9d4e2f6a4102e8ff5c0c206a9231903ce9a87034ec556169515e9109220f301c4e282b2e66bfc08be311ea0a2d4b63f312a968b99288675309124ee1be205ea78c43656cdcb84c73fa74a", 0xa5}, {&(0x7f0000000400)="fa84d77223bcd67f2b33d7141dda521df5f4ed5c30e16e9bc925fcf4dbbad6286c45ec2ee3bc908f08be65762e690daada2d400c957e410d4c009ca7fa48cf31c86f3965df403e7dddfb3d688ea48971da2f5a90906550e9acf8b4cc5a02b96c22a744a1febd93b3102f994a1d11566b5c2fe4be8ee572fd27819ad2ff9e10d95423b5a6861b42dacb09c3b6ed49c005405d31877b73bc8ff746f254064703c8277c151c74abde2b7389", 0xaa}, {&(0x7f00000001c0)}, {&(0x7f0000000900)="fa87f7837f67e160be986df95f6a6fdd70f8aed4bcac7a9334cb5c2a30a5bac44284ba3f7eab8a879ab5422483e8372474ef4500934ccdda273896158d035639e3ce2042653fbcbda1bec35406dec4fc41eac7bf9e2b910ad1b33bfd74ae3bec4957424a85121e27781856d35898700f2b90c011e2dff64fc6178abc0fb25f981a35e5dd39b1505cbdf61e0585841ea5bf4adcb5bcc466d1c6e58801eceb994e5d72db43fd98c5f84883ea78cd5f48ad37230f439f915381a7c0f2cbd798d77c014c6df4672c335e3ba0080555e3efa7cf4cededa394a703f41ccb67aa5021b4dc20f18938ec8234eb09d63408068c2e63d37ef64bfe0696a7f91eeaf5cbf440ae3fe3107afbfcbc5f58178d91ef1819c8cea3332cb4fa8c76498e2caade477ed8113edec68220cd66be05f4292b994444d2c2ea81d8f84b9880b6566ccafa771a1153b3dbd8119dde8c013d8fdaf188e455aa9fe05915eafd18daccbfbf5c37ba33ed970aa66438b0abf5d31e39ede2801a6be523a37933fd2500e3312110cda74306711921e2f4de7570958a40d53546794ca89817880810051aaa367a2338e6547d2e2ca01013ce514463639746961a5f7fb8f79660", 0x1b7}, {&(0x7f0000000680)}], 0x6}, 0x200040c1) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)={0x24, 0x10, 0x1, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}, @nested={0x7, 0x0, 0x0, 0x1, [@generic="487fec"]}]}, 0x24}}, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), r2) sendmsg$IPCTNL_MSG_CT_GET_DYING(r1, &(0x7f00000004c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x14, 0x6, 0x1, 0x201, 0x0, 0x0, {0xa, 0x0, 0x2}, ["", "", "", ""]}, 0x14}}, 0x24044080) r3 = syz_open_dev$mouse(&(0x7f0000000500), 0x5, 0x200) sendmsg$NL80211_CMD_GET_FTM_RESPONDER_STATS(r3, &(0x7f0000000c40)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000c00)={&(0x7f0000000bc0)={0x14, 0x0, 0x10, 0x70bd2a, 0x25dfdbfc, {{}, {@void, @void}}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x44080}, 0x804) 02:53:37 executing program 7: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffc0000}]}) faccessat(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000000c0)={0x6, &(0x7f0000000040)=[{0x7f, 0x19, 0x7, 0xffffffb5}, {0xa673, 0xfa, 0x1, 0xc97}, {0x3cbd, 0x3, 0x40, 0x6}, {0x7, 0x5, 0x6, 0x3}, {0xf29d, 0x9, 0xcf, 0x1bd5}, {0x5028, 0x7f, 0x0, 0x5365}]}) 02:53:37 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40802, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:53:37 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 53) 02:53:37 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f0000000200)={0x0, 0xc5f8}, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r4 = syz_io_uring_setup(0x24, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000140)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000300)=@IORING_OP_SPLICE, 0x0) syz_io_uring_submit(r1, r6, &(0x7f0000000100)=@IORING_OP_POLL_REMOVE={0x7, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x300000f, 0x12, r4, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2498.962274] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.6'. [ 2498.976529] FAULT_INJECTION: forcing a failure. [ 2498.976529] name failslab, interval 1, probability 0, space 0, times 0 [ 2498.979036] CPU: 1 PID: 12764 Comm: syz-executor.0 Not tainted 5.10.234 #1 [ 2498.979350] FAULT_INJECTION: forcing a failure. [ 2498.979350] name failslab, interval 1, probability 0, space 0, times 0 [ 2498.980433] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2498.980441] Call Trace: [ 2498.980469] dump_stack+0x107/0x167 [ 2498.980496] should_fail.cold+0x5/0xa [ 2498.980523] ? create_object.isra.0+0x3a/0xa20 [ 2498.980550] should_failslab+0x5/0x20 [ 2498.980572] kmem_cache_alloc+0x5b/0x310 [ 2498.980604] create_object.isra.0+0x3a/0xa20 [ 2498.980622] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2498.980657] __kmalloc+0x16e/0x390 [ 2498.991870] ? lock_downgrade+0x6d0/0x6d0 [ 2498.992711] io_setup_async_rw+0x180/0x580 [ 2498.993564] io_read+0xe98/0x11e0 [ 2498.994271] ? __lock_acquire+0x1657/0x5b00 [ 2498.995155] ? kiocb_done+0xc90/0xc90 [ 2498.995915] ? mark_lock+0xf5/0x2df0 [ 2498.996664] ? lock_chain_count+0x20/0x20 [ 2498.997543] ? __lock_acquire+0xbb1/0x5b00 [ 2498.998396] io_issue_sqe+0x2e8a/0x77b0 [ 2498.999207] ? find_held_lock+0x2c/0x110 [ 2499.000024] ? perf_trace_lock+0xac/0x490 [ 2499.000856] ? SOFTIRQ_verbose+0x10/0x10 [ 2499.001670] ? __io_arm_poll_handler+0x59b/0x9e0 [ 2499.002630] ? io_connect+0x610/0x610 [ 2499.003423] ? lock_acquire+0x197/0x470 [ 2499.004227] ? find_held_lock+0x2c/0x110 [ 2499.005049] ? __fget_files+0x2cf/0x520 [ 2499.005861] ? lock_downgrade+0x6d0/0x6d0 [ 2499.006702] __io_queue_sqe+0x90/0x9d0 [ 2499.007504] ? io_issue_sqe+0x77b0/0x77b0 [ 2499.008340] ? __fget_files+0x2f8/0x520 [ 2499.009149] ? io_prep_rw+0x7f5/0x1050 [ 2499.009946] io_submit_sqes+0x44aa/0x8610 [ 2499.010827] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2499.011892] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2499.012897] ? find_held_lock+0x2c/0x110 [ 2499.013738] ? io_submit_sqes+0x8610/0x8610 [ 2499.014639] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2499.015641] ? wait_for_completion_io+0x270/0x270 [ 2499.016634] ? rcu_read_lock_any_held+0x75/0xa0 [ 2499.017585] ? vfs_write+0x354/0xb10 [ 2499.018353] ? fput_many+0x2f/0x1a0 [ 2499.019106] ? ksys_write+0x1a9/0x260 [ 2499.019895] ? __ia32_sys_read+0xb0/0xb0 [ 2499.020733] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2499.021805] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2499.022872] do_syscall_64+0x33/0x40 [ 2499.023647] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2499.024700] RIP: 0033:0x7ff7fbbbbb19 [ 2499.025468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2499.029263] RSP: 002b:00007ff7f9131188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2499.030832] RAX: ffffffffffffffda RBX: 00007ff7fbccef60 RCX: 00007ff7fbbbbb19 [ 2499.032312] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2499.033785] RBP: 00007ff7f91311d0 R08: 0000000000000000 R09: 0000000000000000 [ 2499.035255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2499.036719] R13: 00007ffd6f9efb5f R14: 00007ff7f9131300 R15: 0000000000022000 [ 2499.038222] CPU: 0 PID: 12769 Comm: syz-executor.3 Not tainted 5.10.234 #1 [ 2499.039909] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2499.041887] Call Trace: [ 2499.042515] dump_stack+0x107/0x167 [ 2499.043397] should_fail.cold+0x5/0xa [ 2499.044317] ? create_object.isra.0+0x3a/0xa20 [ 2499.045408] should_failslab+0x5/0x20 [ 2499.046318] kmem_cache_alloc+0x5b/0x310 [ 2499.047304] create_object.isra.0+0x3a/0xa20 [ 2499.048352] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2499.049562] __kmalloc+0x16e/0x390 [ 2499.050417] io_setup_async_rw+0x180/0x580 [ 2499.051448] io_read+0xe98/0x11e0 [ 2499.052287] ? kiocb_done+0xc90/0xc90 [ 2499.053190] ? mark_lock+0xf5/0x2df0 [ 2499.054082] ? lock_chain_count+0x20/0x20 [ 2499.055084] ? __lockdep_reset_lock+0x180/0x180 [ 2499.056211] ? lock_acquire+0x197/0x470 [ 2499.057171] ? __lock_acquire+0xbb1/0x5b00 [ 2499.058181] io_issue_sqe+0x2e8a/0x77b0 [ 2499.059134] ? perf_trace_lock+0xac/0x490 [ 2499.060134] ? SOFTIRQ_verbose+0x10/0x10 [ 2499.061099] ? lock_chain_count+0x20/0x20 [ 2499.062097] ? io_connect+0x610/0x610 [ 2499.063010] ? lock_acquire+0x197/0x470 [ 2499.063968] ? find_held_lock+0x2c/0x110 [ 2499.064944] ? __fget_files+0x2cf/0x520 [ 2499.065902] ? lock_downgrade+0x6d0/0x6d0 [ 2499.066893] __io_queue_sqe+0x90/0x9d0 [ 2499.067841] ? io_issue_sqe+0x77b0/0x77b0 [ 2499.068829] ? __fget_files+0x2f8/0x520 [ 2499.069783] ? io_prep_rw+0x7f5/0x1050 [ 2499.070712] io_submit_sqes+0x44aa/0x8610 [ 2499.071759] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2499.072950] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2499.074102] ? find_held_lock+0x2c/0x110 [ 2499.075073] ? io_submit_sqes+0x8610/0x8610 [ 2499.076134] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2499.077280] ? wait_for_completion_io+0x270/0x270 [ 2499.078422] ? rcu_read_lock_any_held+0x75/0xa0 [ 2499.079527] ? vfs_write+0x354/0xb10 [ 2499.080414] ? fput_many+0x2f/0x1a0 [ 2499.081276] ? ksys_write+0x1a9/0x260 [ 2499.082175] ? __ia32_sys_read+0xb0/0xb0 [ 2499.083152] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2499.084392] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2499.085612] do_syscall_64+0x33/0x40 [ 2499.086502] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2499.087732] RIP: 0033:0x7f6d2ff1eb19 [ 2499.088622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2499.093029] RSP: 002b:00007f6d2d494188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2499.094846] RAX: ffffffffffffffda RBX: 00007f6d30031f60 RCX: 00007f6d2ff1eb19 [ 2499.096546] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2499.098236] RBP: 00007f6d2d4941d0 R08: 0000000000000000 R09: 0000000000000000 [ 2499.099947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2499.101629] R13: 00007fffd21e992f R14: 00007f6d2d494300 R15: 0000000000022000 [ 2499.121880] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.6'. [ 2499.131160] audit: type=1326 audit(1742007218.067:241): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12762 comm="syz-executor.7" exe="/syz-executor.7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbca9217b19 code=0x7ffc0000 [ 2499.144911] audit: type=1326 audit(1742007218.073:242): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12762 comm="syz-executor.7" exe="/syz-executor.7" sig=0 arch=c000003e syscall=269 compat=0 ip=0x7fbca9217b19 code=0x7ffc0000 [ 2499.156280] loop5: detected capacity change from 0 to 264192 [ 2499.156472] audit: type=1326 audit(1742007218.073:243): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12762 comm="syz-executor.7" exe="/syz-executor.7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbca9217b19 code=0x7ffc0000 [ 2499.162582] FAULT_INJECTION: forcing a failure. [ 2499.162582] name failslab, interval 1, probability 0, space 0, times 0 [ 2499.162602] CPU: 1 PID: 12776 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2499.162612] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2499.162618] Call Trace: [ 2499.162638] dump_stack+0x107/0x167 [ 2499.162667] should_fail.cold+0x5/0xa [ 2499.170466] ? create_object.isra.0+0x3a/0xa20 [ 2499.171343] should_failslab+0x5/0x20 [ 2499.172061] kmem_cache_alloc+0x5b/0x310 [ 2499.172834] create_object.isra.0+0x3a/0xa20 [ 2499.173660] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2499.174622] __kmalloc+0x16e/0x390 [ 2499.175299] ? lock_downgrade+0x6d0/0x6d0 [ 2499.176085] io_setup_async_rw+0x180/0x580 [ 2499.176885] io_read+0xe98/0x11e0 [ 2499.177538] ? __lock_acquire+0x1657/0x5b00 [ 2499.178357] ? kiocb_done+0xc90/0xc90 [ 2499.179067] ? mark_lock+0xf5/0x2df0 [ 2499.179781] ? lock_chain_count+0x20/0x20 [ 2499.180594] ? __lock_acquire+0xbb1/0x5b00 [ 2499.180762] audit: type=1326 audit(1742007218.074:244): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12762 comm="syz-executor.7" exe="/syz-executor.7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbca9217b19 code=0x7ffc0000 [ 2499.181395] io_issue_sqe+0x2e8a/0x77b0 [ 2499.187168] ? find_held_lock+0x2c/0x110 [ 2499.187934] ? perf_trace_lock+0xac/0x490 [ 2499.188708] ? SOFTIRQ_verbose+0x10/0x10 [ 2499.189465] ? __io_arm_poll_handler+0x59b/0x9e0 [ 2499.190351] ? io_connect+0x610/0x610 [ 2499.191072] ? lock_acquire+0x197/0x470 [ 2499.191818] ? find_held_lock+0x2c/0x110 [ 2499.192584] ? __fget_files+0x2cf/0x520 [ 2499.193255] audit: type=1326 audit(1742007218.074:245): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12762 comm="syz-executor.7" exe="/syz-executor.7" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fbca9217b19 code=0x7ffc0000 [ 2499.193333] ? lock_downgrade+0x6d0/0x6d0 [ 2499.199138] __io_queue_sqe+0x90/0x9d0 [ 2499.199879] ? io_issue_sqe+0x77b0/0x77b0 [ 2499.200641] ? __fget_files+0x2f8/0x520 [ 2499.201384] ? io_prep_rw+0x7f5/0x1050 [ 2499.202111] io_submit_sqes+0x44aa/0x8610 [ 2499.202912] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2499.203837] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2499.204732] ? find_held_lock+0x2c/0x110 [ 2499.205482] ? io_submit_sqes+0x8610/0x8610 [ 2499.206292] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2499.207204] ? wait_for_completion_io+0x270/0x270 [ 2499.208102] ? rcu_read_lock_any_held+0x75/0xa0 [ 2499.208969] ? vfs_write+0x354/0xb10 [ 2499.209660] ? fput_many+0x2f/0x1a0 [ 2499.210336] ? ksys_write+0x1a9/0x260 [ 2499.211044] ? __ia32_sys_read+0xb0/0xb0 [ 2499.211808] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2499.212765] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2499.213708] do_syscall_64+0x33/0x40 [ 2499.214394] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2499.215341] RIP: 0033:0x7fc0e8027b19 [ 2499.216022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2499.219410] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2499.220811] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2499.222115] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2499.223436] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2499.224738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2499.226040] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 [ 2499.227540] audit: type=1326 audit(1742007218.080:246): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12762 comm="syz-executor.7" exe="/syz-executor.7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbca9217b19 code=0x7ffc0000 02:53:38 executing program 7: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x4004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="9c00000000010104000000000000000002006600240001801400018008004100ffffffff08000200e00000010c000280050001ff00000000d2b94fd60c00028005000100000000001400018008000100ac14140008000200e00b000108000740000000001800068008000100ac2714eb05000080060002004e2500000800154000000004100001011f0000010000020008000c400000000114dee650f24b398b7cb98a42b6ba1b847a1fa18a358a3c082d7b2354857e80e3754f87d9a5638e82d9704ef68651b9f9f6b5aa0ed0bbda92db8d5e8900a1ff82a3686586465ba10225bcb94c4e4e05d5a2020000000000000085ad56db354c66a76bee2c3d247d262a79c340a06b75104b37cb4a"], 0x9c}}, 0x0) socketpair(0x27, 0x800, 0x40, &(0x7f0000000180)={0xffffffffffffffff}) sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(r1, &(0x7f0000000480)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)={0x14, 0x7, 0x1, 0x3, 0x0, 0x0, {0x2, 0x0, 0x2}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x44800}, 0x40000) r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4) bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r5, 0x6, 0x2, &(0x7f0000000040)=0x81, 0x4) bind$inet6(r5, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) connect$inet6(r5, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendmmsg$inet6(r5, &(0x7f0000000300)=[{{&(0x7f0000000240)={0xa, 0x4e24, 0x800, @loopback, 0x2}, 0x1c, &(0x7f0000000280), 0x0, &(0x7f00000002c0)}}], 0x1, 0x8850) socket$nl_netfilter(0x10, 0x3, 0xc) connect$inet6(r4, &(0x7f0000000280)={0xa, 0x4e24, 0x4, @local, 0xdddd}, 0x1c) [ 2499.234194] audit: type=1326 audit(1742007218.080:247): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12762 comm="syz-executor.7" exe="/syz-executor.7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbca9217b19 code=0x7ffc0000 [ 2499.243305] audit: type=1326 audit(1742007218.086:248): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12762 comm="syz-executor.7" exe="/syz-executor.7" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fbca9217b19 code=0x7ffc0000 [ 2499.249390] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2499.251031] audit: type=1326 audit(1742007218.087:249): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12762 comm="syz-executor.7" exe="/syz-executor.7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbca9217b19 code=0x7ffc0000 [ 2499.251129] audit: type=1326 audit(1742007218.087:250): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=12762 comm="syz-executor.7" exe="/syz-executor.7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbca9217b19 code=0x7ffc0000 [ 2499.305649] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2499.328680] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:53:38 executing program 6: syz_io_uring_setup(0x0, 0x0, &(0x7f0000fef000/0x11000)=nil, &(0x7f0000ff9000/0x4000)=nil, 0x0, &(0x7f0000000300)) r0 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000240)=ANY=[@ANYBLOB="5289292ec5fc200887150192f9a89f8ff3bcd3661faf9bb9127ac16c12945a2065eff5eb38ec9e9856018a8012d34dca98007b44c0443e147e2ed75269af267330a7262bfc0d5b46a8fc8ea12aa9fe137d4b4ecaa77617a5c491031a114001f38bba9f6119109f8635b93d4fbc01a3621cceaeea1df016d434dc9428f52d234f31914049aad3e2d9afe7cff29f8023ed79d7cdeeae68ea0e1800"/166, @ANYRES32, @ANYRES32]) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000100)={0x3000000a}) perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xce, 0x304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = dup(r2) preadv(r3, &(0x7f0000000200)=[{&(0x7f0000000040)=""/39, 0x27}], 0x1, 0xffff57e9, 0x0) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/cryptomgr', 0x100, 0x4d) dup2(r3, r4) syz_80211_join_ibss(&(0x7f0000000180)='wlan1\x00', &(0x7f00000001c0)=@default_ibss_ssid, 0x6, 0x0) [ 2499.393228] netlink: 100 bytes leftover after parsing attributes in process `syz-executor.7'. 02:53:38 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 54) 02:53:38 executing program 4: r0 = syz_mount_image$nfs4(&(0x7f0000000000), &(0x7f0000000240)='./file1\x00', 0x8, 0x2, &(0x7f0000000480)=[{&(0x7f0000000300)="c459cb3dbce1f46d4aa724e8a09bf9428bb596965908607ba654d3906985e254ef8ad3618110823627185f7d2c6e5014dc2c767d549fe496403e5fc4cd58d3d00b1139ef95939cefa9cdbd20a4c6cbbbba2b4ce8af473d990d0a7c36f0e065041924f6e6520011e68dc52722c4616b22ea4c9edf6c4b88e652e523", 0x7b, 0x8}, {&(0x7f00000003c0)="3d1af2f3f9f43b1dd736a741df73b836fa42a7a4c6e09eff7c063bc6d63d7baedaf3c0aee968c1fdb468201028e40104014db34db5e929e2b22aa8876eb2ace7715f83464d4c7a8a0f13911fcdb0c0802dede2ceb5ef78c734f371955126317fabc97d69243caea88dd8cefe40f4bb1c658e1fb227d939d75374b7e0258e10cd342c573d60c445e41830d78fa2bb7c618ea47de38825693396cef76490fa614cfd7ca008b80ac79cd9454af10319c9d3b9fa5b4ca99c370f0c4f", 0xba, 0x4}], 0x962008, &(0x7f00000004c0)={[{'/proc/stat\x00'}, {}, {'/proc/stat\x00'}, {'/proc/stat\x00'}, {']))@]\xd5$'}, {'.!^'}, {}, {'/proc/stat\x00'}, {'#\\$'}], [{@fsmagic={'fsmagic', 0x3d, 0x1}}, {@appraise}, {@obj_role={'obj_role', 0x3d, '/proc/stat\x00'}}, {@hash}, {@uid_eq={'uid', 0x3d, 0xffffffffffffffff}}, {@rootcontext={'rootcontext', 0x3d, 'root'}}, {@pcr={'pcr', 0x3d, 0x2a}}, {@subj_user={'subj_user', 0x3d, '/proc/stat\x00'}}]}) r1 = openat(r0, &(0x7f0000000140)='./file1\x00', 0x20e6e2, 0x1d4) r2 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000600)='./file1/file0\x00', &(0x7f0000000640)={0x200000, 0x100, 0x8}, 0x18) sendmsg$nl_generic(r1, &(0x7f00000009c0)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000980)={&(0x7f0000000680)={0x2e8, 0x2c, 0x300, 0x70bd2b, 0x25dfdbfc, {0x7}, [@typed={0x8, 0xc, 0x0, 0x0, @ipv4=@rand_addr=0x64010101}, @generic="69b7b29a0fc328f3dddef89cede226927ae1cd7af075570d53f9b9d827d1fb0e43dff7433526458da272d6ec4791c4a1987a7db7f6b919432e1149dce04cc3c53f154393d54ceed95d9a76615fc3cb4433db6f4fe02c1dba23deb027ed8744033bf807ae3ff32a4cb34fb5402ad2595633cabdc5a49b601d3a238ffe5bb26b6b194cef01a824", @typed={0xc, 0x31, 0x0, 0x0, @u64=0x1}, @generic="7d88a25e30e93ef1d56232b432f3447b925492fea4e3bf7f4b74139fb55e8cee9db89bd566e6330dcd1962d89989b77f68d7c0dccd931f515933f8b18890f9ee9f2015d2c78a30e5b75587332fbd401ac422e611d93b031c2b7540340f33805c00d3400483b40be431947278611cb4b59b05c2f28e604690c65e73ceff9ee2da1bb718cfef619906b809f1", @nested={0x15e, 0x61, 0x0, 0x1, [@generic="a88bb0ff5b58d1d9a32816c7dc09831588283193dbcab5735921fc39d8e5b62596b4c858df164cd0a73a82fad1856eafbedd1269c405dbc118427f0653cb6a5a52a8362562f037eba12fd8f8715e6430729148352be185df", @typed={0x8, 0xc, 0x0, 0x0, @fd=r2}, @generic="683649ec0aa48704c144b3344bce83e6cbc7508c5c157091971751f19a7be4abcba1ae434a11f705ec8e65922f74c41e4f2611c9869a3e182e450877c5a0f8b14a6086b655a072a5ef932917a8047794305c195a0a575ad6bd1ffccbabe7cb5b53096f339b23b4791eecf2cf91958774e5b7", @generic="19c60bcc78574daa3be104c74f588394a200f5e26710edb66d0b65e1a1f65f2486f052179ca2d1f5f66a2a492f0100ea2235463a605d48ac006c7bf3eed974c385197b96bf67944139bee0e4b57b32cf6c3c39de7b9c666896882d6898167c7944a2aee4b9f028d10b0cc6ed229a9e22970809a011971b604e4202b523265c4b5c266f7ba10ece56"]}, @generic="f88f70f3ac8e04ed19e08c5ef420a72a7439bdf43d44eb170c8a7f9941ab6f63b1a996390090f2cabd5cb3c7d3ac74c5d5ed1b52fc68297eb2", @typed={0x14, 0x20, 0x0, 0x0, @ipv6=@private1}]}, 0x2e8}, 0x1, 0x0, 0x0, 0x44000}, 0x11) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000000)=0x20000000) fstatfs(r3, &(0x7f00000004c0)=""/89) ioctl$BTRFS_IOC_SEND(r0, 0x40489426, &(0x7f0000000a40)={{r3}, 0x5, &(0x7f0000000a00)=[0x5, 0xfffffffffffffffc, 0x100000000, 0x4, 0x20], 0x817, 0x4, [0x1, 0x0, 0x8, 0x40]}) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r5 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r5, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r5, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r5, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:53:38 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40803, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) [ 2499.449383] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.6'. 02:53:38 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f00000000c0)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x1, 0x4007, @fd_index=0x8, 0x80000001, &(0x7f0000000680)=[{&(0x7f0000000100)="8b4427ad936e96e93355", 0xa}, {&(0x7f0000000240)="565547f6b876781b2345b8818ae510f71c93b4066e009b910cbcf66942fc96c2b0012b92c14d123d93210349c37f2ddbba0b522b25277acdce69ee3867d5ce7b9737500dceaf4f96b2387d56860240d693b26aeb7be54188cd8d1a521a25c8656fb3eca9a1d7fb07d120824724fd385eb7f6399794e8fb", 0x77}, {&(0x7f0000000340)="0e87c43956d55304f7a54ec14341356d5079ec1c25a54587d847496faaa1b9c9a0225ca00562db654e7cd5ae346c689e26215cceab85865f40b815d6135044f80984c4ba63e8df1339cd66db54c73cfd487059414e42b4449e098fa8bb5e006f39ac3fa52dece7c0f048c76029aa1096e0d1e84087d2cf73e35de4208e32a354afbc4816092ac77155456c58c0ae7d", 0x8f}, {&(0x7f0000000180)="d1692b231643e6e3d3792c7b70e8469ae087e568d3", 0x15}, {&(0x7f0000000400)="2cc5cf046c71ade0cb7caaf60f7c532cbe3f9cb585cbe168001277977ec9617b08114c025a92c6be80b6040b90c48d9852caff78ba2d354ef6fcf5791f9c2852d3a691219ee35ea9c09ae6b9e9a069eaf721d76f251749e32df47618dd1948066f862836779dde70d84e63e8a719e1afdb0af5cafc7cb0d7a760554a717368fa01138a0c695dbfbea8b6bb6fb169dc76c2d983d2ea16cfa8215b163038db6669643c86cd1bad36500efa094a6e88f995a9e068a151c670a7e1c7956e2a99e8fc1e55d0eb7b61f3d36dc5b641b8d2866b8126e58fa3288b153c0948f5c1e00e8b2dd674bf14fef86bb804c0ee", 0xec}, {&(0x7f0000000500)="9ec46ea886c394fd9ab2b550f5fd51f41fb59ea9110fa5d7e6802dde2f665aeb7155f75380d51db80bac7ab1f4b7c2207d3b277b6265036793016c9c2e6c8854a5a3b5a5ba9843c51c995f2e5a61d7bb450ecbe623bd72aebf3306f4120dd4a296536f379dde944da0a6575d97", 0x6d}, {&(0x7f0000000580)="2b38095f6a9129600c625bcf312330456d2de954f6a066d54545a7cafa20f826b05e2aa0a70279d337d9e836e9fddb5fe4df", 0x32}, {&(0x7f00000005c0)="9984afd9e3701c2b239d137e4dbee155f26d5df3a65ab9cd267272fa52609f135c2a35fb8965cf5c4e652d4856ec219d0fa13f5dc4066ddbf502e1326bc9f78ab41b835073722891a7064e5b19b5924e2dc94ae7e4e78f", 0x57}, {&(0x7f0000000640)="98", 0x1}], 0x9, 0x12, 0x1, {0x1, r4}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:53:38 executing program 7: r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6}, 0x13900}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x94, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x1ffffffffffffffd, 0x0, 0x0, 0x40, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000001500), 0x4) syz_emit_ethernet(0x46, &(0x7f0000000180)=ANY=[@ANYBLOB="bbbbbbbbbbbb000000000000810000000806000186dd06100000aaaaaaaaaa00fe800000c200e6ff1f01000000000000000001000000000000000000000000000000000000006019942f0707b7bfce8d2091d0c97951970b59606a7e3182524b2462557381"], 0x0) fsync(0xffffffffffffffff) ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000100)={0x408000, 0xa, 0x9, 0x5, 0x200005, 0x5}) ioctl$AUTOFS_IOC_READY(0xffffffffffffffff, 0x9360, 0x800) mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="7404000000000000007266646e6f3d40963aaeed000000000000000077e23bec324b31eb78f55092eec65c8dc598498e788751a8fbb01240ca3f6b7a4a1ebd07f906d1edfeae490d7883a149c25fcdb046e0c875efe457b3a4fa11179a539be6d4bd538f0c1a50a5c8d04f10e48b8db57065ba1857d3031c1dd4cb7b8472a7f4db5131d8fd4b554b53f7ee98f26fc1ba419bcea82880e310915ce2dd936cf4979c16f9ae4d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',cache=mmap,dfltuid=', @ANYRESHEX=0xee00, @ANYBLOB=',euid=', @ANYRESDEC=0x0, @ANYBLOB="2c646566636f6e746578743d73746166665f752c7375626a5f726f6c653d1a282426332c6f626a5f726f6c653d646655747569642c7065726d69745f646972656374696f2c00"]) copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'veth0_vlan\x00'}) fstatfs(0xffffffffffffffff, &(0x7f00000004c0)=""/89) ioctl$AUTOFS_IOC_ASKUMOUNT(0xffffffffffffffff, 0x80049370, &(0x7f0000000140)) ioctl$TUNSETGROUP(0xffffffffffffffff, 0x400454ce, 0x0) dup2(0xffffffffffffffff, r2) [ 2499.563433] FAULT_INJECTION: forcing a failure. [ 2499.563433] name failslab, interval 1, probability 0, space 0, times 0 [ 2499.566342] CPU: 0 PID: 12793 Comm: syz-executor.3 Not tainted 5.10.234 #1 [ 2499.568008] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2499.569971] Call Trace: [ 2499.570609] dump_stack+0x107/0x167 [ 2499.571500] should_fail.cold+0x5/0xa [ 2499.572415] ? io_setup_async_rw+0x180/0x580 [ 2499.573470] should_failslab+0x5/0x20 [ 2499.574382] __kmalloc+0x72/0x390 [ 2499.575239] io_setup_async_rw+0x180/0x580 [ 2499.576252] io_read+0xe98/0x11e0 [ 2499.577094] ? kiocb_done+0xc90/0xc90 [ 2499.578007] ? mark_lock+0xf5/0x2df0 [ 2499.578908] ? lock_chain_count+0x20/0x20 [ 2499.579919] ? __lockdep_reset_lock+0x180/0x180 [ 2499.581033] ? lock_acquire+0x197/0x470 [ 2499.581980] ? __lock_acquire+0xbb1/0x5b00 [ 2499.582987] io_issue_sqe+0x2e8a/0x77b0 [ 2499.583947] ? perf_trace_lock+0xac/0x490 [ 2499.584930] ? SOFTIRQ_verbose+0x10/0x10 [ 2499.585889] ? lock_chain_count+0x20/0x20 [ 2499.586880] ? io_connect+0x610/0x610 [ 2499.587804] ? lock_acquire+0x197/0x470 [ 2499.588747] ? find_held_lock+0x2c/0x110 [ 2499.589714] ? __fget_files+0x2cf/0x520 [ 2499.590649] ? lock_downgrade+0x6d0/0x6d0 [ 2499.591658] __io_queue_sqe+0x90/0x9d0 [ 2499.592587] ? io_issue_sqe+0x77b0/0x77b0 [ 2499.593566] ? __fget_files+0x2f8/0x520 [ 2499.594514] ? io_prep_rw+0x7f5/0x1050 [ 2499.595459] io_submit_sqes+0x44aa/0x8610 [ 2499.596482] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2499.597665] __do_sys_io_uring_enter+0x6b2/0x1890 02:53:38 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 76) [ 2499.598810] ? find_held_lock+0x2c/0x110 [ 2499.599930] ? io_submit_sqes+0x8610/0x8610 [ 2499.600974] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2499.602132] ? wait_for_completion_io+0x270/0x270 [ 2499.603295] ? rcu_read_lock_any_held+0x75/0xa0 [ 2499.604399] ? vfs_write+0x354/0xb10 02:53:38 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 58) [ 2499.605285] ? fput_many+0x2f/0x1a0 [ 2499.606156] ? ksys_write+0x1a9/0x260 [ 2499.607032] ? __ia32_sys_read+0xb0/0xb0 [ 2499.607989] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2499.609308] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2499.610494] do_syscall_64+0x33/0x40 [ 2499.611372] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2499.612546] RIP: 0033:0x7f6d2ff1eb19 [ 2499.613401] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2499.617638] RSP: 002b:00007f6d2d494188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2499.619410] RAX: ffffffffffffffda RBX: 00007f6d30031f60 RCX: 00007f6d2ff1eb19 [ 2499.621042] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2499.622681] RBP: 00007f6d2d4941d0 R08: 0000000000000000 R09: 0000000000000000 [ 2499.624323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2499.625965] R13: 00007fffd21e992f R14: 00007f6d2d494300 R15: 0000000000022000 [ 2499.628241] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2499.630025] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2499.636126] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 2499.653652] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.6'. [ 2499.685298] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2499.687371] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2499.700397] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 2499.708090] loop5: detected capacity change from 0 to 264192 [ 2499.730188] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2499.769486] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2499.775011] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue [ 2499.827471] FAULT_INJECTION: forcing a failure. [ 2499.827471] name failslab, interval 1, probability 0, space 0, times 0 [ 2499.829033] CPU: 1 PID: 12815 Comm: syz-executor.0 Not tainted 5.10.234 #1 [ 2499.829845] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2499.830822] Call Trace: [ 2499.831140] dump_stack+0x107/0x167 [ 2499.831577] should_fail.cold+0x5/0xa [ 2499.832032] ? create_object.isra.0+0x3a/0xa20 [ 2499.832564] should_failslab+0x5/0x20 [ 2499.833015] kmem_cache_alloc+0x5b/0x310 [ 2499.833500] create_object.isra.0+0x3a/0xa20 [ 2499.834020] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2499.834620] kmem_cache_alloc_trace+0x151/0x320 [ 2499.835175] ? lock_downgrade+0x6d0/0x6d0 [ 2499.835676] __io_queue_sqe+0x666/0x9d0 [ 2499.836148] ? io_issue_sqe+0x77b0/0x77b0 [ 2499.836635] ? __fget_files+0x2f8/0x520 [ 2499.837108] ? io_prep_rw+0x7f5/0x1050 [ 2499.837571] io_submit_sqes+0x44aa/0x8610 [ 2499.838081] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2499.838663] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2499.839239] ? find_held_lock+0x2c/0x110 [ 2499.839719] ? io_submit_sqes+0x8610/0x8610 [ 2499.840242] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2499.840813] ? wait_for_completion_io+0x270/0x270 [ 2499.841383] ? rcu_read_lock_any_held+0x75/0xa0 [ 2499.841952] ? vfs_write+0x354/0xb10 [ 2499.842454] ? fput_many+0x2f/0x1a0 [ 2499.842879] ? ksys_write+0x1a9/0x260 [ 2499.843334] ? __ia32_sys_read+0xb0/0xb0 [ 2499.843813] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2499.844433] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2499.845052] do_syscall_64+0x33/0x40 [ 2499.845485] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2499.846095] RIP: 0033:0x7ff7fbbbbb19 [ 2499.846534] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2499.848731] RSP: 002b:00007ff7f9131188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2499.849630] RAX: ffffffffffffffda RBX: 00007ff7fbccef60 RCX: 00007ff7fbbbbb19 [ 2499.850462] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2499.851309] RBP: 00007ff7f91311d0 R08: 0000000000000000 R09: 0000000000000000 [ 2499.852142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2499.852976] R13: 00007ffd6f9efb5f R14: 00007ff7f9131300 R15: 0000000000022000 [ 2499.856297] FAULT_INJECTION: forcing a failure. [ 2499.856297] name failslab, interval 1, probability 0, space 0, times 0 [ 2499.857820] CPU: 1 PID: 12814 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2499.858617] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2499.859594] Call Trace: [ 2499.859899] dump_stack+0x107/0x167 [ 2499.860321] should_fail.cold+0x5/0xa [ 2499.860766] ? create_object.isra.0+0x3a/0xa20 [ 2499.861298] should_failslab+0x5/0x20 [ 2499.861741] kmem_cache_alloc+0x5b/0x310 [ 2499.862220] create_object.isra.0+0x3a/0xa20 [ 2499.862730] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2499.863345] kmem_cache_alloc_trace+0x151/0x320 [ 2499.863890] ? lock_downgrade+0x6d0/0x6d0 [ 2499.864384] __io_queue_sqe+0x666/0x9d0 [ 2499.864856] ? io_issue_sqe+0x77b0/0x77b0 [ 2499.865339] ? __fget_files+0x2f8/0x520 [ 2499.865801] ? io_prep_rw+0x7f5/0x1050 [ 2499.866259] io_submit_sqes+0x44aa/0x8610 [ 2499.866769] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2499.867351] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2499.867925] ? find_held_lock+0x2c/0x110 [ 2499.868400] ? io_submit_sqes+0x8610/0x8610 [ 2499.868917] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2499.869478] ? wait_for_completion_io+0x270/0x270 [ 2499.870042] ? rcu_read_lock_any_held+0x75/0xa0 [ 2499.870583] ? vfs_write+0x354/0xb10 [ 2499.871017] ? fput_many+0x2f/0x1a0 [ 2499.871449] ? ksys_write+0x1a9/0x260 [ 2499.871890] ? __ia32_sys_read+0xb0/0xb0 [ 2499.872369] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2499.872977] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2499.873574] do_syscall_64+0x33/0x40 [ 2499.874009] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2499.874606] RIP: 0033:0x7fc0e8027b19 [ 2499.875041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2499.877167] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2499.878046] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2499.878874] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2499.879721] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2499.880551] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2499.881382] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 02:53:38 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40900, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:53:38 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000000080)=0x90, 0x4) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) setsockopt$sock_timeval(r0, 0x1, 0x43, &(0x7f0000000040)={0x0, 0xea60}, 0x10) r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000200), 0x20a03, 0x0) ioctl$BTRFS_IOC_SET_FEATURES(r1, 0x40309439, &(0x7f0000000340)={0x3, 0x4, 0x2}) connect$inet6(0xffffffffffffffff, &(0x7f0000000240)={0xa, 0x4e21, 0x5d9, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, 0x2}, 0x1c) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c) r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000180), 0x400, 0x0) r3 = open(&(0x7f0000000140)='./file1\x00', 0x100, 0x38) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r3, 0x54a2) r4 = open(&(0x7f0000000100)='./cgroup/cgroup.procs\x00', 0x141000, 0x80) r5 = fsmount(r3, 0x0, 0x74) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r4, 0xc0189375, &(0x7f0000000300)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r5, @ANYBLOB="00000000000000004c2f729dd7730025"]) sendmsg$AUDIT_GET(r5, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x10, 0x3e8, 0x200, 0x70bd29, 0x25dfdbfb, "", ["", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x40000}, 0x1) openat(r2, &(0x7f00000001c0)='./file0\x00', 0x0, 0x44) sendmsg$inet6(r0, &(0x7f00000006c0)={0x0, 0x31, &(0x7f0000000540)=[{&(0x7f0000000100)=':\x00', 0xfffffdef}], 0x1}, 0x10044001) r6 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) pread64(r6, &(0x7f0000000280)=""/165, 0xa5, 0xffffffffffffff00) 02:53:38 executing program 6: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x101}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x2, 0x3, 0x8) connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @local}, 0x10) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) ftruncate(r1, 0x0) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r1, 0x0, 0x61, &(0x7f0000000040)={'filter\x00', 0x4}, 0x68) r2 = fsmount(0xffffffffffffffff, 0x0, 0x70) connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10) getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f00000000c0)={0x0, @rand_addr, @empty}, &(0x7f0000000100)=0xc) sendmmsg$inet(r0, &(0x7f0000000000), 0x400000d, 0x0) [ 2500.079261] loop5: detected capacity change from 0 to 264192 [ 2500.101166] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2500.150441] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2500.156823] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:53:57 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x662}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f0000000340)='\x00', 0x6) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = dup(r1) ioctl$TUNSETVNETHDRSZ(r2, 0x400454d8, &(0x7f0000000100)=0x5) preadv(r1, &(0x7f0000001740)=[{&(0x7f0000000380)=""/197, 0xc5}, {&(0x7f0000000480)=""/246, 0xf6}, {&(0x7f0000000580)=""/172, 0xac}, {&(0x7f0000000180)=""/72, 0x48}, {&(0x7f0000000640)=""/4096, 0x1000}, {&(0x7f0000001640)=""/202, 0xca}], 0x6, 0x8001, 0xfffffff8) memfd_create(&(0x7f0000000140)='(%(!+-#&\\\x00', 0x3) ioctl$FS_IOC_GET_ENCRYPTION_NONCE(0xffffffffffffffff, 0x8010661b, &(0x7f00000017c0)) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000280), &(0x7f00000002c0)=0xc) ioctl$CDROM_LAST_WRITTEN(r2, 0x5395, &(0x7f0000000240)) signalfd(r2, &(0x7f0000000000)={[0x1]}, 0x8) r3 = openat$sr(0xffffffffffffff9c, &(0x7f0000000040), 0x1ed982, 0x0) ioctl$DVD_AUTH(r3, 0x5390, &(0x7f0000000000)=@lsa={0x0, 0x3}) ioctl$CDROM_LAST_WRITTEN(r3, 0x5395, &(0x7f00000000c0)) kcmp(0x0, 0x0, 0x1, r3, r3) r4 = syz_open_dev$loop(&(0x7f0000000080), 0x4, 0x48042) ioctl$LOOP_SET_FD(r4, 0x4c00, r3) ioctl$CDROMPLAYBLK(r3, 0x5317, &(0x7f0000000200)={0x10001, 0x2}) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0xa, 0x1d012, r0, 0x0) finit_module(r0, 0x0, 0x0) 02:53:57 executing program 6: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) ftruncate(r0, 0x1000003) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000)={0x0, 0x0, 0xca}) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) r2 = perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x3) r3 = signalfd(0xffffffffffffffff, 0x0, 0x0) r4 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x104, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000300)=ANY=[@ANYBLOB="010000d1dcbef06375006300", @ANYBLOB="ff9d23b4c39731527e0042108d25000052"]) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x44000) ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(0xffffffffffffffff, 0x80489439, 0x0) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000007d440)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}], 0x0, "46dacd8396fe92"}) ioctl$BTRFS_IOC_TREE_SEARCH(r3, 0xd0009411, &(0x7f000004cc80)={{0x0, 0x2, 0xfffffffffffffff9, 0x6d, 0xa6, 0x0, 0x4e4, 0xe49f, 0x4, 0x7fffffff, 0x5, 0x2, 0xe6b, 0x0, 0x20}}) fallocate(r4, 0xa, 0x800, 0x7) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000007d440)={0x9, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r6}], 0x0, "46dacd8396fe92"}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f000004dc80)) lseek(r0, 0x9, 0x3) lseek(r1, 0x0, 0x2) r8 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x128) copy_file_range(r8, 0x0, r1, 0x0, 0x200f5ef, 0x0) 02:53:57 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 77) 02:53:57 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 55) 02:53:57 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) r5 = open(&(0x7f0000000140)='./file1\x00', 0x100, 0x38) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r5, 0x54a2) fsmount(r5, 0x0, 0x74) sendmmsg$inet6(r5, &(0x7f00000062c0)=[{{&(0x7f0000000340)={0xa, 0x4e22, 0x6, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xd387}, 0x1c, &(0x7f00000004c0)=[{&(0x7f0000000380)="e21f5a64acaf6d142def3715260ff08cbe1b4f5b2835ff61b980e30b8e9ef70b34da974ec33a58e848cee7fbb7047e5832278820eff652ad183bc571d5bf97b7c9f48a8c1b0019459be11609510f59a5f2cc844ead57a61a45b056fca357cc6e6dfaf26c868e20cfeddbe0e8ec1f00ed5c5fab78bf4b4300c55c365a4f2cd3ead8d9616133be1ac745d549f53955bbc3b14b0766dde6", 0x96}, {&(0x7f0000000440)="613080e5f6d6632464051c3615682641a35995e440f9cf4aea", 0x19}, {&(0x7f0000000480)="81", 0x1}], 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1400000000000000290000003e0000000800008000002000"], 0x18}}, {{0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f0000000540)="77ee5a0cbb7bfdbf1a2089c71ea1ee0975678c53e0a3d8544c51a6c70d6b66a471b0cb01d1b5079f68471c47fe8d5f078e8a6aa5c2b3f706fd2f2d4dcadaf7fb09d591409f17ba83764d93a3357972e8e1b82d5e1ccec414a4e17096993cfd2ae1fc9292", 0x64}, {&(0x7f00000005c0)="9b6898afd7f99510589f662c5f0279d4d2d20ef5bda064b4c41aa468b02ccbb04582426aead12b9cc0c136ef1a5e23a9af0d19b6bad5cb19180261ae35ea8f2e951b7218b2a9f4435840c07757df50792424f504ab3aa21430c64a913b057e26e189b521c9124e2370d0f4c53cfeae8bf4084e14b1bf9b043a6de1cf1ce442f9ad8674e8ce787fce5c477370d103e546d5ccb6345652ee890d2c4dea5c07ec33af84157a40fc805f52695f356223beaf2f5dc03e0b17106a77451340a161aa79c6732ea799bf2584e200e400224f1ac9f7b04bfca9829a443f7d73d46d99b18fa3ea0b1986e01e7ba0371b19d9ccc848270d86f673bfb563a94aa605ea7a2f07a2049cd77295b17936aebf53c4b926df476d91c6cd95f28496674a48856b625430c48f13c64b25a7e586ee2ffa8fae190cc806d94c0a2c9049702e4a1c0a9539d0bffda674d52527424d01c267b5cd9abc33137d4c8c4143079398a8bf25c74c3029a24d37d3c3c2042719f8a976cbf0fba1216ceabe9cdb3f70ea39601d14b8dd0361f3077e44e9b19114fc15cd3a3e9d0452e355c86beb54ea67425dade3cd32f4cda391b6fe674958704dafb83d4683db57ff52195de1931183267a386db3e8851984f0561f77485de4e55902922a5ebd4991cbfdc541bbf8690b42c5a9afae37aa1b4693794346c0d1d8af4df97729cdcfeef1b08a83f38f9128d555c9886248974e1415aebfd810d6f9e58e538454f3aa64e5defb55eae679c12579c1c5478e8ad8c45bf5f91320d2ef0b386268515ff2dcdda14321b1ba182ecf1249328f5a5ba90ec57d1571029d8c66ebcea9ddb22f9440b0d250083ee094a476ca690355e3ea77e19d9ae36dbff7ab39f9991e3e1e60ed9b8888dda990ca25752611723e0c0c3e165b5c9c7560049784c6c4c5f7b91bc9d3975dec124049e6a4fbd05a101c058d4a0cc32c1562be22ae2608f128f979de33cb2e2d93eaab532ddf1fcf38fc2112a03dceb287d6c02529c361bb379aca438b5b5ae4292d01ca9cfc3fb1d3a5180a4bcb21892e693b0e270c7e7c646b006d351d867094aa2edf9b81a8fb3e4710ea7210dced53c4f44c9304f9e52386a366257f2505ec51775b8f071af7839b43240a63de56cfe79b103f43b876938a335a5fa0357786f53f89bcc706525d7978bdfc1ce358ccd3f2fb975a71401651ce69c428275f1707870796f371ad7a89a229f12a09fec892a44eca5611d7941bb180696633012db645630d8d2a5eae52e5ac13436d0fcbd88a59d38e33d9781758166aa6a4cccac07d0f2cbd9783c39d2ef1effadaabeed5a7feb43fb8046d8e6991ce8e1356c4be22e4eafa56319476304ca1f5cf56478c93221f1ddac1f1a5e7dfae7c7c3f9cc137dd3ae2a1651d2aa14988750cecf82642ce05db9a4303b6fbe17536200cf071c6e8f2f43e734a08fcb76c9c66dee0e15ae71de10483523e99294854a3ed707a3f2cb947ed7efea776fa859cc782ead2ab7aedba65d841146641e94c1ed6bfda2961b9eff1ef20aed1c7d4a2e6f5495ea48c8333f1d3224b6b28487f1072eaf5a847c51fbdb9d76565e4178401373610ec165b1a486558de6e80244714ef7789b71e0f909da0616ce00c75637954d31dc17ec576df8a518b3086ef35f42827faa79ca3061e8d3422261e938018a76a572768ded69a49b357dddfc43f02188b83791ec81e430de757054b2f69718116bc695bde8419944ff464ccd52ad279e611b10848309018cdfde3fd3a0b18f19fa158bba3fea8981f39f475e1e5621f2c410de7c9d535aa60084346ed3862356eaf94750efae6676cc3e62f829acafac98c3588c63cb13d8074503a6617062bc4319f69f01b022419c9eb0155df80f1afeb9c48772c6b397d591eb20c0ad54c3ffae9516d376c565b211c07e55a137ba0773e400d2c2f301a3336de39246c6337de413c4bbe05e1407bcb8a633d8aed89ae6c7c1d7512cb009c0279e3039de4d71399f661c807302a95c73fadaada004a12a77e46ccc93d04c9482ca3d28dc1fb19f63ff7144635df038ceb47bbdf30aff15fbe5c4f8414d25581cf0acd3dcbaa2fd24474daf5d72998d76fb2636a9f375b1f77e908e3c7e735a0771043399e52706a85977c0a093026134ea4dfd8e3b21cb085793a826c354d2ae36fbb9050f4d340c12782d9a339c99a12d4008f27f391947e6f642c7add9d10872552f111865cae55a6a0fea2e26753ffb6e256a2ecfb0eda4b9181204fbb13737761cc7817f2b9a12312706eef793a94e82d16c6be06e2db46acabb65e58d888a34c39f35dfb5e5b2112b0816eb45c7e32dc12dddd770bfb83393d0488b67550262bbf74bf34285937834d53e067ddebc502da5dbe007553e653b828dffc5d9be294a0245fef9f2ab237a0ec8970f291abb34578b6a461bb5fb5ce1d9a45e7a46f48f215419b08bad8a4b4dcf240d6a5161ebcb554614ee2d5127a56440aa54dd32bb73ebcf8d9e5edc893345217bb8fac046b6199fa0d0e8bb50a3f2b5644a7cebc87423ad9858e5b138335c3132dee2272d41bd46ef209df6a90c0fa3e15c97b4681a5e35cec720289f97c6f416ae5b2f8cbd7233765f78536b8cb9fc6658e0bcfd4f64445b7b1d9f429a0594330f459d980f8ba24da837659bdd07733bf27cd4b628575527bf0d62d14177944885a226e46028092832498d34f30f6bfefc3953907d70e7de1fb17865d56cd73b8ca30a71c6f605c7ca086a3bccbadfe19eaf69b4f1958a852e28a52aa1349fb0342f6f60f419b9d2fad57e167ba1fbf4e2bb518177d56f8e0ad7964960e9965cf4be1fa367cc3ad182530eb70b478f5bab9a9b40394c8ee58afaadc43a5ec0b4a52f7ae2c025163761fb2b60697fd9b435f613ac5677a8f390422d1eae943b8418b62aeec36349997e2dee028568a44e237bc603d7e4ba6b266e3d441ba59d2aec72ce6e5b80103d4d67be551e0b10fb97a28eb971d488ebdfc73903fe8f1b314096ee3b28713f4ca30ec5b605fee8427a0afe92a75ccfae6010550fcf69a114593285c7356160ad0eb5403a7f1b489ccadac147fcd5f2ee72ac59675319849bfa6a6ecdbf4d31c572d8c98a6ad12e0e7302cfd1f34621afda0b3f612ab44e79301170d610d203a83988f3508086b2283a78f2fe96c3cfaf951bf0763d66f7b3e8108c8f5f5f461f463e6b7681ec50eb6f676a06ef5b1ec0650a87e3f501b56e07fbc8311c1943d413f03620522a24aa62de697d28bf1f08e295652a28f08f02cef12a7b27c0bdc4a98b9f1ef842e2a5cb1d355c32dd23c53708692bc1b9760eaf956791592e0998888785e2b86c4fe2081f3e424a1b1dae9c19f0e19a4f86d9e667e934c3017569c48b27dcf6b3f365be3c6f525ec6098832644709023731c7349128305fee3be04c56b9611f735afdac1daa90256b3037cd3754e7f17331e6e7ea678eba305c5256d607d6215f7fed8ca757be21f398ace3021b63900f042d54009adf5da583c9d74f970c689df040f604d7a93d75f9c2b5ac5a34d824df37da615d5326affc01f91240e3859965e3ed4ba10a00372d55d0ce9440e36927ed9e79e9210cf512d8d8cf36449ec4e3440d61a0b9c696ae720cc92ae764e1da58d9c23f5d96e29219ee50abe0cc14e571be2072a240975ec89c4fd500088e9fe763dab0ad187daea61845cf6473510511a93ad590ddd8039493264bb0418910f50172f1fe6760528fa9b77a5a617403ccc00a044fbc7c0505abf199c67122480c1bd91b32b5a86f87b61066cc61b6855532fa9500250a49624e89aad506acae37607a7bf62035a87daf7b9c62e3026ed99976a3d953431c2c299fea06654c80c0846ae2702f51403bbbb8c8115278517e284293323c1d53e3da3c5f667609a249737bcc0d0a9e13088805e6d95020b1aa12aba95a39298e7eae4289a3fd0a35504e5c096047320ca03e9a590f1201779ae06e4bec673e94fce408205108ed4e13657e47c18bda4ed7fb0029ab7e271a14d1ccc0d61156822735dec6d947c3d8dd824abfd1f186b6a4f6f7b666ec596a0f5ecde1aff8274e13a0a029b46638bf1d0d616bf1ba21bc2784d956adea662383c36af02abd866935151ed1a34ae076c2bdfa852c106a30be914b00920953d8032951355e0fd96da6901f4c3875d7c534faaa9bee2e2ea2c1e9d46c6331569ea6569ebcc6113de43487906d36b269ec553172bb66ead8acd0b7417cd0ca68a23f0ce3bd314638e972aff2b1da58843f861f5082f310680d904a939d6ee9c0f75e671e1bf1783ad5d04fecedd84c9217a9947a2a638a857be544b628ab037cf7b207a60a3b63efdeefb249fde91e262ecbab7b4d9981faf86c4c8b1498eef92e34284d177537859d04845534f1d04d6ee4762f1fe7760d687b4976b24c72ada7c6192344b0091eec87739b4899c01447087937feee951b0016d2e6f4c879598ccc7ebe1b32985893c8e0afb0bb8fc4cefd4602c8870d4fa04785b0ffadc8305234f3309cc5c37f22ccfe765b1910a94b4bdde9fe5ddbbe8f85ec5f83cf998af97e7fc03b69c631c345f83594bdec524b9029489d242663bd8dec01eacebab636ac6f35c267e2efde58c24107ee030274ce18281662e9b5b0af9316cf2380ede97280a450b7fd69ca4c19f578a41b880857c8e3144c3720b8755bdc4fd0eabb6ba12038538db6a6a195852ebc8de7844d7c2cea26299ca42b9a987a5b50616fa4571e3ebd79b6d5eed2a89bf18a929142a1bff44a22135a8e251a6b3e951281f771802f895911047c16bdc32abf56a80df61222839be215cf1b11ccaa5a9b37bf2766b514661d3a17f42f0337fda5b77cf24ac67fa71cd7308ec90a5b2ed299d990ba16d8e9ed9f76d6265c9a3761910de48fb3028e5c7a2429c4b4dd37728aa89a09bf89f68519c230261603fa08589806dfebc1f58b8269581f5ed37f141fd61f0b19734aba9f98d29ccda535bf2188f496e461e2d213ae7fa3d2d31141eb059e1f5d76264c476c50beef5f450b5612d41d1c928ee6a03bb4208658b9faaa3e5ef685b9257a1b553015b913024ac7109d23dbaf3e56537768e6f20f86e699c35a5fda2b7c528626cb8d5a44a3e4a0f5b3a7a121ddd1b476297645fadb4b99ffa9cfdbe5c26ce92ace0208437b273a3b9bfbaa9313de8ce9c0ccd67e2e3c4e6a059c1c6de77bc0f571651fb5b880ca035a92a45ea65115a6547f339c26f6d3fb953f623bb72cb9ebc4e40e0c2b7c318e5fcfda0e5ef7460ab05cd8991ce519572717c4731bad38f197c50d5ead5bb98311c208ae2f119530a5172ade8d43851516b4fb1e5a4e1f4b49f7d00a6343e30d2c11d390709a5ae72e939c6b6d6611668c2523aa2551f4e0ace5feebf3ba8d26e3781dab41e4cbdd48a042aee8cff4c492a4588668c0a9e633e9c544451c463a57a783a9df8937a94141f087cdb871637fd2e643821e24bc49b9fee012895b57eb72764d05221325c9e25c7dd581ce23866808592f37ac00802eeeea065353f1b88cd4181ce3156e86aa51d92e3682db5bc44f2849ba80226eff896465b279ba86efc245fa9ba75b9debb060272825211199502e058c4ff84ee070be2eb83975bb8989844f01badef63012932ebd73b30e7f59231f53735cc8838797efb4e30f79499b6055216c5413647f67f9e50ad0f9d6e66ecb5929895fa84f188444c0775fdd34922b318eae145452feecfd1d73c742fabd8e0001310d7b2dc3dd0e7405e63f37b1f6af762ea551c3365e7", 0x1000}, {&(0x7f00000015c0)="092f204206ba6fc036eb43ca73157fb947e664e01eb29f1f582bd346854e25545611ade547f220a460ef73646ef31660a5444d915a5cca4601c8d00320d9ef97738f8ac895c8e63e4a93191792ba4a230a30a973fdf7350311677a8e4a091a2e83e45f992384855743fbd5423f5472fff37737", 0x73}, {&(0x7f0000001640)="1e909610f005b0f85c41a511b3e9880c262e8e8306444d81de8c8b2cb2dffc9f2796e94eb4c09c8a7e345877f4be1383c88d10e739dca58f90fbeb9026d019c3d3419af01a5c43e1ef8ab95a782ec2626edb9331a27e8b3e85573ae259ccfd0ff7e088344661f584055b6b208fbced51d438212508e7b2e7b6d43a14149a4c41ac18de6143ab8e6659b1dbaa2535f3fa11df3b2b0608207f184f939412115b59c5c032e3d41803c566eb09f9cb09c213673f9c58d10784b621e7719019b68bf66409dd27a649c5855bd9b2e0e7a3b1a86699a5", 0xd3}, {&(0x7f0000001740)="abf24726184d44a815529d71", 0xc}, {&(0x7f0000001780)="a517de0374699296357e9b5a749f65abcb52aeae95a7be81572c9e1899774b77b0c9568c702e57b059ba3597b92f8511189b657714690ae1060bba68c45355605f612fb9440d10bea55abca82985d8ef1af5dba607019af9c3f06a6b32332d7a1c45d2444c3fdd15c2781ceac33931367683de895e86ddba22e8381b4d979a3415", 0x81}, {&(0x7f0000001840)="9eec3cc3b190fc94e6e7931732e58ddfbef304657fd79b41373a4b58f4beee189ec9cc4509d1820d345057e03ffabe5dee4b92b0784cb93b472631aaa559cd8eb5bdf980c7a4f4eebf45246c18640b", 0x4f}, {&(0x7f00000018c0)="531b7f22acf5ad85cc47a1d95bf395161c68f9b69e073cbcba64763106e3bfcc2e00519b1393bcb6d9556ff3dd66505639904a638513d35d853ff5bb96984b5bcd73b5e81ebbb2a073ab311a780305a654a4c94a4c427988eaafe6a4e0b631b47be80bb5857b9982008832f18afdeaa3f3d377cef2f8b2586c6df21aab52c374b684bc9d90bfba90ff66392310092aeb60331c4775c1ae2e086fb971b7d237c477b5ff9597ad80d32a36e66fe0202f6f39c6422e0f66aad09edf8196de6ada", 0xbf}, {&(0x7f0000001980)="bf50b7937d349b54b3bd63c13835e8c378039f29511f7327fd834e", 0x1b}], 0x9, &(0x7f0000001a80)=[@pktinfo={{0x24, 0x29, 0x32, {@empty}}}, @hopopts={{0x1c0, 0x29, 0x36, {0x62, 0x34, '\x00', [@ra={0x5, 0x2, 0x8001}, @generic={0x6, 0x98, "16c67ed79bd477f48c85629c6a66a6844e1009d0f6e516d38db3f98990302daa2bb6b53a63b6e69d0066f2dd8bb7bf69f264f44bacf3cfe7bde176ef0b2cf9e4694beba4284645b7319e43ba2182a14427d735c9505d580b727b30e73c5f7495c00b2fc0ae561fa12e34756b00b969129b1e99b41c1f21890a0d342539b11638e79ce8ca6c633b27d91284d11e20bb560bec0257f7045e1f"}, @jumbo={0xc2, 0x4, 0x81}, @generic={0x0, 0xfa, "a6b93910fd27008e75d170352d50dd05e542d24ce6f58939513fd2fc96d4ba0031fd40b0502377eb8944767cf8e0185524b6498e646bc3d22eacb3e26ed25c7f99906ccfc79b28e144b2157cb768fed95be23702aa48cff403e6a9abf6082d68aedeb114327d11055cc8567b6b82bc0b0bbf6af07c295aaaeacee7a5122e1f612b8272e8a22ff9faf03488384898073d7e3f60b13a7902511a6ab0ad87f4190191623b437ec1eaf36530efdf93e88b692349024ef58541f560a6f9e2befde3255214548cdad17691feb9c2cdc7eb13da05a5657b4fbf869712edb9ad48d8d5fade7a00118b89084fc832ff6ddd40c0c167cfcd1b69697c89c9c1"}, @jumbo={0xc2, 0x4, 0xffffffff}]}}}, @dstopts={{0x28, 0x29, 0x37, {0x87, 0x2, '\x00', [@jumbo={0xc2, 0x4, 0x1}, @padn, @ra={0x5, 0x2, 0x49}, @ra={0x5, 0x2, 0xed2a}]}}}, @tclass={{0x14, 0x29, 0x43, 0x39}}, @rthdr={{0x88, 0x29, 0x39, {0x2f, 0xe, 0x2, 0xc2, 0x0, [@local, @mcast2, @private2={0xfc, 0x2, '\x00', 0x1}, @loopback, @mcast1, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast1]}}}], 0x2b0}}, {{&(0x7f0000001d40)={0xa, 0x4e23, 0x10001, @mcast2, 0xff}, 0x1c, &(0x7f0000003100)=[{&(0x7f0000001e00)="12a1d8cb472f758f7f0d48af211c180e0ee9b7585fbe7cceb1b55f426e63d187ce644d93892805c0d1a55ee9974f022dfcf1bd72f1a2604afb51c2c6128d456b43566de2b1c8451968475901b9e3088bb40adc17ef86e66cb49b0a8f056a77f0c8d5d171d94c9ee5bc077ca148b4f42584ad891340f882f0320f2978fb063866a017bf92dc54690b3e856e719ab4d628b322f8f25fab89ef9d0bada360fe8a257e6bb5174dfb542290606d0c11bcf7b1031d7bc5581ff85e", 0xb8}, {&(0x7f0000001ec0)="779b1134a314d250deeac23c6d0e5f098019f5937b2731710639f2f5360cbf6aa31a729dd90c9ad2aee37546abff4977c4dd65065336dd17a61f2963ff4ba38ed5", 0x41}, {&(0x7f0000001f40)="75fd063e216be28f370dac130a498d42ab8ccca10ac988e0c5b3f6f8d2f3979811ee263edb0ea94ce13975888eee214540592be4e723f5f8cd5bfa86a39badccba95faca195529a40b92ca46c6acbb383b7370bf1bc063dc7897794cb5c9105e730e7015e7d6597663960f46f45eed0f8a1ee837fcf34b3540", 0x79}, {&(0x7f0000001fc0)="6cd6", 0x2}, {&(0x7f0000002000)="bd8ceb0753a0aabd6a356043e3acb4c05aba1951f41898e7cc2979d3a28a9469113f8c1c3c61f97e74de010d4a5ae149236290082ba1882ff406f16bc6", 0x3d}, {&(0x7f0000002040)="9d16f7816abe9b481d5ac7546455bf7d7beacd2f58ebd4c8f716afd2b2196370bbe8f2d8d5070d5f9f89483365ef93b083b16c9e1bc9a632834c4f04fbe012032dcd01c1337d432a2e271f0656f8fd2a3dd1e3cc39a03fd908a62a21d3585138f5b9f40f2ee174e3da4b246817d59ed4c4603ffa39e803e46f90998ed9e249ea5d5a91d43a25199bccbc9a1de7e35af5f3d123db5ca641c7e54bd4010bc1744adc4c3c064b35f25b85df296dd2e21e6d5dc5c975a553282719f552b4572f74", 0xbf}, {&(0x7f0000002100)="7bc025f80b06e6739e99bcd8fde82e7affdda9b4eba50f2dfb72d02818f716c89ccb193931012e262a33b7aa164974ed577ba222ceae1a7f6e0678c14aa91ff4d36955c986443770a73a20baf90e6d262a377aecafce5746d3c35b9dbc60943a7caa84c1f6124d66884a8688421793b4da51835ef6aa6a4d2ca932ef14111c38c8b99a70eb3692f05861c0f3921520a9925ae12bdb175a709ebb178b9b12fd8dafce8e750e4e391226441667d3796966bf2e01241781a244ef3fdab5aeaa6f970e226f7f94032ee65576f4df367fc87400b0fd9d24653e5b910b25605958fb31f38ebdebde4f74f9551e8e4e6d00177e57058f2bfba6527eb11d046af30d949ba0d71ef234629da18340d59d6fcd0ad3539fb61ec667006d163a46889393e3f99454064ebf7e7055f3a72e09648b68d5e45d2ef6b2c97b7adcf443151e24ba89d52ed5188664bd6174ccf3874b689156f0c6b58a0a9bfa39dc7d0a0cf8b79a592e7dd824a91903b78ab66f0f5d161aad8c71c21da9c33cc6392ad41bf253571fd016b37ddd6b896b5b760314393774ad40f45b229fe03d845c1f354ab22f2b172afc187c74f97221c50311d60816fccbbd08b9623d0564e8e4d85e7ad78f615c3f94350e83b70aea78542e6d66315cdc3529ec16b2174f7eea515707e3644cca36342d41c8538c5e61e703228b9629dffe2c2efdc5e7f59e1a2976df8662ba0c8d86e6040ed5f177e6c9f2a33fb86dd396d9c021d6a4f337305c231f88cc279ba78dc5cfb992239b8bfd1ea17d866506d4f0fa4816a5c94456fe69a25441d8a4dc2f92215237a9a5e8aed662837be983fe7b81fd409f590f15ccfc68663ad40d1716bfc190f00e99d2985608f427329a36d832c4cab846fe2a5adf870773dfb679a6aaf41fd8ea67f9f1d4ea646641ae9a7239812bf7eaf872d3384dbd582b471796bee267d750e5be7cda2e592055554fa5e9c74bcb3f45e520a0cd369d51797542c9b0758b6cec326b61a0926b433cadc3f32bb9ee043794ab44427f826a2596d09ad84c4408a8dfab44e91c030ddf24185f085922c42b1978729f358824d9ae8da13d4bfef91be331904959f0c9793a8eaafe85b11ae0b6c17fa14eae4f7cf606595424058b48ae253c599e5141284ba52bea34f7eeb5a6b05e77f979b8589592dcd8988b9e1f63e44dd6a36cbf30a96b5b8ec7a4b65bc2ec19ca6f17178a5b1d6db65fdd41dc50eb6a6c35700e27adce348528915d24d31921e99cd820c6ee3d27f2423a0e39a6586443136f48c313a79c5dbd9b53c75b3d07f20e1ef016dc6f8ac0e6e9585fc5665b84b64faf1c0ecc20c87d61102c63c988d2e5f47984d328c993e04e83cafc542ffde4514bddea385f7374b251a616078654f3e98b13536140d097435a5fae97bf7d79f32fab19f2f33ab88ac964c714f6f718481b38db3c95d401cb44892e2b4f7bb63153e2e168f0df43b0e6def441ac68d9bb4c080e709d2eb5909b9234e42fe5d2aa8b85a6e21c0b6c73837699052c1fbeeb1b785c78e6f33ec1554f9daad3e90e2359b684c48fa1bf8d29b948d9c4d4395d784cb6906f6963b81b9c24b5905883ddeaad641b3e445b52147239730bf3395d0bb5b5729ded184c2ce822f1bb9f7001def5b6e8863d970c7f64380ffab884ec1324f3a6c8ee9467403b7532a08a6df8a1ef915e6dca6040f86e2bc1cec1be8a5dc732cd8db1b98bfae3c5b9d17dfa188eb05c05ec944c274dad25dbdc3670c307c484952d7f4b5e194b97ebf2ebba349825858ce36cc7823ccc32e6e57dd6a53b4641d8d45a11086f87e1a1434f176e9e6bdec503e09f411129a9cef8861807aac924ab19666aaf9c194a56e13ed31cf7facb029c571db9c7303d7827ae683ccf215540bb6950741c6221ddee4823ccca3f91bc813f1502ec6fc80f4a087233fd08442601da9fb9a90cebd8231dc402d7b3db618ef51a7d99d25ea456de07d259e0b4bd706349e69bc29776cda9447b86565be05cd2e50602d3998169b4192859738892c11ec8362be24886e69d24431cbd904e348f924ac202278ffd0fa18482fc0cfe15cda7a21d495a962e0431cdb20a956652b64217b0cdfce7a36d551bde7ced83f82fce5a61f306891ff0a6b9871b6b20f2eb1a9e2575899edd0109ab4b74950f4dc95520e101338e6a9bcc86c1491362a152bb2235d2506974294491f27293a858e42f230b0d7ed9ccdcd763e59402841e8d18bc55b321d1aad4285e2f4a5b0cd2339b771976c8fdf6a0a297e7e913497b73f319d9e37717d507913e04a67c2690820b5a8b1b9a188a0039c615de703405448a86979e4d9741fcd8110ae623798f4385b610ceb78d892888925800c3d0c9dcd7cc5c34c8c3958b955ff3e2cf42d49a943a569f7e6c6b77d872dfdd37173381abf2f074bc0d5a1ffb9d90d24d00b89848aee7e6b7b8e780ed8c32e6184b42701fbc1456bd658967613d82687d33536b036fffd2bfb786136e3410956573c08f3b4ebe99030141a3dcb9de7ac2330e86525ad99ba729284bf9ab9adcd303daad094e8e0dc3014f29262a4df316a0135adeb505fb8b22e76e41d2414e78803ca40c7cd030e95b103ca0df2769292f036aec3108ec9f14bc6509c084b5d73e789ab5d7444b5cad7acd46ddde28c1e8a38c7c62a1ba85bb67ec7530aae26c800730c41c8335ea939fa207e48f3a8a899b70f327a0e2f52fd61418d00cd6e8bfd1adfd4de74e47de3cf16558b4ae407e391a51f32f7d12b60cb957609f859f5081ea9d80aa1fafc874ddaad57a230439f2d33a55ffdb4ddf2a1f22d3506c33dcf5d316e281458b0d96ef53476de6a488ae8c56ba7fabcc8a0fcde2e793de49da06397105439854286c9f3bc8a89827269189c66730071fe99f66e7f9776ec9f7c3a1d1145c012ba539c9d07ca8a7dbe8d0824f2797e9a3f10581f6d934e359695656718e8202e22f903d89204f2ed170b00aff6d6fd7ba084bb6f628fb92891b1a1d0912a6928a7d15c61154351ac52408cebb96d977d9c74847530727f18a623a5eaeb234f224f9e5ab7d67a23e8ac4653653cf2a020eb6707705ed7992bea917b32d49dbc2b39f04ff73481a67e2bbf26c2516c3af4b3d7fde894c41c8f7bcf22d342bd6a695e7be9df75c071cab30d28d44289c443739c8ada3c0b4eb58097d7d59d2f34d728edb03312cb973e6c3207b8a26b038d314361f81ab4730b66e658558b3ef476e6216a42dd6ca63201d749a74c8a4c104bf9f45121aa6dfb05ba73d7cb6dbec147a099a0378cbc46f828f0c50b9fb14b9122526560263c0f21e58f03e637d544e2d5866be7941b216add45ac6716142ba6842ff719ab5b4a29200ec58bd0772d8fbac2870d4a3bdc698a26c77e3ae4ebbb3c80f71ac31081d9fd1121c4aa49c7829f06f71a1fb3e929ebd1813b3aec0140c68267dbeb61abec76971b22400135d1ff310562d57a2c1c11303e536367bd66f050dc0f8fdf1a65b56a8446962205cc60ac5bc687502b09a486f8fd6e65c62fcd433cda23f739cb26197a9c85e86d7d6dcd09233fa3e75f37a71a5f9b4e97c49a3f4d33d03a232b7701dc97175f7160f069b77365988aff089b778873101fe7a1b6e05cc5b6ab3a207121b1ee7538a799c4a1a8d3eaa19a22ee2927c9228cc3e992b6d53e4ffa16455a6eed1ff86215001786ec3e90749a0aaafabbe0e4adf5dfa3a4e52578a8c1ce6465f090ab56a26087ec71932dcdb331cc65389c4265c77629321e7436cb4893a7481d4e4d9f4f57d998c19530cf1ed212039b433478d7eaae748a68454a7e9f42fa796b690efa449f146cded878a6fd168de21fbba1ca9d5e93851bfe1bedbdf1d158cc8c1f8ec351762f512c215ae2a123e1de13ce7a50d5ecce4590065ebf8f721c4c80a5547a7519a6fe0ca3701e8b466d4ca6c3c474de2be0bc5b8e78ca6a8bb81bb67888148163ceda4e65e252496348c21c13595ee8fe8b8fe5044a21dbde24f2ec6e8bc1813cb0ce8079a862f4c3ab7631e8d5326400acf7896b4972088b586c904b7a742ca5827c7cac3c1e0e0cd9e09d29b586f8324b5f39f76af2603629a067dacf602271119b577a801b65b0e04ca0f74096c1a996df9e3388371987d2f76d8a16512650cedacb2ef44958a2d7ce89eec191cd39befda452b49dd6084b7098174e6e569608a589a027c43baa108d870f932a4ba8bfb818f1a8b5b2a26e594d4b6c8d146bddc0f857961485700c3da8474c1fca7c394fe2f61e7c1475ce3b95a66d8157effc722ec9f22040cabcf84dc16bd6d2510508a9e91a1739bd867e8288c2f58a40f15ae877afb8f8bdef1fc92d78e8f080f39df4b41b4cd68ff97ad7d87405aabf75dbbafeb8c11ad93c9ab90c3bdf0e5b50b7f85b9fb1dd914993d3af56a24b974040ded892e08c581696f464d5a9b15085bc9fa8234dfa95242961fe2a1f3e7ba7d3da390ff679f8b939c05f7c86508f46c836819af13d179f6585588115387a7d7171286666504150f5842173b9180b9f0ec4d1745ea835c2c020aeeee928a9684f724e6d5f8881e9301e9df6f2133bcb814e4b7e9c3a3c4abbe439701b16bd3bed85cc33751afb3ea0cf04c195cf32e0049c30eb4d5c92be49dcf79f15a88c016a0ef1d8308fafb8f2b47d811bf5d24831ccad59352aba36160748160afb4f2fed8150e630a52bdd42204d2611991f6cef66d635a18a518a6b2f47e0da5f1fe21fcf5fa6cc70c86e1d49423949e278f515e209ae38433715cd301d86b0e8b5595d5b787a2b084addf067a82434ce2c43abcf57a30d6c4463dd1f8c79671d803ad412720a6ca14367303ccb5d031dba0b8ce8145aebd4aeeba5a85c110dc3014dd731dee48fc4e89dc15e6a8af525e56206ecca9a6ee1a8bde140fea5906e9a781bbb00ff725b72265ff9d635e71b73f8a246dd40cd95b222410aee0e297324c712fbde56e44d2a88fba334c031c4ad9cda211df34d0cfde2ac3ad565e7f68e0dab33808a43e0345148389e896c5f6789b5bcc39fae38cb105119f2dbd7a20e87c1e1f46194ef3b47cd25aa7251a3bb0748ef3a0698e303851a9d9cda4a7d76d055470ceabb11869f32b26b67ab46886fc515edcbbb323f0403b3a6c38129eefb23dfd439ff02f03f639eabf45901fdce0346758fb3e89eb950892aadbe85cf873c137f009bcb5b543d0a987569e8011e2f883dced0fc9abe3f18a0d0f7c28395b68b90e575b51139a4b1d42b2f5913b93622d190c2110e7c7170b50cc68c662640ef7fab26c7084fb25626a856f0e45717b3de4eea177fab985e13f56452c357c2eb56d3bab64efbe29087645ea8b9ed0da496cf840bdc800e44244a08ac322f1df28774539e5de376cdbe9e7df3859cd28ca7df3289a30481f72777b205b7b6fc042a13283021fb3eef00f4ef136d8fd61d50809bc139e73bf695b5891eef989d1512af219411b4442f5f22a97d5d8b6c96324a475ddfd06c2a4181003757f27ec6ee1e5b6afb21b87134b2c9637210c7c1391954b9391646aba4a6efa831eb5f542ca624dfb5d0e99daf3c36cde2beee0249109afd45b67384eb62d489ca20ed8f3efa3fa95aa7f78151fac370c7a987c039d928accade79c2389503d4b27114bead0c990cff0ed419a4e9daf2d001f598828d176b3ae56f4ecf8dc5e72bb87989be4ae02d8ebfe863ab27032e5e403fe74632b869a1e4943eb185276fe6812edc9926847c99adde78df196fee1e490bd89ce6660c4c3f3465635efd086b9157e37", 0x1000}], 0x7, &(0x7f0000003480)=[@dstopts_2292={{0x30, 0x29, 0x4, {0x87, 0x2, '\x00', [@padn={0x1, 0x2, [0x0, 0x0]}, @hao={0xc9, 0x10, @remote}]}}}, @flowinfo={{0x14, 0x29, 0xb, 0x7ff}}, @rthdr_2292={{0x88, 0x29, 0x39, {0xab, 0xe, 0x2, 0xf1, 0x0, [@mcast1, @mcast1, @private0, @private0, @rand_addr=' \x01\x00', @mcast1, @mcast2]}}}, @rthdr={{0x78, 0x29, 0x39, {0x62, 0xc, 0x2, 0x1, 0x0, [@mcast1, @empty, @private2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @remote, @dev={0xfe, 0x80, '\x00', 0xe}]}}}, @dontfrag={{0x14, 0x29, 0x3e, 0x8}}], 0x160}}, {{0x0, 0x0, &(0x7f0000003440)=[{&(0x7f0000003300)="e47f5fafd0422118c7878eeec96b96ce99f46cb4aea3c6ead5e6bae54d314a26beb895bfa28dc28ec2e6d15c691a70192b5c78a4e50e527b64f87fec7537faa7a0c2574a92e4862bf67eff7b43965d6f55b40a7589f378aebcdc88934a2e996c414cbd0dcbbe7d99356967869d0ee4b192cb3f07d5b4792e90b2e837595a5d6145f288b83c3ad7e4bfe955b1dca4fd15f735536226631aa504851125d9161567dc14554ad0fadf7c655038d714bd311f0e8251263f830ba465869bebacf73cc55c9bc412f6bfdf9f2ed8badb8033aaec46d9556cc530fdd80311", 0xda}, {&(0x7f0000003400)="5b3982ead01d9558ecc7911ba3b4ca03c3fc257b141533cce9f32772cecd1a697253a434c9fe", 0x26}], 0x2, &(0x7f0000006700)=ANY=[@ANYBLOB="480100000000000029000000370000001d25001600000000c910fc01000000000000000000000000000004ffcde015f585624d99655279055cf90511e4686c323acb2755ed2054f22da11ccb639d8ecf219f43073209b089fed273b0e216259681e7e85341b8e2932ecdb6a88c33ff7e2da7fa188488232e34f1a840813b1304bd4f5aa0568b2a81d28cf0d6db5a0cc3ddb50fd06583691cd24c37d509875e809e7ab089b2ed863bb3d64e8d3a17b89c90d03711293c05a38bc0c4960cfcfa6bdb88b9765695fec6a83b502a8abb9a32fc4ce48f874da5814c138d82abd820561a2592795784a392752fefcb50b96402c410180e707bfd08ea94c3f059bb1f23c8656c10e592edc17c7287708401a42e365b5981a84d958019da39920cdd0f3fcf7b84cd49bd068dbd2850050200080811a0ae3466830648f1f0e8abcc120bce073d000000000000401000000000000029000000360000001804000000000000040100000100c91000000000000000000000ffff640101021800f3eae2569edf6e5e09e8193fda8aa8f9cb9a7cf2e762e44e11522ef60a47f585683c819a1e23e1e7619cbec16ecfb12720d7e90c9510dee4053a2f19e5eaaa6c6da705592b89d7f8e22c1e0bf32f783d4728e85478f3f0ca682e2ed95f0f3c4e657103229809b5de576a846de7df0c1e12ded261cd513b448ce8270b94c866b1995527377b291680831a106dda05c1983478133566ef62f73ef9548744a2a41027805d9bdd8c4cb31c1c048631ced23aab04e17244ade9ecdf4799a883f512d6fb53ec461be4d5042393b55bc2bc8933c20d7d03b8d99ce9aaf28b158ec883df31c291c9e0fb065ffe85caa8f4d5194360384a3f11374882e5b34af86881be4ea9887984fd4b94790995c81c650154505256387cbcf05974ba03ee2b2443f7da3396c2d2df08b7d77bb36ff959a8d6c4a7088088cd27d46be534106ea484f547a808c03c4e4df37212d2f1d8a518ea289914a21edeb4ad052cd4d45e8d2e427dfa968388aa031e719cf51e05b5b91b002c1b81d4871b72d2b0a3a25a766e3d8dbd8c8f5c14bbd776f76336b545ac8103416a8d3860b72fba0b44dea67ad6ff2d73bd31898cfbee29a07a4a7e11003cd60c7364ec222a31ce002fa986320aee2854d0975bc9c9517b620e3764f93c5a149a0c6bfbb797e2ddeeb756a6b47ddcacfb277a8de94bc75d661d79fc9a906db1158d1b12712e918779d8bf5db5d2e45913dbbd1888cf3ed5400e03961df7a4bcce2b745f81fe5d34283dfc4b22adf34439fd224b878af79735cccfba89885fa338318ecab0cc386f88ba35f06e693e113c5e541c23857e8bdc4b8620b9617f9b3cd9c0ecb100e5de137b6b40fe4c12b7ee4614aee935270d1877896beb8f5230c4caeb294dab3f843caeb59ff86903d46e6f65102a28965e65a698246df3a0dcb1267c1ba0f018eeab47c4b8c237b011e6294fd1d5f31346565b11a97c7cc65657cf54a98e4e4ea2481095fcf6d8088939859d91663f280007263264ac040dde64891acc2c60eef46ac243e724ce1765f8fe2531ac761510250e5de07d4b430556bba4be9e3fa094317229f89fbee2ada47d5ff02b870c905df54d02c572bb1e1dd9b6878c30cda010ba729043560281c7de98be08ace1b552b700db252474a289c1e25e830d679166cafa6fc5b72c37f552632ac587ad9e4a869e65546b08643f2744eea177af2923b65ebd374521d7f35c4bcf146b5137344bf7273158c1cdbadd7138f1e0105ba4da496873a366cee333c445d1236fe68cbc3783c7ccd5e8097edd0a951f6f3f6726e2e6726065b2afa2ff22338a18b2034d66a26c6f3ddce6bb88dc0018710eddd9e4bcad9bee624b76d50962a94e7bbdcae51d1869aab92ddbdf1400a4cde58c97824720847b04419a3e6078ae632f5ef7faa39f538822aad6a59f07aca388ce5698e9dc6b75e47fa13ab6bedb15ad08965f4b23d18ce2dc4e0492fb19b06161f45016cb17ee1d2c543db0c4e64468ac7cb629272633f1381e844d3ce458dddccc44e927ec81dac003bd7deef0be7d1e81dd6c9d563ea50fb4b018fcaae0c07a079e27359241487243bd61e546347e549815dfbc95794a15efa86e7d07af8a3457967fb128eff79a8a98fac05184498c32a4fa35ac12ee89192432ae1034ab45e0d95a084557b1348f9e976b14baac182712938f40bef9e219b5162318692b2e6e8e64ef7e262c23fa6a7212272689856744d04b00cbb22d369f23b4a22e8b29736ade871b3d192893eb093c9603328b25bbf03ac0602d2bbeb5df50909c0f7723afbcdb50656e4cf9a87b921bf3f9e4df001566a2c2ccb4d34ac8050d7e5dbe9e9255242c5ac5677adf6ad1231ab8879459fd1bd8f552a747206a10b2daae2aef64daf73e8b2cf05e4f31c451f57deb39adc2356bf2d89665c15bbc8f85f0ef477a7c2b7f04e2236fa5dba0093a3eb5c70a6499f0b05e2129ca4991b3e64439c6285935be164028aeaeb01a5ebc02413433bca325cb79b87de81b0728e3ea1387a26ab161e30741ec43e9ba5baf7f32e3462dc610a997d9787d400f1b3ede6276e54ad9b117b1552de9c981744f9e772695bfbdb14ce10a94335c532283ca64cfd0b873b2ceafe6f17b71472488ba4760f731aa5c034797069d8129abd56a596e0c2e509f7310d02be0e9696943a05cddc51c2b192c4c2ad5d6a8930329d1d3c99caeb054050d4389ddad7153883c27a4bcaabfcee588a0468edf0f9e09a64f0adb7a8197dd37ece6a7981874e139a62593032e7f60360295fd56dd67dac3d48423892eaa4f7279d01c8037d23c8e874f939e4db762e1302701a0f5506a9c3206ded67c870eddb25fd98e30d61b92c0eff04f7f69af4f5eadfbeb95733c99ce861e5ba825008c7d75fad60cc6a5016cf1f43fc0f007f3bcf10440949a1b2987d10b7bc007591cda96da6387449992767856a1df52fb2ca1fe9c66d131fe84f60ea647e8ada8e66ba28ff4aed76b0ffd08ca056585a057c80a2329827bd0ce9b21bbff77020d38d6369e0996e358ee916b029b6e0f99552a85410302d394710eeb42b49b52464f469447e8d0b98daf381799e7ae7b073244e3ac924f9fdeb2b0918243c5fde80e1b8c50ca7612d195cc0afb153be2c409f5a2c5f729b583595c56e16f5394eead2fab109072d061bfa3d599892cf0770346c498218eb52ffb2d19a4b7caa87dc95b1092d3c40f08f2308b04f9af72d9b524d3caea400a85468224c9e78d0b959fadaddebf3c8bf128d37c4953c69bfe96f13fd1b76592b79549e76d1fbfc4d32a6261cda449cfd9d1f19136a56c71657b45a4e06c166d88d2599fd28b5ff69324db50aeb6c58e3340b929ca496cb426616353be961c91c27f979f737c67488de2430bf4de8432fb02b2e24f81102199e7b15477ae24d4c2ba6577b5db4c86c0ef83134fc27852710c98a4aaff66e73350e47af19a0a5384f17f08d00c997d2aed23bf54f4b6d85a2612a7c32ca0c9447f14b90e79754b7c2b03d8394bb5aef29434d68c2e606c55e03621720d8880e018820654a3949ca134893f8449dd31feba8d2372097417f2579feac46386b0301d10e9efa171ceb557fd0b0685918da9c69bcb6be35e22442b6b1628f867ee429835ab04bb27174fc6acf60677fd150e78660dbf0989a2213ee4dd86bad721a504526301c2f4b46b0bd8cf67b22c7a4f18db1e321042320049c249ee52f50f45f1d1d63b442a012802c6d784736f6d40a3d75d2acb5dc2932f708cdf336d6f3c49d4484c8978a05c82d3bd5d0f88693d737d8cb7fef2bd673933bb18952e48b262ed1f7a20f376d6671a3eeb93ad0ecd9ff2736e9f72766382fa4a0e35923ad4f3f847e9d76f86a6f547cda63a2eae021bb6b2c2a45dce3a0e960573a75a4e041d1a75da8f02f5de64cb79d60e5fced027adc9ee255d224cd94c222732c5e563429d3ab5c2a953c9a2e9212d8a606ebe4caa61b365b443638262f820416856969f6960c39499e17ba0814d857c8c569b7244453c778c88d7f39b458032687518543dfe2e4ebeb99e4e588994506354eb0114e436c6d1fda79c97dcc91624063074eba508731bc878826d8c317c5d8aaff39fb09678d01b29fb7e0f2a4a0e6d0332e2a815905e1557dc17ddab9ff840999eaba1ed965851714d130962ca81eee582175ef8ce6c7a90c0d80547788bc16c8eb29cd640ae26b68f91e4885847d37031f3b10a8a3035f5fb216dc6757e201d18feed256d096b8958d7964fb75cc895b46f2e61e67820889f854ce1c02d1b3d8831693852e17301770976783cf5931eb5a19f64f979e113cce21d2fc1aff0d38701f22e6c9a037adb49ac4ece53a5eed205b8db29b1316f675a9b44d6ef5beacb75f68f2401efc2b2c2f45a0efd6d6f1e7899e9d0132ebd60331f8e5e63662fa578af08a365b0103d381ced1b009372fcea0486a8948754a5a79d625ba3cecdcb40568967955ff3e4999684986aa023e49ea46cbe8f1fe1d6f28487285f1ce56a3fa2b19e337f543bb99d9883c09e44eb02ad64e24ac45d491d7bbc8f45d006c0a14a6e3b006cc35209c7573c87d1b23d65ede00142d6297d661557f7c58877478e1d7c684cc365668701a133e4bb6af2614b769e0e66ed5c1635a6d721993b1240272d53a4df59bc5b9ee10f08e07d2aa8ab892bc8b8db1bb5f409264bc33211280f3ed76fdc630e16f052c2fc84e3cbcfebca9ef241f9c1a9f0e77d7c56c0a585c85c39f7ec40056dce429f24f47805414f859119e0548d2b9803badcce941ce867be47f2600809825a525443c6a8cddf2d71b1f72e53f95f66a74e8abfe01d5d9d693becf809b79dc8decab13a6d362c03eb234911ff75311e1311ee0612672adb1bf84766137d1b72b6ef9d787022686ef07057d1ceacc54eeefcd7ac9f58d0397336dff260f526e791e0957544f266a9be890379ef31de3a43b5c737c552edfb66b11c6cd2a78c91606664c9ba5af0a4aeda7da4a07d4433a09a737e5915944ee1cef080b30066790028c6061b537039f599cd359f32c1a2166dd0746e30c77fec38527f486c003d4d51f9bcf425c3339a6f0c65d8857bdc66d1e2199de2b9f559d3097c9ad058f9a74345110a30d3e6aed559808cc5524e8e70bb627ca96e79a167051b575d03a4d5f84dfb8336bb4c603729062cea26b21b0244164eaac00e9a0cb5710a9ca6ae34faf37992e5d538c71b6c5b5f6452e29ece269c06e32dbc27ed120bc4c1698c2c107e5d258a0014ab2f2604c6469daad01a55cd1ee9d271125521680f06c9b26aef8f4aa88a5d56e208be34970792884235af63418449ef1154e8f75d88c863d3ae55ea1c64f659baf5d0fe42c52c13bac0824a33f9fda242e15ad1df5a1addb66139b8695cc2f8302c934ec9d17b220845f8cdc6bc9edf75f6069188a9f919df9e3f83b2d31da7802e0f7bfcaf82573512d971038343409be73372cc5f871d104a8c4d0bfe2d2f946739f6d8b006ffd1c8dc80244b57013a53b5b33ce763335e9650388d2555f7a56a20e1370c510dca21bc800dac46fa24d0148c1442da7974178627e21e958aac8d4dae33b48c8e2bb151b41e18ad3271be07ac61cd329581c3c39ea14733b34d41cd6698ef5a6d4609df137a0df1bf5b9e8f2e0e49a0f0fe14e0fe9bfe1643220a8474626f6d7000f4ae70670628c691cf00c8eb35d07153f4701c9a6e8835125a66e86c8ea7db74c2b56751473f1252015ce37c5d37e3035839f36d9c68ee129ab3287ea5a808d98e0ed9113a96362f0f1ef343efb90d039ebb3dbf2c665c697870f6c367e43ccea6d504d6a0cf83599d9ae1238941e3be99dc93ccf327f21b198bd3ef109227b783c8e6629f4d0efe85e7edf73f29062797cff8d495844d9a088855e5fe8a7aa12f0bbf6954a44130f7ea684e374a9e5ec4ddb1a6d0dfe06a3036ec12901e414b5631240a9b13ee5eb509e87e8cad34d171c25be4f2ff5c07cb3f9372b31cc1063d263f480fc1d51a535c25c39c9430659405624a365952f684a5bb1935fbbcf2422b2fa95b0cb150d77c8e11081da26bf46e40553c3fefe2fe2b602c3e176f3f79907600c72ab02225652aaad61ad4ecf320daf1525beb427806232a190808fd592557dc3f0d7b443402c22f485713f869d8b6636e90783fed44b5fbd678fc43b201fdc2091c77b15170cd7f8bcab7eb2490f168cdf989792a9bdda74f9dfba440e40f8dc9956ad475eb6b2e0aed4988f03c324325987d3a91d3b1bf73010500000000000000000000000020000000000000002900000036000000730000000000000000010000000000001400000000000000290000003e0000000001000000000000280000000000000029000000370000008401000000000000c20400000fff00010004010300010000aeaf54a2758ab91e6397b2c92665ce1a0bee63074a74bab6672f3e923d7749778bc7d159f5d817e5a3fc8fbaa28aee01946fb335a65d754d589c9c8e92174dcd0bcb504f92"], 0x11e8}}, {{0x0, 0x0, &(0x7f0000004780)=[{&(0x7f0000004680)="a3024c99ad2e8bd8a33c2337cba75598abe298858b7efcaef2e7a63bf439b0bd7e7b7bd5e77a575775b3649e0666403a35933215aa5e522214120f90317d220b11b9fef4af6fd4796a0d4d3ee6b83e9d85b0429d974953bca88d59036fb1aeeaaa8d2e5fd49932031831bd337a78f1f08bfe19044361decc079be7e311b789d1a7156cca09061dde57c156f3833085c8a964319db95808a7d93fbd8b35", 0x9d}, {&(0x7f0000004740)="b52feacc47cbf0b3cf9b6b4b3e2ed2173adc5c26673f79a08be239a8df4c8bd60d173bde33a053dd3452acf5b8a804879d6a10d713c7d796c94e6cd95cc78d59", 0x40}], 0x2}}, {{&(0x7f00000047c0)={0xa, 0x4e22, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0xfffffff9}, 0x1c, &(0x7f00000059c0)=[{&(0x7f0000004800)="885d620b55c10b21967158b44d198dcb02d55cdc2b9553719213dec165b254bf06dc7046c92c3d86a321c28bb315cca7c67c2b898e4138126379065089a96316de0709df365e2aa383ca7cb408232fd3bbe3ef719bae59f8244a1c35fbc6059d74a9602d446e4786043cefd169ba16188d805860777ced7d1d414a20dad6584260407f0895cb4d164f9bae34a9f5e42e52d14135083c2f8dc14a6887fc49480d001c62a4d3080256ba6d4f3f244d76e82f7cfd7a172173a1e26e023b8744802acf6395fb60533741e4b377fb54339a7b7d34949322c592f9373143e730f979351192ba71fcdd064acdb268ea0b30af4d2dbcfd529bb4d10e81ec1976c418d204202dde94802fe28216e9429a070aa1e04e5557ec847f5de8c8e60e54598efe9d58cc6bc6b0a180be9f9d01274956ef87032c74ed815b00ee461683f5d7d37a615d39f125cd2fdb4910429170686a5c21a966042d5076d112bb5459fc6640591108a5f36b3938525b44bef74bc1d36a42c0ac740883dc19291e89c86ece18adfdbfc974911034fb69f9f228c478314c0ca7fe47e548d000e04865450d87cb0af63ee203bf58134ee98bb5fad85b75b3565b3f021be3718eb29957049993e1f5034133ecae2801cb01cf41429b6e8a5cb1e803dd0dec51df355be8f6d9da203b356261454c1df36ca766023b49040e513a8b0515eaf6c4866b7c6a6bc0f2b20aef0bb8f2209bdb6a01f94d34e46678e86e6f6c6b0d66976abfde3c518214a8958319f635a3785a8d7423a719afa736c2504a4d8414cb373feacf76b0c8ffe0203df4dc883b7bdae0168fbf97e9c6de319e247908cf9782c638c1f35e7780564fe57e0b7159ee5b9768831409a616f40b5ce664811f008caae56f237f5dfe1693711f31f23e35c063bd4be1157c839abf737aea5202d349465fe3ff43b16edb482b13b0de7e44737384aac5194e30b79fc6da2d549e6db10c7233a8eaf59f61122800bc6d47892af793ef89296e54aaf982839993632b167fe84219621d71c6cdbdf2670c72d939672fd1091da0cfbe4f8d06a3964e884c812ef2ce8937924d1c5257eeaae9f3f81b41d9cbaa900d689a396c08330a410f7c4d6ffb89bb28e7a2b8d10467cc609ed94e725638a5b6ae2313b8ad8957680a54c5a6668e4aa8216cd4e204be80f1d2820c9d3761bbf8af2e4dfaf22f24f04ce96203a8365c0298e252cc020e89ff7a04dd21048d668122369d3bd6f8f5d94c445f4f9268623514916328522b31c0804b4982704ac9b3ee9d969d931e739935afa9d3cfd6ec4ffefc1cac6b102032ae9257a1746fab1bcafcf19118de2ef416852ed804c1808f8ac8a76bcd988dd7c00d50302bf4acc909a3d3d475c4f024a354161db8f7f88601a8b94cf72ba497267f79db6adeda4ebed274bc394c5442da1aaf941616a56cdab58e700a62ef61d6350ce3eca7e5ac46a37791590a8d5b81abb498dd653e71036cdb6c58b75c0b0d104c8fb297f74685998abbae12531e40d33437692f12c6f1e38574fefaa64bd5b2bac8e1b09359f95bf8d9f8efb545783dfe7709f7536e029e3a05ed12ca005b4de3af388c9cd5ea0651be380f75206939e21a7287a20e16a64f947079705066c0670668411099f764dbb1ad66f669ff6b1bc032384aa9d32b927326cf994d794c3e696bb89dca819d2096b53ba7a2f9e6544b00ebf0026baf7bfd0272cd8a8b7e0943e2abd8749ae6af0ceced981a81a57d73af88f2c25c7bc204c6b3f9b18760a0f832347b92457422a49efafeedde8562781e1c4cb696e9e6259ab791c8b65ec575ae65475c0ba08fbbc5a8d0a16d4968b5cee24646bf6fa333fea093b853149a3dc24bb9e86b86ef7500bbe2728bf65265f1cf09bd13428bf2c721ec8d856fa43e5509fed1167fea290b4c82f3cc03a489521943e0754bb2e684e2e2ae60b916ca219905bc083c0a4239f754d97da8bdde38f3b58477a2d75626047013fab7ab3952183d50312a5efd1ec8e27aa52c67ce95b3e93105cc47e0702e57c8ec0c085221ee31f9d8202684a34bc0e637dc50e79fc7bb35add46922a53e3a22a6d60859d9676c123909ea51f5f84b19ceebcd9bab45e0ec06fe0f01371eae1966cb27edbe793ce060f21856233a4c2f6031346fcf1e84798f62218eb4bf2cac803527d7e8ca3817b3887aff03c9aca74de537c9372ef4d124b30b5c54537f90aebe7a94a97aab4fea934318f8efc4370d6a315235bad1ba9024d2e7a0a45309f204d2bd43cc1ec79088fec53f1c64c6a73503bb55fa75d886a4f0f48cfaae5928d9e7913037c68984eddd0cf1113e645a1452f42f600b0828e4a863fa950362eac9376f762f393a1d025d86697a22b0e72eee156865df2e33b79e5df7c514b82c5ff4497e280ce38dfea640d02673d006ea83124a745c3497122613976d4b1b331a8b88733c9ca53cfe93a1321a5fa35b89f07be07b7583b9899d5bcb6548b2da36f236dcbcded851e1b0bd672e88ad85818b5a2508220f0cf2663f26bd88c67b9f9a9f286ce90517b0f9d7c95c612693d58028c2d8cca3c62e857c71d154382557281a750fa28fb8d3bff74aed6d01362c312a1c9c3d07caad980acbf2a04c97ad626486b04d172fb3c871e19e92318e557df1d99082b5b077ad997dd0e41a256dabb1209c5681781560b59d5c9b1ca3918fb574767e85f92721dcad84c99178f4521440e948768f1859a91edd088e583c2f283e7fed4d7da9f425a85508a81f8c6d441e6736f5ae1ee0a9a97ab8e0bcd1e94662c209822f40e42a22b2d4d4891db5a5ab4f316570a2555f0aeb47c9c4f1f9c47b29c014471454b9a6a22d5a5b07c343941dcba7ae1886bc24aee0eedf410487e9c6eee4a598c220ebbff774ba8ed4ac485701fb303377098be6a4bfa2cb863a66e3a296da80d39e16047e08fd9b2e598f2feb05adb1807a74bcea2223f3f2d45f56fba88dc7d5f716f807d4cc5d19efa3587d9dfae303bc441821017dcc1d31830b29dd7a51427d300e4b1267b62c65bb12a7353d2a76b163297732005d37e2e0146e7a348472b5081ded4ada1d2538301fc668193c4019cc71bcd7fcaa4787cf12a3d99b6100fa4e72e6fa932bf973f55d467ed57c6e34410c1cafde2347c23e9440bd9a9e126da458d4e1baa363197e284b8d6f0d4cd53b60172ee9db11e505b6585a49190650f50e4d3292fb606ff4b564de17a59abe33c95314894a1c2ca9734cff5f4c757e8138670c4dd38a83b0f6a97be24bd992465f8ffd5f3da01e21a48b990e57460e77d602d8da2e53fa760389de956d2205b976a7da92ed170ed505b3a58e4b0c4ce0bd6fc458152acf903e2e4d8a3e853c269ea68c5657b83ff8c6688a9060232a7acddf9da0186b459e6c10408d73280cd99235dee8e8deef3e88b66e64c2a7e782b7619d892877acf183a4264ef47bbca2761e23760c4842d56d269115b1460c0c6cbd54845e0ece371d2ad28d64d3e199e0a3754f101cd3037712f7f58316eb042527421d89d5685f9515b9d2fa53afc9407477734959d790fcae44b591e9f95a05f290233bf052ce4e2de772a3c2242dfd9ca66ec2249fefe102e1880cca42133b7273a0f68e3b93df68fa1d40f61ff9391923de371aec45b978d9bbc775fb451b34181b14e24b6e5209fb3c63b751fabea0c6c9d3f2cf233717d0f2ea27c9a7e6d003e25531ab2ca0ad61bd150730fac0ab4e055d9d14957e23d3e64d5f70fc1d12601a2a040096f9c198bd0769ae111e8c81682652d1294003ebc160123e10589b327a16426e1f2a8e6320e53d1ca46dda85917bfcd702ed2c32ee24eb92b5aa4aea8190fbeb9a520b2175196d8b252e6e3b20a29091d961faa423cfe203f0e4f30b2b7c75d8e5abad4f226b357a157b58279f546bb67dcd0f4a3d44af5cccb78b4e9598828af65664c781f5abb66b16dcee3a6ac3c0647127c949739d109713f830d1683519fc365fd85ef7400c4f2feb5096e8b9cdcfd49d039930ad9b77cd1bd3c7425099159147e7e6089db15c5c4a1df42cf9e802c6ad531542b3ac5f47f132c22943e68487162e768da85a92fbfb594dfe82da1e78a00cae3394886961cdf92290e04e0a3ffa061fbfdfa5d08b1b719ebb4926a42193cfef0415e08513f666b0bc20c9d5b21e9858e465cbb4b8322e1f91251774d3cf1dae2c311dda1331339bbb4b8c15313ab770736012305b37a04239cff4b202dc9b819843e75804cb0e538be72ffeeaa287174cdbbb9625c3dbf30a6bb4619b1a1112c953b8327619e15017005d3921f45e3eb90152d2ebdb025addda57f71de77a78c801b723296a614d4939fbdd8f44b52e1c5536f13b894840ee3b39910f2d555b74e34432767109d96c501862e58d6ffdede077dbeb448e1d2019e195c3d6fc78d002f8b64fec6d59e57fc83630ae1ff6d867e1aafcee5ff4e7c932c887699f3b41cfbb96046e9c4fdb3a15ba8773be4ca5528dc28285ab303c7c25078218b6cd94bb24c105a436868107b779ae1dcf33a656109f25dabf3aa28b4401ec8311837fad0db284bb1484503d51b821358d32b55d2cde8661369038cfe10b39052004cfe45d2f43bc51cb473a65ee739b9aa2eb475405e5863434a55d116f02d564e72a8bec1331573df236798adeeffe3af750e6f7250cfbaa5d4cef034a6553e3822a4bb6fc1dd65d9256c875aa033f5c93e65426e591648b03dedb125dd73368841020451be546b5c5b6c620e43e5f4fc090eef8c08a9e115d4522cde6722fcab3ad49ad2e663ad9279fab1037fa8a57f123866d0f933d27d81da6e4395efaf89394e9fef4a32dbfc72a01c568285fc7967b4d1feb8255048408a809e9578a0ceffa40c95bdd564cee81d591b64e6affbe6b4517810c22996380690a7e26013312e753b65890589de97d8910cb181bf99e2bda4008aede0913062b5cca592ee3c0c73ec78eab8084c67086d920053f24e0e375b5e84ab55a0d146dde8781438a9eb8cccd68fc4c36f0556e32c48e9b2e494cf63fa4465f77cf174ded5eae0cad67286ec00a563f9665a8d90435851cc357e33c7c1133be1897614a7a78869ec1f5d6cead2bb09fb716eb0dd9fcff5e4bb460ccb66bdec13abf306b27bcff5072191349206ed96bee295da25cefdbd06d83b4ff1c980a6895b701f7a32e1f740320f3dba99779f58b70121883737e132915e8cada397eec6dad026392d5967dbb3b79bf80955d8b2e71d5210bee77c688f9cf711bb5a06c736d07626b558c4be3cfc063fc666d797c7fe2489f3a2d46f70b79c8fdb246f04d84b2af529734b7563b6ee77145764a2de54d1ce5e43d177a89125401491357b0c043958e5b39bb0db89b0836ba8d813bdc14cce68da5517731f4c86bf243bb86d97b99701e47a01eaef65aa8c4605be3c80d68060f933b3f63c5544c476c8dd0cf3489e43e3aa620933b406cbfce85895fd1c738ee132141ac3d2bd492b1e4d45d73fd7ddbd26446753f4ce0e8c31cb37039bb4a17ba3947c2ff0b6e2d6a84c93b1861edc142be5398cf6bfc396e67fbeb8077a1a66d7c08ea741ac13bfb05f9694b24755ba6e69839362de6c08033b124742348d134e53e4c2a71800a346fe87394a3077d1e417a35437d9f82f07a931318189a65e0e43c07562e7290a494529925c681fe3525d98bf477bda1e006b7778678187af7fc4dd1898dd3f49a7bcf368d57053c6e4a0674c9dcb0de9f60453296d54cddc6387a78feb38a42dd26e4bb451e4a0c8ed8635e84aa", 0x1000}, {&(0x7f0000005800)="e0a503638c64883a413e4988376257a2696ee9f369325f3d76fc06a18ce3f8c7f05440550eaaea7d5f860408f129b67429929ecdb04eba329ebff9780a93d0dfe7d529cca6c10b7600ad93", 0x4b}, {&(0x7f0000005880)="26473aeccabe2619f82468a07031c015c46c00e971141d9673de061537d54b7c2ff787ff5c36faf028442f72dfb8214571dab31be577252175baf29bf806ec99c481baf2e18f9cdf4722a6ff52954ae05a7623984616f092e24e8cc52f345f15a9eb8531950bbc47b9dae30430e200c5ec862f0564b1a93a00115e3bc156ceb13b8d4db4badb184daef8b338c79109233080c9eda55799467d02f743d6e6e592504b13cd4d94012bd828a9083adcfb1af8bc5aa5c703e559775386e3dc27825d67ec986557b3b523993f907cad31fa7dd9a2d04ebc05d84d7077b8ff0f5ba2d5f64f78b198d6e46ae3a58a18220d3facb6", 0xf1}, {&(0x7f0000005980)="a76ab33df4", 0x5}], 0x4}}, {{&(0x7f0000005a00)={0xa, 0x4e23, 0xe7f2, @local, 0x7}, 0x1c, &(0x7f0000006140)=[{&(0x7f0000005a40)="33c535ac3463cb65c57d0782513dcf1efbf95bd119ff995178410a4bb581e7d0236fe9034986dbaf0a8cb4f756ae108fe2f400f4d90067db45e6d45ce0342b2c9dd9b49a806969ff5d03774ade405eb0a803b1d5a1a124949a30998411e671b10cad62b436e2cd784aa33bc1f17f9950892705e1e6a99871ef3c8e316e3e7228de23ea829436ff62391114579f683d81485e1664be7d2c8753856782cade27e6652f670bbd65b05e694f8bbe8d0ff3cb8e85e38e9d2c12d754e4233d6ea410ebd0cc301b958d62053a04ee18557106dc130b14bcba7d2dc9eb0b81755694aa476d23c1301c1f0216d5988289dd1c6b4bc5b4c0cccc6e08555e", 0xf9}, {&(0x7f0000005b40)="b7316924dc26c4ff4aeade38dc506be7bcf014f66266247323316a6df1a875cf73a67d252ca5e4d830a004a143a1f87e74481fb481722a1ba2098054b99e5d93df2cd7dc35a300", 0x47}, {&(0x7f0000005bc0)="94d35a370d1c96ccffea52b7d2d80221d99abf73c8e44bc7b173cd3e7690dbb7d9f9df1760900b1042a8acfcd5a7e4a8c2869a901516740d641076ab9cbfd381a29e5e880110ec612001c5bd6a0c28948994ad196c8b7a38af5371db4164f183ac61e6692f5208fb7332a2ace942eec195925f2f3c11ee9274a575c885f5ecd9ed69a60620b18b", 0x87}, {&(0x7f0000005c80)="031e7b28cece54f30f5e356ee142175d765a8817b3fe5413ae7e5bcd8824e13f4998fcead9245adf11ef903fe383e46f311e2c1353af4b2fd7bc4bcee01c891dd900c0038fc6980f32592a0db70bac1acfb0d69b2b2340c510c79ec547243e540a96898a6348c212e1ef58302e79ef8968bf6635c573bd4339b675e9f9a07d9a18faacac0ca42b81e79f898f479ac633af8864073ccd869f18c7f519211be6ad6d280f908f7509513ae9621612f3e1661795001f2dbf58cc124e876cc5849d4704769f76c03b5ce78533e4e245188dbddb7957eb759293e69824644acbd9e8575623b0e206151747927fed", 0xeb}, {&(0x7f0000005d80)="ad80df05611f25bc3ae0369af02d9187e3fdcc7aa96c9e854adca634378eeffd4b3d0eeea0105fcd308d0523b5d4d71ec35fbc8cbf4795df85a799160026abaf0b476fb1a3b94f8983c42e9dae1d4ed74e72f415adca3f6586a014fbf9b972f00759e90a1c5691f1ccd21421717f7fbee8c026e46c901958ed", 0x79}, {&(0x7f0000005e00)="3cf559f26cac77cbc7a5aa665f98aa6379354d99c5b53e298c33a4cdc81c271afe2c1b63c45ac0ddfaf697ebdc07d2538746805c902899d3fc8838a63a78478e9669c09f41135251013f3093174cf33368d65e31a762d941b1a329ad14116a6fe266989c61d2ea04ee94fd540eb71e934f7baf4402e075ad525a0c4f2c53596009b0127d4cb596cdb38b99df0ff75ef210", 0x91}, {&(0x7f0000005ec0)="22597cb5ac45c8e742d4704cb1643bf69859a9693a7dee4024a964a74524f00fff10fa79fac9a4e962dda771af300c8771343afdf0b0ca41416c10c86809211fe2aef458f3927ae41ce2f36aae9cb0c37cc43b7a0a9aa32dce2da634ac85dcd1dc0b786533ea24e5e5dc31498f53c1961b5e1baefc208e6d6b9baa", 0x7b}, {&(0x7f0000005f40)="1a3b32b64473b6a0ca044570883aa25db83108f6d46a3cdfe2effda0d873e9de48a4809e5a81e08abd2ffb0e60fc613f512d7760d96f6f27ab786c4a3fe653de8dfef44baadcdb6487f3a6f83c4c6397504eba0f2240777716e6f14ec7e059dc07153679cd97b1fa3828d6f657a82397157578b269d9b48f2793ee441a4f7a2bcbf82ab9dea55d4201a3314ae1c00923ec33e23aef7dd5da0520b35523f8b876e9d83d9cd048dffab84b28aadc48898a3d7dcdda8a5265705b38cffa020cbb7a09f5dfc8", 0xc4}, {&(0x7f0000006040)="f6c6e288d3ebfe09a183ce9fc1b35577184eb4c5537de498402493c1493fe4e7a91fee0a7462dec39c83270eebf9187593b85573eb00e61e677184f6d7eadaf59100131404b1aa520a742683a167e82c052a4ec9730e3658f03407a3fd0b81357c446990119bd22c5bcf50fe6aa876d8727c8a020f2fd27ce1fd3aee9d444500888099a43ddc7bdcadd0faaa6b17718185cae68c505bb582b0311603f938ae731b44df021868c50c743fcb6ff757c78e48e61530a949deeea3f4a59e11866561ed36620b36d2b1b83acb0c0c7d0bdfe58ed618ef257d499767549495bc7ca021", 0xe0}], 0x9, &(0x7f0000003180)=[@dstopts={{0xa8, 0x29, 0x37, {0x5e, 0x11, '\x00', [@ra={0x5, 0x2, 0x101}, @enc_lim={0x4, 0x1, 0x7f}, @generic={0x7f, 0x71, "bf888b295b0cbccdf856aa75950a767ad5d5dae7c5fcf85b1da5281c77609b3fff9189359f2e49d336bced6ab27962d5ea43976e1ca702b3ac82370964f3e21a7c1a321b5caf172aefe3b831d5db8ac0d3417f25cd1ab4742957d477f95b7ba7ea4631bddebdd308b4b1ccde78161bd9aa"}, @hao={0xc9, 0x10, @private0}]}}}], 0xa8}}], 0x7, 0x40) syz_io_uring_setup(0x7bed, &(0x7f00000000c0)={0x0, 0xa95e, 0x4, 0x3, 0x307, 0x0, r3}, &(0x7f0000ff5000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000180), &(0x7f0000000240)=0x0) syz_io_uring_submit(r4, r6, &(0x7f0000000280)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x1, 0x6000, @fd_index=0x2, 0x8, 0x0, 0x0, 0x0, 0x3, {0x2}}, 0xffffffff) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000007, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000}, 0x0, 0xffffffdfffffffff, 0xffffffffffffffff, 0x8) r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r7, &(0x7f00000000c0), 0x12) syz_io_uring_setup(0x1744, &(0x7f0000006600)={0x0, 0x55e4, 0x4, 0x0, 0x1e5, 0x0, r7}, &(0x7f0000ff7000/0x2000)=nil, &(0x7f0000ff6000/0x4000)=nil, &(0x7f0000006680), &(0x7f00000066c0)) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) pselect6(0x40, &(0x7f0000006480)={0x800, 0x9, 0x1a30, 0x9, 0x0, 0x9, 0x0, 0x7}, &(0x7f00000064c0)={0x9f4, 0xf50a, 0x8, 0x8b17, 0xddd1, 0x200, 0x2, 0x100000000}, &(0x7f0000006500)={0x1, 0x4bb3ad04, 0x80000001, 0x80, 0x6, 0x3, 0x9, 0x5}, &(0x7f0000006540), &(0x7f00000065c0)={&(0x7f0000006580)={[0x199a]}, 0x8}) 02:53:57 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 59) 02:53:57 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40901, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) [ 2518.944473] FAULT_INJECTION: forcing a failure. [ 2518.944473] name failslab, interval 1, probability 0, space 0, times 0 [ 2518.947383] CPU: 0 PID: 12841 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2518.947608] FAULT_INJECTION: forcing a failure. [ 2518.947608] name failslab, interval 1, probability 0, space 0, times 0 [ 2518.949037] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2518.949046] Call Trace: [ 2518.949073] dump_stack+0x107/0x167 [ 2518.949099] should_fail.cold+0x5/0xa [ 2518.949126] ? create_object.isra.0+0x3a/0xa20 [ 2518.949162] should_failslab+0x5/0x20 [ 2518.957921] kmem_cache_alloc+0x5b/0x310 [ 2518.958889] create_object.isra.0+0x3a/0xa20 [ 2518.959938] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2518.961159] __kmalloc+0x16e/0x390 [ 2518.961946] ? lock_downgrade+0x6d0/0x6d0 [ 2518.962916] io_setup_async_rw+0x180/0x580 [ 2518.963891] io_read+0xe98/0x11e0 [ 2518.964723] ? __lock_acquire+0x1657/0x5b00 [ 2518.965773] ? kiocb_done+0xc90/0xc90 [ 2518.966644] ? mark_lock+0xf5/0x2df0 [ 2518.967546] ? lock_chain_count+0x20/0x20 [ 2518.968560] ? __lock_acquire+0xbb1/0x5b00 [ 2518.969549] io_issue_sqe+0x2e8a/0x77b0 [ 2518.970501] ? find_held_lock+0x2c/0x110 [ 2518.971477] ? perf_trace_lock+0xac/0x490 [ 2518.972462] ? SOFTIRQ_verbose+0x10/0x10 [ 2518.973427] ? __io_arm_poll_handler+0x59b/0x9e0 [ 2518.974563] ? io_connect+0x610/0x610 [ 2518.975480] ? lock_acquire+0x197/0x470 [ 2518.976389] ? find_held_lock+0x2c/0x110 [ 2518.977340] ? __fget_files+0x2cf/0x520 [ 2518.978295] ? lock_downgrade+0x6d0/0x6d0 [ 2518.979284] __io_queue_sqe+0x90/0x9d0 [ 2518.980226] ? io_issue_sqe+0x77b0/0x77b0 [ 2518.981188] ? __fget_files+0x2f8/0x520 [ 2518.982131] ? io_prep_rw+0x7f5/0x1050 [ 2518.983064] io_submit_sqes+0x44aa/0x8610 [ 2518.984101] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2518.985286] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2518.986349] ? find_held_lock+0x2c/0x110 [ 2518.987298] ? io_submit_sqes+0x8610/0x8610 [ 2518.988280] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2518.989419] ? wait_for_completion_io+0x270/0x270 [ 2518.990478] ? rcu_read_lock_any_held+0x75/0xa0 [ 2518.991574] ? vfs_write+0x354/0xb10 [ 2518.992457] ? fput_many+0x2f/0x1a0 [ 2518.993333] ? ksys_write+0x1a9/0x260 [ 2518.994214] ? __ia32_sys_read+0xb0/0xb0 [ 2518.995188] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2518.996424] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2518.997645] do_syscall_64+0x33/0x40 [ 2518.998460] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2518.999685] RIP: 0033:0x7fc0e8027b19 [ 2519.000549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2519.004903] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2519.006701] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2519.008431] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2519.010130] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2519.011839] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2519.013565] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 [ 2519.015322] CPU: 1 PID: 12838 Comm: syz-executor.3 Not tainted 5.10.234 #1 [ 2519.016984] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2519.018871] Call Trace: [ 2519.019484] dump_stack+0x107/0x167 [ 2519.020320] should_fail.cold+0x5/0xa [ 2519.021217] ? create_object.isra.0+0x3a/0xa20 [ 2519.022252] should_failslab+0x5/0x20 [ 2519.023287] kmem_cache_alloc+0x5b/0x310 [ 2519.024257] create_object.isra.0+0x3a/0xa20 [ 2519.025432] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2519.026802] kmem_cache_alloc_trace+0x151/0x320 [ 2519.027553] loop5: detected capacity change from 0 to 264192 [ 2519.027866] ? lock_downgrade+0x6d0/0x6d0 [ 2519.027900] __io_queue_sqe+0x666/0x9d0 [ 2519.031067] ? io_issue_sqe+0x77b0/0x77b0 [ 2519.032011] ? __fget_files+0x2f8/0x520 [ 2519.032925] ? io_prep_rw+0x7f5/0x1050 [ 2519.033820] io_submit_sqes+0x44aa/0x8610 [ 2519.034812] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2519.036134] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2519.037451] ? find_held_lock+0x2c/0x110 [ 2519.038639] ? io_submit_sqes+0x8610/0x8610 [ 2519.039647] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2519.040743] ? wait_for_completion_io+0x270/0x270 [ 2519.041847] ? rcu_read_lock_any_held+0x75/0xa0 [ 2519.042892] ? vfs_write+0x354/0xb10 [ 2519.042914] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2519.043741] ? fput_many+0x2f/0x1a0 [ 2519.043765] ? ksys_write+0x1a9/0x260 [ 2519.043794] ? __ia32_sys_read+0xb0/0xb0 [ 2519.048120] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2519.049301] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2519.050465] do_syscall_64+0x33/0x40 [ 2519.051312] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2519.052509] RIP: 0033:0x7f6d2ff1eb19 [ 2519.053358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2519.057959] RSP: 002b:00007f6d2d494188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2519.059920] RAX: ffffffffffffffda RBX: 00007f6d30031f60 RCX: 00007f6d2ff1eb19 [ 2519.061455] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2519.062942] RBP: 00007f6d2d4941d0 R08: 0000000000000000 R09: 0000000000000000 [ 2519.064459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2519.065955] R13: 00007fffd21e992f R14: 00007f6d2d494300 R15: 0000000000022000 [ 2519.082435] kauditd_printk_skb: 2 callbacks suppressed [ 2519.082456] audit: type=1400 audit(1742007238.018:253): avc: denied { module_load } for pid=12829 comm="syz-executor.7" path=2F6D656D66643A202864656C6574656429 dev="hugetlbfs" ino=41707 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:hugetlbfs_t:s0 tclass=system permissive=1 [ 2519.090758] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2519.098626] FAULT_INJECTION: forcing a failure. [ 2519.098626] name failslab, interval 1, probability 0, space 0, times 0 [ 2519.101514] CPU: 0 PID: 12840 Comm: syz-executor.0 Not tainted 5.10.234 #1 [ 2519.103135] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2519.105007] Call Trace: [ 2519.105573] dump_stack+0x107/0x167 [ 2519.106398] should_fail.cold+0x5/0xa [ 2519.107221] ? create_object.isra.0+0x3a/0xa20 [ 2519.108262] should_failslab+0x5/0x20 [ 2519.109188] kmem_cache_alloc+0x5b/0x310 [ 2519.110171] create_object.isra.0+0x3a/0xa20 [ 2519.111227] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2519.112429] kmem_cache_alloc_trace+0x151/0x320 [ 2519.113532] ? lock_downgrade+0x6d0/0x6d0 [ 2519.114548] __io_queue_sqe+0x666/0x9d0 [ 2519.115506] ? io_issue_sqe+0x77b0/0x77b0 [ 2519.116504] ? __fget_files+0x2f8/0x520 [ 2519.117436] ? io_prep_rw+0x7f5/0x1050 [ 2519.118403] io_submit_sqes+0x44aa/0x8610 [ 2519.119426] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2519.120599] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2519.121775] ? find_held_lock+0x2c/0x110 [ 2519.122829] ? io_submit_sqes+0x8610/0x8610 [ 2519.123862] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2519.125008] ? wait_for_completion_io+0x270/0x270 [ 2519.126195] ? rcu_read_lock_any_held+0x75/0xa0 [ 2519.127282] ? vfs_write+0x354/0xb10 [ 2519.128214] ? fput_many+0x2f/0x1a0 [ 2519.129061] ? ksys_write+0x1a9/0x260 [ 2519.130004] ? __ia32_sys_read+0xb0/0xb0 [ 2519.130964] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2519.132319] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2519.133597] do_syscall_64+0x33/0x40 [ 2519.134508] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2519.135721] RIP: 0033:0x7ff7fbbbbb19 [ 2519.136588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2519.140958] RSP: 002b:00007ff7f9131188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2519.142775] RAX: ffffffffffffffda RBX: 00007ff7fbccef60 RCX: 00007ff7fbbbbb19 [ 2519.144542] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2519.146223] RBP: 00007ff7f91311d0 R08: 0000000000000000 R09: 0000000000000000 [ 2519.148017] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2519.149691] R13: 00007ffd6f9efb5f R14: 00007ff7f9131300 R15: 0000000000022000 [ 2519.170990] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:53:58 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) socket$inet6_udp(0xa, 0x2, 0x0) syz_io_uring_setup(0x24, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000140)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000300)=@IORING_OP_SPLICE, 0x0) syz_io_uring_submit(r1, r5, &(0x7f00000000c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x3, 0x0, @fd_index=0x1, 0x1000, 0x0, 0x0, 0x4}, 0x7) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2519.191278] Module has invalid ELF structures 02:53:58 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40902, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:53:58 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 78) 02:53:58 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$SNAPSHOT_PREF_IMAGE_SIZE(0xffffffffffffffff, 0x3312, 0x8) r2 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x81403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000100), 0x8}, 0x4, 0x3, 0xfffffffc, 0x2, 0x3, 0x400, 0xfffe, 0x0, 0xfffffffc, 0x0, 0x8}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)={0x14, r4, 0x1}, 0x14}}, 0x0) sendfile(r3, r2, &(0x7f0000000440)=0x7, 0x6ee7) sendfile(0xffffffffffffffff, r3, &(0x7f0000000200)=0x6, 0x3) write$binfmt_elf64(r1, &(0x7f00000008c0)=ANY=[], 0x629) r5 = creat(&(0x7f0000000080)='./file0\x00', 0x0) pwrite64(r5, &(0x7f00000000c0)="04", 0x1, 0x3ff03) r6 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xffffffffffffffff}, 0x1000, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f00000000c0), 0x12) fsconfig$FSCONFIG_SET_PATH(0xffffffffffffffff, 0x3, &(0x7f0000000280)='[/\x00', &(0x7f0000000380)='./file0\x00', 0xffffffffffffff9c) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c00, 0x0) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000440)=ANY=[@ANYBLOB="010000000100000218000000010e3e301b372c5380f310e78820f93247d4a1b1c1ebf8ef8837f5df34b2e0cfedfe97f30171254920895edd8dd96a9fca8aa9c92b73bc5c8198e3c9db0e5c19a7ffbc5370a7e599c1dcb93ffb9f474fe0b2883ddbc2ca9aa583def7027508a659c7a049f587b1f85af7fd2b697544ea9e2c0471f15ea51ff02a45754a16ffd1b83774c38231ec49b313a7f71c2f3de5471a0494c7bb9e8d86c137cff9fa491353c64bf55789a7abe805837821af53de019f6fb520a1c216a551c9eb7c05d9b7de6dee27ef235be374fc802c45cde3b13362bd055bf6afedaeb3e99a94fb6a614cf2a035d766d7c65c7eef5836ce08677ef2790d407ed8dbed912b30e7b3a847", @ANYRES32=r6, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="4ec066696c653010"]) ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xff, 0x3, 0x12, 0x14, "89f5e098115db60136d1d378e45f29636f0a74d7fd2b954ac53340fa745e40721eec0c08b7d035177b2bf6830e4e381a21ec2040793bae1a3f3ff60b4feb9ee1", "bf1047a99b9c26db92c45dc422ff6a112317d290329812cbd09ae21835b7290d", [0x3, 0x8]}) sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000180)={&(0x7f0000000580)=ANY=[@ANYBLOB="70000003cd0822d7f46aded617f6f882e6000201010400000000000000000a0000061000058005b90000616d616e646100034000000800080002400000010008000240ff204e2a8c9d007964c255286d6cb213beff7fff080003400000000001100016400000004300000004fffffffb8d419438238fc6921703cee6e2181fce739f457f072e5b9de05e201583b779dc253dd3b4a73bf95c64c18dc9706ba0009d5ecbcb6caf5e1f5a11718c071d95bab2baddb330536c7ca75466db8423dbf300becc359b489098710421d4ce535e11f4e10fea720eb14cf27a25a128a35f0db98859485723cb5d024731f45bea14024837408fc6e1e45130e5a3ab9f8a925033e6c4e61900"/276], 0x70}, 0x1, 0x0, 0x0, 0x40045}, 0x0) sendfile(r1, r0, 0x0, 0xffffffff000) [ 2519.551502] FAULT_INJECTION: forcing a failure. [ 2519.551502] name failslab, interval 1, probability 0, space 0, times 0 [ 2519.554340] CPU: 1 PID: 12857 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2519.556108] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2519.557866] Call Trace: [ 2519.558426] dump_stack+0x107/0x167 [ 2519.559202] should_fail.cold+0x5/0xa [ 2519.560018] ? create_object.isra.0+0x3a/0xa20 [ 2519.560986] should_failslab+0x5/0x20 [ 2519.561788] kmem_cache_alloc+0x5b/0x310 [ 2519.562659] create_object.isra.0+0x3a/0xa20 [ 2519.563591] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2519.564668] kmem_cache_alloc_trace+0x151/0x320 [ 2519.565652] ? lock_downgrade+0x6d0/0x6d0 [ 2519.566537] __io_queue_sqe+0x666/0x9d0 [ 2519.567403] ? io_issue_sqe+0x77b0/0x77b0 [ 2519.568287] ? __fget_files+0x2f8/0x520 [ 2519.569134] ? io_prep_rw+0x7f5/0x1050 [ 2519.569971] io_submit_sqes+0x44aa/0x8610 [ 2519.570878] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2519.571941] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2519.572972] ? find_held_lock+0x2c/0x110 [ 2519.573835] ? io_submit_sqes+0x8610/0x8610 [ 2519.574758] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2519.575789] ? wait_for_completion_io+0x270/0x270 [ 2519.576813] ? rcu_read_lock_any_held+0x75/0xa0 [ 2519.577796] ? vfs_write+0x354/0xb10 [ 2519.578583] ? fput_many+0x2f/0x1a0 [ 2519.579376] ? ksys_write+0x1a9/0x260 [ 2519.580194] ? __ia32_sys_read+0xb0/0xb0 [ 2519.581053] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2519.582164] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2519.583250] do_syscall_64+0x33/0x40 [ 2519.584050] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2519.585134] RIP: 0033:0x7fc0e8027b19 [ 2519.585921] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2519.589816] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2519.591426] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2519.592923] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2519.594428] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2519.595940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2519.597445] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 [ 2519.636181] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 2519.775134] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 02:54:16 executing program 7: syz_open_procfs(0xffffffffffffffff, 0x0) r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x10000}, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f00000001c0)=""/137, 0x89}, {&(0x7f0000000380)=""/251, 0xfb}, {&(0x7f0000000480)=""/102, 0x66}], 0x3, 0x8, 0x6aa12b08) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r0, 0x8010671f, &(0x7f0000000340)={&(0x7f00000006c0)=""/216, 0xd8}) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x201, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, @perf_config_ext={0xfffffffffffffffc, 0x2}, 0x20b5, 0xffffffffffffffff, 0x3, 0x0, 0x0, 0x0, 0x8000}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) readv(r2, &(0x7f0000000780), 0x0) r3 = dup2(r2, r1) readv(0xffffffffffffffff, 0x0, 0x0) r4 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) ioctl$SG_IO(r4, 0x2285, &(0x7f0000000640)={0x53, 0xfffffffffffffffd, 0x0, 0x0, @buffer={0x0, 0x100c, &(0x7f0000001240)=""/4108}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = syz_io_uring_setup(0x5652, &(0x7f00000002c0)={0x0, 0xfffffffc, 0x20}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000140)) fchmodat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xa, 0x13, r5, 0x0) write$binfmt_elf64(r5, &(0x7f00000007c0)=ANY=[@ANYBLOB="bebacb55ee10d9b3a90897bca7b5bfbcc877ff91794d8acee52a13039b80e5e818908ffd6e700f444c7ffd8348030d98353d7625fd36a0f174683d566fd0231f6e", @ANYRESDEC, @ANYRES16=r5, @ANYRES16, @ANYRES32, @ANYRESDEC=r3, @ANYRESDEC=r4, @ANYRES32], 0xfffffffffffffe8a) dup2(0xffffffffffffffff, r1) ioctl$FS_IOC_FSSETXATTR(r3, 0x401c5820, &(0x7f0000000180)={0xa5, 0x9f, 0x4, 0xfffffbff, 0x54d}) r6 = socket$netlink(0x10, 0x3, 0xf) fsetxattr$trusted_overlay_upper(r1, &(0x7f0000000000), &(0x7f0000000580)=ANY=[@ANYBLOB="00fbb4009d3cc37b0800000000000000ef7e60193029ff4d19ffbf71951e6c1e42d14ecbb61b1d162a28ebce2ba6904b56fc4b5eb5bbb8fcd762cc26bf19fccbe268673a16952009fa463ecbdf6fab543c07698fdc14bd6a775651af33a3c751b89faa36a772d92d5b2faf26188791bb450aa11f00b001542711155e57330e731e5b42955e6a37fe387a8f56201abae27948226c5e779fec1d7cc6df0d9b39173374356d571ee41ca48209fb0e59056e7015eed1"], 0xb4, 0x0) sendmsg$nl_generic(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="2c0000001300274e00000000000000000000000004000000140800"/44], 0x2c}}, 0x0) 02:54:16 executing program 2: ioctl$TUNDETACHFILTER(0xffffffffffffffff, 0x401054d6, 0x0) r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) syz_io_uring_setup(0x55b4, &(0x7f00000000c0)={0x0, 0x1653, 0x0, 0x0, 0xc0}, &(0x7f0000ff6000/0xa000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f0000000180), &(0x7f0000000240)) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:54:16 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 79) 02:54:16 executing program 6: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) timer_settime(r0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) timer_gettime(r0, &(0x7f00000002c0)) timer_delete(r0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) clone3(&(0x7f0000000880)={0x20000, &(0x7f0000000640), &(0x7f00000003c0), &(0x7f0000000400), {0xd}, &(0x7f0000000700), 0x0, &(0x7f0000000740)=""/224, &(0x7f0000000840)=[0xffffffffffffffff], 0x1}, 0x58) fsetxattr$security_ima(0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000ac0)=ANY=[@ANYBLOB="040041b2042131d734a29ade8b0360792e8a53b0e02e668b3ca330f8b59aa7134170c5612d31161d11a6fbcd060200000024c5df091650478277b5405e62aba026eb436609209c45f379ded06400f18bcdde5eabc96bc52a72b288ef8e8d6c8201676b82e9ffc81985cabb4355c826bca259bd0dfd7397c81e880390f7118889a1b8f858430699a64f3107c5f47baebeaa56000000000000000029f7cfc5f87b6bb6d3c602f209a2aabeb298f08d65919ee41a214607c00774aa1c77e26391d2166fc59fc63a79db3192dfa1a84467ec07cb50e2ea1993a8bbbb1858e4422c6abd082b3754499174110315288ea4eff39a0f1406a6b9da003d50ec13a2a1633b83a0ac23914893e373000000e5f3dfd13672ea507188ac3799f84dc5feb7c30eccc2f8c3c6f6f390ed893e3df2d29efd9e3c471400a62cc65587d5ce2c4d723d2d02aa483147b430b361435e1f01dc5a3bf626957002a84006985e839e17639e0b607d5e50349af65f4f2bbd4d0346f1fdc1b2cffe4d20ca9404add59e86ba6adaaadf1d204882ab6c333951c4d1524ce9bcd4beaaa6b1d48329038ca4b24fdd5c7c0819d5c856a569abbe57c2c143709acff8b295c477a25e79eb3448c6a4e08a36402cd49229bd7f2832789d17c7e1e81a516f736faa5f78ca4ec4073f2b26e28f6edd1beb747919f888890f14b3fd7aec1f8bd4f3ae3327459786fb19842dae42aa95cb3f20619c51b098f0f13ca7a757b0cd23bdee854874363a11ff7b3784da3b78494040ab0e1c566c29cba52a7d0a20b11f98951e624b0cd5e1f2ee516bb3bdb0901fc92d53358c1562d539f040a9f920f052626b4dcc070663a9f2dcebbf0c233a2dc307975f5f48ee74d68a5b9b67b6b5f92cef18a93e656b15e3aca7031d9e2b7f139420b5f7dab41000"/665], 0x4, 0x1) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000100)=0x0) capset(&(0x7f0000000240)={0x20080522, r1}, &(0x7f0000000300)={0x800, 0x3, 0x7, 0xd7, 0x8000, 0x6}) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) timer_create(0x7, &(0x7f0000000180)={0x0, 0xe, 0x1, @tid=r2}, &(0x7f0000000340)=0x0) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYRES64=r3], 0x14}}, 0x0) ioctl$KDGKBMETA(0xffffffffffffffff, 0x4b62, &(0x7f00000000c0)) timer_create(0x5, &(0x7f00000005c0)={0x0, 0x0, 0x4}, &(0x7f0000000600)) clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) 02:54:16 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 60) 02:54:16 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40903, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:54:16 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 56) 02:54:16 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x3, 0x4077, 0x8000) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) recvmmsg(r2, &(0x7f0000002840)=[{{&(0x7f0000000300)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @ipv4={""/10, ""/2, @multicast2}}}}, 0x80, &(0x7f0000000000)=[{&(0x7f00000003c0)=""/153, 0x99}, {&(0x7f0000000480)=""/119, 0x77}], 0x2, &(0x7f0000000500)=""/153, 0x99}, 0xff}, {{&(0x7f00000005c0)=@l2tp6={0xa, 0x0, 0x0, @private1}, 0x80, &(0x7f0000000240)=[{&(0x7f0000000640)=""/210, 0xd2}, {&(0x7f0000000740)=""/218, 0xda}, {&(0x7f0000002a80)=""/80, 0x50}, {&(0x7f00000008c0)=""/249, 0xf9}], 0x4, &(0x7f00000009c0)=""/169, 0xa9}, 0xd2}, {{0x0, 0x0, &(0x7f0000000cc0)=[{&(0x7f0000000a80)=""/192, 0xc0}, {&(0x7f0000000b40)=""/156, 0x9c}, {&(0x7f0000000c00)=""/33, 0x21}, {&(0x7f0000000c40)=""/118, 0x76}], 0x4, &(0x7f0000000d00)=""/17, 0x11}, 0x4}, {{&(0x7f0000000d40)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, 0x80, &(0x7f0000001140)=[{&(0x7f0000000dc0)=""/220, 0xdc}, {&(0x7f0000000ec0)=""/203, 0xcb}, {&(0x7f0000000fc0)=""/83, 0x53}, {&(0x7f0000001040)=""/207, 0xcf}], 0x4, &(0x7f0000001180)=""/208, 0xd0}, 0x2db}, {{&(0x7f0000001280)=@rc={0x1f, @fixed}, 0x80, &(0x7f00000025c0)=[{&(0x7f0000001300)=""/165, 0xa5}, {&(0x7f00000013c0)=""/4096, 0x1000}, {&(0x7f00000023c0)=""/253, 0xfd}, {&(0x7f00000024c0)=""/43, 0x2b}, {&(0x7f0000002500)=""/156, 0x9c}], 0x5, &(0x7f0000002740)=""/209, 0xd1}, 0x8}], 0x5, 0x40000100, &(0x7f0000002640)) r4 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext, 0x0, 0xfffffffffffffffc, 0xf21}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)={0x28, 0x10, 0x1, 0x0, 0x0, {}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}, @nested={0xa, 0x0, 0x0, 0x1, [@generic="487fec864b24"]}]}, 0x28}}, 0x0) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000180)={{0x1, 0x1, 0x18, r5, {r4}}, './file0\x00'}) r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), r5) sendmsg$TIPC_NL_BEARER_GET(r6, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)={0x90, r7, 0x2, 0x70bd2c, 0x25dfdbff, {}, [@TIPC_NLA_SOCK={0x7c, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7ff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xdf00}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x40}]}, @TIPC_NLA_SOCK_CON={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x7}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x9}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x8}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x393}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x40}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4f}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x1ff}]}]}, 0x90}, 0x1, 0x0, 0x0, 0x8080}, 0x40090) sendmsg$TIPC_NL_PEER_REMOVE(r3, &(0x7f0000002a40)={&(0x7f0000002680), 0xc, &(0x7f00000026c0)={&(0x7f0000002b00)=ANY=[@ANYBLOB="9400801e00", @ANYRES16=r7, @ANYBLOB="000829bd7000fbdbdf2514000000580004800900010073797a31000000001c0007800800010018000000080001001300000008000400070000000900010073797a31000000000900010073797a30000000001300010062726f6164636173742d6c696e6b00000c00078008000200040000001c000980080002000000008008000100760000000800020001000000"], 0x94}, 0x1, 0x0, 0x0, 0x84842}, 0x50) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) [ 2538.128994] FAULT_INJECTION: forcing a failure. [ 2538.128994] name failslab, interval 1, probability 0, space 0, times 0 [ 2538.132129] CPU: 1 PID: 12874 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2538.133568] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2538.135481] Call Trace: [ 2538.136055] dump_stack+0x107/0x167 [ 2538.136265] FAULT_INJECTION: forcing a failure. [ 2538.136265] name failslab, interval 1, probability 0, space 0, times 0 [ 2538.136821] should_fail.cold+0x5/0xa [ 2538.136845] ? io_setup_async_rw+0x180/0x580 [ 2538.136869] should_failslab+0x5/0x20 [ 2538.136888] __kmalloc+0x72/0x390 [ 2538.136911] ? lock_downgrade+0x6d0/0x6d0 [ 2538.136937] io_setup_async_rw+0x180/0x580 [ 2538.144771] io_read+0xe98/0x11e0 [ 2538.145508] ? __lock_acquire+0x1657/0x5b00 [ 2538.146424] ? kiocb_done+0xc90/0xc90 [ 2538.147220] ? mark_lock+0xf5/0x2df0 [ 2538.148027] ? lock_chain_count+0x20/0x20 [ 2538.148949] ? __lock_acquire+0xbb1/0x5b00 [ 2538.149842] io_issue_sqe+0x2e8a/0x77b0 [ 2538.150678] ? find_held_lock+0x2c/0x110 [ 2538.151530] ? perf_trace_lock+0xac/0x490 [ 2538.152407] ? SOFTIRQ_verbose+0x10/0x10 [ 2538.153257] ? __io_arm_poll_handler+0x59b/0x9e0 [ 2538.154252] ? io_connect+0x610/0x610 [ 2538.155059] ? lock_acquire+0x197/0x470 [ 2538.155899] ? find_held_lock+0x2c/0x110 [ 2538.156760] ? __fget_files+0x2cf/0x520 [ 2538.157590] ? lock_downgrade+0x6d0/0x6d0 [ 2538.158464] __io_queue_sqe+0x90/0x9d0 [ 2538.159290] ? io_issue_sqe+0x77b0/0x77b0 [ 2538.160177] ? __fget_files+0x2f8/0x520 [ 2538.161019] ? io_prep_rw+0x7f5/0x1050 [ 2538.161846] io_submit_sqes+0x44aa/0x8610 [ 2538.162755] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2538.163807] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2538.164817] ? find_held_lock+0x2c/0x110 [ 2538.165672] ? io_submit_sqes+0x8610/0x8610 [ 2538.166592] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2538.167617] ? wait_for_completion_io+0x270/0x270 [ 2538.168633] ? rcu_read_lock_any_held+0x75/0xa0 [ 2538.169722] ? vfs_write+0x354/0xb10 [ 2538.170662] ? fput_many+0x2f/0x1a0 [ 2538.171502] ? ksys_write+0x1a9/0x260 [ 2538.172392] ? __ia32_sys_read+0xb0/0xb0 [ 2538.173267] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2538.174413] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2538.175587] do_syscall_64+0x33/0x40 [ 2538.176423] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2538.177567] RIP: 0033:0x7fc0e8027b19 [ 2538.178393] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2538.182486] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2538.184388] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2538.185885] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2538.187399] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2538.188937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2538.190440] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 [ 2538.192035] CPU: 0 PID: 12872 Comm: syz-executor.3 Not tainted 5.10.234 #1 [ 2538.193815] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2538.195838] Call Trace: [ 2538.196551] dump_stack+0x107/0x167 [ 2538.197524] should_fail.cold+0x5/0xa [ 2538.198555] ? create_object.isra.0+0x3a/0xa20 [ 2538.199803] should_failslab+0x5/0x20 [ 2538.200831] kmem_cache_alloc+0x5b/0x310 [ 2538.201944] create_object.isra.0+0x3a/0xa20 [ 2538.203131] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2538.204533] __kmalloc+0x16e/0x390 [ 2538.205490] ? lock_downgrade+0x6d0/0x6d0 [ 2538.206636] io_setup_async_rw+0x180/0x580 [ 2538.207776] io_read+0xe98/0x11e0 [ 2538.208578] ? __lock_acquire+0x1657/0x5b00 [ 2538.209606] ? kiocb_done+0xc90/0xc90 [ 2538.210491] ? mark_lock+0xf5/0x2df0 [ 2538.211389] ? lock_chain_count+0x20/0x20 [ 2538.212430] ? __lock_acquire+0xbb1/0x5b00 [ 2538.213442] io_issue_sqe+0x2e8a/0x77b0 [ 2538.214363] ? find_held_lock+0x2c/0x110 [ 2538.215330] ? perf_trace_lock+0xac/0x490 [ 2538.216314] ? SOFTIRQ_verbose+0x10/0x10 [ 2538.217264] ? __io_arm_poll_handler+0x59b/0x9e0 [ 2538.218364] ? io_connect+0x610/0x610 [ 2538.219286] ? lock_acquire+0x197/0x470 [ 2538.220231] ? find_held_lock+0x2c/0x110 [ 2538.221194] ? __fget_files+0x2cf/0x520 [ 2538.222132] ? lock_downgrade+0x6d0/0x6d0 [ 2538.223112] __io_queue_sqe+0x90/0x9d0 [ 2538.224055] ? io_issue_sqe+0x77b0/0x77b0 [ 2538.225019] ? __fget_files+0x2f8/0x520 [ 2538.225951] ? io_prep_rw+0x7f5/0x1050 [ 2538.226893] io_submit_sqes+0x44aa/0x8610 [ 2538.227925] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2538.229110] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2538.230235] ? find_held_lock+0x2c/0x110 [ 2538.231207] ? io_submit_sqes+0x8610/0x8610 [ 2538.232253] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2538.233410] ? wait_for_completion_io+0x270/0x270 [ 2538.234517] ? rcu_read_lock_any_held+0x75/0xa0 [ 2538.235649] ? vfs_write+0x354/0xb10 [ 2538.236521] ? fput_many+0x2f/0x1a0 [ 2538.237388] ? ksys_write+0x1a9/0x260 [ 2538.238259] ? __ia32_sys_read+0xb0/0xb0 [ 2538.239211] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2538.240455] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2538.241669] do_syscall_64+0x33/0x40 [ 2538.242522] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2538.243765] RIP: 0033:0x7f6d2ff1eb19 [ 2538.244641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2538.249038] RSP: 002b:00007f6d2d494188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2538.250786] RAX: ffffffffffffffda RBX: 00007f6d30031f60 RCX: 00007f6d2ff1eb19 [ 2538.252616] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2538.254293] RBP: 00007f6d2d4941d0 R08: 0000000000000000 R09: 0000000000000000 [ 2538.256006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2538.257688] R13: 00007fffd21e992f R14: 00007f6d2d494300 R15: 0000000000022000 [ 2538.282468] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2538.287987] loop5: detected capacity change from 0 to 264192 [ 2538.325131] FAULT_INJECTION: forcing a failure. [ 2538.325131] name failslab, interval 1, probability 0, space 0, times 0 [ 2538.328511] CPU: 1 PID: 12882 Comm: syz-executor.0 Not tainted 5.10.234 #1 [ 2538.329999] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2538.331763] Call Trace: [ 2538.332326] dump_stack+0x107/0x167 [ 2538.333104] should_fail.cold+0x5/0xa [ 2538.333926] ? create_object.isra.0+0x3a/0xa20 [ 2538.334902] should_failslab+0x5/0x20 [ 2538.335717] kmem_cache_alloc+0x5b/0x310 [ 2538.336579] create_object.isra.0+0x3a/0xa20 [ 2538.337518] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2538.338672] kmem_cache_alloc_trace+0x151/0x320 [ 2538.339662] ? lock_downgrade+0x6d0/0x6d0 [ 2538.340546] __io_queue_sqe+0x666/0x9d0 [ 2538.341403] ? io_issue_sqe+0x77b0/0x77b0 [ 2538.342279] ? __fget_files+0x2f8/0x520 [ 2538.343129] ? io_prep_rw+0x7f5/0x1050 [ 2538.343971] io_submit_sqes+0x44aa/0x8610 [ 2538.344892] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2538.345945] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2538.346967] ? find_held_lock+0x2c/0x110 [ 2538.347840] ? io_submit_sqes+0x8610/0x8610 [ 2538.348770] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2538.349792] ? wait_for_completion_io+0x270/0x270 [ 2538.350804] ? rcu_read_lock_any_held+0x75/0xa0 [ 2538.351792] ? vfs_write+0x354/0xb10 [ 2538.352581] ? fput_many+0x2f/0x1a0 [ 2538.353340] ? ksys_write+0x1a9/0x260 [ 2538.354154] ? __ia32_sys_read+0xb0/0xb0 [ 2538.355010] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2538.356124] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2538.357234] do_syscall_64+0x33/0x40 [ 2538.358021] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2538.359111] RIP: 0033:0x7ff7fbbbbb19 [ 2538.359910] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2538.363772] RSP: 002b:00007ff7f9131188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2538.365387] RAX: ffffffffffffffda RBX: 00007ff7fbccef60 RCX: 00007ff7fbbbbb19 [ 2538.366872] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2538.368400] RBP: 00007ff7f91311d0 R08: 0000000000000000 R09: 0000000000000000 [ 2538.369898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2538.371392] R13: 00007ffd6f9efb5f R14: 00007ff7f9131300 R15: 0000000000022000 [ 2538.375966] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2538.409971] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2538.439839] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:54:17 executing program 7: ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000140)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x5}}, './file1\x00'}) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000180)=0x50985040) r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x622042, 0x17e) write$binfmt_elf64(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="7f452080000000170000000000000000523e3e000000000000000000200010b6890f0135fb70000000000000000e178fdfa549000000380003000000000000000301000bca3c0297cc5c2043e1ddcb242e2799000000ff00000000b668a6b6a19d71c534c52f74578cfd81ab3f04"], 0xaf2) close(r1) creat(&(0x7f00000000c0)='./file1\x00', 0xc0) execveat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0, 0x0) 02:54:17 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = open(&(0x7f0000000140)='./file1\x00', 0x100, 0x38) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r2, 0x54a2) r3 = open(&(0x7f0000000100)='./cgroup/cgroup.procs\x00', 0x141000, 0x80) fstatfs(0xffffffffffffffff, &(0x7f00000003c0)=""/79) r4 = fsmount(r2, 0x0, 0x74) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r3, 0xc0189375, &(0x7f0000000300)=ANY=[@ANYBLOB="010000000100000000000000", @ANYRES32=r4, @ANYBLOB="00000000000000004c2f729dd7730025"]) getsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f00000004c0)={{{@in, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@loopback}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) fallocate(r1, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:54:17 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40a00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:54:17 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0)={0x0, 0x3262}, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10072, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x501}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:54:17 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 57) 02:54:17 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000de087468d181071936730000dddf"], 0x14}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000580)={'wlan1\x00'}) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_START_NAN(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000480)={&(0x7f0000000400)={0x70, 0x0, 0x4, 0x70bd2c, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r0}, @val={0xc, 0x99, {0xa6d, 0x46}}}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x8}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x3f}, @NL80211_ATTR_BANDS={0x8, 0xef, 0xc}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x4}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x9}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x3}, @NL80211_ATTR_BANDS={0x8, 0xef, 0xc}, @NL80211_ATTR_BANDS={0x8, 0xef, 0x6}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x1f}]}, 0x70}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000000) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000300)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='configfs\x00', 0x0, 0x0) r2 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) getdents(r2, &(0x7f0000001180)=""/4091, 0x18) io_uring_setup(0x317f, &(0x7f00000001c0)={0x0, 0x0, 0x29, 0x1, 0x80161}) signalfd(r1, &(0x7f0000000100), 0x8) r3 = socket$inet(0x2, 0xa, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x100000001}, 0x40000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$sock_inet_SIOCGIFNETMASK(r3, 0x8914, &(0x7f00000001c0)={'veth0_vlan\x00', {0x2, 0x0, @empty}}) r4 = clone3(&(0x7f0000001200)={0x88318d00, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) syz_open_procfs(r4, &(0x7f00000000c0)='net/ip_vs_stats\x00') r5 = creat(&(0x7f0000000000)='./file0\x00', 0x0) fallocate(r5, 0x8, 0x0, 0x8000) perf_event_open(&(0x7f0000000080)={0x4, 0x80, 0x7, 0x8, 0x0, 0xc5, 0x0, 0x1, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x5, 0x4, @perf_config_ext={0x8, 0xaf6}, 0x0, 0x1, 0xc399, 0x5, 0x8001, 0x3, 0xf99, 0x0, 0x8, 0x0, 0x3}, r4, 0xd, r5, 0x8) [ 2538.746484] loop5: detected capacity change from 0 to 264704 [ 2538.788947] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem 02:54:17 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 80) [ 2538.801274] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2538.806056] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:54:17 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x101}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x1}, 0x1c) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}}, 0x1c) setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000040), 0x4) setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000140), 0x4) setsockopt$inet6_udp_int(r0, 0x11, 0x1, &(0x7f0000000000)=0x8, 0x4) ioctl$sock_SIOCGSKNS(r0, 0x894c, &(0x7f0000000100)=0x200) sendmmsg$inet6(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000080)='K', 0x1}], 0x1}}], 0x7ffff000, 0x0) [ 2538.921663] FAULT_INJECTION: forcing a failure. [ 2538.921663] name failslab, interval 1, probability 0, space 0, times 0 [ 2538.924551] CPU: 1 PID: 12910 Comm: syz-executor.3 Not tainted 5.10.234 #1 [ 2538.926130] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2538.927910] Call Trace: [ 2538.928476] dump_stack+0x107/0x167 [ 2538.929263] should_fail.cold+0x5/0xa [ 2538.930078] ? create_object.isra.0+0x3a/0xa20 [ 2538.931056] should_failslab+0x5/0x20 [ 2538.931878] kmem_cache_alloc+0x5b/0x310 [ 2538.932759] create_object.isra.0+0x3a/0xa20 [ 2538.933692] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2538.934781] kmem_cache_alloc_trace+0x151/0x320 [ 2538.935770] ? lock_downgrade+0x6d0/0x6d0 [ 2538.936660] __io_queue_sqe+0x666/0x9d0 [ 2538.937512] ? io_issue_sqe+0x77b0/0x77b0 [ 2538.938402] ? __fget_files+0x2f8/0x520 [ 2538.938541] FAULT_INJECTION: forcing a failure. [ 2538.938541] name failslab, interval 1, probability 0, space 0, times 0 [ 2538.939247] ? io_prep_rw+0x7f5/0x1050 [ 2538.939279] io_submit_sqes+0x44aa/0x8610 [ 2538.939341] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2538.939361] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2538.939387] ? find_held_lock+0x2c/0x110 [ 2538.939416] ? io_submit_sqes+0x8610/0x8610 [ 2538.947445] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2538.948494] ? wait_for_completion_io+0x270/0x270 [ 2538.949521] ? rcu_read_lock_any_held+0x75/0xa0 [ 2538.950507] ? vfs_write+0x354/0xb10 [ 2538.951303] ? fput_many+0x2f/0x1a0 [ 2538.952095] ? ksys_write+0x1a9/0x260 [ 2538.952905] ? __ia32_sys_read+0xb0/0xb0 [ 2538.953767] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2538.954878] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2538.955990] do_syscall_64+0x33/0x40 [ 2538.956778] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2538.957872] RIP: 0033:0x7f6d2ff1eb19 [ 2538.958654] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2538.962554] RSP: 002b:00007f6d2d494188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2538.964174] RAX: ffffffffffffffda RBX: 00007f6d30031f60 RCX: 00007f6d2ff1eb19 [ 2538.965676] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2538.967203] RBP: 00007f6d2d4941d0 R08: 0000000000000000 R09: 0000000000000000 [ 2538.968726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2538.970248] R13: 00007fffd21e992f R14: 00007f6d2d494300 R15: 0000000000022000 [ 2538.971831] CPU: 0 PID: 12912 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2538.973441] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2538.975356] Call Trace: [ 2538.976148] dump_stack+0x107/0x167 [ 2538.976998] should_fail.cold+0x5/0xa [ 2538.977885] ? io_setup_async_rw+0x180/0x580 [ 2538.978900] should_failslab+0x5/0x20 [ 2538.979800] __kmalloc+0x72/0x390 [ 2538.980598] ? lock_downgrade+0x6d0/0x6d0 [ 2538.981559] io_setup_async_rw+0x180/0x580 [ 2538.982527] io_read+0xe98/0x11e0 [ 2538.983348] ? __lock_acquire+0x1657/0x5b00 [ 2538.984362] ? kiocb_done+0xc90/0xc90 [ 2538.985242] ? mark_lock+0xf5/0x2df0 [ 2538.986124] ? lock_chain_count+0x20/0x20 [ 2538.987114] ? __lock_acquire+0xbb1/0x5b00 [ 2538.988112] io_issue_sqe+0x2e8a/0x77b0 [ 2538.989032] ? find_held_lock+0x2c/0x110 [ 2538.989975] ? perf_trace_lock+0xac/0x490 [ 2538.990927] ? SOFTIRQ_verbose+0x10/0x10 [ 2538.991861] ? __io_arm_poll_handler+0x59b/0x9e0 [ 2538.992948] ? io_connect+0x610/0x610 [ 2538.993820] ? lock_acquire+0x197/0x470 [ 2538.994720] ? find_held_lock+0x2c/0x110 [ 2538.995663] ? __fget_files+0x2cf/0x520 [ 2538.996568] ? lock_downgrade+0x6d0/0x6d0 [ 2538.997515] __io_queue_sqe+0x90/0x9d0 [ 2538.998408] ? io_issue_sqe+0x77b0/0x77b0 [ 2538.999344] ? __fget_files+0x2f8/0x520 [ 2539.000261] ? io_prep_rw+0x7f5/0x1050 [ 2539.001149] io_submit_sqes+0x44aa/0x8610 [ 2539.002130] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2539.003266] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2539.004373] ? find_held_lock+0x2c/0x110 [ 2539.005305] ? io_submit_sqes+0x8610/0x8610 [ 2539.006298] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2539.007407] ? wait_for_completion_io+0x270/0x270 [ 2539.008602] ? rcu_read_lock_any_held+0x75/0xa0 [ 2539.009663] ? vfs_write+0x354/0xb10 [ 2539.010509] ? fput_many+0x2f/0x1a0 [ 2539.011346] ? ksys_write+0x1a9/0x260 [ 2539.012226] ? __ia32_sys_read+0xb0/0xb0 [ 2539.013167] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2539.014368] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2539.015551] do_syscall_64+0x33/0x40 [ 2539.016410] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2539.017575] RIP: 0033:0x7fc0e8027b19 [ 2539.018422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2539.022621] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2539.024354] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2539.025973] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2539.027630] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2539.029278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2539.030917] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 02:54:18 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 61) 02:54:18 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x4, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x1f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) statx(0xffffffffffffffff, &(0x7f0000000180)='./file1\x00', 0x100, 0x8, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchownat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', r2, r3, 0x1000) statx(0xffffffffffffffff, &(0x7f0000000180)='./file1\x00', 0x100, 0x8, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchownat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', r4, r5, 0x1000) mount$9p_tcp(&(0x7f0000000000), &(0x7f0000000240)='./file1\x00', &(0x7f0000000300), 0x400000, &(0x7f00000003c0)={'trans=tcp,', {'port', 0x3d, 0x4e23}, 0x2c, {[{@cachetag={'cachetag', 0x3d, '#!'}}, {@cache_loose}, {@nodevmap}, {@cache_mmap}, {@access_uid={'access', 0x3d, r2}}, {@access_uid={'access', 0x3d, 0xee01}}, {@loose}, {@access_uid={'access', 0x3d, r4}}, {@access_any}], [{@subj_role={'subj_role', 0x3d, '/proc/stat\x00'}}]}}) 02:54:18 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40a01, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) [ 2539.310385] FAULT_INJECTION: forcing a failure. [ 2539.310385] name failslab, interval 1, probability 0, space 0, times 0 [ 2539.312948] CPU: 1 PID: 12925 Comm: syz-executor.0 Not tainted 5.10.234 #1 [ 2539.314355] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2539.316055] Call Trace: [ 2539.316591] dump_stack+0x107/0x167 [ 2539.317336] should_fail.cold+0x5/0xa [ 2539.318108] ? create_object.isra.0+0x3a/0xa20 [ 2539.319036] should_failslab+0x5/0x20 [ 2539.319810] kmem_cache_alloc+0x5b/0x310 [ 2539.320637] create_object.isra.0+0x3a/0xa20 [ 2539.321518] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2539.322551] __kmalloc+0x16e/0x390 [ 2539.323271] ? lock_downgrade+0x6d0/0x6d0 [ 2539.324121] io_setup_async_rw+0x180/0x580 [ 2539.324981] io_read+0xe98/0x11e0 [ 2539.325686] ? __lock_acquire+0x1657/0x5b00 [ 2539.326578] ? kiocb_done+0xc90/0xc90 [ 2539.327344] ? mark_lock+0xf5/0x2df0 [ 2539.328113] ? lock_chain_count+0x20/0x20 [ 2539.328992] ? __lock_acquire+0xbb1/0x5b00 [ 2539.329847] io_issue_sqe+0x2e8a/0x77b0 [ 2539.330633] ? find_held_lock+0x2c/0x110 [ 2539.331440] ? perf_trace_lock+0xac/0x490 [ 2539.332279] ? SOFTIRQ_verbose+0x10/0x10 [ 2539.333092] ? __io_arm_poll_handler+0x59b/0x9e0 [ 2539.334049] ? io_connect+0x610/0x610 [ 2539.334833] ? lock_acquire+0x197/0x470 [ 2539.335640] ? find_held_lock+0x2c/0x110 [ 2539.336472] ? __fget_files+0x2cf/0x520 [ 2539.337265] ? lock_downgrade+0x6d0/0x6d0 [ 2539.338092] __io_queue_sqe+0x90/0x9d0 [ 2539.338874] ? io_issue_sqe+0x77b0/0x77b0 [ 2539.339705] ? __fget_files+0x2f8/0x520 [ 2539.340503] ? io_prep_rw+0x7f5/0x1050 [ 2539.341287] io_submit_sqes+0x44aa/0x8610 [ 2539.342148] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2539.343136] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2539.344105] ? find_held_lock+0x2c/0x110 [ 2539.344924] ? io_submit_sqes+0x8610/0x8610 [ 2539.345792] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2539.346756] ? wait_for_completion_io+0x270/0x270 [ 2539.347726] ? rcu_read_lock_any_held+0x75/0xa0 [ 2539.348651] ? vfs_write+0x354/0xb10 [ 2539.349404] ? fput_many+0x2f/0x1a0 [ 2539.350128] ? ksys_write+0x1a9/0x260 [ 2539.350886] ? __ia32_sys_read+0xb0/0xb0 [ 2539.351714] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2539.352764] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2539.353788] do_syscall_64+0x33/0x40 [ 2539.354525] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2539.355538] RIP: 0033:0x7ff7fbbbbb19 [ 2539.356283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2539.359938] RSP: 002b:00007ff7f9131188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2539.361450] RAX: ffffffffffffffda RBX: 00007ff7fbccef60 RCX: 00007ff7fbbbbb19 [ 2539.362850] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2539.364257] RBP: 00007ff7f91311d0 R08: 0000000000000000 R09: 0000000000000000 [ 2539.365663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2539.367084] R13: 00007ffd6f9efb5f R14: 00007ff7f9131300 R15: 0000000000022000 02:54:37 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 58) 02:54:37 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 62) 02:54:37 executing program 7: sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, 0x0, 0x8001) ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, 0x0) r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000040)=0x0) perf_event_open(&(0x7f0000000140)={0x1, 0x80, 0x8, 0x98, 0x80, 0x0, 0x0, 0x4, 0x25, 0x8, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x4d, 0x0, @perf_bp={&(0x7f0000000000), 0x4}, 0x4400, 0xd136, 0x70da4882, 0x8, 0x7, 0x5722572c, 0xdc0, 0x0, 0x2, 0x0, 0x5}, r1, 0x1f, 0xffffffffffffffff, 0x3) getsockopt$EBT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x50, 0x0, &(0x7f0000000040)) ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000001540)={0x0, {0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0x4e23, @local}, {0x2, 0x2, @multicast1}, 0x204, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)='batadv_slave_0\x00', 0x2, 0x1, 0xfe}) setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x26, &(0x7f0000000380)={@local, @multicast1, @dev={0xac, 0x14, 0x14, 0x14}}, 0xc) r2 = dup(0xffffffffffffffff) ioctl$VT_OPENQRY(r0, 0x5600, &(0x7f00000001c0)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0xf042}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f00000000c0)) openat(r2, &(0x7f0000000080)='./file1\x00', 0xc000, 0x0) 02:54:37 executing program 2: r0 = syz_io_uring_setup(0x4dad, &(0x7f00000002c0)={0x0, 0x0, 0x1}, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000640)=0x0, &(0x7f00000000c0)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r0, 0x8010671f, &(0x7f0000000440)={&(0x7f0000000340)=""/203, 0xcb}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000480)='./file0\x00', 0x3, 0x8, &(0x7f0000001ac0)=[{&(0x7f0000000540)="83e7992f64825892655222596781585ea36f39529c39d46fd597719d3e92720612d16f19680c2a2ab9fc6127c808a5af0c65367fb5b9729f52bf7d748918e66a54b94475dc7dbb021163acd21387230b643fa3e7ff496b8cd89129b53ed1714a9e7cc4dfc952c24c6e320a542e7613f9deb31f7e800485ac4aad164dc67a3da23b09bf98ca9d8b9470aae475ce49fafe0e9736da5217a435e9999456d777fe66b1", 0xa1, 0x3a4}, {&(0x7f0000000680)="6633fc14bd56d20952b7d8dbdc914cc58ecc91361a831b285031519cc3797db0cc41bb0ccf42a3cc3fc2d91783fdaded87aafe235e3e7c0597bd28595cd2e42cb7c6acee82dc541b186e378bb2b01b25056b584b15ab8b36706f6719382b7e1a6da73ff12fbca6bd9c9cc098ab71344dd994", 0x72, 0x40}, {&(0x7f0000000700)="2248744ab9aeb74bf9b3fdec163c0a66aa844c100f8db2ff20974cc2d9ed8d00b4ab689bcd5c3f0cb191c324fa419abc2a609a37eceeb1f82c3d0e26fd03b5eb207e25684c2c9ea7cf1ae353a12edfeb89a607ccd7b2a17b909c2b0e72645766e8aa6159c87d1aebfd664140d56b3e8a0abe07eab5779ab630c2743f9c741131605e9403f8dc37f7401b622ec949ee2bf5856b216e8790450524563b9fc6909a39bdcf9db5fa101aa86b403838ce5cb0b0be524fad92155863a63b858919c36153a62c3184bd2ce2129db99dc3eeefd2ea88036957a64b49c1b20a9b175da140238908b6e9e2d03da7d12318792aba9140c2ea2d066b9913e14a945ee9c2ced2a1ffd59eb58f686d09c139868316091557de6e7dfbd25c8ab68343bf84c94e5ff7eceb4459571705e684813a3ce951f7cdc8cd7635e9883bad35785d535ec4f34e8fb2bd9154700a57cfad4879993d8a5bf51596068bbf11ade1ec526c093b0a1643a269f4a0ba472a9d01628d281ec9053b69dece52960156511f85b6b2e8fa8d1c21b4bdc9febec1950217269bbe7dbd38efbeb836aea842df98260d939bb17763b876769dfda33ee4d775ba20ca1547836be5eb7c744dbce47400d0026ce845206936c57bdb1057713e725fdb3167973c40c1885b352a49c32db55d97382119d2c675cf8aa26007188414eece357d1cb4d5cd44b57407582aec4c69aa7b5655b9409af94727a5e224ee619eac9ce5559fadc325608e8ccc483d3f1e413e627129c29a34c17f4a0c93d85fd7f300da11a8071149c4b0621b920fb7abac506b30f946e8e3dd29796b6adc35faf01f5c9ec0c40097266b39c01974d913c4725fd3cf3fcf44bdd7b8c4abce038f7770e58f6253b2f6a69fdade765fdb4f1b29d2756ed6363a0d5f47931a751ac6506e135a28530ea36fc12bfcd0bb001bdc86defbe3a13cea57de7dc326323955ed7e25577e30902818188e3f6af24ada1186b3c0a8dd3362056772b3fd25496b0f8d76a74c0b1eae60320bd2cbb0dae7710c91c62c40399ebf537646abf1f6fe4cc22da785f434fd60cfa8845d5324da7e696f3aec528bc854d01d729963251ac55b2b15a808ed2d0fa08a4b1da9777a610eef8c82d131805242a02986e6012d0d1329eb75931941800a40fd172eefbc793324631a5ef1f41a0257343fab88e1653e912d1b264d537df00bc4ffc9c6f8c8c2c15c745e7a90ff9475fafa9ff8f01cd9c93e414c3aa2a0488e3b076a52ccded667d27aa6ad090eac865e5fb19cc4a113f69a42e50c20c3490c7d0b77c9798b44bda30de5e563137918faaa1835995966e1d41179a7c7a9698b5faf789f4290f79568f9e82430e35f422c41cd8073f8db8bef2987ab86f907bdc3d382dbfc530a1b92c901c9e7ad1ef3a0d5e3d776a5efcac9b6eaf9704c689655dfd1ff8a9afd3a915ffb6ad1fb040e8c5cd20e44a494b0f2a5d13d073da28c02e799342786aea04c7edfce68081ff7fc898f0953abc9a52ccc43598db67d8b64573b4498662e2cfcb1eb63a3e3e01158812b1cbdf2f650d939e7a3a769215a81218b14335dbc934a6db620947a22d22fb261677294ae1860093784da1e8b60bd3839bd392e7f4bf300dc81fc21eb552113664145cdb8e80fda8bf071b971c8196e175d49150d44efe02bc9e9493db4775a4171b999e7e37d670e7c0bce4d39316f832bf90cb83ab114e1bd659f622d372db20817b37686f7bcacdecbd0bd3eb98c1c1c9c9cca50fac660c2b9e5409ad739ee492c6b676443e6d7a438a8d81bc35cd5ffb3fd84eaae6af2d5504eca2cbc881826ec08bf54b9c1f02482ea8a43787fa7ad1fca585458cfd934436faf568928300444b5fd55ed579c8d2e9a14f2c2ad64777b603d90d26d06e219e02cc336564e3a905b94d6b1f0e6e8c3728b656eaca5069b2662303c2bc4b0f8778693f3e546a5da8e89d13c535be32f35056ef0d929dcc980843a9a323ab8d61cbeb5e6a43967cb4d586bc0861a1d010662e86c500223ba79f11b026ecb800a7410a507c4f7f9c287a63b5f152d7e46da5501b44020393a7c5a4457dce19f7ca0444733d1677348d3d6f67cfd4f835ead2d9e35a17f7fe6ed1a49019d69b5ec78561c9d6b29e1beb0936593e0d2808502f2bea64f0267d471280a7229cc3bb8b1c1d3c5dc926f5819de59fb2712ba7fb9d929db35285bb7e49e274ea1e62007e22db68545ff1aa5fb56477ee07b602d4a2c732a0b042d584ed1901eee21843a4d8eb5c7a684da1c6a2a0646bc66762e817782a20755d8d48e952536ad5bb8e3c78118c241bae9ab30d754d60e69cced9a03897a8c1a6e2c882ed5501b21c3ec4f2c01f880e27c889226b107de8bc76e53a7220d22e8d2cdf979551dace9bd01e218bb6a986dc016b1cacb55ea1172e92cce92c692d82a567f1bf0a81635c2f969ac84b315a892cee894bb4d8f60bbbd080002806d8fa1a2c81fcaf7587f4ba54a034fb29ce3c54c9ed52a238d8edb6e5d406f8ab5c872f6cbf48245bea9bbcac3b76a18e7c1bb00bc55a67280a6d80a05ebf34248078b7b1054906ddde57859e1e710568e3d3f0e2e6a95e4fa80b1f0c520e642a1629cb7704c500ddfa234456ee504ac18553198bfb31477f693592d136852129ca537d7a055d9713991b7c4f9ae340abb2e42e193e34ee626d1dda26d0bf99769eedab303853024af43ac3b9cf18cb1ab915e2329dd1b2deda8505e0041efae5cf75edcc522f81e0dc0a4a89b17de795b5c792d61d02b450494ad308d4787680f9e09e778e107f6199a09ea70bfc2780d38b2b8df51584304f965f7ffd89d5ddcf2711353222eed874837d87cbee7a6bad45aeefb34e050117680520833709fb5c09e3f3dbad899ee0d984f7f03473482ae8bfa9c065498733df0951fc46baa3821fb375b00ad83541f22784e4d1fc4aabc505f5107d08dbd604426867f1db2d60d242c29776b334db06d2a47e1be526b82214c4ad5df30e0602837382d8b54ae7f29a2c1ca253e43314c0beee62e2ea40bfd51b6f9510083f311719e228a693217e6267fbb32f0cc46d9c0d024903f978494d60a4a0310a00f71f7680f1b98b5d8eaadf5bafb0a4e71e39eedb50895323714c907cc69b58483ef261f1dbae5ce333108c28606d9a0bc7774b1a509c823f94a39becdb81560e587a4edf93a4f927b643be7b4a17365c7e5b42400d11e40597b043a042a0d794eb78b809fcb098f8ca2546850518c3acf77626ac39d080d75d64f09080fc2aa61f6c41e12cada0cac040a168daf6ace36375a42a4778152cbf0e3cc164d3ce30fdd2a7950ce8c544b5f187e1bff290c08068e29d532b9959c59c202549bf9c1291fcb6ab76c731ade79ec40cd1b9dda9b2aebeea24672156a80e6f7673da6e41c3b51f6e129773630870ea546672ee6fb4df258af7918a772251491159f2d707e379ee0b76632a2333b04225b58e2b3d455dfdc6cbc33ede671a9600931f19da79ef7063fc8a53b6a0fb51ee03da2473b48e8d4532775141015c4eb116d2cab7e5fe580ab3c73b7fead4dbeeff167590c2124957aabe6e0f19f8e1803e28e1bb526e5f513af2d159f354027332237cd1df652a25e18266608ba032494965520e80004aaf12cada7165d4f3110ff295cb44b6684e08ad712bf65e45c6ed0b364332e3632e0025473c4df4306fb04d5851be85ae860f78861ae395a4c5f6c109f8d5b0ec19975e77934db977ddaed89065a789eceb2ebee21a5d816f395658fdbca314aaf594d7f9410a2dbe7a4ea91c60694899f16a6d333878fd81676d4258f2a22d47275615026cc9e4f8cfd48eddddda87e809f09d2b5c37f86da018c3842db0c8d0d68c16bb31789327486487523e9b38cdd356e6cb138bbc6af6fe1c19658ade60b5fbd5a8cfb37947f1e013973843f2f0910ebd4f74cd4b798c2ff9277ca038934b01261bfca9e9449140d3000ff53139bfea9e16529683d0c90e9a7bbbd44156f5d44e75a97117d8a2a6d3712985db2aab4ba4fa6f14f1c1ce9265f0ee4583960bf2f1d5277fa4c99fde2367b49e8523603fe42aeeec8194731087d233ca668f9b46a86150303a2ab9eeba7df17f0c5d25fa2825d5083e5a08c9c97ebfd1f96b1988cf89b26b0efa3a30033c5122474ee27da9f4a84f46ff235e1cea1a3310dda6da3fa1f929f0ef4159fe12e95b94baaa42ff7ec808ea1a327f60a16fca81336ed1323b02eb0c053f59f66d46dc6fb3053dbd6d633fd819ab12d2c915e3ba96e07aca49c3847610d169dc7bde44b0595847865ccb210c8a91f4b72b7aa231fe670428d073350f612f1a5b266ccaae0f6f0e400483074ff9e7a06abd79ef65a5263a3e44c74df861e493330e203a6196997d358f86f5bfc8ef75718b5727edd5de727724d543f0e0b0e517f6c2f08edb30ca6100ef20513507b8cfeeba22fdd65e53114e1e42ff04c6a68d69b198f49c612dad08fcf07283641f40c8fe01c9bb7fe0c4999ba9fb5f69fb5f94c3664a4773c709eb7000b0c5e74576467f3485755f07c4e6429c7fb6af60a66ea89fd1a6ed1f604a959edec6e60263f6f89a37be41f8ca92bc8170b7c91b1fd648e9b77c521db35c98944a456b8847a3106b776557dd26fe7790fe5258543f33226e8dbc015dbdf2c2c105dd8e13b2cf2dfb8be7bf6d49e316b029cc6f20c294f6029a4bff043f85187b92bf89f29e88e735ab748b75b9717d263e986e6f029958a2bd48fc1d0541c073b8ef5ff0bc9898feab17827f160532f04db1b9030ca9cf4a287ed49bb1fbe220bd7d00ba0c8496fb93c9ec66d66dbad864e275eab8cfd3fb5cbdc0ec7973e49213b8035112493df2ffea70af93568a04c9152a37807a4ed92c64f714eb33be9d6bc9e1cffc4dda46fc464a659c316b24da50a40aad2ad4f467f5b53332a3d2d430f2c72732da390f1f7ced8580b08acfb988b590806575f4e76da86a2e9f9aeaeb89819299cfa83254d0f5219765c7a79e74756ec4a8d557ba69d301d1df3dbe8011a0753e4976433c248630ffa72cc3b047377c369c1ab2a6262aaeec01fc00da6c4bcfc2226f8735f91d213f32602480d209805fe55546e8a0b238d31cb1553fd9bb3128188d1349adb3c656d8c646948a493c7c8add4958035f08dbe1364f8aefa6603e875c01489f830d7c3530f181ec875bd0794f350af2d82c7b59750ad25c92e09832bf49a082f80f2130c1dd03f85b366f42839f899957a63f1a5c49ddb89aabc2e7923caf0ad77e49b077af7e1caf09c6bf4e59223d10ab768b51bc59d20973e9674dd2dac648c68150e6c1d907995480e4732dab80aa9a9e7db0fd432d97f6598e673fb0674e7d03ca39964a4574d1275d35e289c8980f1d1776787d75c9eba543ed5add096197e8147bbd752f8246e3e6d957ea2943f67b9535fb8a96599b732f365270f82ef54198937cc893775ba60b1c16f39816d07dd7d6ba69ec6a51336050dcac307de9274aadbfa7982dea645a770acf4afb61b929a9dc14129e0bfb9a766921177098fbf2a1500bea0078f53489f64d4793b28284a0d3a11bdf25d4c7befab98668919de87fa3a330bb9579f0e56c82ac9ffd50f1b47abc63f907def8413eb71c187dab721aa9fb86cba7459231babb8396897a2bd1252c8ed6bb8e5dbad2230ea3e7093163c6aedfbcc243bd62aa80abb2c23a65f2fa79ec58bb9dcee773181c204de118828a127d552860a85783a4a77c39a0c257a5503c15711ef1943238c43e2430784c50c92170671", 0x1000, 0x5}, {&(0x7f0000001700)="43bbaf8bca03c56c5112ce5f8c4c7aec4a70664ef744036e9f0e9241dc019525d84dc737ef65a26012b4e4d70f7f8b9be46357f753edf5b2f0a08c80b368f325fc865092dd1580d6c23da9db33f558bfb08d5ed6a235b9ed4a8165d2c8f5bc65caae7f38bbc57b9d2ab64bbcfef6a68d2f4f2a931a5ba9c3f0b3a0e979b6bbf4bae5f4dbf8d5e71e3be07043f0a4662f6d6173858f505906592bc4199320614e46ed1b1a589a1f70a2ea1938a5a3e9102bebb1d6311b3eaa734dd92b5d50b2b1f408e4c361341b055050", 0xca, 0xff}, {&(0x7f0000001800)="2f6f2d522c7fe216e710c7fb26f683d526042bd19281002e5068e7c25b5fa1871d5c20f35dc206d5ab67f496fb4bf82349632d29559de545d230b9948ddf5127cc1b44990d7b9944a91797f524d426803b80d1c3690685828d4851e866617ce62cdb47b2b4d5e6130d7398ff7c6c5bcbdfceaf8cb0072e7539514a8172a6434127e5d539ef1430d2287dc734c07803ed178008ce71203ee78ce14be4107e53e54cc1f23b36fedb78bbf57f63ae6aadbbd131e001bdf9f6c06bad81954e6965c0ef547ab4", 0xc4, 0x461a}, {&(0x7f0000001900)="ff35c6b93118bf", 0x7, 0x1000}, {&(0x7f0000001940)="021cd9f9a1afc3eb897e0d1edf123976f8ece8ef0d9bf6ee3c85c3c3d9cc8f7c021ef76dee73a45fa6f89afbd65fbd5b776ff5aebecf1b03f50158d14ed6dd172d75df71e546eba51cd908a1505afe1cb4d9e5498bac429db3f8db5133078e61358e375ffa4e917310eddcece5b8333e81", 0x71, 0x800000010000}, {&(0x7f00000019c0)="9bd4355c4f216356244a748cfdbcd8bf14837286f73c2f9c9ec4a4ef293799b77b4284f121d871e6b6fd18abb3ca417615c52d55cf0c2baa418b01e38f5f75f8b37f30df52e45b83766d7fb27fc38e7670bd5d468bd4b164534deae3b3873a811b4712c2a40ebe2793f15d867674d3a1a691d5baf89d04d55177cb0dbf8312905f0c0f1fdda26a80a67c9a24d25a4ce76ff49e8da9bee15596cb650fa78774b4ab0e616409124792b2fe4f97d8b63c7fb894b18457faf4de8b2a5315a3979c002b44c131e006c04eb417fbdf1d8822b92095c3f9328610fee188", 0xda, 0x9}], 0x22, &(0x7f0000001b80)=ANY=[@ANYBLOB='iovharsuid>', @ANYRESDEC=0xee01, @ANYBLOB=',seclabel,\x00']) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000000)=0x20000000) mmap$IORING_OFF_CQ_RING(&(0x7f0000ff5000/0xb000)=nil, 0xb000, 0x4, 0xc8263cff93df713f, 0xffffffffffffffff, 0x8000000) fstatfs(r4, &(0x7f00000004c0)=""/89) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000600)=@IORING_OP_NOP={0x0, 0x2}, 0xdd9) r5 = openat2(r3, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)={0x680100, 0x20, 0x6}, 0x18) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000280)={'ipvlan1\x00'}) unlinkat(r4, &(0x7f0000000100)='./file0\x00', 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:54:37 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40a02, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:54:37 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 81) 02:54:37 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x2001, 0x0) fallocate(r1, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:54:37 executing program 6: r0 = socket$inet6(0xa, 0x1, 0x0) statx(0xffffffffffffffff, &(0x7f0000000180)='./file1\x00', 0x100, 0x8, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchownat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', r1, r2, 0x1000) fstat(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) r4 = accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000340), &(0x7f0000000380)=0xe, 0x0) sendmmsg$sock(r4, &(0x7f00000017c0)=[{{&(0x7f0000000400)=@alg={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(aes)\x00'}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000480)="f1ba53c0110328bf8f069216a9fee412050e53c2125fdb3623c4c000fa0544a800efdd2b7f5adb84f9e13f7f2049db8e6b5e0b2767126003cf8a9237225aff2fd37345d87a83109d6893876a4714c5eb58475b7c7ed06b60f5aa7dc1634e0f72b51d183067713c44651ff524acc7f9aa05f8b2054f25d003fe554e5743a7f42b936fca69b4bc7c098e9f72bfb54cca3d78ffba9370fbb6c4ba7a0f7b6aea33d1713d9cc404e7f3f37cc7d82b69f83da6dcb197b2b20a5fb9172df5286676e9af5a0ead69ae49070c7bad8db894b5227ddb202e9a358ede07e202270508d5853b1e3ba8a7d1505c2f77664cc29db49a30c7", 0xf1}, {&(0x7f0000000640)="4a73873b38d39e6a79c42cd68a9a765a22d07ec1b4a98b2e3003a159b702fd56965d1b716088e14cef9381b1bf6589d91dc227b746b34a610b32c1e4f0ec57bafd10a726bb31b335d5744cc4b0108185b5416044272a2b47fe6c172f31cad124862c8704ef4ff770ec5fbf07f8bfb617383dfd77bf32f06381183d330d20a86b8f933d15ffe6f9f1fe6d465956c963c1cc55091cfba5e7dbf50a8c7f996a70de5a1cd0b4071072cd354f9a82c092c24fadc50b6aabaa4f86732fb80fd051001df113066a0f3a1731b6f65c7f301bc27a4591e14e1723a50a71e18c435a16d526344b18eb6f0e4ad41819a33219af8547a9bce28506adeae256aa0c886dc1c7ea2005b20934f728685208bfd023ad311caa743ed1c8c1597d8ebfc0717ecc9a9babe5caf4ace8ec7f34feb0724044c3dd4bf2a27a0712923d4756e5bb80b77d2f2ee59fd1620fd84f0054463caef92f9b5963012af07d77ed5d66677b74e64ea3460627674dccc972ae9a5d09ea858be228afec160b8266a06fd072c4154c82c8771473213b8032ea69c5c13d23eb4b28c66b1836f63e651a3bdafcb2b761f1cad42d59d8a78ddd0935f53a5ff2df42ea626ab939478f7abae1fa3bf2c91c0e401f19250015286cb3d582a16e2ce882678e2d586c8a045ec3f8afa06278e32112a01694dfa3667be8b1660c20b3258089e3b155a68ae2ceff20e2561c32d443f54260809cff162955cc897b7dc60985cbd213f92ed10d22916090ae9c81ba60e4270a2d55febeeabff3786f1a7f2b3648e4b3f245a239a18135577c8b936edff96b2af9847c2f189b13cd9204f6295e4e7f8a141638afd176049a850d8f62d6790fe19e3afe8fe7f1b28a3cf116eb407074c5c7dc10d9fafa7550f4150be7db214043204c9eecce5533f08231299f259f8a9ecbb9d486e13d1c2baab22a7ba549386d91d468a9733b8f889eacc239e7a60b35728003d3d4db764c246b2ac403c917e96fa9883e006619a00234b27f33467e1d90e532058cedcc12b6af8ed45411fbcb42575284f55d313f08f62bdba5ed68a93390858b4170f33ee6a68a2404dba5b4655db6fdaf034fbb6516aef523f1bb4eca2b474f9c9c8485994ccfc62676dfd87e0869e83ed887bd0fdeb74435a67508584579a4c85ca17fbcca3155526b94fd9e6154ec0eb99ad88a953b18b589b64eb0003267116e461f56ffc5be137f543193480d6117247ec46ba8bbc17e80ee4db267fb580c76b173fbbbbeb086ec563eba74c5fc592ef926c33559cec52713e2bd285f312a16ac19ac02e9a7cf53842a702ec9acd5e192636758ac5a16ffad3a978251e097d1a1f603139311dd2eac339cbf4ccc458375d3560ef1b5a62b7803007b2beede6f378b6418803448aa5af23ecc6565eff5b28d50da9adafd1a7c13023996b89e30372df1c0581da6791bc182da1d629476652d9ed985cc0e66455fedaded30b790fe8aad2e32bc35430ae14ee054b302711f26f3c634512db5a43844080cc8ac3788281f88c1d857d6bc0ae8fbabf48d7ac2ad9f70efb2de351ceaa3294322ec2f9bf1f4bd697e0ef8e936eaaf175bbcdef8c29c1c084a8ae5924d60655630f278b42c60ed631ba5a68a1ca3b125e61700ef218e7be6f4f96ba048835cae667e8e8675b156a339c831510d663a5877cc3de33e1da32c48f64ede9940a9dd9b23da7c1771f7ba82d326e04c74961139d2495bdee719fed48251f37310ad9947c6bbd46ae961f6ccd7e76f99509f67fa441260b9bd8eb8a5d3d34926ab135246a20c205c3f7a55402335870ee76be20af42db8d6dab4fa40c3b1af8d4285adf13d0bc38a99c99d8896254fb50875ebed97d03100be5fae6603b4609bc681e5e0a0cf84d6d6819a88622880e790978d0125dd76911f4b6466c6bf80ef9a6e87ed6581b9a9532a94f38d84e981485926f3253ceb0007a3b28d70c946b36232ffb4f84163920e6be22fc16abe1155ca4e94097a35c30b183298c11bafe3621c55ed42b880abebbfd0395f8e683eaad849bd1f1867100bed6e59c27f7f010e98a16ae6125c393de2613fc74a8072e24e0af5bfa19ee7c02cb93902c27393b370ee1eaf83bd5699a5ca85c1d88faee7d5aaf276bfe1979f4330bbf3ebc92dc2afd09210f02b0cbca63587f958fdb95475c02827357088b4ebd46c3fd06f1f90394b7adb9624bce96ec5d76e6fe54c4d8e52f275b3df19998a7f44b40e294f303464ca5dcf5c95183f93f7105ea69f672be6d5d6525cd4b0705b98a3df3c832027502c325d0b675278680be0e28102cab8d01c63cbaf5782d9f7a259d3e4d72e358add8424c6982f3a60e8d07aaa9593b6e502251768565843bd10e465a203196192facb91a3544cccf1896f7e2697df0d11e36805661f1cda72af6e7c790b68eefa36ecbb095ccd756b7d52abb569b125f45e48ded4f955462ceb255a97e1d7387ffd6d73cefed523485edf8dde1644d856051e9fa44bd2809ac4f06121130b953b2881fc3593ed437cf9ec45f930671a269ccff42e48b0e9ee2bd6d7f13e623210e302a44de17f6f6da892201ce4b5a2721dc436740bd6e843472861e3f5f9e6d619ae491dc87a9057562b23a879ef982ea8ddbe881924d1e567ca598452b2ba7189e2f7af9b4e05b07fcd2aed24ee03314459ea33e61b4cb82cbc9070c38877a90d27275648201f628dc8a988ed4c1a2322aeb52485f8dea1639c31157016799786d1aaed3ed8f3cb2039654c329ba763b8d84123c2a0b133b749ef6dc00666fa766421afba4ab0ceff3358fec1658ee22072d7bc11ff7f02dc46985f179cb1d9ec9fab71e3653875ed55e46bedac25cc8878a237d91707bc0a7a8e7040339ac599be9e4b8f0ba2b9fa5258a0cbeb54525b40e80c40805c9c3e786b4707c908840caf2c2e6c2b1129b6755749d48d6c27cf85a18c0d0e39a8706a05b4cf54a3c022a1818d0db1a06d041fb810cbcaa3d94cd88fe0bd0baa4b4b41f4516a29bf2b3f9808cb45bf5958dfc0c813d9c772e399bf527f64872371f0503d4a7d5d3a7d0ddb7ea71d54e023269ba1dcbd52da6a1ec00640efd3a064169cf2f9b921b1e580f10a4b3dc58bd5b1c142d17d9cfd4f6ed92d7e9eaf348b6fff75e86d59ebd39516e4a9763b09bc149acaf13878d6825e4113783193415328d2172f2cf6f06c66443970eb4c5f68d356f12df3ce81b3ff030802c92622485953f8e7854f3e1f981a1bf783a608902b88a0264f4e447d2d9f25be676a7d522876cb6408bae58b3f164a44dab6ecd9eee92dd5f82dbd67cceb842583b258fd4e100d39210c0c6a954253a06131579788fe491cf9a8aba9dec145cc5f8d4b655e6641cb1b6006cb5a480e22cd0088a338903b25b884505cfa33c7517b2eae842eb6b206750cd856e63e0c34ffd3f5cb03116c21ff1fcf5842444f897d0597284c887f97d5a428f31867decebb802bf68f3a446be8525059c23f7a236f0eaaf3a00b469584380d87316588c9cda360b3589aec99d7708b302d804acac5c2f33579a40a8e79af22e4a985985c9951f5ce1cd15b057c4719121a1b69bf68caedc304056c62446c660785aaf147dbbcf24282bfa02a822cb3f7f8da3dde9835d9bfda1bf6612cb649bbe14e4edf0817387c8581748cca979c06fd17d25c435ab8c82087494571a907a906785c678abc284652327cfbe546d994e238792cb768ee6112176f8a4f936d44687c0cd5d7024746b7b6060db770b3610c43554fa32a9dc61ca3d742eec1095c0b2661347d8d5764fa85008693e234a7db87ca1a43387c663609c53c75a3dff1f9c3d15d3b1e739c4704984a61797e74cca8489cda66cb7638848bae95a87e8ff2cb0ac0e3c86789b3681e205cf71ba74684e5ec51f115510396e46af711ee980bab27671ea6e619d11b81c7e0541a41a5b0c6873039b50c6a0ecb15262e2d9a042567a784f49f9f8547d6e9fe42bcd4e0b32990f60f476141f8a70d846eff480ddc83b319a1f2ee59a40c2ed90338a8fdf5c77f72496b604f9db1a183ba03024a3787bea9a3c28c1e12b53c14f35d07ad0f7b258dac0482994b1a014a246671aefd2ffdd3bff91aeab23ebed894119be38d3a733f545470bc831b0fc79dfbf378578730058f038bb04979d070ac28d648904ce5e7d58aa67508bf21929f4cc9ea2e272b4b9ad004648026bee4204dbeb33f9031eb8783d10289d0b3ab6745d9bddacb169c620a040773a94433e50478c3ba1d85ef914d9540656e942c344d01e553b9e5c047bd196270b7e48ac66930dd5b35a56db6ce32a150b2576c094732a9837e82085b304546af7ab4687687efd97e49d6b52ee73faacbdc5a220cc9ed3a697cf63357c3a0fb2e927e7e0f9f2cc957a649760cd66b93643386defce7e22d955161d167178732aaa22ee99dcd1e1eb4f6f0889766c7918b74f9a97afbe2b19f5656e27fef874139759d2dfd1b5e4cecdcc733ac7fd335e1136b74224ff3ea326c428b77d1daf13010e5a664a3f90a4bb4cb8abe572413f98fea7a78552f4fa4f7d6a10f1bddd9f103a4676b332f01645bdf943afce31cd30a75525265b53abf14673332cd3a88099688235ec9511c122a6e40392926a7dfb698053c42109f25ee9a1247f6481b40ec017661dc2889af6dfc1e3dadf32327ad2d886ab863f4afb870c3e0531537399b13d0ea7e14dbf11f59e8d3d268c9d25e0f5ce60679bbe43e2c9f1db89ba7c9ec39513db310722056cee849a8c736e09989906da8abd7f1bfc5ef5c26a887142b14dbf83e8c92f41d819b87748296fdc0c95c1637d144855b7ae42836eb0e6775723b654fdb95da2f4d662ae0317fe847fa0c2d46283bd0a0f668259bd978420fed6eadca4ce8b2b1df8cf7d82078a3d2939faa67ee30920a5d6e4d4b7636c835a3ded77f033ecaca8483a692b428f4f24ec8cedde22d31612e9e8e54e7955a92e20a64ee4943753354bc88a389bea3185e251e5142a9a44230fd44c5d97021af27442d138aa0ec0bd5709ded6b50db627ea1c32ac757b1dbb997ef41127449e6914ed5286ba284e0a3f746b1559f08ed467b15c33cefa607bcbcf2d7d9dc731691f5605fca33d96a2dbeecb3f801165d196e9e3f99632b061715a5630a38eec42450fa9d85070c962d7cbd8fc7f8396b971d232ae710117625ddcbccbb3110b12840e30611508d5c11a9cc68e1b7ebc2977f05528a4512d163a42acadc5f1267c60aac5a1080e21916023f912e3dabc9eeea558ff8e23a138347a47e0acb1bd1bb306dc985a3268393f4d414dc01abc1de1ed9b931a39521ac04732ed3ee9e91204ce32d29ce09f895db1e628ac8a9c507055a57d87bb0b8bfcc8d6294bace88bfc2c9175c8e5d6fcdee5568d8d3ff0c299f9a5c622e97c3ade58b7ac75c547fcaead5f22c2bb29070f393d25ee67ebf39e4b38b632bb7eb14d6c581395f359010a54567df4e191448f6e5197fb8930b1cce3770fff022747c74b434cf39ed18d47a4bc7c849d0282454c3998632e51b4c8e085d9234bf7d5a0dcfd3c701944d3b829c3706d9306a5ef9af34958d8f200d0f475dc1f58fbafb2e616710aba32413d43215c5ab9ce0b9ad4df201bcf99bf733b357310140a7087329e7184269c0a4e628e221ecffbcae0abb2614078be42dd1683e0d0bfea067bb2bc02344761dfd436eb54e0cd2e288d7e4a4aebc36989e4e930c68f96fff61ba76f7daccd89633b4cfa7408b2d9044b6a4aeda388c61286929b848ee98bade1a39cb9fa009a3", 0x1000}, {&(0x7f0000000580)="9d9b2cf91c47547740a2bb4fa24798c7b7205d8de12ffe487b68b87861c99d", 0x1f}, {&(0x7f0000001640)="d95f0ca89c794e3fdd7793b62ff68810839149128cbbbf89a168ba4f49e1c110ecfbf8e419621f84aa9c6cb998a5121e7a2489bf1496d50dd019776922b7740016156375a1bf2572d0eedac95145d827ace1ed2651d1891008a421156e6f11919b5fbc78e7e15a692608bd93b213cc78f1b1b3f65e10582aef801debf1d0395e3e986d24c503f1e051ad01dec8110ff3326324997ad6765825b9b42511d7798e9b67104934230c770f060e9d0396f8fa61dd3687b3a2c004c024fca34aa8a38d4a138502a14ba4348695c6808944c8", 0xcf}], 0x4, &(0x7f0000001740)=[@txtime={{0x18, 0x1, 0x3d, 0xffffffffffffffff}}, @txtime={{0x18, 0x1, 0x3d, 0x3}}, @txtime={{0x18, 0x1, 0x3d, 0x9}}, @txtime={{0x18, 0x1, 0x3d, 0x8000000000000}}, @txtime={{0x18, 0x1, 0x3d, 0x8}}], 0x78}}], 0x1, 0x0) statx(0xffffffffffffffff, &(0x7f0000000180)='./file1\x00', 0x100, 0x8, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchownat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', r5, r6, 0x1000) statx(0xffffffffffffffff, &(0x7f0000000180)='./file1\x00', 0x100, 0x8, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchownat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', r7, r8, 0x1000) statx(0xffffffffffffffff, &(0x7f0000000180)='./file1\x00', 0x100, 0x8, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchownat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', r9, r10, 0x1000) fsetxattr$system_posix_acl(r0, &(0x7f00000000c0)='system.posix_acl_default\x00', &(0x7f00000001c0)={{}, {0x1, 0x6}, [{0x2, 0x3, r1}, {0x2, 0x1, r3}, {0x2, 0x2, r5}, {0x2, 0x1, 0xee00}], {}, [{0x8, 0x6, r8}, {0x8, 0x0, 0xffffffffffffffff}, {}, {0x8, 0x2, 0xee00}, {0x8, 0x5, r10}, {0x8, 0x6, 0xee00}], {0x10, 0x6}}, 0x74, 0x1) r11 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r11, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x3}, 0x1c) ioctl$sock_ipv6_tunnel_SIOCGETPRL(r11, 0x89f4, &(0x7f0000000080)={'syztnl2\x00', &(0x7f0000000000)={'ip6gre0\x00', 0x0, 0x4, 0x7f, 0xfd, 0x101, 0x42, @remote, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x7f2f, 0x8000, 0x0, 0x7}}) recvmmsg$unix(0xffffffffffffffff, &(0x7f0000004f00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000019c0)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c"], 0x38}}], 0x1, 0x0, 0x0) sendmmsg$inet6(r11, &(0x7f0000004d00), 0x400000000000070, 0x0) [ 2558.258210] FAULT_INJECTION: forcing a failure. [ 2558.258210] name failslab, interval 1, probability 0, space 0, times 0 [ 2558.260803] CPU: 1 PID: 12943 Comm: syz-executor.0 Not tainted 5.10.234 #1 [ 2558.262295] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2558.264046] Call Trace: [ 2558.264604] dump_stack+0x107/0x167 [ 2558.265368] should_fail.cold+0x5/0xa [ 2558.266252] ? create_object.isra.0+0x3a/0xa20 [ 2558.267286] should_failslab+0x5/0x20 [ 2558.268309] kmem_cache_alloc+0x5b/0x310 [ 2558.269258] create_object.isra.0+0x3a/0xa20 [ 2558.270209] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2558.271320] kmem_cache_alloc_trace+0x151/0x320 [ 2558.272343] ? lock_downgrade+0x6d0/0x6d0 [ 2558.273251] __io_queue_sqe+0x666/0x9d0 [ 2558.274124] ? io_issue_sqe+0x77b0/0x77b0 [ 2558.275022] ? __fget_files+0x2f8/0x520 [ 2558.275900] ? io_prep_rw+0x7f5/0x1050 [ 2558.276786] io_submit_sqes+0x44aa/0x8610 [ 2558.277799] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2558.279076] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2558.280174] ? find_held_lock+0x2c/0x110 [ 2558.281059] ? io_submit_sqes+0x8610/0x8610 [ 2558.282006] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2558.283056] ? wait_for_completion_io+0x270/0x270 [ 2558.284111] ? rcu_read_lock_any_held+0x75/0xa0 [ 2558.285113] ? vfs_write+0x354/0xb10 [ 2558.285919] ? fput_many+0x2f/0x1a0 [ 2558.286708] ? ksys_write+0x1a9/0x260 [ 2558.287537] ? __ia32_sys_read+0xb0/0xb0 [ 2558.288555] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2558.289774] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2558.290997] do_syscall_64+0x33/0x40 [ 2558.291816] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2558.292925] RIP: 0033:0x7ff7fbbbbb19 [ 2558.293731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2558.297845] RSP: 002b:00007ff7f9131188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2558.299703] RAX: ffffffffffffffda RBX: 00007ff7fbccef60 RCX: 00007ff7fbbbbb19 [ 2558.301252] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2558.302797] RBP: 00007ff7f91311d0 R08: 0000000000000000 R09: 0000000000000000 [ 2558.304348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2558.305888] R13: 00007ffd6f9efb5f R14: 00007ff7f9131300 R15: 0000000000022000 [ 2558.326941] loop5: detected capacity change from 0 to 264704 [ 2558.338273] FAULT_INJECTION: forcing a failure. [ 2558.338273] name failslab, interval 1, probability 0, space 0, times 0 [ 2558.341207] CPU: 1 PID: 12950 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2558.342753] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2558.344608] Call Trace: [ 2558.345200] dump_stack+0x107/0x167 [ 2558.346021] should_fail.cold+0x5/0xa [ 2558.346877] ? create_object.isra.0+0x3a/0xa20 [ 2558.347909] should_failslab+0x5/0x20 [ 2558.348761] kmem_cache_alloc+0x5b/0x310 [ 2558.349663] create_object.isra.0+0x3a/0xa20 [ 2558.350626] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2558.351748] __kmalloc+0x16e/0x390 [ 2558.352534] ? lock_downgrade+0x6d0/0x6d0 [ 2558.353452] io_setup_async_rw+0x180/0x580 [ 2558.354396] io_read+0xe98/0x11e0 [ 2558.355163] ? __lock_acquire+0x1657/0x5b00 [ 2558.356127] ? kiocb_done+0xc90/0xc90 [ 2558.356961] ? mark_lock+0xf5/0x2df0 [ 2558.357788] ? lock_chain_count+0x20/0x20 [ 2558.358744] ? __lock_acquire+0xbb1/0x5b00 [ 2558.359678] io_issue_sqe+0x2e8a/0x77b0 [ 2558.360566] ? find_held_lock+0x2c/0x110 [ 2558.361464] ? perf_trace_lock+0xac/0x490 [ 2558.362378] ? SOFTIRQ_verbose+0x10/0x10 [ 2558.363267] ? __io_arm_poll_handler+0x59b/0x9e0 [ 2558.364320] ? io_connect+0x610/0x610 [ 2558.365165] ? lock_acquire+0x197/0x470 [ 2558.366033] ? find_held_lock+0x2c/0x110 [ 2558.366936] EXT4-fs warning (device sda): ext4_resize_begin:82: There are errors in the filesystem, so online resizing is not allowed [ 2558.369556] ? __fget_files+0x2cf/0x520 [ 2558.369578] ? lock_downgrade+0x6d0/0x6d0 [ 2558.369606] __io_queue_sqe+0x90/0x9d0 [ 2558.369636] ? io_issue_sqe+0x77b0/0x77b0 [ 2558.369653] ? __fget_files+0x2f8/0x520 [ 2558.369681] ? io_prep_rw+0x7f5/0x1050 [ 2558.375364] io_submit_sqes+0x44aa/0x8610 [ 2558.376329] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2558.377421] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2558.378487] ? find_held_lock+0x2c/0x110 [ 2558.379382] ? io_submit_sqes+0x8610/0x8610 [ 2558.380358] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2558.381424] ? wait_for_completion_io+0x270/0x270 [ 2558.382490] ? rcu_read_lock_any_held+0x75/0xa0 [ 2558.383504] ? vfs_write+0x354/0xb10 [ 2558.384328] ? fput_many+0x2f/0x1a0 [ 2558.385133] ? ksys_write+0x1a9/0x260 [ 2558.386061] ? __ia32_sys_read+0xb0/0xb0 [ 2558.386961] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2558.388121] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2558.389268] do_syscall_64+0x33/0x40 [ 2558.390086] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2558.391110] EXT4-fs warning (device sda): ext4_resize_begin:82: There are errors in the filesystem, so online resizing is not allowed [ 2558.391227] RIP: 0033:0x7fc0e8027b19 [ 2558.394859] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2558.398882] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2558.400575] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2558.402166] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2558.403755] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2558.405503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2558.407306] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 [ 2558.418402] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2558.441622] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended 02:54:37 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:54:37 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 82) [ 2558.511477] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:54:37 executing program 7: r0 = syz_io_uring_setup(0x68d4, &(0x7f0000000100)={0x0, 0x867e, 0x0, 0x0, 0x399}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000080), &(0x7f0000000040)) fcntl$dupfd(0xffffffffffffffff, 0x0, r0) mmap$IORING_OFF_SQES(&(0x7f0000fee000/0x12000)=nil, 0x12000, 0x0, 0x40010, r0, 0x10000000) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0) r1 = memfd_create(&(0x7f00000003c0)='\x00\'\'x\xe0\x1c\x02\x00d\x88\xc4P\xb0\x01\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\xf9\n\x17`\xf1U\'\\\x14\t\xc2\xaa|\x81\x91=;h\xfeGm\xaf\x88\xf7\x01\xce\xdc.fjW\x8d\xf9\xbf\xd3\xf1\xa1\xa2\xb0\xcf\xbb|\xdfp\xd7sI\x8dyz\x1c\xb6\xe5\xb9Ta\xcf\xab\xc32\xd9\xaea\x80\xc6\x92', 0x6) read(r1, 0x0, 0x2e) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000180)=""/148, 0x94}, {&(0x7f0000000580)=""/98, 0x62}, {&(0x7f0000000440)=""/181, 0xb5}, {&(0x7f0000000300)=""/67, 0x43}], 0x4) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000002e00)={0x0, 0x0, &(0x7f0000002dc0)={&(0x7f0000000240)=@updsa={0xfc, 0x1a, 0x1, 0x0, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @dev}, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee00}, {@in=@local, 0x0, 0x3c}, @in6=@private1, {}, {}, {}, 0x0, 0x0, 0xa}, [@sec_ctx={0xc, 0x8, {0x8}}]}, 0xfc}}, 0x0) sendfile(r2, 0xffffffffffffffff, &(0x7f0000000240)=0x4, 0x9) r3 = syz_open_dev$vcsn(0x0, 0x4, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000380)={'vxcan1\x00'}) syz_io_uring_setup(0x2a9, &(0x7f0000000500)={0x0, 0xa228, 0x10, 0x2, 0x3a6, 0x0, r3}, &(0x7f0000ff1000/0x1000)=nil, &(0x7f0000fef000/0x1000)=nil, &(0x7f0000000600), &(0x7f0000000640)) r4 = socket$netlink(0x10, 0x3, 0x4) ioctl$EXT4_IOC_GROUP_ADD(r4, 0x40286608, &(0x7f0000000380)={0x1f, 0x3, 0x0, 0x0, 0x5}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x460, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fork() 02:54:37 executing program 6: r0 = accept$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14) fsetxattr$security_evm(r0, &(0x7f0000000140), &(0x7f0000000240)=ANY=[@ANYBLOB="040a0e6537a3872a475b592e86381f009492", @ANYRES16], 0x12, 0x3) syz_open_dev$mouse(&(0x7f0000000180), 0x7, 0x400200) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000000c0)='./file1\x00', 0x0, 0x3, &(0x7f0000000380)=[{&(0x7f0000010000)="601c6d6b646f73668553b300080820000400008000f8000020004000030000000000000001", 0x25}, {0x0, 0x0, 0x800}, {&(0x7f0000000280)="79dc154919d607b9f7978a100bcdabf44f626d1ebcf37bf399caf2749fe9837aff17e9239dc21d49ae6c04e845c7c46c6f996f1e55633eab9c34b81b341ae2cf185ca3964197e3d4a5a37dfd5b1c2f56a2daa5cdf21bf92b8963e79e463aaca96b66b588364eba930f49b605da3718fad340ba5a0ed9e7da73535a4468602c2f780a5d1313d77d045e300865d9ebbe82372eebf529b8dc33443b9e1ba7b13536cb3536a50fd6d57de4da46956f8da17e388f42ae28d179723395349b2c979479874170e9c4f6fd55b037e4cb7b71ff1e46ab2fcab23993c5ce4eac34ed59", 0xde, 0x4}], 0x0, &(0x7f0000000040)={[{@fat=@discard}]}) chdir(&(0x7f00000001c0)='./file1\x00') 02:54:37 executing program 2: r0 = syz_io_uring_setup(0x5780, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x1000}, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:54:37 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40a03, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) [ 2558.729186] FAULT_INJECTION: forcing a failure. [ 2558.729186] name failslab, interval 1, probability 0, space 0, times 0 [ 2558.732413] CPU: 0 PID: 12976 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2558.734051] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2558.736126] Call Trace: [ 2558.736751] dump_stack+0x107/0x167 [ 2558.737611] should_fail.cold+0x5/0xa [ 2558.738512] ? io_setup_async_rw+0x180/0x580 [ 2558.739553] should_failslab+0x5/0x20 [ 2558.740460] __kmalloc+0x72/0x390 [ 2558.741279] ? lock_downgrade+0x6d0/0x6d0 [ 2558.742266] io_setup_async_rw+0x180/0x580 [ 2558.743271] io_read+0xe98/0x11e0 [ 2558.744105] ? __lock_acquire+0x1657/0x5b00 [ 2558.745134] ? kiocb_done+0xc90/0xc90 [ 2558.746032] ? mark_lock+0xf5/0x2df0 [ 2558.746922] ? lock_chain_count+0x20/0x20 [ 2558.747960] ? __lock_acquire+0xbb1/0x5b00 [ 2558.748967] io_issue_sqe+0x2e8a/0x77b0 [ 2558.749911] ? find_held_lock+0x2c/0x110 [ 2558.750872] ? perf_trace_lock+0xac/0x490 [ 2558.751857] ? SOFTIRQ_verbose+0x10/0x10 [ 2558.752815] ? __io_arm_poll_handler+0x59b/0x9e0 [ 2558.753938] ? io_connect+0x610/0x610 [ 2558.754845] ? lock_acquire+0x197/0x470 [ 2558.755783] ? find_held_lock+0x2c/0x110 [ 2558.756759] ? __fget_files+0x2cf/0x520 [ 2558.757697] ? lock_downgrade+0x6d0/0x6d0 [ 2558.758683] __io_queue_sqe+0x90/0x9d0 [ 2558.759613] ? io_issue_sqe+0x77b0/0x77b0 [ 2558.760601] ? __fget_files+0x2f8/0x520 [ 2558.761547] ? io_prep_rw+0x7f5/0x1050 [ 2558.762475] io_submit_sqes+0x44aa/0x8610 [ 2558.763494] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2558.764679] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2558.765823] ? find_held_lock+0x2c/0x110 [ 2558.766791] ? io_submit_sqes+0x8610/0x8610 [ 2558.767835] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2558.768984] ? wait_for_completion_io+0x270/0x270 [ 2558.770129] ? rcu_read_lock_any_held+0x75/0xa0 [ 2558.771227] ? vfs_write+0x354/0xb10 [ 2558.772115] ? fput_many+0x2f/0x1a0 [ 2558.772976] ? ksys_write+0x1a9/0x260 [ 2558.773876] ? __ia32_sys_read+0xb0/0xb0 [ 2558.774841] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2558.776085] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2558.777307] do_syscall_64+0x33/0x40 [ 2558.778185] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2558.779393] RIP: 0033:0x7fc0e8027b19 [ 2558.780279] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2558.784653] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2558.786450] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2558.788143] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2558.789829] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2558.791515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2558.793211] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 02:54:37 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 63) 02:54:37 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x698a}}, './file0\x00'}) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r1, 0xc0189378, &(0x7f0000000240)=ANY=[@ANYBLOB="01e1ffff0000000018000000", @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00./file0\x00']) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r3, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(0xffffffffffffffff, 0x40505331, &(0x7f0000000400)={{0x5}, {0x0, 0x1}, 0x101, 0x5, 0x8}) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000300), 0x4e000, 0x0) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000000)=0x20000000) fstatfs(r5, &(0x7f00000004c0)=""/89) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r1, 0xc0189378, &(0x7f0000000340)={{0x1, 0x1, 0x18, r4, {r5}}, './file1\x00'}) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r3, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r3, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:54:37 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:54:37 executing program 6: r0 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000540)={0xa, 0x3, 0x0, @local, 0x2}, 0x1c) r1 = syz_io_uring_complete(0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4ea0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) ftruncate(r2, 0x1000003) ioctl$FS_IOC_FSSETXATTR(r2, 0x40086602, &(0x7f0000000000)) fcntl$setflags(r1, 0x2, 0x0) dup(r2) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000140)={0x2c, @rand_addr=0x64010101, 0x4e21, 0x2, 'ovf\x00', 0x10, 0x5, 0x6b}, 0x2c) writev(r2, &(0x7f00000002c0)=[{&(0x7f0000000500)='z', 0x1}, {&(0x7f0000000040)='Z', 0x1}], 0x2) ioctl$sock_inet6_SIOCSIFDSTADDR(r2, 0x8918, &(0x7f0000000180)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x74}) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000080)={0x0, 0x1000}, 0x4) ioctl$F2FS_IOC_DEFRAGMENT(0xffffffffffffffff, 0xc010f508, &(0x7f0000000100)={0x0, 0x100}) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r4, &(0x7f0000000040)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x0, @empty}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000440)="10", 0xffd0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000008c0)="7f", 0x1}], 0x1}}], 0x28, 0x8080) sendmsg$inet6(r4, &(0x7f0000004380)={0x0, 0x0, 0x0}, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x1, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmmsg$inet6(r0, &(0x7f0000004d00), 0x2f, 0x0) [ 2559.056378] FAULT_INJECTION: forcing a failure. [ 2559.056378] name failslab, interval 1, probability 0, space 0, times 0 [ 2559.058836] CPU: 1 PID: 12991 Comm: syz-executor.0 Not tainted 5.10.234 #1 [ 2559.060198] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2559.061807] Call Trace: [ 2559.062324] dump_stack+0x107/0x167 [ 2559.063049] should_fail.cold+0x5/0xa [ 2559.063814] ? io_setup_async_rw+0x180/0x580 [ 2559.064703] should_failslab+0x5/0x20 [ 2559.065445] __kmalloc+0x72/0x390 [ 2559.066127] ? lock_downgrade+0x6d0/0x6d0 [ 2559.066944] io_setup_async_rw+0x180/0x580 [ 2559.067778] io_read+0xe98/0x11e0 [ 2559.068478] ? __lock_acquire+0x1657/0x5b00 [ 2559.069329] ? kiocb_done+0xc90/0xc90 [ 2559.070075] ? mark_lock+0xf5/0x2df0 [ 2559.070808] ? lock_chain_count+0x20/0x20 [ 2559.071665] ? __lock_acquire+0xbb1/0x5b00 [ 2559.072505] io_issue_sqe+0x2e8a/0x77b0 [ 2559.073287] ? find_held_lock+0x2c/0x110 [ 2559.074094] ? perf_trace_lock+0xac/0x490 [ 2559.074903] ? SOFTIRQ_verbose+0x10/0x10 [ 2559.075694] ? __io_arm_poll_handler+0x59b/0x9e0 [ 2559.076637] ? io_connect+0x610/0x610 [ 2559.077402] ? lock_acquire+0x197/0x470 [ 2559.078176] ? find_held_lock+0x2c/0x110 [ 2559.078980] ? __fget_files+0x2cf/0x520 [ 2559.079755] ? lock_downgrade+0x6d0/0x6d0 [ 2559.080584] __io_queue_sqe+0x90/0x9d0 [ 2559.081358] ? io_issue_sqe+0x77b0/0x77b0 [ 2559.082169] ? __fget_files+0x2f8/0x520 [ 2559.082955] ? io_prep_rw+0x7f5/0x1050 [ 2559.083733] io_submit_sqes+0x44aa/0x8610 [ 2559.084590] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2559.085566] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2559.086499] ? find_held_lock+0x2c/0x110 [ 2559.087450] ? io_submit_sqes+0x8610/0x8610 [ 2559.088570] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2559.089565] ? wait_for_completion_io+0x270/0x270 [ 2559.090728] ? rcu_read_lock_any_held+0x75/0xa0 [ 2559.091751] ? vfs_write+0x354/0xb10 [ 2559.092582] ? fput_many+0x2f/0x1a0 [ 2559.093389] ? ksys_write+0x1a9/0x260 [ 2559.094233] ? __ia32_sys_read+0xb0/0xb0 [ 2559.095084] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2559.096238] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2559.097438] do_syscall_64+0x33/0x40 [ 2559.098261] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2559.099391] RIP: 0033:0x7ff7fbbbbb19 [ 2559.100235] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2559.104432] RSP: 002b:00007ff7f9131188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2559.106029] RAX: ffffffffffffffda RBX: 00007ff7fbccef60 RCX: 00007ff7fbbbbb19 [ 2559.107688] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2559.109318] RBP: 00007ff7f91311d0 R08: 0000000000000000 R09: 0000000000000000 [ 2559.110899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2559.112525] R13: 00007ffd6f9efb5f R14: 00007ff7f9131300 R15: 0000000000022000 [ 2559.139182] loop5: detected capacity change from 0 to 264704 [ 2559.172504] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2559.200092] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2559.222171] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:55:03 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 83) 02:55:03 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 64) 02:55:03 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x2000, 0x0, 0x0, 0x0) 02:55:03 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0x0, 0x7f, 0x5, 0x1000}, {0x5, 0x0, 0x1, 0x3}]}) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f0000000800)=ANY=[@ANYBLOB="0010040000000000"]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x80, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x3, 0xffffffffffffffff, 0x0) mknod$loop(&(0x7f0000000400)='./file0\x00', 0x6000, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000740)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x101982, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(0xffffffffffffffff, 0x660c) ioctl$LOOP_SET_STATUS(r1, 0x4c00, 0x0) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000280), 0x220000, 0x0) link(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='./file2\x00') ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xfff, 0x9, 0x13, 0x8, "a33ffde15ac5e3597997ca8986bc6d30fb365a162412350d2dbb5f02e4b9158f3b699d557e93639a919a636fc399cb69327ad1688070049903904fc96628577b", "2f87934459fd43a9829984709a2e821126913d74f3d1ad8285ca2e3a4a403d99", [0xffff, 0x80]}) creat(&(0x7f0000000040)='./file1\x00', 0xc8) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f0000000440)=ANY=[@ANYBLOB="9789cdc1c58bb7b4ce6b9173a41ae2f452523a45992fbb476b7ba2f081093dc89803cc6745a634a85feaf8f2cd4ec14543c88d990c72ba873c4073a7537a63495141fd6432925ef7240019f7bd2bc2541505748aaf5c8bad5ffbb966b332d87a3c99b88a0c16f31f280431ef91e6a6158c92a9643ee6e1b81447c6f2f03e6aba8c12fe018d79b56154b6d624afae78ff05fc7dbcdbb69fe2936fa39b81293a5cfb37351e4a07f922504d305c460de00d694eb9c4cbd89bea63afd473f1"]) inotify_add_watch(0xffffffffffffffff, &(0x7f0000000140)='./file2\x00', 0x2000001) acct(&(0x7f00000001c0)='./file1\x00') acct(&(0x7f0000000380)='./file1\x00') 02:55:03 executing program 7: r0 = perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x1}, 0x0, 0x1, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f0000000280)=[{&(0x7f0000000380)=""/182, 0xb6}, {&(0x7f0000000500)=""/210, 0xd2}, {&(0x7f0000000600)=""/192, 0xc0}, {&(0x7f0000000040)}, {&(0x7f0000000740)=""/209, 0xd1}, {&(0x7f0000000840)=""/249, 0xf9}], 0x6, 0x6, 0x3f) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x33}}, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r3, 0x2ff, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) syz_io_uring_setup(0x5ace, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)) socket$nl_xfrm(0x10, 0x3, 0x6) sendmmsg$inet6(r1, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000080)='K', 0x1}], 0x1}}], 0x7ffff000, 0x0) 02:55:03 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40b00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:55:03 executing program 4: r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x20000000) fstatfs(r0, &(0x7f00000003c0)=""/98) openat(r0, &(0x7f0000000140)='./file0/file0\x00', 0x214360, 0x112) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r2, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) r3 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x18) ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100004001000000180000e1", @ANYRES32=r0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='./file0/file0\x00']) ioctl$FITRIM(r4, 0xc0185879, &(0x7f0000000340)={0x2, 0xfffffffffffffffa, 0x1f}) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r2, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x40801, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000300), 0x8}, 0x0, 0x53b, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r2, 0x3, 0x4077, 0x8000) openat(r3, &(0x7f0000000000)='./file0\x00', 0x16400, 0x9) openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/vmstat\x00', 0x0, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) getsockname(0xffffffffffffffff, &(0x7f0000000440)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast1}}}, &(0x7f00000004c0)=0x80) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:55:03 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_setup(0x4ec1, &(0x7f00000000c0)={0x0, 0x7c8d, 0x0, 0x3, 0xe4, 0x0, r3}, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ff6000/0x2000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000000240)) syz_io_uring_setup(0x29b4, &(0x7f0000000340)={0x0, 0x5c0d, 0x0, 0x2, 0x171, 0x0, r3}, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff6000/0x1000)=nil, &(0x7f0000000280), &(0x7f00000003c0)=0x0) r6 = openat$cgroup_type(r3, &(0x7f0000000400), 0x2, 0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000440)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x0, @fd=r6, 0x7, 0x0, 0x0, 0xc, 0x0, {0x7}}, 0x8001) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2584.197589] FAULT_INJECTION: forcing a failure. [ 2584.197589] name failslab, interval 1, probability 0, space 0, times 0 [ 2584.201029] CPU: 1 PID: 13016 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2584.202811] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2584.204951] Call Trace: [ 2584.205510] dump_stack+0x107/0x167 [ 2584.206282] should_fail.cold+0x5/0xa [ 2584.206319] FAULT_INJECTION: forcing a failure. [ 2584.206319] name failslab, interval 1, probability 0, space 0, times 0 [ 2584.207084] should_failslab+0x5/0x20 [ 2584.207106] kmem_cache_alloc_bulk+0x4b/0x320 [ 2584.207135] io_submit_sqes+0x6fe6/0x8610 [ 2584.207194] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2584.207211] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2584.207238] ? find_held_lock+0x2c/0x110 [ 2584.207264] ? io_submit_sqes+0x8610/0x8610 [ 2584.207296] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2584.207330] ? wait_for_completion_io+0x270/0x270 [ 2584.218243] ? rcu_read_lock_any_held+0x75/0xa0 [ 2584.219234] ? vfs_write+0x354/0xb10 [ 2584.220019] ? fput_many+0x2f/0x1a0 [ 2584.220817] ? ksys_write+0x1a9/0x260 [ 2584.221619] ? __ia32_sys_read+0xb0/0xb0 [ 2584.222481] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2584.223591] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2584.224717] do_syscall_64+0x33/0x40 [ 2584.225506] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2584.226579] RIP: 0033:0x7fc0e8027b19 [ 2584.227362] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2584.231268] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2584.232905] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2584.234405] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2584.235907] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2584.237447] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2584.238951] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 [ 2584.240517] CPU: 0 PID: 13018 Comm: syz-executor.0 Not tainted 5.10.234 #1 [ 2584.242299] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2584.244383] Call Trace: [ 2584.245025] dump_stack+0x107/0x167 [ 2584.245922] should_fail.cold+0x5/0xa [ 2584.246917] ? create_object.isra.0+0x3a/0xa20 [ 2584.248131] should_failslab+0x5/0x20 [ 2584.249043] kmem_cache_alloc+0x5b/0x310 [ 2584.250047] create_object.isra.0+0x3a/0xa20 [ 2584.251174] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2584.252460] __kmalloc+0x16e/0x390 [ 2584.253361] io_setup_async_rw+0x180/0x580 [ 2584.254408] io_read+0xe98/0x11e0 [ 2584.255269] ? __lock_acquire+0x1657/0x5b00 [ 2584.256288] ? kiocb_done+0xc90/0xc90 [ 2584.257229] ? mark_lock+0xf5/0x2df0 [ 2584.258148] ? lock_chain_count+0x20/0x20 [ 2584.259150] ? __lock_acquire+0xbb1/0x5b00 [ 2584.260218] io_issue_sqe+0x2e8a/0x77b0 [ 2584.261218] ? find_held_lock+0x2c/0x110 [ 2584.262227] ? perf_trace_lock+0xac/0x490 [ 2584.263248] ? SOFTIRQ_verbose+0x10/0x10 [ 2584.264196] ? __io_arm_poll_handler+0x59b/0x9e0 [ 2584.265393] ? io_connect+0x610/0x610 [ 2584.266330] ? lock_acquire+0x197/0x470 [ 2584.267272] ? find_held_lock+0x2c/0x110 [ 2584.268317] ? __fget_files+0x2cf/0x520 [ 2584.269320] ? lock_downgrade+0x6d0/0x6d0 [ 2584.270354] __io_queue_sqe+0x90/0x9d0 [ 2584.271276] ? io_issue_sqe+0x77b0/0x77b0 [ 2584.272340] ? __fget_files+0x2f8/0x520 [ 2584.273362] ? io_prep_rw+0x7f5/0x1050 [ 2584.274332] io_submit_sqes+0x44aa/0x8610 [ 2584.275354] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2584.276628] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2584.277869] ? find_held_lock+0x2c/0x110 [ 2584.278920] ? io_submit_sqes+0x8610/0x8610 [ 2584.279945] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2584.281059] ? wait_for_completion_io+0x270/0x270 [ 2584.282304] ? rcu_read_lock_any_held+0x75/0xa0 [ 2584.283446] ? vfs_write+0x354/0xb10 [ 2584.284312] ? fput_many+0x2f/0x1a0 [ 2584.285140] ? ksys_write+0x1a9/0x260 [ 2584.286013] ? __ia32_sys_read+0xb0/0xb0 [ 2584.286941] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2584.288153] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2584.289327] do_syscall_64+0x33/0x40 [ 2584.290180] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2584.291350] RIP: 0033:0x7ff7fbbbbb19 [ 2584.292215] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2584.296440] RSP: 002b:00007ff7f9131188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2584.298180] RAX: ffffffffffffffda RBX: 00007ff7fbccef60 RCX: 00007ff7fbbbbb19 [ 2584.299807] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2584.301445] RBP: 00007ff7f91311d0 R08: 0000000000000000 R09: 0000000000000000 [ 2584.303076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2584.304723] R13: 00007ffd6f9efb5f R14: 00007ff7f9131300 R15: 0000000000022000 [ 2584.364679] loop5: detected capacity change from 0 to 264704 [ 2584.383616] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2584.398174] Process accounting resumed [ 2584.431556] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended 02:55:03 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 84) [ 2584.466247] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue [ 2584.506407] Process accounting resumed [ 2584.543226] Process accounting resumed [ 2584.614047] FAULT_INJECTION: forcing a failure. [ 2584.614047] name failslab, interval 1, probability 0, space 0, times 0 [ 2584.616951] CPU: 1 PID: 13040 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2584.618419] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2584.619964] Process accounting resumed [ 2584.620181] Call Trace: [ 2584.620209] dump_stack+0x107/0x167 [ 2584.620238] should_fail.cold+0x5/0xa [ 2584.623512] ? create_object.isra.0+0x3a/0xa20 [ 2584.624612] should_failslab+0x5/0x20 [ 2584.625562] kmem_cache_alloc+0x5b/0x310 [ 2584.626426] create_object.isra.0+0x3a/0xa20 [ 2584.627345] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2584.628453] kmem_cache_alloc_trace+0x151/0x320 [ 2584.629436] ? lock_downgrade+0x6d0/0x6d0 [ 2584.630333] __io_queue_sqe+0x666/0x9d0 [ 2584.631182] ? io_issue_sqe+0x77b0/0x77b0 [ 2584.632051] ? __fget_files+0x2f8/0x520 [ 2584.632925] ? io_prep_rw+0x7f5/0x1050 [ 2584.633752] io_submit_sqes+0x44aa/0x8610 [ 2584.634670] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2584.635717] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2584.636773] ? find_held_lock+0x2c/0x110 [ 2584.637636] ? io_submit_sqes+0x8610/0x8610 [ 2584.638559] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2584.639588] ? wait_for_completion_io+0x270/0x270 [ 2584.640638] ? rcu_read_lock_any_held+0x75/0xa0 [ 2584.641618] ? vfs_write+0x354/0xb10 [ 2584.642405] ? fput_many+0x2f/0x1a0 [ 2584.643176] ? ksys_write+0x1a9/0x260 [ 2584.643977] ? __ia32_sys_read+0xb0/0xb0 [ 2584.644863] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2584.645964] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2584.647051] do_syscall_64+0x33/0x40 [ 2584.647843] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2584.648958] RIP: 0033:0x7fc0e8027b19 [ 2584.649740] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2584.653630] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2584.655229] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2584.656762] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2584.658262] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2584.659765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2584.661295] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 02:55:22 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 85) 02:55:22 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x800000, 0x0, 0x0, 0x0) 02:55:22 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file1\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x3, 0x4077, 0x8000) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(r2, &(0x7f00000000c0)='./file1\x00', 0x8440, 0x100) 02:55:22 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0)={0x0, 0x4}, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000000)=0x20000000) fstatfs(r4, &(0x7f00000004c0)=""/89) r5 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) ioctl$AUTOFS_IOC_PROTOSUBVER(r5, 0x80049367, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r5, 0x89f0, &(0x7f0000000180)={'sit0\x00', &(0x7f00000000c0)={'syztnl0\x00', 0x0, 0x29, 0x7, 0x40, 0x0, 0x4, @ipv4={'\x00', '\xff\xff', @multicast1}, @ipv4={'\x00', '\xff\xff', @loopback}, 0x7, 0x0, 0x0, 0x2}}) r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000013c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x4000, @fd, 0x0, 0xf8, 0x80000001, 0xa, 0x1, {0x3, r6}}, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x3, 0x2000, @fd=r0, 0x3, &(0x7f0000000440)=[{&(0x7f0000000340)=""/206, 0xce}, {&(0x7f0000000540)=""/156, 0x9c}, {&(0x7f00000000c0)}, {&(0x7f0000000600)=""/4096, 0x1000}, {&(0x7f0000001600)=""/190, 0xbe}, {&(0x7f0000000240)=""/86, 0x56}], 0x6, 0x3, 0x1, {0x0, r6}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:55:22 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40b01, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:55:22 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0x0, 0x7f, 0x5, 0x1000}, {0x5, 0x0, 0x1, 0x3}]}) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f0000000800)=ANY=[@ANYBLOB="0010040000000000"]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x80, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x3, 0xffffffffffffffff, 0x0) mknod$loop(&(0x7f0000000400)='./file0\x00', 0x6000, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000740)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x101982, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(0xffffffffffffffff, 0x660c) ioctl$LOOP_SET_STATUS(r1, 0x4c00, 0x0) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000280), 0x220000, 0x0) link(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='./file2\x00') ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xfff, 0x9, 0x13, 0x8, "a33ffde15ac5e3597997ca8986bc6d30fb365a162412350d2dbb5f02e4b9158f3b699d557e93639a919a636fc399cb69327ad1688070049903904fc96628577b", "2f87934459fd43a9829984709a2e821126913d74f3d1ad8285ca2e3a4a403d99", [0xffff, 0x80]}) creat(&(0x7f0000000040)='./file1\x00', 0xc8) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f0000000440)=ANY=[@ANYBLOB="9789cdc1c58bb7b4ce6b9173a41ae2f452523a45992fbb476b7ba2f081093dc89803cc6745a634a85feaf8f2cd4ec14543c88d990c72ba873c4073a7537a63495141fd6432925ef7240019f7bd2bc2541505748aaf5c8bad5ffbb966b332d87a3c99b88a0c16f31f280431ef91e6a6158c92a9643ee6e1b81447c6f2f03e6aba8c12fe018d79b56154b6d624afae78ff05fc7dbcdbb69fe2936fa39b81293a5cfb37351e4a07f922504d305c460de00d694eb9c4cbd89bea63afd473f1"]) inotify_add_watch(0xffffffffffffffff, &(0x7f0000000140)='./file2\x00', 0x2000001) acct(&(0x7f00000001c0)='./file1\x00') acct(&(0x7f0000000380)='./file1\x00') 02:55:22 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 65) 02:55:22 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000100), 0x515001, 0x0) r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000340), r0) sendmsg$FOU_CMD_ADD(r1, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x44, r2, 0x410, 0x70bd2d, 0x25dfdbfb, {}, [@FOU_ATTR_IPPROTO={0x5, 0x3, 0x1}, @FOU_ATTR_PEER_V4={0x8, 0x8, @remote}, @FOU_ATTR_AF={0x5, 0x2, 0x2}, @FOU_ATTR_PEER_V6={0x14, 0x9, @remote}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x4000001) sendmsg$FOU_CMD_DEL(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x24, r2, 0x2, 0x70bd26, 0x25dfdbfe, {}, [@FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e23}, @FOU_ATTR_PORT={0x6, 0x1, 0x4e23}]}, 0x24}}, 0x1) syz_emit_ethernet(0x7c6, &(0x7f0000000d80)={@broadcast, @random="7d45eaa9570d", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "000400", 0x790, 0x3a, 0xff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0xff, 0x0, 0x3, 0x0, 0x0, [{0x0, 0x1e, "1981b485fdf7b071e30a2f9f34c69569efebd093e595da3b34f8220b117bc0ff2dd0c1111415a1dbf6404d09f1e2a7b9b9f3d649bf1124c5170311592f7728f8eaafd7cd6454f27b622418b8c666a58975aeb11a95549a7b28933aef0aa025c2e7dd1edaa1210325d6929e213179ed582f9c8c6dcb72e666a7152f2260ae6c676efc14bb17f6dd211b6ea51948cf1acb4ca73bffc2f0a1ff532adafda6816b5fa5b330c7709d164449d70ec5418d524bdbfe605783ba1d997b2acecd9079e1132507c842fa65d1ad88909c419edf46dd09e79a328bdd5b72ab027df69520fda9fdcd58030dc346b1e244cd17ea4502d2"}, {0x0, 0x1a, "bf61795a41477d5647ecea992a965848cef742b4839b938215c5132c4d78a09f6ccc3259831447869575315c75123388c0b4b107ad7e6b69fa2143ed22c57771210702932eb95794eee9bad7662c39d10a9b45b750631d528c27b06e52d262db4ffa2f2dda2fc736fa98823ce5911591f2b2978f8c9c08ef04b3c2a236a702c13da6b55f5649fc202ff1dc625ab757fd620a7cae260ec6c60d337478034ef248d6d5e6e77235c00baafbcf948412bade90d26c2668a511b10a2b8e43646d2164f06f5fea765de86d9e2f3baba09c"}, {0x0, 0xb7, "991a3577cc1732ae4ca1074428167918eda21f580e011a9c01870c8d4da8f66699b313c48ee21a020f39e48999be74509ffa7ddd74bedaf2ce2d4820db818167cc338f3b2db18c2fc92f7a1ce35581ab1f1416f749aea31e463e4d64bd97e6c6121227ffdca9a0cf72b8d34474d2c66dbd6440e0191469f95aef1de5a8454d3a5fcc58422bc18f8eba74eac2cc3f9ee6c0c5431542a5a865f44fca124c33055fcd0ff65ca0e98352cfca26f0cd27aaba9b9e17c9ef318383b44bbca49d34e60369472ba3d9e9e5b3ab19c97bc37a0d8e085686efbff8e24c4567a3e4c339f9fe9f389b669420aa80af19665559b866a71673453673f109ac1e058f248ac702fd0ca7d7d5c6ceccc8196c0ffe25b65a2f65f9c9a1de3a14466a6497e46544851f31367139235aa9559bc377ae8ca0d3d0633f347f2333964aca80d7fbcee3968216e087cf2850bc3b4a51e765b956ab4f345cac704f52b95571c4944bc96be51eedbef45cd553963d51d11ca9d6689963bda83325a8d977f8d27f7b1af556169485a7a942b31579e69780bedd46219f8f82dc239f2e155ab92513bdb8b90ff32281534858db55d2f6de94ef37df7f8c887314958bd2d146f9650252e7a47f2f5838060712eb321fa6492bbddeab9fc815bcc0db198c93c14be0e5ead31709315ef126a812166f66351fa743f2dff366d42e676f95fe165c8f11c5ab5908f148f2431f624aea3594405421c7cccb3f27584709c706c7a330267f706a7109a265803e2bc0d7d453b317955cac6db94b2bf754f2411c35f2ef2e6756a10781f8c73b7675f03faab177fab8ebe5c86b2dce0ce0fe4e26ff64fc5dd76210f7aab999456969d37988810105f67808bd614383d3c10c16025eeff097c45e5e6a52cdcf3317d16cc107c2db8732b70915d869a7b68e02851d008d084714e0a0995fc8886bc211185051bb4424e99f2fa10d3bba1337974a92077e7318352bf9adcec6469f9b9b13713472a1b9b13846c7ba6aececbc78e72126542b7a9567106524f9d927e1140206db1c227cc0caa7b613b6eff123343beab8bfd45b85e9ba8f26e45234e325c40f7f81692b5a38b57980b2abe3905ae9517c6eb9498b11c56401b24290a072ada1f0ac56dc3f48ec2dec17306dd7c41b7fcfb79ff87e384170a6b34acb30ef58d53cdf739f47ceabfac0e7a0ddaebbac6330b45e950047106f906d2bdab3b7d415f4cb2c15c9e66036ad04e8fe3f330bb2b49cc86b698d5c6d02e662b50933463a5d07448b5a3c0ceb0b259e33724c508ff59e0da50709b2d8f96fecbd9715d2ad6ebdc85299fc465af00b17bdc86e8268a30a10b6e97deaf90cf35aa7d12bf41fe69dbcc4ea51d5d015682a0447cfc0bc4bac6b74392d533c1dd0fe729465bb9a37a03bc3fa53455786c3885c0404b4311c36d6478f7e8361c607d871446c8d163f8ab5b3ef75209a0fb26dc64879b096e1c67bce2ead1f59f8b00be4ea986dd4839b14037448ef7103c9c7fe517b8c3934b1f836c12a1b04371d7522937fd632ef35edbea0c12b20630d8779329f8456ec996f8464f327b3eb09d9e4fc10069699c5f4b2b6c714dcafb7c572e37bbe9bb825f2ac8634586ad81385262aff0ae00567b35dc815fb16b92ddeb7a74b507b2d4c35ace1fc448de4d26014a9638bfb416d99c691ecd21d05c77bcdbce53cd1126a1aa0b4aaf3f0148a5081279ce80ae9a40f062ef13b4c3c90c61bb4e72d530ed634812248bb279ee59b41d5b490c87f26339d2b42432ca5c5878d741983bc2740e84fa39beda41f0f2f4b6e1c5506ec615bbfe7bf1f909c801a10098efe9595b3a2eadee922ee60555208615cebe509837f2d077474dac4e59cc75cd1b99429af15a96a85ae136addf0a91354826756572db80169e02fba260e9857ce698ef1c49172a85a515104b5416b9ef7af04d855c4c9bd196da86697ed6a3ee5628204530e7fc47c2b168ef14866e4901cae470f0131f47262448108805ceb467fd998a56031960986a2ca03f80ea600208d5aa0eb7d7a8df7047484af0ed055c7bcafa003990da25c62"}]}}}}}}, 0x0) [ 2603.493501] loop5: detected capacity change from 0 to 264704 [ 2603.554439] FAULT_INJECTION: forcing a failure. [ 2603.554439] name failslab, interval 1, probability 0, space 0, times 0 [ 2603.557318] CPU: 0 PID: 13055 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2603.559120] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2603.561441] Call Trace: [ 2603.562172] dump_stack+0x107/0x167 [ 2603.563169] should_fail.cold+0x5/0xa [ 2603.564249] ? create_object.isra.0+0x3a/0xa20 [ 2603.565332] should_failslab+0x5/0x20 [ 2603.566204] kmem_cache_alloc+0x5b/0x310 [ 2603.567132] ? mark_held_locks+0x9e/0xe0 [ 2603.568071] create_object.isra.0+0x3a/0xa20 [ 2603.569096] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2603.570248] kmem_cache_alloc_bulk+0x168/0x320 [ 2603.571305] io_submit_sqes+0x6fe6/0x8610 [ 2603.572276] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2603.573419] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2603.574544] ? find_held_lock+0x2c/0x110 [ 2603.575475] ? io_submit_sqes+0x8610/0x8610 [ 2603.576495] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2603.577598] ? wait_for_completion_io+0x270/0x270 [ 2603.578713] ? rcu_read_lock_any_held+0x75/0xa0 [ 2603.579767] ? vfs_write+0x354/0xb10 [ 2603.580631] ? fput_many+0x2f/0x1a0 [ 2603.581462] ? ksys_write+0x1a9/0x260 [ 2603.582339] ? __ia32_sys_read+0xb0/0xb0 [ 2603.583273] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2603.584497] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2603.585671] do_syscall_64+0x33/0x40 [ 2603.586528] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2603.587689] RIP: 0033:0x7fc0e8027b19 [ 2603.588563] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2603.592789] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2603.594531] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2603.596154] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2603.597775] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2603.599402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2603.601033] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 [ 2603.605978] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2603.618322] FAULT_INJECTION: forcing a failure. [ 2603.618322] name failslab, interval 1, probability 0, space 0, times 0 [ 2603.621518] CPU: 0 PID: 13059 Comm: syz-executor.0 Not tainted 5.10.234 #1 [ 2603.623089] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2603.624978] Call Trace: [ 2603.625597] dump_stack+0x107/0x167 [ 2603.626452] should_fail.cold+0x5/0xa [ 2603.627356] ? __io_queue_sqe+0x666/0x9d0 [ 2603.628341] should_failslab+0x5/0x20 [ 2603.629243] kmem_cache_alloc_trace+0x55/0x320 [ 2603.630310] ? lock_downgrade+0x6d0/0x6d0 [ 2603.631433] __io_queue_sqe+0x666/0x9d0 [ 2603.632543] ? io_issue_sqe+0x77b0/0x77b0 [ 2603.633615] ? __fget_files+0x2f8/0x520 [ 2603.634575] ? io_prep_rw+0x7f5/0x1050 [ 2603.635521] io_submit_sqes+0x44aa/0x8610 [ 2603.636567] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2603.637754] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2603.638939] ? find_held_lock+0x2c/0x110 [ 2603.639922] ? io_submit_sqes+0x8610/0x8610 [ 2603.641018] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2603.642237] ? wait_for_completion_io+0x270/0x270 [ 2603.643385] ? rcu_read_lock_any_held+0x75/0xa0 [ 2603.644658] ? vfs_write+0x354/0xb10 [ 2603.645551] ? fput_many+0x2f/0x1a0 [ 2603.646426] ? ksys_write+0x1a9/0x260 [ 2603.647335] ? __ia32_sys_read+0xb0/0xb0 [ 2603.648321] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2603.649556] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2603.650784] do_syscall_64+0x33/0x40 [ 2603.651669] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2603.652894] RIP: 0033:0x7ff7fbbbbb19 [ 2603.653781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2603.658103] RSP: 002b:00007ff7f9131188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2603.659928] RAX: ffffffffffffffda RBX: 00007ff7fbccef60 RCX: 00007ff7fbbbbb19 [ 2603.661622] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2603.663312] RBP: 00007ff7f91311d0 R08: 0000000000000000 R09: 0000000000000000 [ 2603.665015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2603.666708] R13: 00007ffd6f9efb5f R14: 00007ff7f9131300 R15: 0000000000022000 [ 2603.685059] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2603.699633] Process accounting resumed [ 2603.716045] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:55:22 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0) r2 = dup2(r1, r0) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x9, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) lseek(r2, 0x7, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x410003, 0x34) syz_io_uring_setup(0x51f6, &(0x7f0000000140)={0x0, 0xdf5a, 0x10, 0x2, 0x58, 0x0, r1}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0), &(0x7f00000001c0)) r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xa001, 0x0) syz_mount_image$vfat(0x0, 0x0, 0x0, 0x1, &(0x7f0000000200)=[{0x0, 0x0, 0x10009ff}], 0x0, 0x0) sendfile(r3, r2, 0x0, 0x7ffffff9) r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000000)=0x20000000) fstatfs(r4, &(0x7f00000004c0)=""/89) openat(r4, &(0x7f0000000040)='.\x00', 0x8080, 0x0) 02:55:22 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000680)=0x20000000) fstatfs(r2, &(0x7f00000004c0)=""/89) r3 = openat(r2, &(0x7f0000000000)='./file0\x00', 0x8001, 0x8) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) getxattr(&(0x7f0000000240)='./file1\x00', &(0x7f0000000300)=@known='com.apple.system.Security\x00', &(0x7f00000003c0)=""/225, 0xe1) ioctl$AUTOFS_IOC_EXPIRE(r3, 0x810c9365, &(0x7f0000000540)={{0x4, 0x5}, 0x100, './file1\x00'}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:55:22 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40b02, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:55:22 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ff4000/0x2000)=nil, 0x2000, 0x100000e, 0x110, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xfff7ffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCSIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r4, 0x8983, &(0x7f00000000c0)={0x8, 'batadv0\x00', {'bridge_slave_0\x00'}}) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2603.815913] Process accounting resumed 02:55:22 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0x0, 0x7f, 0x5, 0x1000}, {0x5, 0x0, 0x1, 0x3}]}) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f0000000800)=ANY=[@ANYBLOB="0010040000000000"]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x80, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x3, 0xffffffffffffffff, 0x0) mknod$loop(&(0x7f0000000400)='./file0\x00', 0x6000, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000740)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x101982, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(0xffffffffffffffff, 0x660c) ioctl$LOOP_SET_STATUS(r1, 0x4c00, 0x0) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000280), 0x220000, 0x0) link(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='./file2\x00') ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xfff, 0x9, 0x13, 0x8, "a33ffde15ac5e3597997ca8986bc6d30fb365a162412350d2dbb5f02e4b9158f3b699d557e93639a919a636fc399cb69327ad1688070049903904fc96628577b", "2f87934459fd43a9829984709a2e821126913d74f3d1ad8285ca2e3a4a403d99", [0xffff, 0x80]}) creat(&(0x7f0000000040)='./file1\x00', 0xc8) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f0000000440)=ANY=[@ANYBLOB="9789cdc1c58bb7b4ce6b9173a41ae2f452523a45992fbb476b7ba2f081093dc89803cc6745a634a85feaf8f2cd4ec14543c88d990c72ba873c4073a7537a63495141fd6432925ef7240019f7bd2bc2541505748aaf5c8bad5ffbb966b332d87a3c99b88a0c16f31f280431ef91e6a6158c92a9643ee6e1b81447c6f2f03e6aba8c12fe018d79b56154b6d624afae78ff05fc7dbcdbb69fe2936fa39b81293a5cfb37351e4a07f922504d305c460de00d694eb9c4cbd89bea63afd473f1"]) inotify_add_watch(0xffffffffffffffff, &(0x7f0000000140)='./file2\x00', 0x2000001) acct(&(0x7f00000001c0)='./file1\x00') acct(&(0x7f0000000380)='./file1\x00') 02:55:22 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x20000000, 0x0, 0x0, 0x0) 02:55:22 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 66) 02:55:22 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 86) 02:55:22 executing program 7: perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) open_by_handle_at(r1, &(0x7f0000000800)=ANY=[@ANYBLOB="640000004f000000d199cf99708ab3b1852b8ec576d1f1e9d2fbfc6eb4e3844d2a5e66af0bc7e7726078578eacefcc286f64dd3ede5f5f036d2d70b7a943efefcc17e7ff2515d37091448ed8e5668c7bf466237e21ab424d32e043d5fcdf36455826aeff6522a2b8b2db14dc2eab04ec4035d98119060ee6622a38bbed2f960000733f3e1062b6b931e8b8a16a285069ae36ca13d1ef84b86c93caa6792a0e25a695abe4e8d725ab32adab65e3ad25b504f8e115427ca03b7d95c488b29708e1df90ab015812a9f98afedd9d7a3602e36dcd9275a8308d63d584321a1b5bc68f07000000d554eb2d6458604035066598f3e2fe6bb71a0f3a3f45502e33b112540c280edb1d4078c4f7fd12b8684841de"], 0x200900) bind$inet6(0xffffffffffffffff, 0x0, 0x0) fcntl$setstatus(r1, 0x4, 0xc00) eventfd(0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$NL80211_CMD_SET_MPATH(r0, &(0x7f0000000580)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000400)={&(0x7f00000000c0)=ANY=[@ANYRES16=0x0, @ANYBLOB="000426bd7000fedbdf2516000000", @ANYBLOB="9adbcfd1f5d7e4e9890a156ca786749efae3d80d4b49e7cdf3f6510bc2fb792f99c4d65f6efe5f244aa06b9d8505f005052e7060131bdc3f11990b21801fee7dacd17b88785950eea13ef01fed247eecf838ea275bd5e57db4731f3f76be1469ffc285b6341cd5c3a7336477b104084b7785fe01a7020f55d9c8"], 0x70}, 0x1, 0x0, 0x0, 0x10}, 0x4015) dup2(r0, r1) [ 2604.075230] loop5: detected capacity change from 0 to 264704 [ 2604.092805] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2604.149097] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2604.158230] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue [ 2604.186328] FAULT_INJECTION: forcing a failure. [ 2604.186328] name failslab, interval 1, probability 0, space 0, times 0 [ 2604.189585] CPU: 0 PID: 13099 Comm: syz-executor.0 Not tainted 5.10.234 #1 [ 2604.191525] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2604.193776] Call Trace: [ 2604.194493] dump_stack+0x107/0x167 [ 2604.195469] should_fail.cold+0x5/0xa [ 2604.196498] ? io_setup_async_rw+0x180/0x580 [ 2604.197681] should_failslab+0x5/0x20 [ 2604.198694] __kmalloc+0x72/0x390 [ 2604.199496] ? lock_downgrade+0x6d0/0x6d0 [ 2604.200619] io_setup_async_rw+0x180/0x580 [ 2604.201626] io_read+0xe98/0x11e0 [ 2604.202617] ? __lock_acquire+0x1657/0x5b00 [ 2604.203659] ? kiocb_done+0xc90/0xc90 [ 2604.204539] ? mark_lock+0xf5/0x2df0 [ 2604.205424] ? lock_chain_count+0x20/0x20 [ 2604.206462] ? __lock_acquire+0xbb1/0x5b00 [ 2604.207470] io_issue_sqe+0x2e8a/0x77b0 [ 2604.208552] ? find_held_lock+0x2c/0x110 [ 2604.209521] ? perf_trace_lock+0xac/0x490 [ 2604.210651] ? SOFTIRQ_verbose+0x10/0x10 [ 2604.211596] ? __io_arm_poll_handler+0x59b/0x9e0 [ 2604.212870] ? io_connect+0x610/0x610 [ 2604.214143] ? lock_acquire+0x197/0x470 [ 2604.215073] ? find_held_lock+0x2c/0x110 [ 2604.216052] ? __fget_files+0x2cf/0x520 [ 2604.217000] ? lock_downgrade+0x6d0/0x6d0 [ 2604.218006] __io_queue_sqe+0x90/0x9d0 [ 2604.218956] ? io_issue_sqe+0x77b0/0x77b0 [ 2604.219929] ? __fget_files+0x2f8/0x520 [ 2604.220876] ? io_prep_rw+0x7f5/0x1050 [ 2604.221829] io_submit_sqes+0x44aa/0x8610 [ 2604.222988] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2604.224116] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2604.225429] ? find_held_lock+0x2c/0x110 [ 2604.226518] ? io_submit_sqes+0x8610/0x8610 [ 2604.227681] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2604.228782] ? wait_for_completion_io+0x270/0x270 [ 2604.230068] ? rcu_read_lock_any_held+0x75/0xa0 [ 2604.231305] ? vfs_write+0x354/0xb10 [ 2604.232296] ? fput_many+0x2f/0x1a0 [ 2604.233287] ? ksys_write+0x1a9/0x260 [ 2604.234287] ? __ia32_sys_read+0xb0/0xb0 [ 2604.235372] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2604.236610] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2604.237992] do_syscall_64+0x33/0x40 [ 2604.238860] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2604.240045] RIP: 0033:0x7ff7fbbbbb19 [ 2604.240928] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2604.245488] RSP: 002b:00007ff7f9131188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2604.247261] RAX: ffffffffffffffda RBX: 00007ff7fbccef60 RCX: 00007ff7fbbbbb19 [ 2604.248929] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2604.250588] RBP: 00007ff7f91311d0 R08: 0000000000000000 R09: 0000000000000000 [ 2604.252243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2604.253912] R13: 00007ffd6f9efb5f R14: 00007ff7f9131300 R15: 0000000000022000 [ 2604.258017] Process accounting resumed [ 2604.292604] FAULT_INJECTION: forcing a failure. [ 2604.292604] name failslab, interval 1, probability 0, space 0, times 0 [ 2604.296100] CPU: 0 PID: 13103 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2604.297726] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2604.299644] Call Trace: [ 2604.300266] dump_stack+0x107/0x167 [ 2604.301119] should_fail.cold+0x5/0xa [ 2604.302011] should_failslab+0x5/0x20 [ 2604.302899] kmem_cache_alloc_bulk+0x4b/0x320 [ 2604.303942] io_submit_sqes+0x6fe6/0x8610 [ 2604.304955] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2604.306102] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2604.307232] ? find_held_lock+0x2c/0x110 [ 2604.308185] ? io_submit_sqes+0x8610/0x8610 [ 2604.309207] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2604.310330] ? wait_for_completion_io+0x270/0x270 [ 2604.311445] ? rcu_read_lock_any_held+0x75/0xa0 [ 2604.312527] ? vfs_write+0x354/0xb10 [ 2604.313391] ? fput_many+0x2f/0x1a0 [ 2604.314237] ? ksys_write+0x1a9/0x260 [ 2604.314861] Process accounting resumed [ 2604.315127] ? __ia32_sys_read+0xb0/0xb0 [ 2604.316891] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2604.318100] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2604.319294] do_syscall_64+0x33/0x40 [ 2604.320157] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2604.321361] RIP: 0033:0x7fc0e8027b19 [ 2604.322227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2604.326482] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2604.328240] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2604.329898] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2604.331540] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2604.333205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2604.334859] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 02:55:23 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0x0, 0x7f, 0x5, 0x1000}, {0x5, 0x0, 0x1, 0x3}]}) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f0000000800)=ANY=[@ANYBLOB="0010040000000000"]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x80, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x3, 0xffffffffffffffff, 0x0) mknod$loop(&(0x7f0000000400)='./file0\x00', 0x6000, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000740)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x101982, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(0xffffffffffffffff, 0x660c) ioctl$LOOP_SET_STATUS(r1, 0x4c00, 0x0) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000280), 0x220000, 0x0) link(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='./file2\x00') ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xfff, 0x9, 0x13, 0x8, "a33ffde15ac5e3597997ca8986bc6d30fb365a162412350d2dbb5f02e4b9158f3b699d557e93639a919a636fc399cb69327ad1688070049903904fc96628577b", "2f87934459fd43a9829984709a2e821126913d74f3d1ad8285ca2e3a4a403d99", [0xffff, 0x80]}) creat(&(0x7f0000000040)='./file1\x00', 0xc8) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f0000000440)=ANY=[@ANYBLOB="9789cdc1c58bb7b4ce6b9173a41ae2f452523a45992fbb476b7ba2f081093dc89803cc6745a634a85feaf8f2cd4ec14543c88d990c72ba873c4073a7537a63495141fd6432925ef7240019f7bd2bc2541505748aaf5c8bad5ffbb966b332d87a3c99b88a0c16f31f280431ef91e6a6158c92a9643ee6e1b81447c6f2f03e6aba8c12fe018d79b56154b6d624afae78ff05fc7dbcdbb69fe2936fa39b81293a5cfb37351e4a07f922504d305c460de00d694eb9c4cbd89bea63afd473f1"]) inotify_add_watch(0xffffffffffffffff, &(0x7f0000000140)='./file2\x00', 0x2000001) acct(&(0x7f00000001c0)='./file1\x00') acct(&(0x7f0000000380)='./file1\x00') 02:55:23 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40b03, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:55:23 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x2000, 0x0, 0x0) [ 2604.616636] Process accounting resumed [ 2604.623372] loop5: detected capacity change from 0 to 264704 [ 2604.636467] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2604.687493] Process accounting resumed 02:55:23 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f0000001d80)={0x7, 0x80, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x6500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0xa}, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0x3, 0xffffffffffffffff, 0x0) r2 = creat(&(0x7f00000001c0)='./file0\x00', 0x0) pwrite64(r2, &(0x7f00000000c0)="a3", 0x1, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x4022812, r0, 0x0) r3 = fork() r4 = open(&(0x7f0000000140)='./file1\x00', 0x100, 0x38) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r4, 0x54a2) r5 = open(&(0x7f0000000100)='./cgroup/cgroup.procs\x00', 0x141000, 0x80) r6 = fsmount(r4, 0x0, 0x74) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r5, 0xc0189375, &(0x7f0000000300)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r6, @ANYBLOB='\x00\x00\x00\x00']) getsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f00000004c0)={{{@in, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@loopback}}, 0x0) perf_event_open(&(0x7f0000000140)={0x4, 0x80, 0x80, 0x6, 0x40, 0x0, 0x0, 0x5, 0x61201, 0xa, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x3ff, 0x2, @perf_bp={&(0x7f0000000080), 0xa}, 0x400, 0x7, 0x0, 0x2, 0x0, 0x1, 0x5, 0x0, 0x3, 0x0, 0xe4}, r3, 0xe, r5, 0x9) write$binfmt_script(r0, &(0x7f00000005c0)=ANY=[@ANYBLOB="2321202e2f66696c6566758634b3dac9000000006ec39d3b29302f66696c656ee0c1de211c9b36f9ad8bab2d4c2330c3dea726ac5d912a6fde97f8110a2ff312eea0ce8c3e743de5a742a89f649955c6e9e5464aac97e889ad64e93d707083c6a23eb4cdca2ab2558e1a591f3e7482a718d4c06c2724ab96adde6358e6d76124fcccb52d59b855eee8af702c959f0f0ba790f8f79fb1fdcc2856f98635f32f44e94b18440853ed98ba33acefd4d154e40f7b08be4e6f9224fe4ffe983a52f6fc88ba6fff8f381a0054c946e40269ecc03220c373a3a69eef7c0b9eb4e5925dc9a4600b374a85ee9613b3ab60bcb49d6b7779c25d1efaab46890b59d109fcfc3a53a6a6dd1638be1815c939de744462d2c68cdecbb6600ef4131c78f9a21c2d684f80c3545796cfbcdfcdb867480324068077f70a110aa8458dd0f4c0df8246e00d7b6ffd1e3d1d5e24a9182f729bfb68eda2bc1769e8634227f80a8a9cf88f3514ba2090d0aaf42348081f36c1aaed744a4db055af4319ce0610d543183ef35c7f4f27ceb20b933121cb45d5483027a8b4db9335ab1baae3afdf04cdf58dd67544af8031f38930da609933112e3c0ff386cf5b4ff48b1f0ca121f138f3945cc9abbbf29d62afc44ce1c0a1599b8360dfb70058240486e53c075711239ab03968592c38da348f58898c20740f05b23a93339124878a015f5f9df1d943f99a5fa077d3281437321fd9bb0d139957d25dd2ab5dfabe8c94820f14190731e42a055dcec406d08dc6596cae09871bbf0d8359b95b41dfcd448281c1a96b"], 0x11) dup2(r2, r1) [ 2604.705071] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2604.709329] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:55:23 executing program 2: r0 = syz_io_uring_setup(0x7d21, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x206}, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_setup(0x6c8c, &(0x7f0000000240)={0x0, 0xb5a6, 0x20, 0x1, 0x33c, 0x0, r3}, &(0x7f0000ff6000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000000340)) syz_io_uring_setup(0x24, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000140)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000300)=@IORING_OP_SPLICE, 0x0) syz_io_uring_submit(r4, r6, &(0x7f00000003c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x3, 0x0, 0x0, 0x0, &(0x7f0000000380)={0x77359400}, 0x1, 0x1, 0x1}, 0xea57) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) r7 = openat$incfs(r3, &(0x7f00000000c0)='.pending_reads\x00', 0x4040, 0x8) unlinkat(r7, &(0x7f0000000100)='./file0\x00', 0x200) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:55:23 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x2, 0x0, 0x0, 0x0, 0x5e, 0x240, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x4, @perf_bp={&(0x7f0000000000), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x903, 0xfffffff3, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x0, 0x10, 0xffffffffffffffff, 0x0) fallocate(r1, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:55:23 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 87) 02:55:23 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0x0, 0x7f, 0x5, 0x1000}, {0x5, 0x0, 0x1, 0x3}]}) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f0000000800)=ANY=[@ANYBLOB="0010040000000000"]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x80, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x3, 0xffffffffffffffff, 0x0) mknod$loop(&(0x7f0000000400)='./file0\x00', 0x6000, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000740)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x101982, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(0xffffffffffffffff, 0x660c) ioctl$LOOP_SET_STATUS(r1, 0x4c00, 0x0) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000280), 0x220000, 0x0) link(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='./file2\x00') ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xfff, 0x9, 0x13, 0x8, "a33ffde15ac5e3597997ca8986bc6d30fb365a162412350d2dbb5f02e4b9158f3b699d557e93639a919a636fc399cb69327ad1688070049903904fc96628577b", "2f87934459fd43a9829984709a2e821126913d74f3d1ad8285ca2e3a4a403d99", [0xffff, 0x80]}) creat(&(0x7f0000000040)='./file1\x00', 0xc8) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f0000000440)=ANY=[@ANYBLOB="9789cdc1c58bb7b4ce6b9173a41ae2f452523a45992fbb476b7ba2f081093dc89803cc6745a634a85feaf8f2cd4ec14543c88d990c72ba873c4073a7537a63495141fd6432925ef7240019f7bd2bc2541505748aaf5c8bad5ffbb966b332d87a3c99b88a0c16f31f280431ef91e6a6158c92a9643ee6e1b81447c6f2f03e6aba8c12fe018d79b56154b6d624afae78ff05fc7dbcdbb69fe2936fa39b81293a5cfb37351e4a07f922504d305c460de00d694eb9c4cbd89bea63afd473f1"]) inotify_add_watch(0xffffffffffffffff, &(0x7f0000000140)='./file2\x00', 0x2000001) acct(&(0x7f00000001c0)='./file1\x00') 02:55:23 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x800000, 0x0, 0x0) 02:55:23 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40c00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:55:23 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$AUTOFS_IOC_EXPIRE(r2, 0x810c9365, &(0x7f00000003c0)={{0x4, 0x400}, 0x100, './file1\x00'}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) [ 2604.992227] FAULT_INJECTION: forcing a failure. [ 2604.992227] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2604.995124] CPU: 0 PID: 13135 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2604.996625] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2604.998328] Call Trace: [ 2604.998881] dump_stack+0x107/0x167 [ 2604.999635] should_fail.cold+0x5/0xa [ 2605.000434] __alloc_pages_nodemask+0x182/0x600 [ 2605.001407] ? __alloc_pages_slowpath.constprop.0+0x2170/0x2170 [ 2605.002679] alloc_pages_current+0x187/0x280 [ 2605.003584] allocate_slab+0x26f/0x380 [ 2605.004403] ___slab_alloc+0x470/0x700 [ 2605.005218] ? io_submit_sqes+0x6fe6/0x8610 [ 2605.006135] ? kmem_cache_alloc_bulk+0x1ec/0x320 [ 2605.007118] kmem_cache_alloc_bulk+0x1ec/0x320 [ 2605.008069] io_submit_sqes+0x6fe6/0x8610 [ 2605.009006] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2605.010036] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2605.011056] ? find_held_lock+0x2c/0x110 [ 2605.011908] ? io_submit_sqes+0x8610/0x8610 [ 2605.012797] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2605.013801] ? wait_for_completion_io+0x270/0x270 [ 2605.014798] ? rcu_read_lock_any_held+0x75/0xa0 [ 2605.015744] ? vfs_write+0x354/0xb10 [ 2605.016515] ? fput_many+0x2f/0x1a0 [ 2605.017259] ? ksys_write+0x1a9/0x260 [ 2605.018037] ? __ia32_sys_read+0xb0/0xb0 [ 2605.018869] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2605.019912] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2605.020974] do_syscall_64+0x33/0x40 [ 2605.021730] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2605.022777] RIP: 0033:0x7fc0e8027b19 [ 2605.023530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2605.027255] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2605.028809] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2605.030254] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2605.031703] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2605.033149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2605.034577] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 [ 2605.096587] Process accounting resumed [ 2605.159875] loop5: detected capacity change from 0 to 265216 [ 2605.171521] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2605.180908] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2605.189477] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:55:40 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 67) 02:55:40 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 88) 02:55:40 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40c01, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:55:40 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) pipe2$9p(&(0x7f0000000480)={0xffffffffffffffff}, 0x4800) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000000)=0x20000000) fstatfs(r3, &(0x7f00000004c0)=""/89) ioctl$BTRFS_IOC_SNAP_DESTROY(r2, 0x5000940f, &(0x7f00000004c0)={{r3}, "c917fba3fb08cc9d1b77f90eb3c2db00b91bc9a42dba4aca817cd6bf7c1e36e2c29b7d3cf637d08e07479fbcdb21f3183886f2a090d4f5c1b6fe8bf6a4bafc96a0b34e91df468f9a48a07d405b6213f64b29cf04cfdccdd5856c05c176d01ac107ee5d14a8e160e07912d38508652abd8b13f3ed172e680faf61a039ae96bf2d33283303c782e44e5036dc9c65a88a32cdf7c0fa5a996e6a9002591d3ad3f038ef3c1cecd0172dda9987084b1fe16d3ffc987e1bf8a08594fa55ea26f5fdcb15d01ca6d5c090c59b8f36d9c81a80643508bcb8b65f51463a1995248f5d2f4b25e49cbfee173c0f9ccebabddc78d577e9fd612520add72d028ded023ada0b1fd2997a9317f9c9ec20a7bd57981b24a2d181cccbf725a51eaec3efaf6e4d4e9e3e4c628b464b0f719f7c168831c67b8b19b1f5087c2886494c0259ee6487487047dca4ab78b79d63ac15fad4d381681a9b5fb5afa358078336af2770ecea5dd5cc5b5edde8bb8088503a255e52807dce53de45b2bdfb9000a00316e423f6ba5a13aed5f286017ecf874fbb77cef6dc5f490747522adb9a72b73486e80dafccaa2a46ccabf92467903f25bb13f36f36cb26cda7041ba550a81ae540a2a4d0a8fdc34656b200cf29205d3542d3314b8ea5b78dbe808f42b5f598fdb2fc1d8b0086bf7fdfeac5a109d4a32ed832008439e84c9ab278bfe25e3b895550686776ffbf1805b92ee92c738b2d6cf255f79e10c64bd9b8ab2e31ba205335e639507c6b3a62035f884618dab011b43b5dc65b3f4c654be9a40445d2c6ef477a360df9fcdab54bfba7f828c596afa9c102c51fb578565cd333c6782aebf810c0b3a170cb83e3b25b58abac24a49fada93623aec55e8fe824030ba3064a0acc10e5da71b65f90ef5c82a8f4cb1f08e8a3d3c045ead3939aa075825af73f8686dab21c88f27300fc55d931706b35ba58b1c7436fc3c2f55416d07bd6f23d15ac2a7c89c389f8d2152abbacfd0631222db9c5aa09fa6588d63943ca2f3838cfbfd67b81c80bbbd8e0c1c24812270345ceda4e61c5153353b640d9455f107464a687f66dd47571d788b79e49d60f38d5105e9c8748e33fbcb083d4268ab108868256194bf469269668808d6cbef655af8a0eaf53d1e1a1431ebb16e8975e14c9a7d9cbbaf5a66530010ad7bb40556f94a90456aee271e5d817711b55cf55c7249dacfcddd03e8711d0f0eb2d90654b92b56858cec6129c05af7d527e50cad2688e5d1783724c04aaf1736a4f1a14a6c6205542ab56fcd01186f8d8ab2f3d182161d7075a08b532af3746192d20bda454805aad3384a38dd2b5acf93139f4a1e5e2c89db1a145901d5432ff8cfb5e42773a0a7dfd0692ddd618c7e7b73dfea7353812dcbc65640e135dc9c04548fec0888b36a4715e2854c31f32eb9de384de38cbb7e7fd2e703f79206239fdadef509920b97b65a3a09b3f7f8cd2449a7f2a1e15b3026c3045a685136284a350ab0e3dc8558865d99921b355e80fd021b38f5362862b3a5357a021220981b8f16b0143a2dada50f4def2ffe37acaba197cdec4e4116bcdaea289ea91455b47c95b823416f3a39aed978a60ca7c1e1de7b0b88179efb9d53a01759f6537c36a5801dc86a4ec2372c3bfb24f949678b021e004ed4156633ca731b21c0c2ef00070c6edc1e3649c270f800b8f836a0c92580bb6b41433fb1efe0886402d0e57a555de934f8e18ec4c7600d47841583da39346680f8720e5eeb36623cd329b70dc835c078fd80cd222a738f7a9b4d34c1a3d878446623e522d63d1285118f8645b09183f37ea92fb57c1f066948ff1de10f0ea04fcc39d423eef9b73b1693a39d04acba157d8db5d0c6695cd7dbf572db3dc897ace1443d7517095720274173122f725f85d2db0e8f15087ab5761fb4ee0c865d0a8ca9848aec566b67bb681c3a0c95251ef228099b3b0ed5e396e656ce5f9d1e1058b303e9804132ef2e058e8dc133d60429028428ab6db45935b7c205bc86dcb846070a6191928f0b45a6c51b9059075adf1980545ad8d09c98d2884c05638ea8b6de0416d659792dc7f6e979cf7a49e6b1d6d02c2319b0e35be808ca870284622aca69c5f997baac6ecaca757b83a0d8965c9cb3bea8378aac50b469f199b7e6966e067dad7d9e82eefcd006cd8e1dc05a01072d7d0f1a4defd122a9d50aafd210087439d9c510dbac68e7ed96e32613f07409a49d1cd728c7851f176cef101da6ab598c37075a92a467f9d75b19c110604b9b43579c458923560b514a7d65dc41515ae16629000cbba9bf9fcd018fff16145feeb4f61a5350889c65d20f37167a225edc9f95773729cf309bc90080fa95a1395183226c683daf0280a90a390c3c9bc6396e157fd689cdc3411c7cab06d5f3ac09bf70c27d32e25266b36e45559bf5d65b4e736789b0fe8704d1bd86d007e117b2e04eff75c589d8b7f4db025175bd6423cc3a63a746d81eae4a94dafeb0ed0195f1e4bcb3f5c645cc938bc274fe0c805736d9da085d8b60bb766075c62cd0307775ae3686b99fc5f59788e96f1399b2e71df5732d2ec55b87f7be3f98c39edd4ba9d71c94f130331111fd642e85fec2f4eb0f49aa427e92d74d3d581d9e73cd73ffb671e5efe9399dafd36e2744457e61807a216718b99bcbe2ce60d4757106d6f06c82490bc98abeae6d415c28ea384ee87c2120e6f41591129c14b49430031535fc6d532c9c9a6e5450bd623ed326405aea4293b9a0b131f308901be73b2adb31e8daf5e64ebbdfd7798727a05a7e88601ad87de55f2c5efbd87d378da591116a1466fe7007bce691ffddef831bda9804132e2d8b4417a9fbcaef2b53f9e60f918083a96f18dddb35274d20f5bb5e932870e0026abae1e625aad6a19e7e60db20176662dad5c7761f05092c9420e706d0eedbfe7d9319957fd16fab35f3b5e600cee8cf05278fd28a8c205a633d64c6d354837b5fbbb5be94b2d60a7b22b2819d2299f5fb06e894710513fe8ba4e17ae18e3960d2bfeff72bcd93b8384b62eb70aab801384b5370c682a070ecf9aae09c01483ea1e3a711a1d47141c0329ed55bbf94e8b6061b828032a9cb6fedbc3a2c809f11cb2663e58825712dbdca167deca06365e9b5020baf68e4d16d321c80f431e5869fa5de78d167689d4c0039338e8a6e290671b50e5e32eef769dc7220a6e15b80cda0a385e722ea7380bc6d5dba608b5bdc9dd4c0a424d71bc71a33542501570d673259fa47e02e131491b50e03fafe12e4bd11a5446af0729764d9af4e97a1276161eaa923a5d5111dbbe3d745d064a188565b0e707232d558aa17821064662fa723c5da77557ad13764c356bb90087941a578494a6737c4070b79f95b772ae7716bb25ef4e6cb40cebc1c57291814e2f0a8b58780053cb741eb3270e0f3c7d6d693c34b3ef62b741fba4554b7b8a6396ee504c91f15f30740932779e4a559e76748dd68bfd840483f2d51abf09e767efaf4b413b8e65cb5732c3ba6e80e078c1f8570e4ca003d6a4274191cfd868ae1501a548ce622b39187844f11afafab552d1c12c7aa72e783277cf1b81d1434781d581f07d6a4852946b70cc8380cf4450c9ddfc7c93430be56e1f5653cf0074d4c23123163df17de7d832a2518ec68d372111c1d7dc1a28e18287643c3b596112f1e488c990185582ce843e7fa73fdfff5aff046d95fad86df3ea9b912a40dd53874ff0b01b476609c95f7ebc7ab926324238bade41108c64267d6aa00c1ea05cd48d1d153fe136f61b5b2ed35f51682860a3e2558efb072ab07d1334fc9c2ccfe56664dc76f508ea1748118a93b23f5e524a3a98bf5107e2a0314c49c7e9b54ee4fdd4e6dd3d6cbed10a8333a2a0f593eeafbefe15c9e84f0e607bc41a01f4fc762f637777a712a53fd54b52e45b53cd5073c0651577473c41659aad14498615b48ae92fa543e4760d3a71e38bc35ff9e814d972d47c232e35d24e978ab72edfa1e997f20ae15adf07372f9a7128696e32aabe398dc6c53eeb6c6a8af87157f55271f6a406cb90c6a9a591d251f3653c1d2943faf737516149a460e5885dfca8dca60a47ba07b64a11292deca69b17507927f46eb3fd79b0251940be6b5be871035c8c008e483a03b2c072531a1e94b67a7e20587390f211b458d08cdaa969ee8d118ae978bc5091cc289e1a7b5f969f0c430dda3424087e364db3ca8b1a4659b6d6dee00c3b91779a3fc703bb7661cb0a09ec235291495880977c15b4f1cfff1e4627be51e03e0703366e8a00976e5d38abe353da2ee90d4a9420c6dc47f2421e9c05b1c546ec516fb904e402b2bffba28a15e7b4a9c6d74b28f97bcbf2b20f45295067d7a0d356f2ef41cf7803792637af3637f6e085812098070703203d6b147b782165c6df3d82dc866585aec328b67fec9ed37efe0895c427631599753abe0da7ad4349cbbcd21627e1b5ccadc585d9239d8ac5ed256a687cfdec1b70da819d3e316030e452e2c76bce84f9920982c534681bb72abd8a16fdadac7c31859b0248b071c812c195f3d877cbb9a8c4ee927e20e3512a447c67bac95a58b31eeefdf329229b2dd1ddb5092d84b24d899270b520f198a0b8f504e0d4215cd23658271f2c04898865b3af6bdc661d1930a2019cb6b9580bef84166a6b262d6753c49d885948e21801555b1fb4781ca6448c5835c502cc288c82bb02cbceb800a3f87770f324216898e2cf5b9c1bc085a1be03276531bfefe1b66db45cd06cfff0559b27addf0986c5566beaeb6356ed8ddfd5e08e98ad0320a31c899aae0bc377b2a0af91e2b8f50b4206a8b22675925d4e977f7c296778018f21adb298e3ac4eae1dcc2e7ee4a4f45c9902ed25568aa38440d6cbf8256ed0be4c51643fdceee57b79693b33ac7dd3621ce84ea012b94eafdffd3fe7c32a5b65f6d860d4c761856af8d938289a9c3b6da954606472a92d45e36ba6279b4b52eb1d7375896c2451e61e7144692b9b52796758fbf2b5134db5788092bcf79a3dbd833b4586cf0ba7422ceb15720ae9d7182330e5cbbdcc7497d277bc7d50614e4e0926abcfbf755c1b6a3941019444c2cc4abfbe412f830aade59ac3856e79e92f5fe40f8deabfa4e8e6c2794670c7f31725f8b4f43eca389b38ee02dbc916d05a7731c73355980b2ae586a6d485fe72d9a7018c4d6d066602c887633aa89040343c8173a4d985d8879eff571cfdbd6af1d1f025b51109e4fee454c30e0466c58d63a1060d63c19f1efd613b92d763f1ac45b1d6120204a56467183cba32b412978a7ffee7154c775c568c4089b280fd718dd78d2d828de75e8e9563fe15bf06a3e9a6407cd54c2bca8315cbd70cee2e1a57ecf86f1c75a7161b868cfb93e8266876150578243bae50fd29f25bcfb9303196fb06fe2f93f939c04ccf679d4e653fd2ec8b3d7fdbbb718bfc9a58aa223f045736aa5d1c4908cdd08b2adaa14c39c7ad1ee01a1466dc32cd119f4d0ed32d989a3c4a2ca71b62a5849c7cd1515f4b0a81911fe25b928fd5249236e5f3ca6c2c792baae3d99a246460aa8873fd12812edc73cf444e11ffdd73bcab85a34172108fd99c332a7a44dcae0431170cde74d8a52dc092b5015f7f269234cc95c9bc30774f045cfbf1a174ff8bfae996f8070e36e060e2d57ab74514f8faf4af3ef7183f3ca6737a739b0fdbd2b6a702b40f1e1f3f6f70d9d13c042abc1448a3091ca0a6d7cb970678d16ba14f0df146dcac7b6bbb2bd45e01f0207f57ba3978674b"}) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) r4 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x86, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x1}, 0x8420, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) vmsplice(r0, &(0x7f00000014c0)=[{&(0x7f0000001500)="93565dc93c7ce98e8b2d7b90145ab348b282b868a947543a4e07f073f46180000000b9efd1019091bd2952af818639ecb3ec6a4ef1fadf3b432a9fd3732ca1755a28d7b3aa8dcebdb7757a0ed4e5b3ba2e3f1d9e31fa021a787ef29100e4ab277b7e738912c1ab155cdca8261fcff96a0700000066fef212f9dcafd029614de1746903d8bc0f933350fde7ac209fdd322336a3fd0e5d77cdbf17816d30263f14f45676f4c6a11fa811962e611b55b360ce96e74b90b0d3dfc21a", 0xfffffffffffffdff}, {&(0x7f00000003c0)="17667f68af49c4fca00cc583e8614404f587e387fcb29163065a346466b78ea820e121f6b364a5ccf5caf69422158fc0655390ca5df818ed9f61c4869ad753ccf79a2ccd9d0591161440327e5ffbfe7c14e89ed2d7d6a11c", 0x58}], 0x2, 0x2) r5 = signalfd(r4, &(0x7f0000000240)={[0xffff]}, 0x8) setsockopt$inet6_mreq(r5, 0x29, 0x15, &(0x7f0000000440)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, 0x14) fallocate(r1, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/partitions\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:55:40 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000000)=0x20000000) fstatfs(r4, &(0x7f00000004c0)=""/89) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x1, 0x0, @fd_index=0x8, 0x9, 0x0, 0xbeb, 0x5}, 0x3) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) io_uring_enter(r0, 0x7cc7, 0xed43, 0x1, &(0x7f00000000c0)={[0x8]}, 0x8) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0xf32, 0x4321, 0x7, &(0x7f0000000100)={[0x5]}, 0x8) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:55:40 executing program 7: r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x400000000000, 0x2, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17, 0x3}, {0x0, 0x0, 0x401}], 0x188002c, &(0x7f0000000440)=ANY=[@ANYRES16, @ANYRES32]) fspick(r0, &(0x7f0000000200)='./file1\x00', 0x1) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000000)=0x20000000) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000000)=0x20000000) fstatfs(r2, &(0x7f00000004c0)=""/89) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000000)=0x20000000) fstatfs(r3, &(0x7f00000004c0)=""/89) openat(r3, 0x0, 0x400, 0x0) r4 = syz_mount_image$tmpfs(&(0x7f0000000100), &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={[{@mpol={'mpol', 0x3d, {'local', '', @void}}}]}) r5 = syz_open_procfs(0xffffffffffffffff, 0x0) readv(r5, &(0x7f0000000280)=[{&(0x7f0000001e00)=""/4098, 0x1002}], 0x1) ioctl$TIOCGSERIAL(0xffffffffffffffff, 0x541e, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=""/182}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x8, 0x0, 0x5e, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000002c0)}, 0xc40, 0x0, 0x0, 0x5, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xfffffffff7ffffff, 0xffffffffffffffff, 0x0) r6 = creat(&(0x7f0000001680)='./file0/file0\x00', 0x0) execveat(r4, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000540)=[&(0x7f0000000240)='local', &(0x7f0000000300)='vfat\x00', &(0x7f00000006c0)='m)\t\xfe_\xd2\xc6j\x03\xc3\xab\x9b\xa0U\x99\xa5av\x1c(\xa6\xe8K\xb41\x97\x9b\xd7\xf5\x9ec\x01\xf9C\x8a\x89*|\xf0\xff\x1a++\x1d\xc3\xf5\xc1\xa8\xf2\xd0x\'\xd6\xc8\xb0\x97\xad\xc1\xbb\xac\x95\x1a\x02\xd2\x17\\\xf7\xdf\xfft]', &(0x7f0000000400)='{[--[$,$#\\\x00', &(0x7f0000000500)='/&(-\x00'], &(0x7f0000000680)=[&(0x7f0000000580)='mpol', &(0x7f00000005c0)='\'\\!$(\x00', &(0x7f0000000600)='tmpfs\x00', &(0x7f0000000640)='vfat\x00'], 0x1000) pwrite64(r6, &(0x7f0000000140)="b2", 0x20000141, 0x8001) 02:55:40 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0x0, 0x7f, 0x5, 0x1000}, {0x5, 0x0, 0x1, 0x3}]}) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f0000000800)=ANY=[@ANYBLOB="0010040000000000"]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x80, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x3, 0xffffffffffffffff, 0x0) mknod$loop(&(0x7f0000000400)='./file0\x00', 0x6000, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000740)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x101982, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(0xffffffffffffffff, 0x660c) ioctl$LOOP_SET_STATUS(r1, 0x4c00, 0x0) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000280), 0x220000, 0x0) link(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='./file2\x00') ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xfff, 0x9, 0x13, 0x8, "a33ffde15ac5e3597997ca8986bc6d30fb365a162412350d2dbb5f02e4b9158f3b699d557e93639a919a636fc399cb69327ad1688070049903904fc96628577b", "2f87934459fd43a9829984709a2e821126913d74f3d1ad8285ca2e3a4a403d99", [0xffff, 0x80]}) creat(&(0x7f0000000040)='./file1\x00', 0xc8) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f0000000440)=ANY=[@ANYBLOB="9789cdc1c58bb7b4ce6b9173a41ae2f452523a45992fbb476b7ba2f081093dc89803cc6745a634a85feaf8f2cd4ec14543c88d990c72ba873c4073a7537a63495141fd6432925ef7240019f7bd2bc2541505748aaf5c8bad5ffbb966b332d87a3c99b88a0c16f31f280431ef91e6a6158c92a9643ee6e1b81447c6f2f03e6aba8c12fe018d79b56154b6d624afae78ff05fc7dbcdbb69fe2936fa39b81293a5cfb37351e4a07f922504d305c460de00d694eb9c4cbd89bea63afd473f1"]) inotify_add_watch(0xffffffffffffffff, &(0x7f0000000140)='./file2\x00', 0x2000001) 02:55:40 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x20000000, 0x0, 0x0) [ 2621.586862] loop5: detected capacity change from 0 to 265216 [ 2621.610167] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2621.626604] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2621.638780] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue [ 2621.647986] FAULT_INJECTION: forcing a failure. [ 2621.647986] name failslab, interval 1, probability 0, space 0, times 0 [ 2621.651198] CPU: 0 PID: 13160 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2621.653032] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2621.655207] Call Trace: [ 2621.655907] dump_stack+0x107/0x167 [ 2621.656882] should_fail.cold+0x5/0xa [ 2621.657887] ? create_object.isra.0+0x3a/0xa20 [ 2621.659098] should_failslab+0x5/0x20 [ 2621.660092] kmem_cache_alloc+0x5b/0x310 [ 2621.661167] ? mark_held_locks+0x9e/0xe0 [ 2621.662229] create_object.isra.0+0x3a/0xa20 [ 2621.663359] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2621.664705] kmem_cache_alloc_bulk+0x168/0x320 [ 2621.665896] io_submit_sqes+0x6fe6/0x8610 [ 2621.667000] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2621.668288] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2621.669564] ? find_held_lock+0x2c/0x110 [ 2621.670633] ? io_submit_sqes+0x8610/0x8610 [ 2621.671769] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2621.673039] ? wait_for_completion_io+0x270/0x270 [ 2621.674284] ? rcu_read_lock_any_held+0x75/0xa0 [ 2621.675481] ? vfs_write+0x354/0xb10 [ 2621.676440] ? fput_many+0x2f/0x1a0 [ 2621.677404] ? ksys_write+0x1a9/0x260 [ 2621.678388] ? __ia32_sys_read+0xb0/0xb0 [ 2621.679440] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2621.680363] FAULT_INJECTION: forcing a failure. [ 2621.680363] name failslab, interval 1, probability 0, space 0, times 0 [ 2621.680813] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2621.680840] do_syscall_64+0x33/0x40 [ 2621.680860] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2621.680875] RIP: 0033:0x7fc0e8027b19 [ 2621.680897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2621.680917] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2621.694445] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2621.696259] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2621.698122] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2621.699952] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2621.701807] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 [ 2621.703665] CPU: 1 PID: 13161 Comm: syz-executor.0 Not tainted 5.10.234 #1 [ 2621.705154] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2621.706901] Call Trace: [ 2621.707461] dump_stack+0x107/0x167 [ 2621.708245] should_fail.cold+0x5/0xa [ 2621.709073] ? io_setup_async_rw+0x180/0x580 [ 2621.710003] should_failslab+0x5/0x20 [ 2621.710805] __kmalloc+0x72/0x390 [ 2621.711551] ? lock_downgrade+0x6d0/0x6d0 [ 2621.712434] io_setup_async_rw+0x180/0x580 [ 2621.713329] io_read+0xe98/0x11e0 [ 2621.714068] ? __lock_acquire+0x1657/0x5b00 [ 2621.714996] ? kiocb_done+0xc90/0xc90 [ 2621.715788] ? mark_lock+0xf5/0x2df0 [ 2621.716610] ? lock_chain_count+0x20/0x20 [ 2621.717532] ? __lock_acquire+0xbb1/0x5b00 [ 2621.718435] io_issue_sqe+0x2e8a/0x77b0 [ 2621.719272] ? find_held_lock+0x2c/0x110 [ 2621.720123] ? perf_trace_lock+0xac/0x490 [ 2621.720996] ? SOFTIRQ_verbose+0x10/0x10 [ 2621.721859] ? __io_arm_poll_handler+0x59b/0x9e0 [ 2621.722860] ? io_connect+0x610/0x610 [ 2621.723673] ? lock_acquire+0x197/0x470 [ 2621.724523] ? find_held_lock+0x2c/0x110 [ 2621.725394] ? __fget_files+0x2cf/0x520 [ 2621.726231] ? lock_downgrade+0x6d0/0x6d0 [ 2621.727117] __io_queue_sqe+0x90/0x9d0 [ 2621.727949] ? io_issue_sqe+0x77b0/0x77b0 [ 2621.728833] ? __fget_files+0x2f8/0x520 [ 2621.729669] ? io_prep_rw+0x7f5/0x1050 [ 2621.730500] io_submit_sqes+0x44aa/0x8610 [ 2621.731417] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2621.732464] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2621.733490] ? find_held_lock+0x2c/0x110 [ 2621.734358] ? io_submit_sqes+0x8610/0x8610 [ 2621.735288] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2621.736321] ? wait_for_completion_io+0x270/0x270 [ 2621.737372] ? rcu_read_lock_any_held+0x75/0xa0 [ 2621.738352] ? vfs_write+0x354/0xb10 [ 2621.739147] ? fput_many+0x2f/0x1a0 [ 2621.739920] ? ksys_write+0x1a9/0x260 [ 2621.740732] ? __ia32_sys_read+0xb0/0xb0 [ 2621.741595] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2621.742696] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2621.743768] do_syscall_64+0x33/0x40 [ 2621.744552] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2621.745635] RIP: 0033:0x7ff7fbbbbb19 [ 2621.746414] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2621.750314] RSP: 002b:00007ff7f9131188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2621.751902] RAX: ffffffffffffffda RBX: 00007ff7fbccef60 RCX: 00007ff7fbbbbb19 [ 2621.753402] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2621.754896] RBP: 00007ff7f91311d0 R08: 0000000000000000 R09: 0000000000000000 [ 2621.756391] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2621.757893] R13: 00007ffd6f9efb5f R14: 00007ff7f9131300 R15: 0000000000022000 02:55:59 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffc}, 0x0, 0xffffffffffffffff, r3, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:56:00 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x89) r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x13, r0, 0x0) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) bind$packet(0xffffffffffffffff, 0x0, 0xfffffffffffffff8) r3 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, @perf_config_ext={0x1, 0x3}, 0x8002, 0x8000000000, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r3, 0x2405, 0xffffffffffffffff) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000280)=@IORING_OP_CLOSE={0x13, 0x5, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x1) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x4, 0x10, r2, 0x0) syz_io_uring_setup(0x24, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000140)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000300)=@IORING_OP_SPLICE, 0x0) ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0x8) syz_io_uring_submit(r4, r6, &(0x7f0000000080)=@IORING_OP_POLL_ADD={0x6, 0x4, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x8066}, 0x1}, 0x438ea2b4) write$binfmt_elf64(r2, &(0x7f0000000280)=ANY=[], 0xfdef) r7 = syz_io_uring_complete(r1) perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffa}, 0x0, 0x0, 0xfffffffe, 0x5, 0x0, 0x0, 0xfffc, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffdfffffffffffff, 0xffffffffffffffff, 0x3) sendmsg$FOU_CMD_GET(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f0000000640)=ANY=[@ANYBLOB="38000000e4980c398cdf68b03915e94eaa6ac156aee3e2b826739aad6d6d0d08c543d32fa53423eb0ad16f2161eb0b6c155190825532001a9555b76a36c2101ccde7983fad0b0ad224804d1d13f5e04f3bdba474bb6440b55c620ce0ff7f9f7a04a4e2f509e21874d9c00c9dc6950200000000000000111c9c8c22310ae96ebbe223646f37fba7245752bb3dba9b133c64b63f5b6a0bf05febc1236019dc487e2a86c7506a7a16dbb373491b26b6f4fcff8f59fdf11bbd0364220e616c459251c5d1178a88fcebb454187c3ba62c081b5c59fe6fc0af54b544cda17f7c40dcd74994f8bd88de492c2e20c406cc88", @ANYRES16=0x0, @ANYBLOB="000328bd7000fbdbdf2503000000050004000200000008000600e000000114e808001fdf010000000000000000000000000196fe5a60c7227969389fd590b735b2fa0eef7b2fde54fe1b5767230bf23a263c8e2a22fdd0a5f8a3320e8b634612a1a5dd46299a5e5f5d5981f41800a7531be201b75e572b6b22cec2f1d3208f619066b9ee6915e3bea2ba3f118add30c6c850a076e20daffb1c4ede761aefd9757ab7c758d3239eaee0454400000000000000000000000000000000000000016edab9f2dc3005bfec1e75045109c63eb5f6ffbe7164ed1edbfc74fc6b3362be0d64dc25dd7e3f63d876f67aa26fc40ca7aef4200651ed630152b62463f782a850a4f281a4e0052fdb90b35cea4cd63732e9af819bfde659e87e853b1da44a60fb35bc416717322fd352c514f3d817"], 0x38}, 0x1, 0x0, 0x0, 0x8008}, 0x4804) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) syz_io_uring_submit(0x0, 0x0, &(0x7f00000013c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x4000, @fd, 0x0, 0xf8, 0x80000001, 0xa, 0x1, {0x3}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000003c0)=@IORING_OP_WRITE={0x17, 0x5, 0x0, @fd=r7, 0x10001, &(0x7f0000000340)="ad9154a36e2199dc893e2ce34a28c780ca29128484dd95326be512e338808ba5df846d9ecffce71111bb7ad0df71ae94855fa3e1f7e6b78c6403a8d8c9ae45c425e502", 0x43, 0xa, 0x1}, 0x8) 02:56:00 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20044006}, 0x51) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0) ftruncate(r2, 0x1000003) ioctl$FS_IOC_FSSETXATTR(r2, 0x40086602, &(0x7f0000000000)) openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0) r3 = creat(&(0x7f00000000c0)='./file1\x00', 0x40) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="34010000170001000000000000000000fe8800000000000000000000000000010000000000000000e00000010000000000000000000000f07e000001000000000000000000000000fc0000000000000000000000000000edffffffffffffff0000000000620000ce", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="2001000000000000000000b908000000000000a5aa6273ff94be2f027f0000010000000000001b000000000000188600"/60, @ANYRES32=0x0, @ANYRES16, @ANYBLOB="00000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000c0008000800080000000000"], 0x134}}, 0xc000) close(r3) listen(0xffffffffffffffff, 0x0) lseek(0xffffffffffffffff, 0x1f, 0x2) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3000001, 0x4000010, 0xffffffffffffffff, 0x0) ioctl$PTP_PEROUT_REQUEST2(0xffffffffffffffff, 0x40383d0c, 0x0) syz_io_uring_submit(r5, 0x0, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x4, 0x0, @fd, 0x6, &(0x7f0000000600), 0x0, 0x0, 0x1}, 0x5) 02:56:00 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0x0, 0x7f, 0x5, 0x1000}, {0x5, 0x0, 0x1, 0x3}]}) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f0000000800)=ANY=[@ANYBLOB="0010040000000000"]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x80, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x3, 0xffffffffffffffff, 0x0) mknod$loop(&(0x7f0000000400)='./file0\x00', 0x6000, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000740)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x101982, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(0xffffffffffffffff, 0x660c) ioctl$LOOP_SET_STATUS(r1, 0x4c00, 0x0) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000280), 0x220000, 0x0) link(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='./file2\x00') ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xfff, 0x9, 0x13, 0x8, "a33ffde15ac5e3597997ca8986bc6d30fb365a162412350d2dbb5f02e4b9158f3b699d557e93639a919a636fc399cb69327ad1688070049903904fc96628577b", "2f87934459fd43a9829984709a2e821126913d74f3d1ad8285ca2e3a4a403d99", [0xffff, 0x80]}) creat(&(0x7f0000000040)='./file1\x00', 0xc8) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f0000000440)=ANY=[@ANYBLOB="9789cdc1c58bb7b4ce6b9173a41ae2f452523a45992fbb476b7ba2f081093dc89803cc6745a634a85feaf8f2cd4ec14543c88d990c72ba873c4073a7537a63495141fd6432925ef7240019f7bd2bc2541505748aaf5c8bad5ffbb966b332d87a3c99b88a0c16f31f280431ef91e6a6158c92a9643ee6e1b81447c6f2f03e6aba8c12fe018d79b56154b6d624afae78ff05fc7dbcdbb69fe2936fa39b81293a5cfb37351e4a07f922504d305c460de00d694eb9c4cbd89bea63afd473f1"]) 02:56:00 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 68) 02:56:00 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 89) 02:56:00 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x10000000000, 0x0, 0x0) 02:56:00 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40c02, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) [ 2641.145603] FAULT_INJECTION: forcing a failure. [ 2641.145603] name failslab, interval 1, probability 0, space 0, times 0 [ 2641.148072] CPU: 0 PID: 13200 Comm: syz-executor.0 Not tainted 5.10.234 #1 [ 2641.149340] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2641.150986] Call Trace: [ 2641.151476] dump_stack+0x107/0x167 [ 2641.152144] should_fail.cold+0x5/0xa [ 2641.152856] ? io_setup_async_rw+0x180/0x580 [ 2641.153660] should_failslab+0x5/0x20 [ 2641.154353] __kmalloc+0x72/0x390 [ 2641.154992] ? lock_downgrade+0x6d0/0x6d0 [ 2641.155753] io_setup_async_rw+0x180/0x580 [ 2641.156532] io_read+0xe98/0x11e0 [ 2641.157183] ? __lock_acquire+0x1657/0x5b00 [ 2641.157986] ? kiocb_done+0xc90/0xc90 [ 2641.158742] ? mark_lock+0xf5/0x2df0 [ 2641.159522] ? lock_chain_count+0x20/0x20 [ 2641.160442] ? __lock_acquire+0xbb1/0x5b00 [ 2641.161356] io_issue_sqe+0x2e8a/0x77b0 [ 2641.162109] ? find_held_lock+0x2c/0x110 [ 2641.162865] ? perf_trace_lock+0xac/0x490 [ 2641.163661] ? SOFTIRQ_verbose+0x10/0x10 [ 2641.164410] ? __io_arm_poll_handler+0x59b/0x9e0 [ 2641.165307] ? io_connect+0x610/0x610 [ 2641.166016] ? lock_acquire+0x197/0x470 [ 2641.166743] ? find_held_lock+0x2c/0x110 [ 2641.167488] ? __fget_files+0x2cf/0x520 [ 2641.168214] ? lock_downgrade+0x6d0/0x6d0 [ 2641.168992] __io_queue_sqe+0x90/0x9d0 [ 2641.169714] ? io_issue_sqe+0x77b0/0x77b0 [ 2641.170466] ? __fget_files+0x2f8/0x520 [ 2641.171195] ? io_prep_rw+0x7f5/0x1050 [ 2641.171895] io_submit_sqes+0x44aa/0x8610 [ 2641.172675] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2641.173574] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2641.174453] ? find_held_lock+0x2c/0x110 [ 2641.175178] ? io_submit_sqes+0x8610/0x8610 [ 2641.175951] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2641.176959] ? wait_for_completion_io+0x270/0x270 [ 2641.177895] ? rcu_read_lock_any_held+0x75/0xa0 [ 2641.178740] ? vfs_write+0x354/0xb10 [ 2641.179417] ? fput_many+0x2f/0x1a0 [ 2641.180077] ? ksys_write+0x1a9/0x260 [ 2641.180782] ? __ia32_sys_read+0xb0/0xb0 [ 2641.181520] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2641.182472] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2641.183397] do_syscall_64+0x33/0x40 [ 2641.184064] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2641.185008] RIP: 0033:0x7ff7fbbbbb19 [ 2641.185680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2641.189001] RSP: 002b:00007ff7f9131188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2641.190361] RAX: ffffffffffffffda RBX: 00007ff7fbccef60 RCX: 00007ff7fbbbbb19 [ 2641.191663] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2641.193010] RBP: 00007ff7f91311d0 R08: 0000000000000000 R09: 0000000000000000 [ 2641.194288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2641.195557] R13: 00007ffd6f9efb5f R14: 00007ff7f9131300 R15: 0000000000022000 [ 2641.207436] loop5: detected capacity change from 0 to 265216 [ 2641.213539] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2641.235676] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2641.270540] FAULT_INJECTION: forcing a failure. [ 2641.270540] name failslab, interval 1, probability 0, space 0, times 0 [ 2641.272918] CPU: 0 PID: 13199 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2641.274213] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2641.275620] Call Trace: [ 2641.276067] dump_stack+0x107/0x167 [ 2641.276684] should_fail.cold+0x5/0xa [ 2641.277342] ? create_object.isra.0+0x3a/0xa20 [ 2641.278118] should_failslab+0x5/0x20 [ 2641.278764] kmem_cache_alloc+0x5b/0x310 [ 2641.279454] ? mark_held_locks+0x9e/0xe0 [ 2641.280144] create_object.isra.0+0x3a/0xa20 [ 2641.280897] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2641.281761] kmem_cache_alloc_bulk+0x168/0x320 [ 2641.282541] io_submit_sqes+0x6fe6/0x8610 [ 2641.283277] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2641.283577] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2641.284119] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2641.284139] ? find_held_lock+0x2c/0x110 [ 2641.284169] ? io_submit_sqes+0x8610/0x8610 [ 2641.288193] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2641.289018] ? wait_for_completion_io+0x270/0x270 [ 2641.289831] ? rcu_read_lock_any_held+0x75/0xa0 [ 2641.290614] ? vfs_write+0x354/0xb10 [ 2641.291237] ? fput_many+0x2f/0x1a0 [ 2641.291849] ? ksys_write+0x1a9/0x260 [ 2641.292489] ? __ia32_sys_read+0xb0/0xb0 [ 2641.293190] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2641.294068] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2641.294927] do_syscall_64+0x33/0x40 [ 2641.295557] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2641.296407] RIP: 0033:0x7fc0e8027b19 [ 2641.297048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2641.300134] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2641.301413] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2641.302602] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2641.303784] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2641.304980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2641.306162] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 [ 2641.308588] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2641.314249] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:56:00 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x4004, @fd=r3}, 0x0) r4 = syz_open_dev$sg(&(0x7f00000012c0), 0x0, 0x0) ioctl$SG_EMULATED_HOST(r4, 0x2203, &(0x7f00000005c0)) ioctl$SG_IO(r4, 0x2285, &(0x7f0000000240)={0x53, 0xfffffffffffffffe, 0x9e, 0x6, @buffer={0x0, 0xbb, &(0x7f0000000340)=""/187}, &(0x7f0000000400)="591bd2860f36de818208385fe2c5e48ad749b2c2b7d700dad049df3ea23d9639948add1cea92cde6f0e88de7c016f2dc5946cd3f8ece63c12bd79ee18a90e6d8669ef8c4b343730da57dabfc89a81b08e010f33ed257e5e150136f53ba884b22b16920373ac3145c86d95997b1f0155c83c5cbe0e94f03cfbb81e8a66330a7602d8fdd5f053a08a217b89d6bc9e8a035071fdd54103a46b81ace035c2950", &(0x7f00000000c0)=""/46, 0x8001, 0x40, 0xffffffffffffffff, &(0x7f0000000100)}) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:56:00 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40c03, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:56:00 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0x0, 0x7f, 0x5, 0x1000}, {0x5, 0x0, 0x1, 0x3}]}) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f0000000800)=ANY=[@ANYBLOB="0010040000000000"]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x80, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x3, 0xffffffffffffffff, 0x0) mknod$loop(&(0x7f0000000400)='./file0\x00', 0x6000, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000740)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x101982, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(0xffffffffffffffff, 0x660c) ioctl$LOOP_SET_STATUS(r1, 0x4c00, 0x0) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000280), 0x220000, 0x0) link(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='./file2\x00') ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xfff, 0x9, 0x13, 0x8, "a33ffde15ac5e3597997ca8986bc6d30fb365a162412350d2dbb5f02e4b9158f3b699d557e93639a919a636fc399cb69327ad1688070049903904fc96628577b", "2f87934459fd43a9829984709a2e821126913d74f3d1ad8285ca2e3a4a403d99", [0xffff, 0x80]}) creat(&(0x7f0000000040)='./file1\x00', 0xc8) 02:56:00 executing program 7: syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000100)='./mnt\x00', 0x0, 0x0, 0x0, 0x0, 0x0) stat(&(0x7f00000002c0)='.\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(r0, 0x0, 0x0) stat(&(0x7f0000001cc0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0}) setresuid(0x0, 0x0, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000080)='./mnt\x00', &(0x7f00000001c0)='system.posix_acl_default\x00', &(0x7f0000001500)=ANY=[@ANYBLOB="0200050032ad60ae0000000002000500", @ANYRES32=r0, @ANYBLOB="02000200", @ANYRES32=r1, @ANYBLOB="02001100", @ANYRES32=r0, @ANYBLOB="02a044d1", @ANYRES32, @ANYBLOB, @ANYRES32=r1, @ANYBLOB="040000000000000008000000000000002000000000000000"], 0x4c, 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='rpc_pipefs\x00', 0x0, 0x0) statx(0xffffffffffffffff, &(0x7f0000000500)='./file1\x00', 0x100, 0x20, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchownat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', r2, r3, 0x1000) setresuid(r1, r0, r2) r4 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_READ_FIXED={0x4, 0x3, 0x4000, @fd, 0xfffffffffffffffe, 0x49d, 0x32ed, 0x8, 0x1, {0x2, r4}}, 0x3ff) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8) umount2(&(0x7f0000000080)='./file0\x00', 0x0) r5 = open(&(0x7f0000000180)='./mnt\x00', 0x40000, 0x8) syz_io_uring_setup(0x2a06, &(0x7f0000000400)={0x0, 0x4034, 0x20, 0x0, 0x34a, 0x0, r5}, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000000300), &(0x7f0000000480)=0x0) r7 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r6, &(0x7f00000004c0)=@IORING_OP_FALLOCATE={0x11, 0x5, 0x0, @fd_index=0x3, 0x7, 0x0, 0x3, 0x0, 0x0, {0x0, r7}}, 0x1f) 02:56:00 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) r2 = syz_open_dev$vcsu(&(0x7f0000000000), 0x2, 0x100) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = dup(r3) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_WIPHY(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x28, r5, 0x325, 0x0, 0x0, {{}, {@void, @val={0x8, 0x10}, @val={0xc}}}}, 0x28}}, 0x0) sendmsg$NL80211_CMD_GET_REG(r2, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x1c, r5, 0x0, 0x70bd27, 0x25dfdbfe, {}, [@NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000414) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:56:00 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x80000000000000, 0x0, 0x0) 02:56:00 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 69) 02:56:00 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 90) [ 2641.600404] FAULT_INJECTION: forcing a failure. [ 2641.600404] name failslab, interval 1, probability 0, space 0, times 0 [ 2641.602301] CPU: 0 PID: 13232 Comm: syz-executor.0 Not tainted 5.10.234 #1 [ 2641.603298] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2641.604404] Call Trace: [ 2641.604772] dump_stack+0x107/0x167 [ 2641.605260] should_fail.cold+0x5/0xa [ 2641.605766] ? create_object.isra.0+0x3a/0xa20 [ 2641.606373] should_failslab+0x5/0x20 [ 2641.606874] kmem_cache_alloc+0x5b/0x310 [ 2641.607413] create_object.isra.0+0x3a/0xa20 [ 2641.607996] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2641.608672] __kmalloc+0x16e/0x390 [ 2641.609157] ? lock_downgrade+0x6d0/0x6d0 [ 2641.609713] io_setup_async_rw+0x180/0x580 [ 2641.610281] io_read+0xe98/0x11e0 [ 2641.610745] ? __lock_acquire+0x1657/0x5b00 [ 2641.611321] ? kiocb_done+0xc90/0xc90 [ 2641.611820] ? mark_lock+0xf5/0x2df0 [ 2641.612319] ? lock_chain_count+0x20/0x20 [ 2641.612908] ? __lock_acquire+0xbb1/0x5b00 [ 2641.613470] io_issue_sqe+0x2e8a/0x77b0 [ 2641.614015] ? find_held_lock+0x2c/0x110 [ 2641.614563] ? perf_trace_lock+0xac/0x490 [ 2641.615112] ? SOFTIRQ_verbose+0x10/0x10 [ 2641.615657] ? __io_arm_poll_handler+0x59b/0x9e0 [ 2641.616287] ? io_connect+0x610/0x610 [ 2641.616819] ? lock_acquire+0x197/0x470 [ 2641.617349] ? find_held_lock+0x2c/0x110 [ 2641.617892] ? __fget_files+0x2cf/0x520 [ 2641.618424] ? lock_downgrade+0x6d0/0x6d0 [ 2641.618977] __io_queue_sqe+0x90/0x9d0 [ 2641.619540] ? io_issue_sqe+0x77b0/0x77b0 [ 2641.620084] ? __fget_files+0x2f8/0x520 [ 2641.620619] ? io_prep_rw+0x7f5/0x1050 [ 2641.621157] io_submit_sqes+0x44aa/0x8610 [ 2641.621735] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2641.622384] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2641.623017] ? find_held_lock+0x2c/0x110 [ 2641.623560] ? io_submit_sqes+0x8610/0x8610 [ 2641.624143] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2641.624790] ? wait_for_completion_io+0x270/0x270 [ 2641.625454] ? rcu_read_lock_any_held+0x75/0xa0 [ 2641.626075] ? vfs_write+0x354/0xb10 [ 2641.626580] ? fput_many+0x2f/0x1a0 [ 2641.627076] ? ksys_write+0x1a9/0x260 [ 2641.627590] ? __ia32_sys_read+0xb0/0xb0 [ 2641.628141] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2641.628872] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2641.629570] do_syscall_64+0x33/0x40 [ 2641.630078] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2641.630767] RIP: 0033:0x7ff7fbbbbb19 [ 2641.631268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2641.633745] RSP: 002b:00007ff7f9131188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2641.634775] RAX: ffffffffffffffda RBX: 00007ff7fbccef60 RCX: 00007ff7fbbbbb19 [ 2641.635735] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2641.636690] RBP: 00007ff7f91311d0 R08: 0000000000000000 R09: 0000000000000000 [ 2641.637673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2641.638630] R13: 00007ffd6f9efb5f R14: 00007ff7f9131300 R15: 0000000000022000 [ 2641.644630] loop5: detected capacity change from 0 to 265216 [ 2641.669158] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2641.680065] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2641.683210] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue [ 2641.709677] FAULT_INJECTION: forcing a failure. [ 2641.709677] name failslab, interval 1, probability 0, space 0, times 0 [ 2641.712502] CPU: 1 PID: 13233 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2641.713996] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2641.715772] Call Trace: [ 2641.716346] dump_stack+0x107/0x167 [ 2641.717170] should_fail.cold+0x5/0xa [ 2641.718000] ? create_object.isra.0+0x3a/0xa20 [ 2641.719001] should_failslab+0x5/0x20 [ 2641.719836] kmem_cache_alloc+0x5b/0x310 [ 2641.720737] ? mark_held_locks+0x9e/0xe0 [ 2641.721633] create_object.isra.0+0x3a/0xa20 [ 2641.722591] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2641.723708] kmem_cache_alloc_bulk+0x168/0x320 [ 2641.724726] io_submit_sqes+0x6fe6/0x8610 [ 2641.725678] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2641.726767] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2641.727827] ? find_held_lock+0x2c/0x110 [ 2641.728739] ? io_submit_sqes+0x8610/0x8610 [ 2641.729698] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2641.730760] ? wait_for_completion_io+0x270/0x270 [ 2641.731818] ? rcu_read_lock_any_held+0x75/0xa0 [ 2641.732841] ? vfs_write+0x354/0xb10 [ 2641.733652] ? fput_many+0x2f/0x1a0 [ 2641.734447] ? ksys_write+0x1a9/0x260 [ 2641.735277] ? __ia32_sys_read+0xb0/0xb0 [ 2641.736170] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2641.737337] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2641.738468] do_syscall_64+0x33/0x40 [ 2641.739282] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2641.740558] RIP: 0033:0x7fc0e8027b19 [ 2641.741504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2641.745590] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2641.747244] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2641.748795] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2641.750338] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2641.751881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2641.753431] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 02:56:00 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40d00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) [ 2641.823281] netlink: 'syz-executor.4': attribute type 16 has an invalid length. 02:56:00 executing program 2: r0 = syz_io_uring_setup(0x4d7d, &(0x7f00000002c0)={0x0, 0x0, 0x20, 0x0, 0x240}, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r4 = mmap$IORING_OFF_SQES(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x2, 0x42030, r0, 0x10000000) syz_io_uring_submit(r1, r4, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2641.860017] netlink: 'syz-executor.4': attribute type 16 has an invalid length. [ 2641.946969] loop5: detected capacity change from 0 to 265216 [ 2641.958480] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2641.964263] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2641.967191] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:56:17 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 70) 02:56:17 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0x0, 0x7f, 0x5, 0x1000}, {0x5, 0x0, 0x1, 0x3}]}) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f0000000800)=ANY=[@ANYBLOB="0010040000000000"]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x80, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x3, 0xffffffffffffffff, 0x0) mknod$loop(&(0x7f0000000400)='./file0\x00', 0x6000, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000740)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x101982, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(0xffffffffffffffff, 0x660c) ioctl$LOOP_SET_STATUS(r1, 0x4c00, 0x0) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000280), 0x220000, 0x0) link(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='./file2\x00') ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0xfff, 0x9, 0x13, 0x8, "a33ffde15ac5e3597997ca8986bc6d30fb365a162412350d2dbb5f02e4b9158f3b699d557e93639a919a636fc399cb69327ad1688070049903904fc96628577b", "2f87934459fd43a9829984709a2e821126913d74f3d1ad8285ca2e3a4a403d99", [0xffff, 0x80]}) 02:56:17 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0x30, r3, 0x8000000) r5 = mmap$IORING_OFF_SQES(&(0x7f0000ff7000/0x1000)=nil, 0x1000, 0x2000000, 0x50, r3, 0x10000000) syz_io_uring_submit(r4, r5, &(0x7f00000000c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x85d, 0x0, 0x0, 0x0, 0x0, 0x1, {0x3}}, 0x7) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:56:17 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 91) 02:56:17 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x2000000000000000, 0x0, 0x0) 02:56:17 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0xc}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$DVD_READ_STRUCT(r1, 0x5390, &(0x7f00000003c0)=@type=0x1) fallocate(r1, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:56:17 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40d01, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:56:17 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0), 0x5}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_io_uring_setup(0x804ebb, &(0x7f0000001780)={0x0, 0x1b9b, 0x10, 0x0, 0x165}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x66e2, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0xffffffffffffffff, 0x0}, 0x0) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r4, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) r5 = openat(0xffffffffffffff9c, 0x0, 0x628080, 0x31) openat(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0x400000, 0x0) io_uring_register$IORING_REGISTER_PROBE(0xffffffffffffffff, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c990697d0000000000008bc348bff42b46f29b792ed5847d3be37ebddbcb54223bcad03687718b457a359cab38108bac6158ca42d570ff6f0000000000000000000000000000001e04c44022727daa04c1705a997f1a68269237a3b9ec978a84f5bd2be3ef61570106df3af23b678a611e079a78beada6a765b3b12291343aa9dd462f7532b76a2ed98adcbbe2b870901d12dd2048e4c1015f92a1c490bc279c01fd2247fbee0fa652c97c9729f1089687a19bb43e40679c499d77d70000000000000000000015c2c4df7a74c4638ba61474"], 0x8) r6 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0) write(r6, &(0x7f0000000540)='\t', 0x1) r7 = openat$random(0xffffffffffffff9c, &(0x7f00000002c0), 0x240000, 0x0) ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f0000000300)={{r7}, 0xf, 0x9, 0x5}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_buf(r8, 0x1, 0x1f, &(0x7f0000001140)=""/244, &(0x7f0000000000)=0xf4) fsmount(r5, 0x1, 0x8) fsetxattr$trusted_overlay_nlink(r6, &(0x7f0000000000), &(0x7f0000000040)={'U+', 0x9e}, 0x16, 0x1) futimesat(0xffffffffffffffff, 0x0, 0x0) [ 2659.001384] loop5: detected capacity change from 0 to 265216 [ 2659.044490] FAULT_INJECTION: forcing a failure. [ 2659.044490] name failslab, interval 1, probability 0, space 0, times 0 [ 2659.047501] CPU: 1 PID: 13266 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2659.049026] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2659.050834] Call Trace: [ 2659.051414] dump_stack+0x107/0x167 [ 2659.052213] should_fail.cold+0x5/0xa [ 2659.053120] ? create_object.isra.0+0x3a/0xa20 [ 2659.054109] should_failslab+0x5/0x20 [ 2659.054936] kmem_cache_alloc+0x5b/0x310 [ 2659.055807] ? mark_held_locks+0x9e/0xe0 [ 2659.056687] create_object.isra.0+0x3a/0xa20 [ 2659.057622] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2659.058721] kmem_cache_alloc_bulk+0x168/0x320 [ 2659.059715] io_submit_sqes+0x6fe6/0x8610 [ 2659.060643] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2659.061674] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2659.062722] ? find_held_lock+0x2c/0x110 [ 2659.063595] ? io_submit_sqes+0x8610/0x8610 [ 2659.064541] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2659.065605] ? wait_for_completion_io+0x270/0x270 [ 2659.066620] ? rcu_read_lock_any_held+0x75/0xa0 [ 2659.067625] ? vfs_write+0x354/0xb10 [ 2659.068431] ? fput_many+0x2f/0x1a0 [ 2659.069237] ? ksys_write+0x1a9/0x260 [ 2659.070067] ? __ia32_sys_read+0xb0/0xb0 [ 2659.070957] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2659.072101] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2659.073207] do_syscall_64+0x33/0x40 [ 2659.074021] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2659.075111] RIP: 0033:0x7fc0e8027b19 [ 2659.075924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2659.079903] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2659.081571] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2659.083122] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2659.084622] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2659.086176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2659.087879] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 [ 2659.126164] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2659.156961] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended 02:56:18 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0x0, 0x7f, 0x5, 0x1000}, {0x5, 0x0, 0x1, 0x3}]}) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f0000000800)=ANY=[@ANYBLOB="0010040000000000"]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x80, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x3, 0xffffffffffffffff, 0x0) mknod$loop(&(0x7f0000000400)='./file0\x00', 0x6000, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000740)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x101982, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(0xffffffffffffffff, 0x660c) ioctl$LOOP_SET_STATUS(r1, 0x4c00, 0x0) openat$null(0xffffffffffffff9c, &(0x7f0000000280), 0x220000, 0x0) link(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='./file2\x00') [ 2659.188220] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:56:18 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:56:18 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40d02, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:56:18 executing program 7: mlock2(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0) sigaltstack(&(0x7f0000ffc000/0x1000)=nil, &(0x7f00000000c0)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x2000000000000000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sigaltstack(&(0x7f0000ff7000/0x4000)=nil, &(0x7f0000000000)) mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x0, 0x3, 0x2) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/snmp6\x00') readv(r0, &(0x7f0000000280)=[{&(0x7f00000004c0)=""/4089, 0xff9}], 0x1) openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0xe8b82, 0x0) syz_io_uring_complete(0x0) r1 = epoll_create(0x1) signalfd4(0xffffffffffffffff, &(0x7f00000000c0), 0x8, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000100)={0xa0000003}) io_uring_enter(r0, 0x630d, 0x970, 0x2, 0x0, 0x0) mbind(&(0x7f0000ff9000/0x3000)=nil, 0x3000, 0x0, &(0x7f0000000180)=0x7ff, 0x2, 0x4) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) r3 = clone3(&(0x7f0000000580)={0x48000, &(0x7f0000000000), &(0x7f0000000140), &(0x7f0000000240), {0x2}, &(0x7f00000002c0)=""/158, 0x9e, &(0x7f0000000480)=""/224, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x58) wait4(r3, 0x0, 0x2, 0x0) syz_open_procfs(r3, &(0x7f0000000100)='task\x00') sendmsg$nl_xfrm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=ANY=[@ANYBLOB="b800000013000100000000000000000018ff02002aa5e08f02f9a719c8e0feffffffffff0900405d00000000000000000022155d09713036f3a68192b4283022eb8a608e65285eeb17ef2a3d7073f12da3b83309e67994d016d66a8f65a2eefdd3fab8a1b21ebaf72d8a3342d42e6af7d2f80af6a1398c1ca1b803cad34a911c41f59dbee15fc2358e988ac38b95035eef4666ef195dda60b3034573a0d80271df36f5747d627d19a0096ad1b68e7c8e1b1ba8b23fa082d157ae16cc08db0c39a05081a7835b79317f12e6adc756f8e488dd2c6ac1676f476be18443f50223664e49d2b41396d76bf4d2eb3d108c570fc1e2ad48b883f8f8de681a65fedf86fb122b6b693286aa1b3543ed91ecae56a364beeca00d20e05fbe93f488f7f3c3102209813e8a355710dc9a8752c69de60270b840160fce9aa9676a", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fdffffffffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffff7fbb6b6e000001020000000000a05c2d36e8f731e408008c0e293d239f47e5340e5208000000"], 0xb8}}, 0x0) 02:56:18 executing program 4: r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x14, r0, 0x400, 0x70bd2c, 0x25dfdbfd, {}, [""]}, 0x14}}, 0x22c0ac6a558b7e7c) r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r4 = openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r3, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000300)={{0x0, 0x3, 0x7, 0x1, 0x4}, 0x1, 0x400, 0x5}) fallocate(r3, 0x3, 0x4077, 0x8000) r5 = openat(r4, &(0x7f0000000240)='./file0\x00', 0x40, 0x40) ioctl$FS_IOC_FSSETXATTR(r4, 0x401c5820, &(0x7f0000000500)={0x3f, 0x9, 0x4802, 0x2, 0xbff9}) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000100)=0x1) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r5) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:56:18 executing program 2: r0 = syz_io_uring_setup(0x6352, &(0x7f0000000400)={0x0, 0x800}, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) r4 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000000)=0x20000000) fstatfs(r5, &(0x7f0000000240)=""/99) syz_io_uring_setup(0x24, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000140)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000300)=@IORING_OP_SPLICE, 0x0) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) syz_io_uring_submit(r4, r7, &(0x7f00000000c0)=@IORING_OP_SEND={0x1a, 0x1, 0x0, r3, 0x0, &(0x7f0000000340)="b964344d9810675c26c7260d24e5396559a22ba73dc49a1d4adcaa17b6d6c9db19d646a2ce1094386c468b5d3f574ada2a70e82d4101915876fd31f94037b18ff022c365952e5da41cddf74cc76b57e193560f4e428f66fc3b65d49477af0ab4888d06755a9f903444e0d5b9b5784e2028276b4936f9ce668c9009f803d600685e5cb9bb56ea2952ff92f14373e41c4163dfffe0831e629eea287b7388170e55bc437bf7feb0de04f3e5e090d1ad", 0xae, 0x4040, 0x0, {0x0, r8}}, 0x5) ioctl$F2FS_IOC_START_VOLATILE_WRITE(r5, 0xf503, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x2000000, 0x1010, r3, 0x8000000) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2659.649554] loop5: detected capacity change from 0 to 265216 [ 2659.665353] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2659.674126] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2659.678571] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:56:34 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) ioctl$AUTOFS_DEV_IOCTL_READY(r3, 0xc0189376, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r3, {0xd97}}, './file0\x00'}) fsetxattr$trusted_overlay_opaque(r4, &(0x7f0000000100), &(0x7f0000000180), 0x2, 0x4404de5c9979a62b) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:56:34 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0x0, 0x7f, 0x5, 0x1000}, {0x5, 0x0, 0x1, 0x3}]}) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f0000000800)=ANY=[@ANYBLOB="0010040000000000"]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x80, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x3, 0xffffffffffffffff, 0x0) mknod$loop(&(0x7f0000000400)='./file0\x00', 0x6000, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000740)) r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x101982, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(0xffffffffffffffff, 0x660c) ioctl$LOOP_SET_STATUS(r1, 0x4c00, 0x0) link(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='./file2\x00') 02:56:34 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:56:34 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 92) 02:56:34 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x2000) 02:56:34 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40d03, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:56:34 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)={0x80000, 0x65, 0x8}, 0x18) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:56:34 executing program 7: r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x66e3, 0x72) ftruncate(r0, 0x1000004) ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000480)=ANY=[@ANYBLOB="feff003b533bbccf788344599eafdb499c6aca6bbc9b967004bd6d0886a18278e6d9821c9f", @ANYRES32=r0, @ANYBLOB="00000000000000002e2f66696c6530002c87af821976942a5ffe872c5237e05634de93ac3f8819dedb65c8fa8891ef2e1462c2cfba9e02ef30e546553ce5"]) ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000)) io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000100)=[r0, 0xffffffffffffffff], 0x2) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x91) r2 = openat$hpet(0xffffffffffffff9c, 0x0, 0x2002, 0x0) r3 = creat(&(0x7f0000000000)='./file2\x00', 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000200)=ANY=[@ANYBLOB="34010000170001000000000000000000fe8800000000000000000000ce4190da000000010000000000000000e000000100000000000000000000000000000000000000000000000000000000fc00"/108, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="200100000000000000000000000000027f00000100000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c7ba67cb7d38793daf5bb8e"], 0x134}}, 0x0) close(r3) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, 0x1e, 0x8, 0x0, 0x0, {0x7}, [@typed={0x8, 0x0, 0x0, 0x0, @u32=0x10002}]}, 0x1c}, 0x1, 0x0, 0x0, 0xb31505c58d61db6b}, 0x0) ioctl$LOOP_CHANGE_FD(r1, 0x4c06, 0xffffffffffffffff) ioctl$IOC_PR_REGISTER(0xffffffffffffffff, 0x401870c8, &(0x7f00000000c0)={0x6200, 0x1f, 0x1}) ioctl$HDIO_GETGEO(r2, 0x301, &(0x7f0000000180)) perf_event_open(&(0x7f0000000400)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x104, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x8000, 0x7}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) lseek(r1, 0x0, 0x2) ftruncate(0xffffffffffffffff, 0xd5) r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x4000, 0x128) copy_file_range(r4, 0x0, r1, 0x0, 0x200f5ef, 0x0) [ 2676.100808] loop5: detected capacity change from 0 to 265216 [ 2676.132686] FAULT_INJECTION: forcing a failure. [ 2676.132686] name failslab, interval 1, probability 0, space 0, times 0 [ 2676.135885] CPU: 1 PID: 13322 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2676.137742] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2676.139736] Call Trace: [ 2676.140471] dump_stack+0x107/0x167 [ 2676.141332] should_fail.cold+0x5/0xa [ 2676.142408] ? io_setup_async_rw+0x180/0x580 [ 2676.143515] should_failslab+0x5/0x20 [ 2676.144704] __kmalloc+0x72/0x390 [ 2676.145514] io_setup_async_rw+0x180/0x580 [ 2676.146488] io_read+0xe98/0x11e0 [ 2676.147291] ? kiocb_done+0xc90/0xc90 [ 2676.148157] ? mark_lock+0xf5/0x2df0 [ 2676.149025] ? lock_chain_count+0x20/0x20 [ 2676.150191] ? __lockdep_reset_lock+0x180/0x180 [ 2676.151443] ? lock_acquire+0x197/0x470 [ 2676.152437] ? __lock_acquire+0xbb1/0x5b00 [ 2676.153416] io_issue_sqe+0x2e8a/0x77b0 [ 2676.154330] ? perf_trace_lock+0xac/0x490 [ 2676.155262] ? SOFTIRQ_verbose+0x10/0x10 [ 2676.156173] ? lock_chain_count+0x20/0x20 [ 2676.157115] ? io_connect+0x610/0x610 [ 2676.158004] ? lock_acquire+0x197/0x470 [ 2676.158899] ? find_held_lock+0x2c/0x110 [ 2676.159805] ? __fget_files+0x2cf/0x520 [ 2676.160708] ? lock_downgrade+0x6d0/0x6d0 [ 2676.161658] __io_queue_sqe+0x90/0x9d0 [ 2676.162542] ? io_issue_sqe+0x77b0/0x77b0 [ 2676.163485] ? __fget_files+0x2f8/0x520 [ 2676.164396] ? io_prep_rw+0x7f5/0x1050 [ 2676.165300] io_submit_sqes+0x44aa/0x8610 [ 2676.166281] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2676.167409] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2676.168511] ? find_held_lock+0x2c/0x110 [ 2676.169467] ? io_submit_sqes+0x8610/0x8610 [ 2676.170452] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2676.171555] ? wait_for_completion_io+0x270/0x270 [ 2676.172650] ? rcu_read_lock_any_held+0x75/0xa0 [ 2676.173705] ? vfs_write+0x354/0xb10 [ 2676.174554] ? fput_many+0x2f/0x1a0 [ 2676.175377] ? ksys_write+0x1a9/0x260 [ 2676.176239] ? __ia32_sys_read+0xb0/0xb0 [ 2676.177208] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2676.178379] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2676.179543] do_syscall_64+0x33/0x40 [ 2676.180387] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2676.181540] RIP: 0033:0x7fc0e8027b19 [ 2676.182393] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2676.186573] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2676.188306] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2676.189936] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2676.191557] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2676.193197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2676.194809] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 [ 2676.201148] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2676.216586] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2676.267367] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:56:35 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0x0, 0x7f, 0x5, 0x1000}, {0x5, 0x0, 0x1, 0x3}]}) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f0000000800)=ANY=[@ANYBLOB="0010040000000000"]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x80, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x3, 0xffffffffffffffff, 0x0) mknod$loop(&(0x7f0000000400)='./file0\x00', 0x6000, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000740)) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x101982, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(0xffffffffffffffff, 0x660c) link(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='./file2\x00') 02:56:35 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 93) 02:56:35 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40e00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:56:35 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r0, 0xc018937a, &(0x7f0000000000)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=r0, @ANYBLOB="090000009e0bfdbc2e2f66696c653100"]) ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r1, 0xc0189373, &(0x7f0000000240)={{0x1, 0x1, 0x18, r0, {0x5}}, './file0\x00'}) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000000)=0x20000000) fstatfs(r2, &(0x7f00000004c0)=""/89) ioctl$FAT_IOCTL_GET_ATTRIBUTES(r2, 0x80047210, &(0x7f0000000300)) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r4, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r4, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800040, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000300)=@IORING_OP_SPLICE, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000340)=@IORING_OP_ASYNC_CANCEL={0xe, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x5) fallocate(r4, 0x0, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) [ 2676.472265] FAULT_INJECTION: forcing a failure. [ 2676.472265] name failslab, interval 1, probability 0, space 0, times 0 [ 2676.474662] CPU: 0 PID: 13339 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2676.475928] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2676.477403] Call Trace: [ 2676.477874] dump_stack+0x107/0x167 [ 2676.478545] should_fail.cold+0x5/0xa [ 2676.479231] ? create_object.isra.0+0x3a/0xa20 [ 2676.480059] should_failslab+0x5/0x20 [ 2676.480747] kmem_cache_alloc+0x5b/0x310 [ 2676.481491] create_object.isra.0+0x3a/0xa20 [ 2676.482238] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2676.483125] __kmalloc+0x16e/0x390 [ 2676.483757] io_setup_async_rw+0x180/0x580 [ 2676.484518] io_read+0xe98/0x11e0 [ 2676.485154] ? kiocb_done+0xc90/0xc90 [ 2676.485827] ? mark_lock+0xf5/0x2df0 [ 2676.486492] ? lock_chain_count+0x20/0x20 [ 2676.487229] ? __lockdep_reset_lock+0x180/0x180 [ 2676.488048] ? lock_acquire+0x197/0x470 [ 2676.488762] ? __lock_acquire+0xbb1/0x5b00 [ 2676.489521] io_issue_sqe+0x2e8a/0x77b0 [ 2676.490233] ? perf_trace_lock+0xac/0x490 [ 2676.490959] ? SOFTIRQ_verbose+0x10/0x10 [ 2676.491673] ? lock_chain_count+0x20/0x20 [ 2676.492395] ? io_connect+0x610/0x610 [ 2676.493059] ? lock_acquire+0x197/0x470 [ 2676.493789] ? find_held_lock+0x2c/0x110 [ 2676.494510] ? __fget_files+0x2cf/0x520 [ 2676.495212] ? lock_downgrade+0x6d0/0x6d0 [ 2676.495947] __io_queue_sqe+0x90/0x9d0 [ 2676.496645] ? io_issue_sqe+0x77b0/0x77b0 [ 2676.497385] ? __fget_files+0x2f8/0x520 [ 2676.498080] ? io_prep_rw+0x7f5/0x1050 [ 2676.498748] io_submit_sqes+0x44aa/0x8610 [ 2676.499516] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2676.500377] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2676.501220] ? find_held_lock+0x2c/0x110 [ 2676.501946] ? io_submit_sqes+0x8610/0x8610 [ 2676.502720] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2676.503565] ? wait_for_completion_io+0x270/0x270 [ 2676.504395] ? rcu_read_lock_any_held+0x75/0xa0 [ 2676.505209] ? vfs_write+0x354/0xb10 [ 2676.505870] ? fput_many+0x2f/0x1a0 [ 2676.506493] ? ksys_write+0x1a9/0x260 [ 2676.507159] ? __ia32_sys_read+0xb0/0xb0 [ 2676.507858] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2676.508761] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2676.509681] do_syscall_64+0x33/0x40 [ 2676.510327] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2676.511249] RIP: 0033:0x7fc0e8027b19 [ 2676.511896] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2676.515107] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2676.516422] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2676.517664] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2676.518904] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2676.520136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2676.521379] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 02:56:35 executing program 2: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r0}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f00000000c0)={0x3, 0x80, 0xfa, 0x4, 0x2c, 0x3f, 0x0, 0x8fcc, 0x80, 0xa, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x41d, 0x0, @perf_config_ext={0x88, 0x9}, 0x40000, 0x6, 0x401, 0x3, 0x2, 0x6, 0x2, 0x0, 0x200, 0x0, 0x700}, 0x0, 0x3, 0xffffffffffffffff, 0x2) io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:56:35 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0x0, 0x7f, 0x5, 0x1000}, {0x5, 0x0, 0x1, 0x3}]}) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f0000000800)=ANY=[@ANYBLOB="0010040000000000"]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x80, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x3, 0xffffffffffffffff, 0x0) mknod$loop(&(0x7f0000000400)='./file0\x00', 0x6000, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000740)) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x101982, 0x0) link(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='./file2\x00') 02:56:35 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x2000, 0x0, 0x0, 0x0) 02:56:35 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x800000) [ 2676.685288] loop5: detected capacity change from 0 to 265728 [ 2676.698223] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2676.728584] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2676.733291] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:56:35 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0x0, 0x7f, 0x5, 0x1000}, {0x5, 0x0, 0x1, 0x3}]}) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f0000000800)=ANY=[@ANYBLOB="0010040000000000"]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x80, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x3, 0xffffffffffffffff, 0x0) mknod$loop(&(0x7f0000000400)='./file0\x00', 0x6000, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000740)) link(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='./file2\x00') 02:56:35 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r4, &(0x7f00000000c0), 0x12) syz_io_uring_submit(r1, r2, &(0x7f00000000c0)=@IORING_OP_SEND={0x1a, 0x4, 0x0, r4, 0x0, &(0x7f0000000340)="e8327c67123ce659d104686abf1b25351319a9c1dda6816f6910b1edd1d2286458f434836bc59195fffcd26370c6ccec4a04b1c50cb73ce1655b694a9fd7d1e20a24a0c3c178053ba397f53f214ae92579ba840a2bda14a78d80e69af217d18d254d7b3dfbe90590028b1ba6ecb3cadd6a3bff884e286e76fee8c2347c1cfb463c2e", 0x82, 0x1, 0x1}, 0x5) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:56:54 executing program 2: r0 = syz_io_uring_setup(0x4d7b, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:56:54 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0x0, 0x7f, 0x5, 0x1000}, {0x5, 0x0, 0x1, 0x3}]}) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f0000000800)=ANY=[@ANYBLOB="0010040000000000"]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x80, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x3, 0xffffffffffffffff, 0x0) mknod$loop(&(0x7f0000000400)='./file0\x00', 0x6000, 0x0) link(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='./file2\x00') 02:56:54 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40e01, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:56:54 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x46e2, 0x22) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:56:54 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 94) 02:56:54 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x4000, 0x0, 0x0, 0x0) 02:56:54 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x20000000) 02:56:54 executing program 7: r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000000c0)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000080)=0x20) ioctl$PERF_EVENT_IOC_QUERY_BPF(r0, 0xc008240a, &(0x7f0000000100)={0x1, 0x0, [0x0]}) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/keys\x00', 0x0, 0x0) preadv(r1, &(0x7f0000001580)=[{&(0x7f00000015c0)=""/4106, 0x100a}], 0x1, 0x2, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000600)={0x0, ""/256, 0x0, 0x0}) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000000500)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r8}], 0x80, "5fabd34a60e47f"}) ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f0000056b00)={{0x0, 0x8, 0x7, 0x9, 0x3, 0x5, 0x6, 0xffff, 0x3, 0x1, 0x0, 0x0, 0x3f, 0x1000}}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={0x0, ""/256, 0x0, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000000500)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r11}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9, r11}], 0x80, "5fabd34a60e47f"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000054940)={0x8, [{r4}, {0x0, r5}, {}, {r4}, {}, {r4, r5}, {r4}, {r4}, {}, {r3}, {r4}, {}, {}, {}, {r4}, {r3, r5}, {0x0, r5}, {}, {}, {r4, r5}, {0x0, r5}, {0x0, r5}, {r4}, {r4}, {}, {}, {}, {r4}, {r4}, {r4, r5}, {0x0, r5}, {0x0, r5}, {}, {0x0, r5}, {}, {r4}, {r3, r5}, {r3}, {r3}, {r3, r5}, {}, {}, {0x0, r5}, {}, {r4}, {}, {r4}, {}, {0x0, r5}, {r4}, {}, {r4}, {}, {0x0, r5}, {r3, r5}, {}, {r4, r5}, {}, {0x0, r5}, {0x0, r5}, {0x0, r5}, {}, {0x0, r5}, {}, {}, {r4, r5}, {0x0, r5}, {0x0, r5}, {}, {}, {0x0, r5}, {r4}, {}, {r4, r5}, {r4, r5}, {r4}, {}, {0x0, r5}, {r4}, {0x0, r5}, {r3}, {r4}, {r4, r5}, {0x0, r5}, {}, {}, {0x0, r5}, {}, {r4, r5}, {}, {}, {r3}, {}, {0x0, r5}, {0x0, r5}, {0x0, r5}, {0x0, r5}, {r3}, {}, {r3}, {0x0, r5}, {r3}, {}, {}, {r4}, {}, {r3}, {0x0, r5}, {r4}, {}, {}, {0x0, r5}, {r3, r5}, {}, {r4}, {0x0, r5}, {r3}, {r3, r5}, {r3, r5}, {}, {0x0, r5}, {r4, r5}, {r3, r5}, {0x0, r5}, {0x0, r5}, {0x0, r5}, {0x0, r5}, {r3, r5}, {0x0, r5}, {}, {0x0, r5}, {r4}, {}, {}, {r3}, {r4}, {}, {r4}, {}, {r3, r5}, {}, {0x0, r5}, {r4, r5}, {r3, r5}, {}, {r3}, {0x0, r5}, {r3, r5}, {r4}, {0x0, r5}, {r3, r5}, {0x0, r5}, {0x0, r5}, {0x0, r5}, {0x0, r5}, {r3, r5}, {r3, r5}, {}, {0x0, r5}, {r4}, {0x0, r5}, {}, {}, {0x0, r5}, {0x0, r5}, {r3}, {r3, r5}, {}, {}, {r4, r5}, {}, {r3, r5}, {r4, r5}, {}, {r3}, {r3, r5}, {0x0, r5}, {}, {0x0, r5}, {r4, r5}, {r3}, {0x0, r5}, {0x0, r5}, {}, {r4, r5}, {0x0, r5}, {}, {r4}, {r3}, {}, {r3, r5}, {0x0, r5}, {}, {0x0, r5}, {r4}, {0x0, r5}, {0x0, r5}, {r3}, {r3, r5}, {r3, r5}, {}, {0x0, r5}, {0x0, r5}, {}, {0x0, r5}, {}, {}, {0x0, r5}, {r3, r5}, {}, {r4, r5}, {r4}, {r4}, {}, {}, {0x0, r5}, {}, {r4}, {r3}, {0x0, r5}, {}, {}, {r4}, {0x0, r5}, {}, {0x0, r5}, {}, {r3}, {r4, r5}, {r4}, {0x0, r5}, {0x0, r5}, {r4, r5}, {0x0, r5}, {}, {r4, r5}, {}, {r4}, {}, {r4}, {0x0, r5}, {r3, r5}, {0x0, r5}, {r4, r5}, {r3}, {r3}, {r4}, {0x0, r5}, {r4}, {0x0, r5}, {r3}, {r3}, {r4}, {r7, r11}, {r3, r5}], 0xa7, "0b437865acbc9f"}) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x1c, r6, 0x4, 0x20000, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x40001}, 0x0) sendmsg$NFNL_MSG_ACCT_NEW(r1, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="44000000000701080000000000000000010000030900010073797a310000000024000780200002400000000108030140000000d30800024000000e78080001400000000563232062a263fa995fa69f6258a39c4a67f2010e237fb268d454088561e87a23cd8a9e912d9963b96c82c4d8d14edebc055691cc2f55623a17ccb8b2a23d121e7c8b6a5c5eb23ed2c9dd36c7b33d14d9af60fb3c930726fcc03cf6f7970d76dc729fb79be5308f8c3fd50296e1e8195ecc1734c1b37b76e14d8e5f4419db312dd0714e1cf5cb89366c6bab59ed58d28ff1e01a47a3a80cbb79b1a2a1514ef9fd2206454695e5ea081157e160d8a3928fd0b6c69b64b4bf52006a2c71cf0f329f5a4ce92ffae8b7b3527cbdd9bbbd067bd67597792ada7e887354f058fb27"], 0x44}, 0x1, 0x0, 0x0, 0x20000001}, 0x20000081) getsockopt$packet_int(r1, 0x107, 0xb, &(0x7f0000000140), &(0x7f0000000180)=0x4) openat$hpet(0xffffffffffffff9c, &(0x7f0000000480), 0x101000, 0x0) syz_80211_join_ibss(&(0x7f0000000040)='wlan1\x00', 0x0, 0x0, 0x0) socket$inet6_udplite(0xa, 0x2, 0x88) [ 2695.974505] loop5: detected capacity change from 0 to 265728 [ 2696.007330] FAULT_INJECTION: forcing a failure. [ 2696.007330] name failslab, interval 1, probability 0, space 0, times 0 [ 2696.010077] CPU: 1 PID: 13385 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2696.011535] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2696.013460] Call Trace: [ 2696.014122] dump_stack+0x107/0x167 [ 2696.015042] should_fail.cold+0x5/0xa [ 2696.015997] ? create_object.isra.0+0x3a/0xa20 [ 2696.017129] should_failslab+0x5/0x20 [ 2696.018080] kmem_cache_alloc+0x5b/0x310 [ 2696.019077] create_object.isra.0+0x3a/0xa20 [ 2696.020000] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2696.021068] __kmalloc+0x16e/0x390 [ 2696.021857] io_setup_async_rw+0x180/0x580 [ 2696.021879] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2696.022752] io_read+0xe98/0x11e0 [ 2696.022796] ? kiocb_done+0xc90/0xc90 [ 2696.025473] ? mark_lock+0xf5/0x2df0 [ 2696.026274] ? lock_chain_count+0x20/0x20 [ 2696.027170] ? __lockdep_reset_lock+0x180/0x180 [ 2696.028172] ? lock_acquire+0x197/0x470 [ 2696.029020] ? __lock_acquire+0xbb1/0x5b00 [ 2696.029958] io_issue_sqe+0x2e8a/0x77b0 [ 2696.030812] ? perf_trace_lock+0xac/0x490 [ 2696.031691] ? SOFTIRQ_verbose+0x10/0x10 [ 2696.032550] ? lock_chain_count+0x20/0x20 [ 2696.033455] ? io_connect+0x610/0x610 [ 2696.034282] ? lock_acquire+0x197/0x470 [ 2696.035112] ? find_held_lock+0x2c/0x110 [ 2696.035970] ? __fget_files+0x2cf/0x520 [ 2696.036820] ? lock_downgrade+0x6d0/0x6d0 [ 2696.037720] __io_queue_sqe+0x90/0x9d0 [ 2696.038565] ? io_issue_sqe+0x77b0/0x77b0 [ 2696.039430] ? __fget_files+0x2f8/0x520 [ 2696.040268] ? io_prep_rw+0x7f5/0x1050 [ 2696.041112] io_submit_sqes+0x44aa/0x8610 [ 2696.042032] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2696.043090] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2696.044110] ? find_held_lock+0x2c/0x110 [ 2696.045130] ? io_submit_sqes+0x8610/0x8610 [ 2696.046269] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2696.047517] ? wait_for_completion_io+0x270/0x270 [ 2696.048763] ? rcu_read_lock_any_held+0x75/0xa0 [ 2696.049981] ? vfs_write+0x354/0xb10 [ 2696.050951] ? fput_many+0x2f/0x1a0 [ 2696.051908] ? ksys_write+0x1a9/0x260 [ 2696.052914] ? __ia32_sys_read+0xb0/0xb0 [ 2696.054002] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2696.055350] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2696.056686] do_syscall_64+0x33/0x40 [ 2696.057661] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2696.058998] RIP: 0033:0x7fc0e8027b19 [ 2696.059975] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2696.064693] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2696.066654] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2696.068474] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2696.070329] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2696.072173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2696.074032] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 [ 2696.127996] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2696.163560] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:56:55 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0x0, 0x7f, 0x5, 0x1000}, {0x5, 0x0, 0x1, 0x3}]}) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f0000000800)=ANY=[@ANYBLOB="0010040000000000"]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x80, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x3, 0xffffffffffffffff, 0x0) link(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='./file2\x00') 02:56:55 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 95) 02:56:55 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000140)=0x7f, 0x4) sendmsg$inet6(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000001c0)="2cfdeda479e5", 0x6}, {&(0x7f0000000c00)="fa8ec7e9b740a36c7146eea329dd98fc59454b68f04bcee84b7683b8eba70d857aef5d4b8237b7b668c212ccb08f774bd506976be6b74e1fd79afef02ad50a61bf9ee0992b4938def1a8ab02993daabd85ddd250b7f8388b8933c57a321806f3270b6489833165f815e9ce298c1a87a11b48fdef34e5b09c5e567343a9b19d1b383edd149c35db3fbb19bb4cfdcf3d8b908ca32f8bbb4decd513a3a6acd72dd4fa15e61bb6703d70dfe5b934f0081d8ab40c22b799def8f4cd4ef43189fd9addb5ca76aa88a53fd71db84aca8151418499ba7d7ca2e603b90cdfc054dcb18ccd4e1ecfcb61e0a50663627a2f25bc5f5b8d057c774bbf2ed51a0d92701d96b4af364a59444d1c2f8bc3e22c7b6978351fe143e6500b85f5212d7ce6fbf93e781c0aed3ad624726a92f0e3b838ee12983178e6b5f2236f8c80f9649f8470a7b82442f9a7985bae9a645d3b88b57adcd63dee6deda91bd3f6f1ad725a098766660108bf9fbf51024425174c137f320147706771f31f550fa1d3a2601c664d65e6e4db59e4bfb95d29c90c8766cd5fdd98d480dbffacf64eb42c7fdbb950b567109e4ec1698cec46a0a9336db01edf6df47638ae031b926ab0dd55edd0b35eae33c044a4ff0260143b8cfc5e77587f706fe7e3190a994aa6f899a5457ba97c688589d6d7d3d7b3176924786f4abec8054c9687ddf38fe21766a0a7f7c274911d0281bd301f52f65deb86aa09b06c613b63f66ea72d1f1d5ac85563f765ca7df3c8d3b9910d91a88c1fb289cff9e81328ed57b5c858be13bfbc3eab18fac37c667845ed1702fc14289252c2a4d325c5e5426873446b3c0061da985101b56da82f3dd0ccb557a4e9be3f68389b1683e62062c0475327900b1fea909c9a04fe274087c160c5bd76560dc60996b42dcdf5c5b1bbeb73c4ca76077d01640a7890a36a3e577261742af62f2da5d42add528e6024957b2011208525d129dcf9e7e237e6601b829d38864df762c5c724165dcee6504f08429433e811b199e270a1200a1c8ca725c02da6ce25e6b3b260917879b9f3161579075e9200043f371c16f795f6da47ac6df9a9001f874686612cb27dafa7b78de0e7b930ef52b8d59e3a396afc1818c0e451b6c45c32e60eaec2e61cbe78628e360eaf78ab452c924a24d69aa0f53b768593ba9eb8c61fa02647207fdcc1054b698f4ebb42fdac5f5515f1bb7a9479b3cd89b8592fec9e7b7e7c1fe6dd4f1e14b2066329dfdf6de41f960fc25f3d6dad822a4c0275b2da7354d3f310bf71ffa815b8e0e5e38dbf6d35399d75aee9f3b5920c2079116cda3cecc0f36c79a82cc55f0a8ffeec21db182f3365b8f5622c541ae06323c94be876ef7819e47e56c88d76bd8e96eecb0526e48a64c2b4ca2ba8ec014d9111dabd20493e01fda2f00d83246d24f58251658e6bb147e0895841d77e05f4a432a938ace73af664896c13f6af898c14b0fddd3356148a61b06fec5c8de248ce6b7b4e174cf6b9aadae3fc31cb7e9b5cbcf6d82c89583e4ea1474e39610dc1c7e1cfbd9bdc09eddce7367d19691476d105596d17639bd93e825d7f356abb86aca6c9a8b510c1762c1f700320e1eca61322855095e048f912aeb108b02143aeef4991693ddd08a937afb7f23606403d0cbfb35df26e17505988045e17aa11cc0877365064415aff82b8165d3820cf0c8154a9bedbf15a6823aa4a75e21c04f44e3e5459772eb21a851bb5a9807caaec820d59e7837beda05a6b40b78e4bec139b5cf762b953b18029736fb69e6db778550f123fc898d9e16b3cfa636ff74f63532328268f6cbd3fa7041fd362e99f8a19765c853193ca71dcc5a5efb12e36d6847776c5014ab3e370b1ff782ef1c1ca597f045ebfb86d00d5378208bd5f724cc14270a839be02d2f842b75dc741c0a0c2cc2007dab2d49ee3b62ee3eb13131496584cdfcf43161889e63aeb5f1d24ec75fe5f9f46f0492c72453731e87197b003450893ff58c664b78b103f3fbed1bc5a347524b461b4a24a2deb2d77cac0dff6d2de54843a8f962c1b8e4fc8a6f9cc0f062496a5793216791731ca2ac1d8293b6ef2253c5711404672c85e28e8802ed32dac39780d3e747ac389622caac9ad6234e7cd3b566efe5fcb6be8cc472bd1f7281c6597f3f1272e13672548ab8d308ac1e94f2b898c465b1368bfc379874e5074fe4155c3d17634093174ee434cc354645fd275aaadaef0338e33656ebcccc54f7c9da98baf76973bdda864303f52dc343d25a7fdb96aa3c645052d2a8368cf13a7ff14ea05e25b50838edccd3564d36b04ccef14a8382750ca2492749f27c594358036e3cd77c9f9d296784265f357f14d76eb3da9f406554269fc660df36df91e341d57971506ffd94aa04c80989d2af21100bd4f908980ab04968c4191e54f40f5b71f14cd198a9bc3ba842ca573d9afdaa667ef5f35ea1a51ab1667ec4bc0bf8805845123eff77a79806c966f776597e91680b7762431b5c0686ce8d56c1592da3b52a6c886642a8293dd1334492e7880a7f2f273df45719f4518b70e85337fc54186f2aff0a6894adcc76ed58da5ce756f08de5792e9b3b2f1982fced0ae4be34d624a071930ea1d7e51825829bcb136f15b0cd9ea06f17b151ca89462ef7306be81df25a69d29b4fc7d8ed78bf83a376bd22aade77b24e6787c584edb2ff13660b98685fecd3f7b53c84b239f3b5936cbeac63e28c9710188390dbf735c4f0c2e593d7f2b885e00c96eb2cf36dea157f220299057bd5da18b60ed4264bd31ccc3d55b3247b8639618aaa0d7ea312f0f39ce379db35375fbe1df70a2a3d278f5caf09362a56d1b02c343c76b325354bee1cbe909aeff36b9375128f1a4ed894b4bcb2301a40f5e2d8a294cdea84b6a1615cbe9d3e414b3f2298caa223b6dc41efad9096c8b100f9b611e41f37d7759bc1d52c63821b905b1325cf5420339de4783ae7c581a1c4cdf5cba469103b87b8739bb60aad28418b664aa23798045224929e2823aed512c3a26a24d32564c3e9f8f4ac83b390f5ced2e84cbde4c8a398ffa3d495eb619ef1229c43fadb23b0166e10d6877b88d00a4e9109510731bd803c27a615e790571d631c78ce9f3b182f70ae8c4e146708d8b2a4dd682e2deddb642f70285e0db4c396ec0c5c0ae698920e16c0d838211ddf60bb7d2656b1fb266f30645019786e9ee3d47d2c893f048633274e49ab7e7d71868d13735645087721678e1ef08884ad706b8eac51b97fe8a099a5bac824f14f5bacbba312de94022352998025d7fd86e7756311dfcea486a86ea393e56a662bbb2c90a8db33c005e406f75b52f9c33851dc9cb6da79b22f5c83b24a189d0dcb54b458fb3a79592b7d9e084e70efc07ab9477de6da8f9c6ca3c1c5661805ef17152deb1d266d6117f2581fab9e1c25a38b49c5a58831a00a997d995db4869cbe0ab5993105bfe1e4ec92b1481a7a3aa7ef66b68bfcd2552c95fcf534b656b8187f2da5beed967b74078ea0d6b7e70258a09b824627a1c1549886ca4ea0005c1c4b6c70fa1ef9f9fe9da68f10c50c28d30bf56db71a1c5567d50ba456eca088772284a064525e2fd77bd70f4102216e7a0871ba06d1306a77a93400838ad6629d537f3fa4e824c63c25f64cca365e6e62c9f5aa3a4635df879f06dc74c55d37aba4de7f8d4ef74df125a1a4cdfac72a826ff79343ce008fae12a2a7824b566566bd745ba705a31e66ec0eb3dc8b0e8fe67de972338fe12aca782c3b468fcc1ef31383e9a19db6c18c0a44589e17290f9539094d12e4abf922fd2ecb91c73e6738c95aade5e92626283571431aff89549289bf1ea96c8d785580a29d6e706c05a0e281ae5e904f06e7bace10a409d91a5a8293f0db23a1806478b4025467adb5d530fd59770ecb4ac1086d1cb5b03f017eb89f674c2dcf10680f742dfaa995067764055674e8d7ac919f7b118be733bdeb939b434faf7a7d9075f81513a81b0a212ed5e9d834cf0bcea7195c5e913faa09896fdb4a8b80c6d452f6de74fb542ddf1e472c00fc415c3ec80356e5ed23fc2b80120b08bc538d812873fb404c6838b11f836af998d687b11590b1981adff3e5d23c10ad50759bcef081c98c017c4ddb83299c951213f34e1d11bc511e7d5306687695c960423d79eaadd83df87d54cab1c9b21856b4a1ed39e48a1e9b8a66c9056611886f9b4572abf7bb5bb80d44a956d2ba5922c5a8f5f388e11e4e40e6cee8607878de3cbbaaa9802438a9e8f02f887db1273884c982cc886f90708d41412ef692e1b8bec5e44e91bad13c5cfd0c2441c06cfc0fb3fcfac0cc4874d44cf5de2a9143474df4328e94bfd7d2af5c2d19395a30d61aee852f16deccfaba63aabcb12c018a0623944561680c6eed5be565fa59ea34857f548ae207a381142729c48bfe362d51b9213a7c5a3396759b1ea020766d66ec2af95827b4fd61aae23132d99a4c29f35e20e516243c7e7d6d575501d108c226b1c1c54d5bffea6fdf17d13d63e2cae1ab9254f99671ae5628f7d4e803e4c0be43632b8f7bc305230fc4b2550d7028e662b48fd166c57500f1144d511d172b7e0221816fc4466a37e3b292d9163a4a4d8021222edf60da6d33fa42d212162fafb8b5eef21e4b61a98e2938d580a5c331a7b6a1882a26cee7c61a9bccec7c07ded70b5581bcba5a90ef76cb42fb3cea7465349f983f3cb48a852f877c8921925e25bf009f38b9a0fcf9eec11a047dd2668f5749317b366ab08f94a806382adcd4d73c016217284b606c0484cd3687a944ed8ed8a8eca148878b9b3f1af0e71dc9e3589c5c08417744612eb9f37025d7e48c90f16d4b6d187bdc11171cb1cf1b35c1f54a4164c57c1876f6b7204c6c8988fb14b893c24744084efd5efd3e5024172063a5abef8395aa71a919dff0c0384e3f6bd716cfb83b3de42f482d5e9656a09778553179819568e6c3406dfe7d8cc73d02b34afbd5b2b80366ec2f6e284e3d8bad42de7fedee3d63ac70d8ab82585d19a363b73016c8b6644fe2eaedd75a651ee19b2ba6c5a135b0cb80ad454c175d51830310ed64c7af4a365975ac1e02936a58cd80a67d8dab497d9fffe5675e4df8df3f34d7d2a2912c825c72314d02abe94befa8d1fbc3bbf1ae9b3ae7e0e9a2b915cdcc335375387c9046453a32975d41e85f94f15185857d69c5c05e482501fc61ed4c23eae0d3718a6804245630b679abb7d02a46177c1688d2332e3bd53eda1756a24dd3b2c80decf1110a80f208ed75f6b047436b7b2203794d335ba1ed385ae00fef75f930c911d9803d57ac534787938c1431632d7f1708d2797899a4c18c8e797de7ff02c04bd52166c0944e88f2400f4ad64591cfe4a440022919f9dfd096e9502e440735488474bd6c309bb03522df8a4549d87b26a4f06b16bdcd29aec301f11bd6a249fe2c9db470ba198ed2e2c757579cab51dd0f6fafe65b82c48c879ce180eab1959c4fb20605070703d7d15d70398c30ba5557dd28047eaa529ad409cf90d389c68d7b77b6ffbfb0be0ea78a869de464bf37d3318214b6fc81e1708ed1b5ec0ab4f4d64ef1f0965ac10d011605d4d7eab242946c8206bcc01db2ed231694f69710ce9f0a6e0b10ac6aeb797dda89341ecc82aa37a8b3d5df87c62ed3618fdae706612e7a2441158545d4b6e85166ba6a6f730549a6153c38f448f4dee92cad3f4e8633baa184be5baa0bcdf34eea007609877c219df0599f53319612468ede849f1ed1d2a036303a5d758c766cf5c8b5b04f2", 0x1000}, {&(0x7f0000000200)="5aa7ff7874bf297c5732e07b343f396b1b755357ee03c839684cd759a5c2b0b4137f71c321deead1a0fa0124e0c6d97fe23e720076af78acfbe4e6e0674fb346e6210aa679f116448eff070ad3045b", 0x4f}, {&(0x7f0000000300)="d9bfdb67adf70d69455472ab0b3ce4d1143b12f94ef4e3d2e9b08ad7f4f84b821555f62170c5f51257854f4cbb6403e9f3a0031d8f8b875f46d0ec4d5a984a2a61bfd6bbf2eda40e835abf986fb47bdc9c238a7bcc14fc1a0af02d7e46a301117c7e75b2034f7155840dc318cc2595311f72320eac3423a3be4c77739afe6dba5e4ac192f14f0a8c3c810c951f686b3886300be1bc6f1a20e5", 0x99}, {&(0x7f00000003c0)="6b28ff9471549f1ed65a20a0088185c153e422378954d857bec662681d789cf65dce148f1f79b1360340ae2f2450095cd7c306688d1c3f85e24829945094acbc2ebaf8fb0f95c3158b4e2bbcf84b69e1e96a1e7f3c7c6e0bb25ced6e396e27b225774fa1245dd472956be116b1715ad9b5c623f934c5f0fa786a623108271e4ef217de7cbe436888", 0x88}, {&(0x7f0000000480)="99f0baa785d55ab077cbddcec5397e710e6b1c8070ad0bd5732770b5db21274e93049c4ebecda283f0530e0073b5ff2641765a113b076bb086bd869b33e4ab5a470d882445a09213ca2f938663cd610f1ca5d271b237d68a4142f084936bf9b2cfc8e8933f9305cb6e968c1df2fb40b97b982572b275d07232e63ec7e88a50b106e910d22313a886f810d442d536d30990071b682806653d7695d4c25d6e2a6c09604ecd3757b191a3d3afc69fc8cd14a218878bb37422a8c0094afc737382", 0xbf}, {&(0x7f0000000580)="c857c59b3454ed2f29f7e87e793674ade66993e44d6dc4579444d5da0fe848722bf67b027f1e4f1a991dfeee", 0x2c}], 0x7, &(0x7f0000003e00)=[@rthdr_2292={{0x58, 0x29, 0x39, {0x0, 0x8, 0x2, 0x20, 0x0, [@private1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, @loopback]}}}, @dstopts={{0x1040, 0x29, 0x37, {0x33, 0x204, '\x00', [@hao={0xc9, 0x10, @dev={0xfe, 0x80, '\x00', 0x1d}}, @hao={0xc9, 0x10, @empty}, @generic={0x0, 0x1000, "27569dd8a0a906f43c5cb02f75ae6bc2686b96e9061d78eb3cc4c2d07fea28c77e44f89860183deb14281f26b4f728c27467a1f41f2d163abf7de1450e131ef259f9a0b535edd8dd302c2e6d470fe0a04e3dd558bee166f1ad0f5571b994fd866abbf7168e19c715b9027685864624a8288e9eca33354d9b975de9c7e26f9192ce2b55d7c16736c46cefed9541b7efd25a5024241cab1be05b2ff0152bb9e38ea334b8d650c2ee9ac8c642ce47cd439e193ff533a8bd780785f6182fec039b3d7805c10f215449160f3dc8cbcf203e9d1cc2129b4289564c39c99490a7ab025d7607cd376a188afb02a6e503f6ada085cabb0c27b16aea2337d4a0e74d40a35fa49cc6178590aa0635523def13f73701c6d8c8f7b255702aed7021a029ee18cdf47193b537f9355668fa072a58edb3e7606efe9f1d3672ee63df06eeebee759ad1e0832264cc38ebaee6ee97202f3b6d855e95ee7302905bce833a2fe1fc0f07e1c598e794c54c17776a95f1a59d4058ce78441b5c2eabdadfe996fde954a734c4cd610f7c6a0bd8ddd94d6d5a4e6944619713e917546d0232037c0b883cf8a94ef27696d6927b8e12416db8feb60994958c448bfa646a7592d89a84a37ea04d2f205a5e5cae22b67d1acbdb8d5a2d0846d8538f477805dabae2ec8f6b98ee523f34499e4eb7abff0c421490041b2e51e7a3d025fd064cdee931cfdcec7526d7f978a276bb96b858e88f69e4bd274f8ba816c7bc928710c8554feb5bed01e4d5c358bf798bf726aca23e92ea5a5dd0cf067f207c843affcca5a8db297db2fc76a81e3f802022ee0b12dc2094345d24d8f2c0b2ef551a6065ccc987506340df62c3233636987af7ccb77eb2b0dd4cbf787278ae9e040cb188db393a14dccd64be9cc610a4349a19bf02fe0f4af411161c9b66c2803d92a5cb55bf1e5b807940c23d014c48d6f0329d2e6170c31a69dd46e6234b34773d83299d68b3274cfb3d74508ca3d3a4c1792478095e21cac826c9dbcdeb8d94aa4aba1466e1ae4b1eecfc339cb014f77e3c71caa8772e465b6b48a3635866496a97062efd57404ae7a9d286a07a20e7eca015a42bff17aa2f134016efac4a33339d3d4f01bf55e75965c7916a26e910db9e1f061e1bbb7b2c9e0197d5f30202e1445f7636ce3a965cbb46d7d4b78b950e3602738aabd1d61e37c632b545f0ea0b4626dfb3c36dd4d8bdc874b8d83880002095b709b89a489b41a53b8b1ae88b08a5e53dd91edc9ef619b3e9052de6983a631983e364920290b4c52d9b662edaa6897d9e09ecfb3969ace8fc1f88274d757e54b244563f8bbbe6c620d3f0c04b674b0021689051c02970bf0c7e0adffac454fb93335a58c48c530bec94a8ff014f9b590e0e06477572fceb973ddd67f8a082289361d43cfcb4634e934685c86964806f7446b3ff6a3f04b93b1afa2ff8c5f9aa489cb555f6537b3f5fcb2b7485526133ed3fb0a3954b7d4361704e08f856ea1b571bdc4cb01561aba0e4f96e6116b65802f3ad8753697fde35e07342b9aee050a18ac7d355c5aea3e9a7f9b491e1ed1f3343679846fcf5313fd42b0087a2632eb549988195236365df3c756ac091c976e5a365a69c2d7004fefb05a6e0b2b54723cfc4783a6ec620320982b220980608c15f0ce145fe065de36c1b8751c8b29b59bf9d21585d429ea8af0ede41aedb4a1d3a94ba7f6a1eaae95709883a4334037ed3196e9d7fa1e337ba1d0fecab4d3035ce483725294bf0d2fc38dc991a0f9e571d59fa598c8f985259bd1afa9e6bd8e7b2bd54b53c77a04fdf8f5cb89c02afd1e40ace684786eadc874e716d7cee9712fbc3025133c7cbcb029fd036ff77d93d4c617b6bbc1458114cfde2b24310fe8238c9276b9c11954850f9f1ed9e8780007a21f4e2bfb222428e46bdad51b50f4ef9ca11baff98354363c8e1a132f7924b325a11c75a3c0b21eb1f5f3425e0b32f759e7fdafaebf4d0052586465eb1d095015ee0d23b2e08daf1fd088724112b7df20a5bd5f5b59ef5ea9417c0579a79936d30e2007cc53812285d069297ef914f1d2d72f91526b75681e88fdf62439354d6d4dc55c1105936043f9590df2871dd9db0b764b7328be965a0b5494fc5d01399614ac7daee788c392b13832297ada84419936405748bb8da800b9079f31e1c3ef248109c039874409fdbc3039c24186136caf7d9069269e7664936c27881ca6d53878ea53fb3607301a01fd25885e84393d7ee68a7ab95eeb3f682356ba4605675c5dcceeba5dccd1863566d0efbc7b37a8c33e778ee3c3cbe3f82a6fbfdab034ec164363ef7016fd84d340366e4d2fbd5f05c459d9d7b6ff417b51f4037ce0cc14e953ca68bd9c974879cfcb7b3c34288b24a511963e84e34b7b66875b3b644c55f2183989f45ef9e26f9ae76cdbcfb0577def5ad040d3e29e4a9f6c5a4dae79ec2955d7b05f3cceba820a8d92937b97c7109c6c50e543baa204745274b41a116ea262bd865956b17c14d505886301f7ba649cd37d1e5a8c07cdc35bef16d456571f0a7a41d3ac6b9c2b96cc41058b1f972b32f47ecef7ec8da1ef8061bf731d0d44a99bc3e4c86f752f583f2ad5012a479b0d99511b099509bba2e71b0a2413eed637d01fa055309ae95ee0d52571dab2a02536f3b846c2ad0ff581cdfe0d181e3d4b9d155758bae2cbc703d0df96f059ff42c020af9a03f0e4dabdca331337741ad719dafea7952a65ac61dc37097332deba7d1eedbd3ba6126237db72de5376a71fd745bf22f0be1086c77c3ac8156805fb9b8dc020ed14058f040c2ff170dcdd11b00cef02c9d5e0989a9f51a796778bc81524b0b19523107d1786e2b959a4eac38cea000524332455971a43e4bfdebe0dbc9cd4f2a83d818e7caecf460017b220e064afa42ae5214cbc70d0e9ab75f87165efa9e22569825fdff18e62d8e4f33c4887df12f1359ba4669e3b9a8e8348c7c25a5a3ed3b41a2ba540647b15c6b539e52224adcacd3be52dc19f4bbd4a3f2d808b9d5865e9a27880d2a914966bcc705ebe47b2447eed49c7c3441179b79bcdb4b3b3ddcd4e4ee34f2087b4df7944433e0627efb405fe1a530c5e6c50a65aa551d339e9e70d5dbc66b7d1ae55d10fcd64caebcf43610cf341f446ba8716a52eaebb097b16f8e88036a23c7fb42bbb69db0b94cdb5c0543bed513bed50869126fb97b3ee444537d4ac07801dcc8fcb5630c2c157fa1ee2ebe853cb1b348e5a0c59cb7ef3409fa9aba0c28e904ab1e6f797a0ebdee507c868fb487e7f9d8e071d013138923275848d970a2f4ac5c4dbc031c52c68acb7640ff2736d2639e9815f9d3ddb89b4f5b9ee192aa85d0920f5f64e2ba11bbaf8891fa418425c358a6388b7037ca0a5888087c44495f592dc54a97f643808e491806eb9865db8bbb1aeb0ef2db6243ff65e6dbb8746512ebe513781998c1342ec967e1e2431a1fc6a76eda4591fbce97fb8d5255d30625b26ee2ab4f2287a74c05c4e919c29bc6105f636b11d11ae6c53669ec140015ed8b46242340603c46dd2cffc6116393cd9b36e7b8a8aa5a8be9a9b0206106463517b5dbb01fa3f5918b9f1a9a0e30103509b4a38651e8ffd0e1c712ab76b321e81ebae214218ee7fb151167127eb9a93f840ad728567d1d8e2ea86dc751b49ef4c6aafc719f0340278131e1f2ce8a1c5b2519ce0f4f276c19bcd248b96d52cc6db24bd0e499d42ffccd94b41086d0f683bc73eb283231e59493c76f5ce635e5273e7ab43fd66a7a795d6d53d08a52e317b9b5dca9929466d6276e1506047f936adaefdf748ce30a759cbaab4fbf711c4e467862391ebd86fc76d184bce729f4778a1946c1fd8f6da8a2554e6a6c498fdbc8a547eb6424a9e642748dd113aa0c0283d8654f4f8df561d499d2e6205617b0664721705e7d3c112acb61f2ce8cb08a62e06ac71b27a59aeacb4ee0e548cc519bc10af8e3bd4165666665851828166d45058bf0350ddc36e0b0fc32efe15b935370a4cec5b93f57899d15d13646b4ebfa3ba888e1a2587993726742da108aa65ed91ab5eddee8847bfe7ba26ad066e458db7ddb3b64a70d07ea91cdf51f05155252116c9b880838f7684fc03870d4a1a12bec6637f02035111a5624e3ce2fbd08af4bc8525f8da1d2a546c3727fff406576b8f8fb591f324d686e3c3dd7e33202efe8b251457f59d13b9c3efa4541af5ea6dd44f32f78358507cbc5400cec4c1dc3a5b7f9c89ac630abd292b3cba3bda0133c3d2fe4b2f2fe48602637ef35c81c6fe6582ab2d0f5c7bb748a5a866803967ac03b0920b26bdb92ac4335e9ac7732d0bbaf5917f53c95781da4b4ec6d7ec07e6c591b6b658e6a2a507e47b3ef26cda9719dc14ff4a26c4a9c103204cee7d97794e42e01ff1d8389632735c9135022e2f350323b2d42224492c8492145a15c39893958e26f7323959989d37a057098fc61cec33a3488d41a950781160724cf356732fb83841e4a5f7acd7ae1af59ab795342e4547e4ede7ee2a8d981c3f6670421eacc93870fd2b498154e8edb255a3485071f6772db059521db8e0944957dd3d4828681424cee854b220ff0c8fd224acf1076d8c40cfdf464b2fb25342bc7d2027b217342f733847b5ce497e35d727dbcced296bbda61134e64a6ca5a10b7fce3733b34276daf730a34fc77d5af7bf8b3dff98f1c283c5f4e946c2a6136917892b83fc6bf9792e3e289ee43c83624076ad17ec451a702f7fc642953b672fe32f8c12ab7b1c93b3f30bd6749b5352efbe8f3626b132ae9e47b32b4e65375308daa0f77d8d6180d712477111673e06266326df69a47d5da881ab1b2eae84a7524ec97dca0711538d04c85e8dcaa5a9574032cec3bda0dbc6031b1132fcdaa94530135e53dce12c045c1bdb8632821cf81b90ec8b417020e4e5602e6b4733300d70fc06cc6757ac5966316fb941f97e88e406f0b8fb93ab43d468492e49269290fb00700960ed527531947802ae33cdb139a55dbaf15149d7a48eedbe4d848d32b75b727f1c80842cf4f8b3c89fc5d009faf35b8ba8ef8a84bb105793e273455583da70e72c5a13008248fa158777efa36308b81d98df0426476965591006949604499b631b74fef621e33545f1bd3e1e58a2373faac7884b0c98b44cf4d4bb0ef37f11314d7eebc9527b01b605d8546ec3c03266d156b912b15d9647e94335fcfc04dd85b29b1002b076165a110b5f3e7c1ade6d142dd5fd5e17e8ab7c383d22a59322eec585d962087667a277fef8c88a43471127ff056530e0bdefe04855b58bb12f038283b97a7d82a7deb240c2f62a6d3fba14f49945b9ee42d02b9eecd4fc13bf28fae04992f0bc066423d3de37c52955c7fe5ec5309fcf2c943204b41fcfd66e863bee8c83590967db609337c5833951f9acccd9e63abde95801f7930d42136b6fa077d7ef46ec0f6413b4a7e2568b380d37fc29694ba1fb5d5843f51fcb251fec3d1c174bec05b2e38ef73e6052f1630710b18623ec7c4fdae6fd3cfc558c6579b685ceb8fe4c5031a7ec84463ce3081303c144d0b2a94db7c96eefed8a47ccae605a84f73b5041c2cb4b83bc9a13e1229022ba9fc8f30b51b130fe8eca8eb64989a7e1c909348c83fecf27fba1dbb9e4216414211523b4cce9db07c36981c0d472b8d627bcb1f2152df67ec8dc6b1ac380d03c4b1588a1466359a301cf983746db6881ae0e187c1d75d4e63d07cae77cc9c6a64cae01fef33ecd191e5b237d22a91a63215c6b455f265efcdfa0bc61b00"}]}}}, @dstopts={{0xc0, 0x29, 0x37, {0x2b, 0x14, '\x00', [@generic={0xff, 0x94, "149264017aa672b418070870432cc57034bbbac47901a488aa655a2f2c68498fa8a616b0db3b4a98125f52eb528d0013d86e3bbdac9c3f0680c29e5bbd5708f87a4de8b2ca034efa0b6f727efb1181e69410a89c945e032b4ed420810bdda346d26c1c729acbec52fb90252e63265557d6480cc60a0a961c95fe198062576fc979f28ec730e38fd1eef5f4730f1be611101f2fe6"}, @jumbo={0xc2, 0x4, 0x2}, @jumbo={0xc2, 0x4, 0x6}]}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x2}}, @rthdr_2292={{0x18, 0x29, 0x39, {0x2f, 0x0, 0x0, 0x1}}}, @hopopts_2292={{0x40, 0x29, 0x36, {0x5e, 0x5, '\x00', [@hao={0xc9, 0x10, @private1}, @hao={0xc9, 0x10, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @ra={0x5, 0x2, 0x40}]}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x9c6}}], 0x11e0}, 0x55) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote, 0x2}, 0x1c) sendmsg$inet(r0, &(0x7f00000000c0)={&(0x7f0000000180)={0x2, 0x4e21, @multicast1}, 0x10, 0x0}, 0x8004) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x1, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c) r1 = fcntl$dupfd(r0, 0x0, r0) sendmsg$inet6(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000bc0)='+', 0x1fc0}], 0x1}, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDPRL(0xffffffffffffffff, 0x8923, &(0x7f0000000000)={'sit0\x00', 0x0}) syz_io_uring_setup(0x446f, &(0x7f0000000040)={0x0, 0x1969, 0x10, 0x2, 0x0, 0x0, r1}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0x0, &(0x7f0000000540)) syz_io_uring_setup(0x24, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000140)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000300)=@IORING_OP_SPLICE, 0x0) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) syz_io_uring_submit(0x0, r3, &(0x7f0000000b80)=@IORING_OP_RECVMSG={0xa, 0x5, 0x0, r4, 0x0, &(0x7f0000000b40)={&(0x7f0000000680)=@ax25={{0x3, @default}, [@remote, @remote, @null, @remote, @default, @bcast, @rose, @rose]}, 0x80, &(0x7f0000001cc0)=[{&(0x7f0000000700)=""/254, 0xfe}, {&(0x7f0000000800)=""/131, 0x83}, {&(0x7f00000008c0)=""/226, 0xe2}, {&(0x7f00000009c0)=""/112, 0x70}, {&(0x7f0000000a40)=""/34, 0x22}, {&(0x7f0000000a80)=""/149, 0x95}, {&(0x7f0000001e00)=""/4096, 0x1000}, {&(0x7f0000001c00)=""/187, 0xbb}, {&(0x7f0000005000)=""/251, 0xfb}], 0x9, &(0x7f0000005100)=""/177, 0xb1}, 0x0, 0x20, 0x0, {0x3}}, 0x8000) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f000000aa40)={0x0, 0x0, "c009b39830e4109622d7a29d0bd42e6d365c8384f665a2104b6faaa5427626b93311e77f0de4211e1217bc355a5246327eb7ba126bf7e4adb45535a4d9757c77f555e42c9254e9f9089be590271f821f5f6b632da2dabf1d6e618629da57a34a33f5e913338e628f32d84f60dbb9f94b70f1828e7d652bb2443c02901738d15cd72d14288f0d47dfe96e49988d0402f96628f97be361723e018daf71ab695fa4726664c00ec9aa53b8c092760da4cd088f03fad6504eceb8949dc35abc6c9f51916777bc38aa3669fb220546dbd1024eb87da205b46ec35180a8fcb898160855b5044023da75f2b1f285c1462a8afa95492a14be3f42052ff535612d226506a0", "7374bf600a2dbb0a10a4446998c60bc654676f080ecee8672b9b990319e9f34b4c45be9b1cbb8fbe1f4541599e2a8deeedad6067575d671432b4ba4028542704ab850b2cd326bd5a16431e3e06cbefba068d34f999e863befaed31fe2f898bdfe4043148f4d1cc27af274cc202dd9cd92b1891ba85c4048baa5cf0aa7a3d5dbef19adb89a7123a5c5cf1f42650df4c63aa25c0c5f606a072b8c1910206999409a39439cacd824f129adb4177e14f533050e77cfd6b9e760c12899b047feb4c8e5b746e5570db48fc8fafeccf98bad6d99a585091b403666ded97ce43cdf6dd1791052bc149861ea2585dfb28b538cc9fe6ffc5e07182615951fd668085ed124af574a07e3495491f19b1aa2a3b69028ccacd78524d988b224ab17ed905da0b840b4a9939e2af6efdf4221126075a8964d904883db014031e0924681a4ef3795071b256b75002a7df298c87c565b1d8a331e7d0c1000e1d707100917dfe107f87ebea9dca1b708b01cacf1c9f348c0d0fd64aa64193637c7169264d06f613c41be60f39b0cc9d813ae5fca2222832f86f2ae87e883efd48df36d16e6c1ca5c378f6ff0fbace91eb3099d744b16171fcc1ab7d5456392f0878ecf27e8caad7386663de490c3044eed7e7cb83e675716eda0cc09f219aadddd814c88048a7c6cefe69a79f2f7a234cfffbf19ac7a9f6ef59faf2776ac3d636904ec1bda09b1c9d8caeafa918983215d866f5cb6f1088e7e99a43425913d258a3dc8550fcbca3e0bec47503e24d709dd1fd1bb3cd92837d10387a0eebb98aab27950a2a66dc0b9bad3e4ef6393036d64949931ffe6479073790b3b885ac8563d4018e9227d644864c17f048daefbb192d15b56a2a440ad6d4ef5af2ac9904d8b69c64d2368928d7595594e6c3fd23229cb6aa80ec308301b1c94777900d34b1b3eea03dca765036a3f5351551affb585f22541074380b60ca062bf8a8a2324fe61ecad5733aec51e0c5ddc648280556b8a038b5816947b1637ef598cfd134cf9833d875fd23d22f5f74e74a4634d50a3ac908eed128f4297924296d95361b9504c08df4a0603eff93ee34bd45ed12e8d06b8f399fefef4ced732aad15b70f3e276101fa4b5a5c17435d0999b3345ccfe853c955e8b7927c7a171506b8e5b4de8a68cb5e80c3709a0e15643b5772d82d04859133e09fa8ab81ac042e67bc918f2847af14a4eb77c3fcac3132ec1af5a57d85acb9ce91d9d15019904396737ade63df938e6f054f8ee21e8994d45b0801ccd8ae8bda90128cb05eddd297d800412bc01fc5cfdfa9d473641fffc793b513da3f7565a27c4ff3678ac6f71560cc6cc95fb4d20f85b7934cb4a4f614182d331ab53b6a09ff47fc272b6c1f5aaca477bfdfed3fac942d639773b7a5656c526eb595d6fa9d301c425947f37088447cb4400c37750b76eb6c1f7933e43b27224c2fdc053e55125d00ab11428af674f58bd5c3ea1ce4762856afccbd37dd59a5e726f2e5e770bcc8372304fc2a33611234e3b0d411fcae8691e621b64581dc32b3d97c02920877b2c995018dcfff2da8687bc64332cffc3d355931561dc799d169f61d121f242dd3605e3fef8a46bf73998202d6a87671719896c61d729006104bdb7e926020f28260c75c2c754e5f073097d7031567e62cbfcbff541702cdaf498bbfe01e2948e6e164271ca4ab4df68a1569d29d3ce7029c0b58d2a1e6d179fa817ec9df17195c8b83a7a7508f18f0e3d07e8871f331d7a151bc11301c7dce402e6a5fda6f3096df2ddfeb48b3991e055c55d2a071ed66bf378e5c451f849cdbd7951cacad16d6b5734b71db866e77086bfab1797942633ec688d78bb2fccaae2b0e796b852b278bd4a4648d0811293e1bfe68e30b42eb27ac0a4e435e086b4cfeeb9fa539f0d800b6108e4c7b9d7237746770a3f3477646b7c9bfd2bc111679d40bffe221be492ba984df6cd4d7d8f9cbf7185e79804416be68d8a2bfa28e5bec4b57bf5f08eeecafabccd55744e49bb4a7dd1324908d91762b9884e7268d0bb6290be3b51091ae6ccf2ebbd4945dd7913bd38509a00ce38d955909bfa1f3740fc123a12e15b853b59b9b691460afdcda150d39e566a83eaa0c3b7bac9819bdbc7e0a620206be87ff2f8ea8091dbffa014d2f2eb919040a434cdeb3db68adf845d2ba751dc0e1ce4afd8672a5ecf0653b8c672c3265aa236a174185f4b4a291bda664bb79c13f8b6932a831385773898d194d2500b38fbfff8c4acafa5a80dfd3f1f906132885446f9f7ad787dbbdab593661ab1c255df879eaf4ca739deaa11379a5c6b650472257fa54b646b29ceb3dbe27e3584914f9f766bbbcc67abeffebb0df881a42b8671bba930b04d1d7710cc15d546ee69ad40e66f04eb28af8bd17b739e68ad75a239303fb97b18f8f08d2f95bdae0f245ebdfc3ecf555a6fd53f5a35af8b2dd016b227d209fc8323a7576e66a9913a0ad4f19d30d2b6f25ac8b5b6c762e2c68c76f9bd7818adbb3c9b194c09471482ec6898754469076b8674ab9e26b5977a0fa693160f18a01d2f2c362186ff75c205cec261d9e6c431ee672e4056b7e458ef02dca1167d09de5977210461758ed506290477a63c5af0698a1f4edf3bc569692bc9febd5fd641860dd34a6926af47ae7bdd3cce59a5b24b6944075e30ec2f2dbd043ebc57a39eaa5559bc4f21f08198e0daa2e8506b21160c8f9b629ad0e80d5e99e5cf4c4ceefb8d9fe5493ebcb066a647269fef2146f1ed55dac66974446e650e49db26ceb24c16c24885a2d2d011d11ec52d5b7a9c8096314d1dc7c992a1dee70be2fc0cc2d9fc94b0d02d479f6f4bfd3fa20df42568e27c0cea6caa1028d5dfbe6a9657053c06132387f9abfbaf93d9b335b69b168bf7fdaa0a44981dadc3358b50f1b24d390f8858d6775fa838388ff8a69b02bf446028485ba9e0c15731288c186b3cdf2fbc088f13f50e5eecc9b3a058d1369b7a254f11aa81a5fabd862bfd5226ce26e0199ef241badd55ba0d6087e9eb1661111a6afef1caf2bd54832bb5a3e8b864c8af220a8a115746c1646e78471ba2edb7c63fcff7f6be047a5f740525fbe5e259beee146dc2a609d3fd576e826ee1e4fce8ccbf75aa713514bda04ed4086cdd11a770cbe5782bca23f5f3ad8682609d5c5d4e5ca4e117d7423740b41081c6945b446223bb435c6ae2314552b7bf53a8b2c8a7a2a961d17315e0f7a660624b119c89ae81d2214b03cd79bc3eb355bf06811d7186b1f0a7219dd8d4096cb0df940719279357b853bc7c5bcf645aa65c12227859ce0851953fcefa6051f2a31e3666abde9ef1ece3eba658de696edf5d87a7d562dfe1f6bb9ac5e6773bc9069c732683715868cf14825345fb60665982549b9bb7c5b7d934ed0c4d136fa089f8459d473bf1ee678cf88c26f4f5ac681aa6dbe6ef78c26e7a3649ae0574f550f9fc64e8caa14586cbc43d8ec72a3170fc4f6c78fdbd40332c1f35adfc04be68a067f2c03325d624e21fa0e1fa6ea879caa84665bedefcd19759872824a0053a110af2b6099d8ea572b0c81cea39147bb2dca0eaefd4be8c3b59b98c27049f04ae5f3652ade0e1561238296d17979581b93d0ee26464fb5675b968cbc397558207fb1d5365f73994c0c8f2bcae0164e74d602a4856355b214af58b6357b2505779260ec73929eb4fe1047bbc2a125ff6c88718d2b8b8fb9c0d1cb1760748ffc5e4998dbaf8fad99df26b2eaf99bce2541d287b243d7b9cf0ecb25588d14c6228a6cb5413f48e3d07817d258c45ca0ab3494ca5b59f87abdf38e439b4a31d60d9474a52e465f36dd0cd56f00d4e5e563bfc6421b40a7522eb71894a698c19510fa7dc690b6b3f782d88e61ca635d5efd4c9c1725dbf24e0c8e246a2dc979e4750de8347687038f0441858bdf5a06bcba827d8d1327601943ca9fd004c121034fa6e1c8b9eff5da764961f5700eab97380e99b37f302239b528b36f5c9bbebaff25edae48fbe59dd272099af5c695a19b62f64485ba01ae8416c02f04360be933b8ba8a49c6c1188a78c3d36d0c61f61b4002bfeb669e29bbcb306f573528a749b085500c7649aea469fca867da4ca9eaecc75a70f41baeb80bf803402a9066dc1e8243192b78533e0ad590e14fd2bf2ce3ac943ade1fcefd247406785ee387d18e9afe8845481748fbadf4d081e01ecce50ef1fc5b457fa296b833d77390764e2af12f7930c6334476dc4cf45d9f272e364336810c11318bd0a95233005d66fe81a5708ae5fad8c7db17e6d97d2340651f7aa7a36e132a77a7a6206b36a95ccb5a48cb19bd3bb886ff0e77bc76653912149ca85895c4f80c373cbbd4305a91213e8ec5b7b18d8587d723c18f02854556aaaa540935eab2b7470a7c1c40c7e843ac1221a51e92eb05af2342fea7c853a46182c8384612aadb40145b95de565140003468eaca74b38bdf4dc640d0af80c3dd81747652c5fe15ffff8965a150a4ca6a9d9c91d067b4fac49b23cd2041dfdab22126c97d812b67ed638cc65d75d836bf439807cd7cd3cd0e6b30c81983e3f45a00282a14d401d81ac7c5544510dc7d157eeaa18b09df5ec949a22d7342b5b720b2a47251e995410f9b35d90824c1b19beb8575c9efe2aaa2a2011790a1099a924c01ca835fb7cc561eb2310a5331d4d9c4a9ee03a5f1364c17a7f4511c0c1b929c630cc110696f9e94b4107d0b75338fda2c5e0b8d46d19b98071e328f57debd56b4a0a9009913ac41518a08e6fa533edf20db0dc5eff43cd3ead623fc826ac03925490537d6b6a47f27031faa17f9852a3cb72d2088f33d35846a40758e60dab4b3980d032adc3e4faa61ff8aaea6b08bc9705cf097701e9af550fa43ec06c0ae2257927eebcbbbf4a05ad8097597943d6aed8a950ba32bc0d19827539019397e2fffa5f7379ffd7ec266f0c1cd947aab0c9e73c2796bd4c32fa0a0effbc84570efdebd3ac1eb57cc89cdbed91ed43a64cccfeba427a017a07d84acc850a45e2f26639598ed061ea81b60fb1873983591d446129ba8b27a4aef3311292017e3cbc00533824888ef80ef1a85c86a370dc11694d2f455e04ceb8811afa53aac77c65b38703d18167aedcc077c988dd9832ee1999a82c8752b921bceae484c19cee6828eef373c979b5c3f208080c8dcb38c53e384bebed6c41c3b9d6958bd2b952d82d17b262dbf30f90ab5c5d197ccee9f6b6525928b0100ffdeace644e159500495ff5a0ea7df7b9ab63617e3879818e25341e97d839beefdf248222cadd61a5d76b1ff34704bb78656afef7994904da269f973598217edc3be93157185aa15ef225f6471d7786a5e28d0f145b96566e101bf46723486867b9aa90f9eb4d1f5612d4950160c1504a367daf984"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000002e00)={0x7, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}, {}, {}, {}, {}, {0x0, r5}, {}, {}, {}, {0x0, r5}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}], 0x4, "9755154351ac9a"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000007d440)={0x9, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r7}], 0x0, "46dacd8396fe92"}) 02:56:55 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x800000, 0x0, 0x0, 0x0) 02:56:55 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x3, 0x4077, 0x8000) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) sendmsg$nl_generic(r2, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8001000}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0x28, 0x12, 0x200, 0x70bd2b, 0x25dfdbfc, {0xe}, [@typed={0x14, 0x3e, 0x0, 0x0, @ipv6=@dev={0xfe, 0x80, '\x00', 0x2f}}]}, 0x28}, 0x1, 0x0, 0x0, 0x4041}, 0x8000) 02:56:55 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40e02, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:56:55 executing program 2: r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x20000000) fstatfs(r0, &(0x7f00000004c0)=""/89) fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f00000000c0)=0x2) syz_genetlink_get_family_id$tipc(&(0x7f0000000100), 0xffffffffffffffff) r1 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r4}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r4) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x0) r5 = open(&(0x7f0000000100)='./cgroup/cgroup.procs\x00', 0x141000, 0x80) r6 = fsmount(0xffffffffffffffff, 0x0, 0x74) ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r5, 0xc0189375, &(0x7f00000005c0)=ANY=[@ANYBLOB="010000000100000009000000", @ANYRES32=r6, @ANYBLOB="f8ffffff0000024cf8aa351218c66f32199dd3657acfb71d60326a8888a43be76742eeafe2638abcccf1988e5437354fc8b3a577004a01000000000000000000003f1648d85704053e86d778d3bec88ac7dceaf1e27e66efc9d3aa63af7f0e7658763a0a73b608796d34320ca47dc19606aeeb7ac1516679d326c1518c93b81ea97f09aed359cb44f9a982f36e0004ca2c235096f92cdcdcdc3910ba59f259498e72a3748cf3b108cf1600e1bc02618c4bd4ef6d68531d7c30036642bf25bdd8adab41320188f1"]) getsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f00000004c0)={{{@in, @in6=@mcast2}}, {{@in=@multicast1}, 0x0, @in6=@loopback}}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2, 0x4010, r5, 0x0) 02:56:55 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x10000000000) [ 2696.457397] FAULT_INJECTION: forcing a failure. [ 2696.457397] name failslab, interval 1, probability 0, space 0, times 0 [ 2696.460123] CPU: 1 PID: 13408 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2696.461621] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2696.463541] Call Trace: [ 2696.464228] dump_stack+0x107/0x167 [ 2696.465213] should_fail.cold+0x5/0xa [ 2696.466044] ? create_object.isra.0+0x3a/0xa20 [ 2696.467025] should_failslab+0x5/0x20 [ 2696.467971] kmem_cache_alloc+0x5b/0x310 [ 2696.469028] ? mark_held_locks+0x9e/0xe0 [ 2696.469965] create_object.isra.0+0x3a/0xa20 [ 2696.470885] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2696.471957] kmem_cache_alloc_bulk+0x168/0x320 [ 2696.472926] io_submit_sqes+0x6fe6/0x8610 [ 2696.473846] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2696.474893] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2696.475915] ? find_held_lock+0x2c/0x110 [ 2696.476777] ? io_submit_sqes+0x8610/0x8610 [ 2696.477708] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2696.478728] ? wait_for_completion_io+0x270/0x270 [ 2696.479742] ? rcu_read_lock_any_held+0x75/0xa0 [ 2696.480712] ? vfs_write+0x354/0xb10 [ 2696.481502] ? fput_many+0x2f/0x1a0 [ 2696.482269] ? ksys_write+0x1a9/0x260 [ 2696.483071] ? __ia32_sys_read+0xb0/0xb0 [ 2696.483931] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2696.485031] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2696.486130] do_syscall_64+0x33/0x40 [ 2696.486913] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2696.487986] RIP: 0033:0x7fc0e8027b19 [ 2696.488770] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2696.492648] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2696.494257] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2696.495760] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2696.497257] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2696.498770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2696.500282] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 [ 2696.556071] loop5: detected capacity change from 0 to 265728 [ 2696.594347] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2696.655607] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2696.665583] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:57:14 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0x0, 0x7f, 0x5, 0x1000}, {0x5, 0x0, 0x1, 0x3}]}) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f0000000800)=ANY=[@ANYBLOB="0010040000000000"]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x80, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x3, 0xffffffffffffffff, 0x0) link(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='./file2\x00') 02:57:14 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40e03, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:57:14 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x20000000, 0x0, 0x0, 0x0) 02:57:14 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x515aae7d4109f442, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) fsetxattr$trusted_overlay_redirect(r3, &(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x8, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:57:14 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) open_by_handle_at(r1, &(0x7f00000003c0)=@nfs={0x90, 0x24, {0xfa2, 0x1, 0xe1, 0x80, "eef18813a193e571aa4441e25fc4a9dbcd9bb80c5450241675a00a53c62691ed2ed9bc5e522dcfe7f5856db4ba12586c25dd7d86a4b07d4e067ad272916ebe3042b06f5f2dd0d7616dbc0f6031a7c16cd927baf2ff1ea3414717ec191638c76460b60c4996f0a5a78c50d4de28395e68858eac77648e83297eca1ca9d6d9c084"}}, 0x270801) r2 = openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000240)='./file1\x00', 0x8) fallocate(r1, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(r2, &(0x7f0000000000)='./file1\x00', 0x503800, 0x6) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:57:14 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 96) 02:57:14 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x80000000000000) 02:57:14 executing program 7: close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0) timer_delete(0x0) timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) timer_settime(r0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0) timer_gettime(r0, &(0x7f00000002c0)) socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@local}}, {{@in6=@private2}, 0x0, @in=@broadcast}}, &(0x7f00000000c0)=0xe8) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000280)='/sys/bus/machinecheck', 0x6281, 0x19) timer_delete(r0) timer_create(0x5, &(0x7f0000000180)={0x0, 0x1d}, &(0x7f0000000240)) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0) clone3(&(0x7f0000000880)={0x20000, &(0x7f0000000640), &(0x7f0000000680), &(0x7f00000006c0), {0xd}, &(0x7f0000000700), 0x0, &(0x7f0000000740)=""/224, &(0x7f0000000840)=[0xffffffffffffffff], 0x1}, 0x58) fsetxattr$security_ima(0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000ac0)=ANY=[@ANYBLOB="040041b2042131d734a29ade8b0360792e8a53b0e02e668b3ca330f8b59aa7134170c5612d31161d11a6fbcd060200000024c5df081650478277b5405e62aba026eb436609209c45f379b7476400f18bcdde5eabc96bc52a72b288ef8e8d6c8201676b82e9ffc81985cabb4355c826bca259bd0dfd7397c81e880390f7118889a1b8f858430699a64f3107c5f47baebeaa56000000000000000029f7cfc5f87b6bb6d3c602f209a2aabeb298f06e73374ccc30d4fd279538bb65919ee41a214607c00774aa1c77e26391d2166fc59fc63a79db3192dfa1a84467ec07cb50e2ea1993a8bbbb1858e4422c6abd082b3754499174110315288ea4eff39a0f1406a6b9da003d50ec13a2a1633b83a0ac23914893e373000000e5f3dfd13672ea507188ac3799f84dc5feb7c30eccc2f8c3c6f6f390ed893e3df2d29efd9e3c471400a62cc65587d5ce2c4d723d2d02aa483147b430b361435e1f01dc5a3bf626957002a84006985e839e17639e0b607d5e50349af65f4f2bbd4d0346f1fdc1b2cffe4d20ca9404add59e86ba6adaaadf1d204882ab6c333951c4d1524ce9bcd4beaaa6b1d48329038ca4b24fdd5c7c0819d5c856a569abbe57c2c143709acff8b288c477a25e79eb3448c6a4e08a36402cd49229bd7f2832789d17c7e1e81a516f736faa5f78ca4ec4073f2b26e28f6e011beb747919f888890f14b3fd7aec1f8bd4f3ae3327459786fb19842dae42aa95cb3f20619c51b098f0f13ca7a757b0cd23bdee855c74363a11ff7b3784da3b78494040ab0e1c566c29cba52a7d0a20b11f98951e624b0cd5e1f2ee516bb3bdb0901fc92d5335e9ac4bb0dca63680f920f052626b4dcc070663a9f2dcebbf0c233a2dc307975f5f48ee74d68a5b9b67b6b5f92cef18a93e656b15e3aca7031d9e2b7f139420b5f7dab410"], 0x4, 0x1) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000100)) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)) clone3(&(0x7f00000001c0)={0xc8182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58) [ 2716.093772] loop5: detected capacity change from 0 to 265728 [ 2716.160894] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2716.171340] FAULT_INJECTION: forcing a failure. [ 2716.171340] name failslab, interval 1, probability 0, space 0, times 0 [ 2716.173411] CPU: 1 PID: 13453 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2716.174612] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2716.176059] Call Trace: [ 2716.176535] dump_stack+0x107/0x167 [ 2716.177174] should_fail.cold+0x5/0xa [ 2716.177857] ? io_setup_async_rw+0x180/0x580 [ 2716.178623] should_failslab+0x5/0x20 [ 2716.179281] __kmalloc+0x72/0x390 [ 2716.179873] ? lock_downgrade+0x6d0/0x6d0 [ 2716.180575] io_setup_async_rw+0x180/0x580 [ 2716.181302] io_read+0xe98/0x11e0 [ 2716.181929] ? __lock_acquire+0x1657/0x5b00 [ 2716.182677] ? kiocb_done+0xc90/0xc90 [ 2716.183325] ? mark_lock+0xf5/0x2df0 [ 2716.183979] ? lock_chain_count+0x20/0x20 [ 2716.184732] ? __lock_acquire+0xbb1/0x5b00 [ 2716.185467] io_issue_sqe+0x2e8a/0x77b0 [ 2716.186153] ? find_held_lock+0x2c/0x110 [ 2716.186833] ? perf_trace_lock+0xac/0x490 [ 2716.187526] ? SOFTIRQ_verbose+0x10/0x10 [ 2716.188210] ? __io_arm_poll_handler+0x59b/0x9e0 [ 2716.189006] ? io_connect+0x610/0x610 [ 2716.189681] ? lock_acquire+0x197/0x470 [ 2716.190358] ? find_held_lock+0x2c/0x110 [ 2716.191101] ? __fget_files+0x2cf/0x520 [ 2716.191774] ? lock_downgrade+0x6d0/0x6d0 [ 2716.192479] __io_queue_sqe+0x90/0x9d0 [ 2716.193123] ? io_issue_sqe+0x77b0/0x77b0 [ 2716.193831] ? __fget_files+0x2f8/0x520 [ 2716.194497] ? io_prep_rw+0x7f5/0x1050 [ 2716.195148] io_submit_sqes+0x44aa/0x8610 [ 2716.195863] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2716.196679] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2716.197476] ? find_held_lock+0x2c/0x110 [ 2716.198230] ? io_submit_sqes+0x8610/0x8610 [ 2716.199071] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2716.200033] ? wait_for_completion_io+0x270/0x270 [ 2716.200882] ? rcu_read_lock_any_held+0x75/0xa0 [ 2716.201693] ? vfs_write+0x354/0xb10 [ 2716.202382] ? fput_many+0x2f/0x1a0 [ 2716.203076] ? ksys_write+0x1a9/0x260 [ 2716.203791] ? __ia32_sys_read+0xb0/0xb0 [ 2716.204451] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2716.205411] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2716.206398] do_syscall_64+0x33/0x40 [ 2716.207059] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2716.207980] RIP: 0033:0x7fc0e8027b19 [ 2716.208585] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2716.211596] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2716.212838] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2716.214014] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2716.215165] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2716.216361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2716.217618] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 02:57:15 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0x0, 0x7f, 0x5, 0x1000}, {0x5, 0x0, 0x1, 0x3}]}) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f0000000800)=ANY=[@ANYBLOB="0010040000000000"]) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x80, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x3, 0xffffffffffffffff, 0x0) link(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='./file2\x00') [ 2716.235428] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2716.257374] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:57:15 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x42, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:57:15 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40f00, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) [ 2716.554597] loop5: detected capacity change from 0 to 265728 [ 2716.574618] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2716.603895] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2716.615900] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:57:31 executing program 6: r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0x0, 0x7f, 0x5, 0x1000}, {0x5, 0x0, 0x1, 0x3}]}) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f0000000800)=ANY=[@ANYBLOB="0010040000000000"]) mknod$loop(&(0x7f0000000400)='./file0\x00', 0x6000, 0x0) link(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='./file2\x00') 02:57:31 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 97) 02:57:31 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40f01, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:57:31 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x2000000000000000) 02:57:31 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000000)=0x20000000) fstatfs(r4, &(0x7f00000004c0)=""/89) ioctl$BTRFS_IOC_DEFRAG(r4, 0x50009402, 0x0) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000000)=0x20000000) fstatfs(r5, &(0x7f00000004c0)=""/89) mmap(&(0x7f0000ff6000/0x1000)=nil, 0x1000, 0x6, 0x80010, r5, 0x3188000) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:57:31 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x40000000, 0x0, 0x0, 0x0) 02:57:31 executing program 7: sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40004, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f0000080000000400045539545cee", 0x22, 0x2100}], 0x0, &(0x7f0000000140)=ANY=[]) r0 = openat(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f0000000000)={0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'}) io_setup(0x5, &(0x7f0000000080)=0x0) io_submit(r1, 0x1, &(0x7f0000000300)=[0x0]) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) mount$9p_virtio(&(0x7f0000000540), &(0x7f0000000340)='./file1\x00', &(0x7f0000000380), 0x800000, &(0x7f0000000680)={'trans=virtio,', {[{@access_uid}, {@aname={'aname', 0x3d, 'ext2\x00'}}, {@loose}, {@access_client}, {@debug={'debug', 0x3d, 0x10000}}, {@version_9p2000}], [{@smackfsfloor={'smackfsfloor', 0x3d, 'nl80211\x00'}}, {@subj_type={'subj_type', 0x3d, 'ext2\x00'}}, {@obj_user={'obj_user', 0x3d, '\xd4\''}}, {@fsname={'fsname', 0x3d, 'wlan0\x00'}}]}}) sendmmsg$inet6(r2, &(0x7f0000005b80), 0x0, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff) clone3(&(0x7f00000005c0)={0xd1280280, &(0x7f0000000280)=0xffffffffffffffff, &(0x7f00000002c0), &(0x7f00000003c0), {0x16}, &(0x7f0000000400)=""/61, 0x3d, &(0x7f0000000440)=""/32, &(0x7f0000000580)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0], 0x5, {r0}}, 0x58) ioctl$FS_IOC_FSSETXATTR(r3, 0x401c5820, &(0x7f0000000640)={0x84b, 0x4e090e88, 0x5, 0x9, 0x3}) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) umount2(&(0x7f00000000c0)='./file0\x00', 0x0) 02:57:31 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r2, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) r3 = openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r2, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r2, 0x3, 0x4077, 0x8000) r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) r5 = openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) fchownat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', 0x0, 0x0, 0x1000) r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) r7 = fcntl$getown(r0, 0x9) statx(0xffffffffffffffff, &(0x7f0000000180)='./file1\x00', 0x100, 0x8, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchownat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', r8, r9, 0x1000) r10 = syz_mount_image$nfs(&(0x7f0000000600), &(0x7f0000000640)='./file1\x00', 0x400000000, 0x1, &(0x7f00000006c0)=[{&(0x7f0000000680)="e86220df8e464aaf4c9c11fa943967b0a9b653188052a4d40b1555ab4106c217f83bf9e6227c1f88182ff36fcd5fdd586bdb", 0x32, 0xffffffff}], 0x2051404, &(0x7f0000000700)=ANY=[@ANYBLOB='/proc/stat\x00,/proc/stat\x00,/proc/stat\x00,,/proc/stat\x00,,$!^/%/,euid<', @ANYRESDEC, @ANYBLOB="2c666f0500658b3c", @ANYRESDEC=0x0, @ANYBLOB=',\x00']) r11 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000780), 0x100, 0x0) sendmsg$unix(r4, &(0x7f0000000880)={&(0x7f0000000300)=@file={0x1, './file1\x00'}, 0x6e, &(0x7f0000000000)=[{&(0x7f00000003c0)="492d4538730f8da163827d8969181a49a68ba28b02bd494215cc1674b834c258af9cfeceff954ed9fee28d4c6593f709ccb9e95a56f3208a1a7084016cf238d7b295fb509e84c9205daa530fcce746828c9b75e5e0d4d4476913d25c037588113c3f914d9315", 0x66}, {&(0x7f0000000440)="bb59704446b6cca2abab01341267b9ba71d5bb7fb52320748fbe4a112acebc5c747535f325d0f3103d603e034fe643d037fc2184b8aa9526dfdf290682168506c5c265f27479710195970eedb203a0e37b1551f316a22f4f8009e3f490ca8385ac237596aadcf1c0016cb899054f985c899e9a1edef4f1918184dab7c21eee4cf87b1e0a21fbe6e2be59aa2a9b8bc8c43af486d17d6728375dbe06f8b5e280f0c0847cac284b60697ebe3be7a95a6a8bd58ca72366c1bf91", 0xb8}], 0x2, &(0x7f00000007c0)=[@cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [r3, r6, r0]}}, @cred={{0x1c, 0x1, 0x2, {r7, r8}}}, @rights={{0x24, 0x1, 0x1, [r10, r5, r5, r11, r3]}}], 0x88, 0x8000}, 0x4000000) [ 2732.409023] loop5: detected capacity change from 0 to 265728 [ 2732.425445] FAULT_INJECTION: forcing a failure. [ 2732.425445] name failslab, interval 1, probability 0, space 0, times 0 [ 2732.428503] CPU: 1 PID: 13488 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2732.430082] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2732.431948] Call Trace: [ 2732.432544] dump_stack+0x107/0x167 [ 2732.433369] should_fail.cold+0x5/0xa [ 2732.434306] ? create_object.isra.0+0x3a/0xa20 [ 2732.435407] should_failslab+0x5/0x20 [ 2732.436269] kmem_cache_alloc+0x5b/0x310 [ 2732.437209] create_object.isra.0+0x3a/0xa20 [ 2732.438214] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2732.439398] __kmalloc+0x16e/0x390 [ 2732.440251] ? lock_downgrade+0x6d0/0x6d0 [ 2732.441208] io_setup_async_rw+0x180/0x580 [ 2732.442194] io_read+0xe98/0x11e0 [ 2732.443002] ? __lock_acquire+0x1657/0x5b00 [ 2732.444131] ? kiocb_done+0xc90/0xc90 [ 2732.445009] ? mark_lock+0xf5/0x2df0 [ 2732.445893] ? lock_chain_count+0x20/0x20 [ 2732.446918] ? __lock_acquire+0xbb1/0x5b00 [ 2732.448019] io_issue_sqe+0x2e8a/0x77b0 [ 2732.449107] ? find_held_lock+0x2c/0x110 [ 2732.450069] ? perf_trace_lock+0xac/0x490 [ 2732.451052] ? SOFTIRQ_verbose+0x10/0x10 [ 2732.452125] ? __io_arm_poll_handler+0x59b/0x9e0 [ 2732.453254] ? io_connect+0x610/0x610 [ 2732.454288] ? lock_acquire+0x197/0x470 [ 2732.455402] ? find_held_lock+0x2c/0x110 [ 2732.456379] ? __fget_files+0x2cf/0x520 [ 2732.457327] ? lock_downgrade+0x6d0/0x6d0 [ 2732.458329] __io_queue_sqe+0x90/0x9d0 [ 2732.459247] ? io_issue_sqe+0x77b0/0x77b0 [ 2732.460332] ? __fget_files+0x2f8/0x520 [ 2732.461253] ? io_prep_rw+0x7f5/0x1050 [ 2732.462175] io_submit_sqes+0x44aa/0x8610 [ 2732.463197] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2732.464365] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2732.465506] ? find_held_lock+0x2c/0x110 [ 2732.466591] ? io_submit_sqes+0x8610/0x8610 [ 2732.467883] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2732.469041] ? wait_for_completion_io+0x270/0x270 [ 2732.470185] ? rcu_read_lock_any_held+0x75/0xa0 [ 2732.471290] ? vfs_write+0x354/0xb10 [ 2732.472169] ? fput_many+0x2f/0x1a0 [ 2732.473034] ? ksys_write+0x1a9/0x260 [ 2732.473952] ? __ia32_sys_read+0xb0/0xb0 [ 2732.474918] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2732.476167] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2732.477409] do_syscall_64+0x33/0x40 [ 2732.478326] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2732.479565] RIP: 0033:0x7fc0e8027b19 [ 2732.480464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2732.485338] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2732.487357] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2732.489111] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2732.490891] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2732.492634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2732.494409] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 [ 2732.500680] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2732.505328] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2732.513356] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:57:31 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40f02, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:57:31 executing program 6: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x2, &(0x7f00000000c0)=[{0x0, 0x7f, 0x5, 0x1000}, {0x5, 0x0, 0x1, 0x3}]}) mknod$loop(&(0x7f0000000400)='./file0\x00', 0x6000, 0x0) link(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='./file2\x00') [ 2732.598669] loop4: detected capacity change from 0 to 135266304 02:57:31 executing program 7: perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000600), 0x9}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() setpriority(0x0, r0, 0x0) getpgrp(0x0) r1 = pidfd_open(r0, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="3000000010000100060000000000000000000000050000000101000011000080487fec864b245e0f3f9be149f8000000"], 0x30}}, 0x0) ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0x40086602, 0x0) bind$inet6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) fcntl$setstatus(0xffffffffffffffff, 0x4, 0xc00) connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) fcntl$getownex(r1, 0x10, &(0x7f0000000040)={0x0, 0x0}) prlimit64(r3, 0x3, &(0x7f00000000c0)={0x3, 0x9}, &(0x7f0000000100)) sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000005c0), 0xc, &(0x7f0000000240)={&(0x7f0000000700)=ANY=[@ANYRES16, @ANYBLOB="010029bd7000fcdbdf25040000004404004e24000014000300000000000000000000000000000000000c0007003000000004000000080005000400000008000b0e73697020060002005a00000038000280060002004e2100000800090000000000080006f54f00000014000100e000000200000000000000000000000008000900090000001c00038008000300000000000800010001000000080001000200000008000400200000004c000280080006000300000005000d00010000000800050005001c283171ff89dee001000800070086000000080009007c000000080004000900000006000f0002000078e00006000b000a00"], 0x100}, 0x1, 0x0, 0x0, 0x4804}, 0x44) sendmsg$IPVS_CMD_DEL_DAEMON(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000004c0)={0x50, 0x0, 0x100, 0x0, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_TYPE={0x5}]}, @IPVS_CMD_ATTR_SERVICE={0x20, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@empty}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x2f}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x2}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xcd}]}, 0x50}, 0x1, 0x0, 0x0, 0x800}, 0x4000) unshare(0x48020200) [ 2732.780104] loop5: detected capacity change from 0 to 265728 [ 2732.820026] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2732.832153] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.7'. 02:57:31 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x2000, 0x0, 0x0) 02:57:31 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 98) 02:57:31 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f0000000000)=0x20000000) fstatfs(r2, &(0x7f00000004c0)=""/89) fallocate(r2, 0x1, 0x3, 0x7) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x3, 0x4077, 0x8000) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0) syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), r3) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) [ 2732.862641] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2732.883974] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:57:31 executing program 6: mknod$loop(&(0x7f0000000400)='./file0\x00', 0x6000, 0x0) link(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='./file2\x00') 02:57:31 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x7f86, &(0x7f0000000240)={0x0, 0x7f01, 0x8, 0x2, 0x21d, 0x0, r3}, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000001000/0x3000)=nil, &(0x7f0000000180)=0x0, &(0x7f0000000340)) syz_io_uring_submit(r7, r2, &(0x7f0000000380)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x5, 0x0, @fd_index, 0x5, 0x0, 0x5, 0x2, 0x1}, 0xf5) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:57:31 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x40f03, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) [ 2733.062134] FAULT_INJECTION: forcing a failure. [ 2733.062134] name failslab, interval 1, probability 0, space 0, times 0 [ 2733.064968] CPU: 0 PID: 13526 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2733.066532] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2733.068392] Call Trace: [ 2733.068990] dump_stack+0x107/0x167 [ 2733.069816] should_fail.cold+0x5/0xa [ 2733.070670] ? io_setup_async_rw+0x180/0x580 [ 2733.071641] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.7'. [ 2733.071683] should_failslab+0x5/0x20 [ 2733.074318] __kmalloc+0x72/0x390 [ 2733.075135] io_setup_async_rw+0x180/0x580 [ 2733.076126] io_read+0xe98/0x11e0 [ 2733.076946] ? __is_insn_slot_addr+0x14c/0x290 [ 2733.078034] ? kiocb_done+0xc90/0xc90 [ 2733.078918] ? mark_lock+0xf5/0x2df0 [ 2733.079788] ? register_lock_class+0xbb/0x17b0 [ 2733.080818] ? arch_stack_walk+0x99/0xf0 [ 2733.081781] ? lock_chain_count+0x20/0x20 [ 2733.082749] ? is_dynamic_key+0x1e0/0x1e0 [ 2733.083741] ? __lock_acquire+0x1657/0x5b00 [ 2733.084769] ? __lock_acquire+0xbb1/0x5b00 [ 2733.085769] io_issue_sqe+0x2e8a/0x77b0 [ 2733.086699] ? perf_trace_lock+0xac/0x490 [ 2733.087637] ? SOFTIRQ_verbose+0x10/0x10 [ 2733.088573] ? lock_chain_count+0x20/0x20 [ 2733.089537] ? io_connect+0x610/0x610 [ 2733.090437] ? lock_acquire+0x197/0x470 [ 2733.091350] ? find_held_lock+0x2c/0x110 [ 2733.092254] ? __fget_files+0x2cf/0x520 [ 2733.093133] ? lock_downgrade+0x6d0/0x6d0 [ 2733.094103] __io_queue_sqe+0x90/0x9d0 [ 2733.095003] ? io_issue_sqe+0x77b0/0x77b0 [ 2733.095883] ? __fget_files+0x2f8/0x520 [ 2733.096773] ? io_prep_rw+0x7f5/0x1050 [ 2733.097650] io_submit_sqes+0x44aa/0x8610 [ 2733.098619] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2733.099726] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2733.100806] ? find_held_lock+0x2c/0x110 [ 2733.101711] ? io_submit_sqes+0x8610/0x8610 [ 2733.102699] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2733.103785] ? wait_for_completion_io+0x270/0x270 [ 2733.104866] ? rcu_read_lock_any_held+0x75/0xa0 [ 2733.105913] ? vfs_write+0x354/0xb10 [ 2733.106755] ? fput_many+0x2f/0x1a0 [ 2733.107579] ? ksys_write+0x1a9/0x260 [ 2733.108458] ? __ia32_sys_read+0xb0/0xb0 [ 2733.109399] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2733.110611] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2733.111758] do_syscall_64+0x33/0x40 [ 2733.112616] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2733.113806] RIP: 0033:0x7fc0e8027b19 [ 2733.114641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2733.118742] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2733.120475] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2733.122049] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2733.123630] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2733.125210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2733.126812] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 02:57:32 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x4000, 0x0, 0x0) 02:57:32 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 99) 02:57:32 executing program 7: r0 = openat(0xffffffffffffff9c, 0x0, 0x46e2, 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000200), 0x6}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000a00)=ANY=[], 0x98a) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = getpgrp(0x0) pidfd_open(r3, 0x0) fcntl$lock(r2, 0x5, &(0x7f0000000000)={0x0, 0x4, 0x6, 0xff, r3}) ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x1, 0x0, '\x00', [{0x116b, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x800, 0x0, 0x400000000000000}], ['\x00']}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'macsec0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="3c0000000100000003000000030000000220000001000100060000000700000001000080"]}) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x1) r4 = dup(0xffffffffffffffff) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) syz_io_uring_setup(0x4d4f, &(0x7f0000000480), &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000240)=0x0, &(0x7f00000002c0)=0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000500)=""/142, 0x8e}], 0x1}, 0x0) io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, r6, &(0x7f0000000280)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000ac0)={&(0x7f0000000380)=@in6={0xa, 0x0, 0x0, @private2}, 0x80, &(0x7f0000000a40)=[{&(0x7f0000000b00)=""/221, 0xdd}, {&(0x7f00000007c0)=""/207, 0xcf}, {&(0x7f00000006c0)=""/156, 0x9c}, {&(0x7f0000000400)=""/10, 0xa}, {&(0x7f0000000900)=""/123, 0x7b}, {&(0x7f00000005c0)=""/163, 0xa3}], 0x6, &(0x7f0000000440)=""/8, 0x8}, 0x0, 0x43, 0x1, {0x3}}, 0x8) unshare(0x48020200) 02:57:32 executing program 6: mknod$loop(0x0, 0x6000, 0x0) link(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='./file2\x00') 02:57:32 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = syz_open_dev$hidraw(&(0x7f00000000c0), 0x8, 0x2000) copy_file_range(r5, 0x0, r4, &(0x7f0000000100)=0xffffffffffffffff, 0xd78, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2733.487748] loop5: detected capacity change from 0 to 265728 [ 2733.509243] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2733.535204] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2733.540385] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue [ 2733.562502] FAULT_INJECTION: forcing a failure. [ 2733.562502] name failslab, interval 1, probability 0, space 0, times 0 [ 2733.564892] CPU: 0 PID: 13551 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2733.566215] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2733.567787] Call Trace: [ 2733.568295] dump_stack+0x107/0x167 [ 2733.568992] should_fail.cold+0x5/0xa [ 2733.569718] ? create_object.isra.0+0x3a/0xa20 [ 2733.570594] should_failslab+0x5/0x20 [ 2733.571305] kmem_cache_alloc+0x5b/0x310 [ 2733.572069] create_object.isra.0+0x3a/0xa20 [ 2733.572883] ? __kasan_kmalloc.constprop.0+0xc9/0xd0 [ 2733.573835] __kmalloc+0x16e/0x390 [ 2733.574502] io_setup_async_rw+0x180/0x580 [ 2733.575292] io_read+0xe98/0x11e0 [ 2733.575948] ? __is_insn_slot_addr+0x14c/0x290 [ 2733.576813] ? kiocb_done+0xc90/0xc90 [ 2733.577522] ? mark_lock+0xf5/0x2df0 [ 2733.578224] ? register_lock_class+0xbb/0x17b0 [ 2733.579070] ? arch_stack_walk+0x99/0xf0 [ 2733.579827] ? lock_chain_count+0x20/0x20 [ 2733.580595] ? is_dynamic_key+0x1e0/0x1e0 [ 2733.581385] ? __lock_acquire+0x1657/0x5b00 [ 2733.582203] ? __lock_acquire+0xbb1/0x5b00 [ 2733.582987] io_issue_sqe+0x2e8a/0x77b0 [ 2733.583732] ? perf_trace_lock+0xac/0x490 [ 2733.584487] ? SOFTIRQ_verbose+0x10/0x10 [ 2733.585232] ? lock_chain_count+0x20/0x20 [ 2733.585998] ? io_connect+0x610/0x610 [ 2733.586707] ? lock_acquire+0x197/0x470 [ 2733.587435] ? find_held_lock+0x2c/0x110 [ 2733.588189] ? __fget_files+0x2cf/0x520 [ 2733.588921] ? lock_downgrade+0x6d0/0x6d0 [ 2733.589689] __io_queue_sqe+0x90/0x9d0 [ 2733.590417] ? io_issue_sqe+0x77b0/0x77b0 [ 2733.591176] ? __fget_files+0x2f8/0x520 [ 2733.591909] ? io_prep_rw+0x7f5/0x1050 [ 2733.592633] io_submit_sqes+0x44aa/0x8610 [ 2733.593428] ? __do_sys_io_uring_enter+0x6b2/0x1890 02:57:32 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x41001, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) [ 2733.594355] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2733.595402] ? find_held_lock+0x2c/0x110 [ 2733.596157] ? io_submit_sqes+0x8610/0x8610 [ 2733.596966] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2733.597869] ? wait_for_completion_io+0x270/0x270 [ 2733.598759] ? rcu_read_lock_any_held+0x75/0xa0 [ 2733.599613] ? vfs_write+0x354/0xb10 [ 2733.600291] ? fput_many+0x2f/0x1a0 [ 2733.600956] ? ksys_write+0x1a9/0x260 [ 2733.601650] ? __ia32_sys_read+0xb0/0xb0 [ 2733.602409] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2733.603366] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2733.604305] do_syscall_64+0x33/0x40 [ 2733.604983] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2733.605933] RIP: 0033:0x7fc0e8027b19 [ 2733.606609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2733.609978] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2733.611365] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2733.612668] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2733.613969] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2733.615251] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2733.616535] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 02:57:32 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x800000, 0x0, 0x0) [ 2733.867652] loop5: detected capacity change from 0 to 266240 [ 2733.924857] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2733.950749] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2733.958506] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:57:49 executing program 2: r0 = syz_io_uring_setup(0x3612, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r4 = syz_io_uring_setup(0x3f64, &(0x7f0000000240)={0x0, 0xbd6a, 0x2, 0x0, 0x295, 0x0, r0}, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000000180), &(0x7f0000000340)) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x24, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000140)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000300)=@IORING_OP_SPLICE, 0x0) r8 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r8, 0x40086602, &(0x7f0000000000)=0x20000000) fstatfs(r8, &(0x7f00000004c0)=""/89) syz_io_uring_submit(r5, r7, &(0x7f0000000380)=@IORING_OP_SPLICE={0x1e, 0x2, 0x0, @fd=r8, 0x7, {0x0, r0}, 0x7, 0x4, 0x0, {0x0, 0x0, r4}}, 0x9) bind(r3, &(0x7f00000000c0)=@llc={0x1a, 0x1, 0x5, 0x3, 0xae, 0x1, @multicast}, 0x80) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:57:49 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x3, 0x4077, 0x8000) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r3, 0x40086602, &(0x7f0000000000)=0x20000000) fstatfs(r3, &(0x7f00000004c0)=""/89) dup3(r2, r3, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:57:49 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x41002, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:57:49 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) (fail_nth: 100) 02:57:49 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) pipe2(&(0x7f0000000180)={0xffffffffffffffff}, 0x84800) openat(r7, &(0x7f0000000240)='./file0\x00', 0x40, 0xb0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:57:49 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x20000000, 0x0, 0x0) 02:57:49 executing program 7: r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_config_ext, 0x10200, 0x800, 0x0, 0x0, 0xfff, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0xb55c, 0x8, 0x0, 0x1aa}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000240)={0x2000}, &(0x7f0000000280)='./file0\x00', 0x18}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000) syz_io_uring_submit(r4, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) r5 = socket$inet(0x2, 0x3, 0x2) fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f0000000180)=0x2) setsockopt$inet_mreqn(r5, 0x0, 0xcb, 0x0, 0x0) ioctl$BTRFS_IOC_SET_FEATURES(r5, 0x40309439, &(0x7f0000000140)={0x3}) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x300) ioctl$AUTOFS_DEV_IOCTL_VERSION(r6, 0xc0189371, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000007c0)={'ip6_vti0\x00', &(0x7f0000000740)={'syztnl2\x00', 0x0, 0x2d, 0x6, 0x1, 0xfffffff7, 0x0, @loopback, @remote, 0x8000, 0xcd97d9e48b610033, 0x0, 0x6}}) sendmsg$TEAM_CMD_NOOP(r7, &(0x7f0000000cc0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000c80)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x0) 02:57:49 executing program 6: mknod$loop(0x0, 0x6000, 0x0) link(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='./file2\x00') [ 2750.676939] loop5: detected capacity change from 0 to 266240 [ 2750.695914] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem 02:57:49 executing program 6: mknod$loop(0x0, 0x6000, 0x0) link(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='./file2\x00') [ 2750.716443] FAULT_INJECTION: forcing a failure. [ 2750.716443] name failslab, interval 1, probability 0, space 0, times 0 [ 2750.718497] CPU: 0 PID: 13591 Comm: syz-executor.1 Not tainted 5.10.234 #1 [ 2750.719505] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 2750.720680] Call Trace: [ 2750.721061] dump_stack+0x107/0x167 [ 2750.721586] should_fail.cold+0x5/0xa [ 2750.722139] ? io_setup_async_rw+0x180/0x580 [ 2750.722776] should_failslab+0x5/0x20 [ 2750.723315] __kmalloc+0x72/0x390 [ 2750.723810] ? lock_downgrade+0x6d0/0x6d0 [ 2750.724403] io_setup_async_rw+0x180/0x580 [ 2750.725004] io_read+0xe98/0x11e0 [ 2750.725508] ? __lock_acquire+0x1657/0x5b00 [ 2750.726178] ? kiocb_done+0xc90/0xc90 [ 2750.726717] ? mark_lock+0xf5/0x2df0 [ 2750.727249] ? lock_chain_count+0x20/0x20 [ 2750.727865] ? __lock_acquire+0xbb1/0x5b00 [ 2750.728463] io_issue_sqe+0x2e8a/0x77b0 [ 2750.729026] ? find_held_lock+0x2c/0x110 [ 2750.729600] ? perf_trace_lock+0xac/0x490 [ 2750.730229] ? SOFTIRQ_verbose+0x10/0x10 [ 2750.730800] ? __io_arm_poll_handler+0x59b/0x9e0 [ 2750.731525] ? io_connect+0x610/0x610 [ 2750.732079] ? lock_acquire+0x197/0x470 [ 2750.732683] ? find_held_lock+0x2c/0x110 [ 2750.733320] ? __fget_files+0x2cf/0x520 [ 2750.733928] ? lock_downgrade+0x6d0/0x6d0 [ 2750.734575] __io_queue_sqe+0x90/0x9d0 [ 2750.735170] ? io_issue_sqe+0x77b0/0x77b0 [ 2750.735810] ? __fget_files+0x2f8/0x520 [ 2750.736439] ? io_prep_rw+0x7f5/0x1050 [ 2750.737051] io_submit_sqes+0x44aa/0x8610 [ 2750.737718] ? __do_sys_io_uring_enter+0x6b2/0x1890 [ 2750.738496] __do_sys_io_uring_enter+0x6b2/0x1890 [ 2750.739246] ? find_held_lock+0x2c/0x110 [ 2750.739877] ? io_submit_sqes+0x8610/0x8610 [ 2750.740558] ? __mutex_unlock_slowpath+0xe1/0x600 [ 2750.741290] ? wait_for_completion_io+0x270/0x270 [ 2750.742044] ? rcu_read_lock_any_held+0x75/0xa0 [ 2750.742776] ? vfs_write+0x354/0xb10 [ 2750.743334] ? fput_many+0x2f/0x1a0 [ 2750.743851] ? ksys_write+0x1a9/0x260 [ 2750.744425] ? __ia32_sys_read+0xb0/0xb0 [ 2750.745002] ? lockdep_hardirqs_on_prepare+0x277/0x3e0 [ 2750.745789] ? syscall_enter_from_user_mode+0x1d/0x50 [ 2750.746606] do_syscall_64+0x33/0x40 [ 2750.747171] entry_SYSCALL_64_after_hwframe+0x67/0xd1 [ 2750.747943] RIP: 0033:0x7fc0e8027b19 [ 2750.748496] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 2750.751303] RSP: 002b:00007fc0e559d188 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 2750.752460] RAX: ffffffffffffffda RBX: 00007fc0e813af60 RCX: 00007fc0e8027b19 [ 2750.753534] RDX: 0000000000000000 RSI: 00000000000058ab RDI: 0000000000000003 [ 2750.754636] RBP: 00007fc0e559d1d0 R08: 0000000000000000 R09: 0000000000000000 [ 2750.755696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 2750.756785] R13: 00007fff14c7947f R14: 00007fc0e559d300 R15: 0000000000022000 [ 2750.763843] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2750.775127] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:58:10 executing program 7: r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_config_ext, 0x10200, 0x800, 0x0, 0x0, 0xfff, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0xb55c, 0x8, 0x0, 0x1aa}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000240)={0x2000}, &(0x7f0000000280)='./file0\x00', 0x18}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000) syz_io_uring_submit(r4, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) r5 = socket$inet(0x2, 0x3, 0x2) fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f0000000180)=0x2) setsockopt$inet_mreqn(r5, 0x0, 0xcb, 0x0, 0x0) ioctl$BTRFS_IOC_SET_FEATURES(r5, 0x40309439, &(0x7f0000000140)={0x3}) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x300) ioctl$AUTOFS_DEV_IOCTL_VERSION(r6, 0xc0189371, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000007c0)={'ip6_vti0\x00', &(0x7f0000000740)={'syztnl2\x00', 0x0, 0x2d, 0x6, 0x1, 0xfffffff7, 0x0, @loopback, @remote, 0x8000, 0xcd97d9e48b610033, 0x0, 0x6}}) sendmsg$TEAM_CMD_NOOP(r7, &(0x7f0000000cc0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000c80)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x0) 02:58:10 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x40000000, 0x0, 0x0) 02:58:10 executing program 6: mknod$loop(&(0x7f0000000400)='./file0\x00', 0x0, 0x0) link(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='./file2\x00') 02:58:10 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, r2, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000000)=0x20000000) fstatfs(r6, &(0x7f00000004c0)=""/89) syz_io_uring_submit(0x0, r2, &(0x7f0000000180)=@IORING_OP_EPOLL_CTL=@del={0x1d, 0x3, 0x0, r3, 0x0, r6}, 0xfff) r7 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r7, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:58:10 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_io_uring_setup(0x2e06, &(0x7f00000000c0)={0x0, 0x970c, 0x10, 0x1, 0x3e8, 0x0, r0}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180), &(0x7f0000000240)=0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0) syz_io_uring_submit(r1, r4, &(0x7f0000000280)=@IORING_OP_ASYNC_CANCEL={0xe, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, {0x0, r5}}, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:58:10 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x41003, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:58:10 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) preadv(r2, &(0x7f0000000340)=[{&(0x7f0000001700)=""/141, 0x8d}, {&(0x7f00000017c0)=""/93, 0x5d}, {&(0x7f0000001840)=""/141, 0x8d}, {&(0x7f0000001900)=""/154, 0x9a}], 0x4, 0xd7, 0x7fff) write$binfmt_elf64(r2, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) getsockopt$IPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x43, &(0x7f00000019c0)={'IDLETIMER\x00'}, &(0x7f0000001a00)=0x1e) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r2, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) r3 = perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r2, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) r4 = syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x40, 0x5, &(0x7f00000015c0)=[{&(0x7f0000000300)="104787e6851fcf3f665e4f153ab43c6a75a3872b8eed85ab6abce4a886d8501d3949b30ca121dc916ed377807e6604e8c43f35c885b15b0e6c6b2592d3", 0x3d, 0x1}, {&(0x7f00000003c0)="86415f913b5d3e822834ccc2b1917405a604228c5ffbb7854fbe0c2df6983bbb8003c9b4b1b2973c481724f37c19436d34d3d5c278bc27f402ffaac8829b4d971e89dc99c6257382fddce493d032e49e6a4c83f155", 0x55, 0x7fffffff}, {&(0x7f0000000440)="ff63cd9610f0a54d942298d2fd21375853d394393230bcf33deae99ebbc0d89800fc22fe47a2d387cfec147cea87ba4cc6b6eeaa7d376183ff5dccc8164367405d528861fa0103c85320d101cfce16a151ed840863c68a77b38581f879e7c7cb3d2a35b3253da6f490dc69dacff2ec107db758f8f6ad230d5bc09a764406d02ac7bd79b9b673ee5835b00f05f37a244905c82b4c41e05037f31a87a2b353afd35ad09bbc2360594e5aab73290b702db240e333569f721f21112f0917b1b27ea322f52aacb05dde245e910efa67104fe81d1ba61e8fd12d7dda3ee0e518971736dfa71eeb50bb89e5c16af1c7d994cf5816c46ea99caaecc9779a263ff15846e639475f0aaed2ff475675da7b02fd68ae84c1ee31de72a981dac6fbcf8f9d5e346cd6eeee067e169a6e0755a5c4350b7ff2d6878c6db1a44b2854ec292fb1d93996ec5709db6eeef2a2ab829ad541a6fbf84828a31f9500ac1c3dbdd520d45316b30325a72aee1c911de650f6660fe4f3bbbf05337c7b27831bcfcb9f9945f828ba3a2c2e4cca3bf854d9e128c8fa978d5138f4edb827dac3f1e7a0805df1f654c1d4ce5e11d2afd8ee2de1038606d1583294e34b0098557c478c399c661cb7b599c603039506d16f364ce44681275506ceb0e2b0571b19c3cde56a5f17a15a02f5bf3c83affda5a4fd59a4e5cdddd64dff645979f9bd27af7794126eb63c58deae9d06ce3bd7082a4b9fcef201a2eabbebdf4c81970eceb7cda533e7a8f996a36a05c4b7e68f2441be22dd20c30cb6a2a2a0aac4b17e3a3d8f7007006d47d159171160642633d718ce2531d0bcffe4bdd80139dafb317c293fba77b934dc90a55fc5df3893c5e394ceb50fbbf6572da6ea473c58d7e6e1597b07850bb73ea7e5efdebe4dd55002f66f2f4bb6265492bedea8e4aa65ad4d3a5521a1f86c303bf5dfd99aeeefbcf02ee4c2e8704e7393474245dd32259b4a625d6f255beb4dd10e8368480989a78ce558b166098e532c346cf1bef9b0b9142c2fd1c2294c52521cc34869982346734e73dcea5dd93ceb5fca200b7e64003498bf85fb58387db0301e9b207dd9520b815aebbe1ddfe4ef98c2e1f4a5405bf81a5a55b680a480460cb0168cfcdf75332d48dba09bf7f8e1b4bf10235389130dff7f9e07f6b7da43954ac18cfb7f3a63fba88138e0943d9fe81e85bafc0e12fc4eb2f465222903e51d05370be7adfb78d29e1a357ab79c8a15674ef7bdab3c47bd5bca859e58558c997dd83643d6ee815061d1ac4a40c3be9abb766b2bfe7a9b2b4b5b587a67008d29ab36b2c01954a0f0e5d8bb7739122c333d087cba83ef690c6ba2970944a189474a68ec0720422d6849ad668b6ad0408dce889bc484b02aa8b42450004e867be66f981f0bc3ebb1680611fa8b23e4dfa355b73622c0fe0a6536145c484fcf91ac34997f1d5113d923c5a088815e09d6e3c501e721152fce530d948724399699885fc5e489ac11ca2f663f9c38a7fa8715bd92c6e417f8380012b33bb73d51fad774fc93d3502eb80b582483d5d38e2842faa33a85b8a6e9db90bbf0ef1ded1b4d852454f6d4173d48ed80e767c513bed0fd51b9a2f57cb24678d201de734e40f51a2c06dd4cd07e05df39ea48ab0ef72e3a289ce7c1102b11c168d11a91121dd5ab1bda915fd59269517c2c15794bbd662ae411adf1957de0aa5d91f054cab88bf91c400f7f668438c27a5d8e607148738f87c0c4ee029ca86fceb91eca12b5306b8dd6701487a699d700da7754e1455a8f534284b911260789a80966bb5fd9bf7cf0a625dfb02cef271e84abbce317d4f211cca4b99c753693ebfb74cf2f18594b0d0b70c8a1152704749d167865cb06791dbf9543c03efa002968e88afa174b5e272be92a8b47abddfd1014f428b1c5f7807bf7d485c77790547cbc5284bf46de1a2014d8c42844c64ed8cfd40c86de2f7ac99551cc31989da4018ce70c1f6fe68a4e981728a9fb21186ef9d65502ff053e8090f15acffda4e72fa223eea441efc6231c22250cd492f949665830fa3b5b6618e9a45b24445eb69f55185f69c39d36ccbfa86a681cfadfd7498cdfdf20daf0d9ec4cc724e0034719b6e3ec0bc64cc6ca97b27052fd791c18fae188ac71a7d6b8d5eab0b2f2f4307a4277e20af19041145bd859010cdf451f4379e79216c7f9aa291549bd9891bf28c94c452b613cdf19ece7e604bfe4fa76654410bce7e2e6d19020f249ca4b5574ec9cf44c3b9f99298380f528440bfab48ccd6a9d6d03944aebe835f07dc0394560e485d5e55e769dcc0bada98c1719d6dac528688448c53c3544a61836d84e7312666d94e5a4140476a71cfb98d739dca9866f21dd02ad6e65915029bbae5dd0ac4bd02c76fc9912d1bfa965282127bc03304b319fe52a4bdcc30c019c8f83e96653737e805faf5dec01e2a312c5451d6568d72f671557d8c23b5ab0e1effbbd4b97ccd4fa4ce0cd26bccacc0419ed8fc4c5db1b46efe9ad8ca8de8113664b36a90cfe5e588c826817ab7c1a036f2045f48e354835d6a2ee05f15639ab697135740e31738b3208082a909a817f13ef4d883b95b9bae9fda307ef838e748d9e184178f9412774b857e617c78c21ca25ccc9cde24edb8ee11ee295a7fcb2ec15616feba62a1a5da9b9299c1524189c45e50144fb59c8f72a1b566980e43d77138da60ade82b391543504d759cd1daa7564eb7832740e0363a94736e517fcc13f2267a39dba7f042e9799f1d8fc06b8be71c4d4fc9523f77791e6578621f57c9ee30f88ef910fba053f23a1ec50c7eb6852bd73d951aefa2944afb9327a41b6c6d10571884716f263eff0ebe556d2f95ef493a09accda38cd71be808cc870eb4990b2b3691d0a0c1206d0b1b4b2140dafb18eda0639b9bea56b0c73cfc178b90e765e53f8f8e66ba26197705a73338b41bbc253ee524d7c0bf455f1b57a84c62ca53174465c0680b394567741800890a698faca246ae8fe2c8d4197c9ba8052456743abd8d4df1ca23df73b97b3dbf80c58da567ebdf11307d3ce735aadb6d7c40e31476f5d96a81017023d6d40c937ee79d1b6c6c5649a62e456f7212319721e6101dfc46d13a82ce72a3c5f2a23f775ccefd2410bbd144e1a7fcee156bc40fe1f564aaae2f49a94449c930012390e5379a938f073d9d4f63b83cab92228165e7ab92a07bff5c2fe9febcbb5cb517b936f587592654ac360c9804014a1042fca0a3f63cc10c8744a9e3068e5b4ea98a84cc1fde409023558efc9dcb3514297f6160502598798691b916cee17e186bed774de36835f0d3d44649df2203b632f488c528f27e89f2e4a31b020beb9937256f16a0c8f8d4bf02e3f3d34f955e754c64fa5f8287cf76a664438beb1cd29a19839f579f30daa810ba82f4e74431d4d2d80670cca09effa1c316468f4d9c0a5244c4ac7012a46944c180686cce1cd67502ff1cbf7ee391df249fc1e8342ee3e3fe72ee32ea0fcf4c70e7dd13811173858e5b796fc5b6866cd78b694f2f9f30125006351a472da1fb6ebad1d783e8a4c9bf98388baa4052d0afa13dd98d6cc9e7a49f2eb9e16c2596b46d5d1e3b18c909efb13f62f126a785af9ba593d1b59c3a18edf3cf9f0083f0531f5b68adb31887cb7d5b18ff3c308747c91b52c7a3caaeab389df540781c1aeca4b9f6858984c90dde5677e9a52712c354f8248f335c124db2dec5b02216c9f09b23ce82fa5dc0308a4d4299a995ef6fef1f1e70d629606552aac32e13b9dd673b8087f2a863817f68cee71d9794ce2a31889c1a8ce5f08efd3555e1786fbee722319e379a0ed4b55c1912308aafa29a28f4807d47174ff4afa1636e0ed66aa34e0c6d8049533a6839307b80dbc9f32be4a148514092391323b3653ee6f70399ceb1142a9d1b7105747d3af3a1aea36b9291a5e417678c66db04a4e1f3f681260f23400b249ebff7b29b759b1bfee41968234fb06a8025d8ecd5401ec26b892dac79cb0f95c58e2f7d9891fee8b9c83a2c5f6c9c3ea840226f0c52468c8b944f8474ad755909a25a3de919e4aca80619996006bb9d42bbce85278cdc85eb23aad7664234c23ffcb643ffafd24766c0ad07198f1d2c74d29c40689dd2ccff24dc0daa4432aa459ac0b588333cb4b572f4261cfe905e85eacf62d104d7f17beb1809639c524d817ec5b7ffb3dfd45d02d9f92e1d376ecf6dfb562511e6ef8d93966d7899dee2938c3a54322922e4a53abe3f2929301a52d6c9cfc8715628ec848610cbf57a36237a4f83f063f43e88ba29e05e0eb034ef6045a1f49fdf5ce66023d3ff5fc2ca9c6a8b739a739873c31b10f7e7577eff088d32e5f575755a686fdbe67bb46123f01e71424c9b06953f431496fba96a3fb815845497dfcf90d418830c03d34530f857e85aeaa6a2a96d2b457d5e021a4f40be4178f7da760a436c6366b79b1f74a7227d0de818a3740b9acf506b37f7d0fc48eaaa139eb05647b9dff86fb73225b4405fe75957ca034446fde75071f80d48f0d35ebac8bb58df9227ae2ca278152793b925dabaa9ff043f30102de2cfae6fcf31948dbfd5f69e5d9dfdb7b107853f0ff838a8becb8cceed82b58be9600842f8eed517604cecb20c663ec72bc1a3abd24f98a6e618faf716c60ebce6726026a27784e9d1dc63fd6fec5b7e85a8bf0994cc6eb4251a8f0f809928546ca6ea0a911a2cd6f8826eee76592d557790c22970c6636176414f5d94447d2edd05036d034234a78b71fda8d911c5ab263685b0cd99f18f8b817e444fab14b1e7faaccd5f32ed0fdc9a992a933a68bd6926b8ff3860dcfe82f674fe5cc496b67805afaa700f424df6eb1f0d2937492b6addbd5f2bc6734c02776a2e81e62f550bf5da75d6af5c49afd445a783db6294d5db01bfa32ecc78af65535ee93b87a4d84fbad0f618e0a2b7309522bf16965262b4ff9b161331445ff74cb74b54b78cc4ed8c67cb4050c68b7bcab1aaeb3cf9be83b5a313ae67184414f25fa632832d578a578e7b3510ad8ed784d60f1029ab0f33f3deec5a6738c9b63966c7590a78a5f4782d04fae180ab149812a5ee01c2335f3a6634e54c5609dd3799acb582469581f398e3308ed4b79f2dc3d3a51062a903287dac973298abba0ab7c2b97fc45b5b25e5f67f8e916ee877ee7813aa6474a2871758d2cd6098506db43b8b21c02c583f46222e565263ed6ed4ca33305b27abf5ce1bc24bed549c1a6211c032f295aa95d2e3805e531b934b72b18dfa02aa4cfe325e319a02fc494170ecf13974bf251bbff11c1696eea9b8bfb25fe322c45cf6ed4df40109563b4c2fe21f71ce5a43b14875c026cff4b63f069733c47ebefa91ccb7b2a9a8908ec011af924baef1cbdca67672692fc39cf48477445f25a57cb1eb47911fdb478debb4061f4e1c6aad93c30080e8171eb0448704c510cb703b2378254da3a04c27e385955b69fb323ba2235519fcbc92e69f340fdb7cae08393dd5d88be764eda2964499d26206e51929daf5217114751fa76a941e38057d1a64caa26533b3abede7f877a078171b6ead182175a9b5e3073ed40d68e09950fe81a00c958fcc93a33af32947620d502b08f9005079d76f5244e373e76b59291b5b537cd51fe9d489e79b2dd64fd1fd471a4d654b3166ad9563d4ab45bea29b68245410de0aa99d63a8057459065b2863f766ec904207e4653865673b4aec9c1792dd0ef91c29475ee4b0ecb698d0649970787c140c498ce62643ed12372189f37b7fd532eb089516ebd", 0x1000, 0xffffffffffffffe0}, {&(0x7f0000001440)="833d71becb0aada9c71a0c16a48b9d631d5381e5b679febbc41e5a90c92feb876142f1c06d99e60c255287ee7deb5d1bc3230c1954645768308d4286fc7a91af929764", 0x43, 0x6}, {&(0x7f00000014c0)="13ae8e816356c6a3acaae767ec3ae96ddf9e54769c583e5dec844008de67962ab6645c4e1fd7dcbb3931aa0db898faf762b549774e08b6a376bc1770ea849aa1b0088a8b59042e925816a0a07acf3bbc6b45f0151c2fb767ed25c685faed84ac484845e632032abd9b70b49af5fdd05eb0acaae567277207e96fc387248b4a42df72e221339388d96a40ed75a359a2de09721fa766d6d4c27cc92d1a64ed6c9331d52cbceba1626f892de5713451686e646a5b36c9bfbc9d9b25dc6ae3da331bd846c4dabac05319a02580c92ca4c5adbe482a2ce79f", 0xd6, 0x100}], 0x10, &(0x7f0000001640)={[{@nonumtail}, {@utf8no}], [{@smackfsfloor={'smackfsfloor', 0x3d, '/proc/stat\x00'}}, {@obj_role={'obj_role', 0x3d, '%,('}}, {@obj_type}, {@smackfsdef={'smackfsdef', 0x3d, '&{!'}}, {@seclabel}, {@mask={'mask', 0x3d, 'MAY_READ'}}, {@fowner_eq={'fowner', 0x3d, 0xee01}}]}) syz_io_uring_submit(0x0, 0x0, &(0x7f0000001ac0)=@IORING_OP_NOP={0x0, 0x2}, 0x51) openat(r4, &(0x7f00000000c0)='./file2\x00', 0x8500, 0x0) r5 = accept4$inet6(r3, &(0x7f0000001a40)={0xa, 0x0, 0x0, @private0}, &(0x7f0000001a80)=0x1c, 0x0) ftruncate(r5, 0x1) 02:58:10 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2771.682405] loop5: detected capacity change from 0 to 266240 [ 2771.710030] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2771.729461] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended 02:58:10 executing program 6: mknod$loop(&(0x7f0000000400)='./file0\x00', 0x0, 0x0) link(0x0, &(0x7f0000000180)='./file2\x00') [ 2771.777320] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:58:10 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x41100, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) [ 2771.855217] loop4: detected capacity change from 0 to 135266304 [ 2771.941586] FAT-fs (loop4): Unrecognized mount option "nnonumtail=1" or missing value 02:58:10 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x80000000000000, 0x0, 0x0) [ 2772.102006] loop5: detected capacity change from 0 to 266240 02:58:11 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000fef000/0x11000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_setup(0x24, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000140)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000300)=@IORING_OP_SPLICE, 0x0) syz_io_uring_submit(r1, r4, &(0x7f00000000c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x4007, @fd=r0, 0x9, 0x10001, 0x81, 0x6, 0x1}, 0x5) r5 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r5}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r5) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2772.130286] loop4: detected capacity change from 0 to 135266304 02:58:11 executing program 6: mknod$loop(&(0x7f0000000400)='./file0\x00', 0x0, 0x0) link(0x0, &(0x7f0000000180)='./file2\x00') [ 2772.147468] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem 02:58:11 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2772.190179] FAT-fs (loop4): Unrecognized mount option "nnonumtail=1" or missing value [ 2772.192155] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2772.244350] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:58:11 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x41101, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:58:11 executing program 4: r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000440)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x20000000) fstatfs(r0, &(0x7f00000004c0)=""/89) openat(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', 0x8c2e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r2, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r2, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) execve(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)=[&(0x7f0000000300)='+\x00'], &(0x7f0000000400)=[&(0x7f0000000480)='/proc/stat\x00']) fallocate(r2, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x120) [ 2772.714124] loop5: detected capacity change from 0 to 266240 [ 2772.745778] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2772.796208] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2772.803900] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:58:31 executing program 6: mknod$loop(&(0x7f0000000400)='./file0\x00', 0x0, 0x0) link(0x0, &(0x7f0000000180)='./file2\x00') 02:58:31 executing program 7: r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_config_ext, 0x10200, 0x800, 0x0, 0x0, 0xfff, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0xb55c, 0x8, 0x0, 0x1aa}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000240)={0x2000}, &(0x7f0000000280)='./file0\x00', 0x18}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000) syz_io_uring_submit(r4, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) r5 = socket$inet(0x2, 0x3, 0x2) fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f0000000180)=0x2) setsockopt$inet_mreqn(r5, 0x0, 0xcb, 0x0, 0x0) ioctl$BTRFS_IOC_SET_FEATURES(r5, 0x40309439, &(0x7f0000000140)={0x3}) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x300) ioctl$AUTOFS_DEV_IOCTL_VERSION(r6, 0xc0189371, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000007c0)={'ip6_vti0\x00', &(0x7f0000000740)={'syztnl2\x00', 0x0, 0x2d, 0x6, 0x1, 0xfffffff7, 0x0, @loopback, @remote, 0x8000, 0xcd97d9e48b610033, 0x0, 0x6}}) sendmsg$TEAM_CMD_NOOP(r7, &(0x7f0000000cc0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000c80)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x0) 02:58:31 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x41102, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:58:31 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000240)={'sit0\x00', 0x0}) recvfrom$packet(r3, &(0x7f0000000180)=""/64, 0x40, 0x100, &(0x7f0000000280)={0x11, 0xf7, r7, 0x1, 0xfd}, 0x14) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:58:31 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r2, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000000)={0x8, 0x8000, 0x4}) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r2, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r2, 0x3, 0x4077, 0x8000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:58:31 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x2000, 0x0, 0x0, 0x0) 02:58:31 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x2000000000000000, 0x0, 0x0) 02:58:31 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) r4 = fcntl$dupfd(r3, 0x406, r3) fsetxattr$security_evm(r4, &(0x7f00000000c0), &(0x7f0000000100)=@v1={0x2, "5998c7ae5459"}, 0x7, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2792.225100] loop5: detected capacity change from 0 to 266240 [ 2792.248847] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem 02:58:31 executing program 6: mknod$loop(&(0x7f0000000400)='./file0\x00', 0x0, 0x0) link(&(0x7f0000000080)='./file0\x00', 0x0) [ 2792.321049] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2792.358237] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:58:31 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x4000000000000000, 0x0, 0x0) 02:58:31 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x41103, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:58:31 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1, 0x10, r0, 0x8000000) syz_io_uring_setup(0x3d34, &(0x7f0000000300)={0x0, 0x623d, 0x4, 0x3, 0x36}, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000000000), &(0x7f0000000240)) pipe2(&(0x7f00000003c0)={0xffffffffffffffff}, 0x0) syz_io_uring_submit(r2, 0x0, &(0x7f0000000540)=@IORING_OP_STATX={0x15, 0x2, 0x0, r3, &(0x7f0000000400), &(0x7f0000000500)='./file1\x00', 0x80, 0x4000, 0x1}, 0x6) r4 = socket$netlink(0x10, 0x3, 0x14) ioctl$FS_IOC_FSSETXATTR(r4, 0x401c5820, &(0x7f0000000580)={0x9, 0x3, 0x80000000, 0x1, 0x5}) sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r5 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r5, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r5, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) openat(0xffffffffffffffff, &(0x7f00000005c0)='./file1\x00', 0x191000, 0x81) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r5, 0x3, 0x4077, 0x8000) epoll_create1(0x80000) openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:58:31 executing program 6: mknod$loop(&(0x7f0000000400)='./file0\x00', 0x0, 0x0) link(&(0x7f0000000080)='./file0\x00', 0x0) [ 2792.748323] loop5: detected capacity change from 0 to 266240 [ 2792.770273] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem 02:58:31 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3, 0x0, 0x0, 0x0, 0xc}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r7, 0x40086602, &(0x7f0000000000)=0x20000000) fstatfs(r7, &(0x7f00000004c0)=""/89) fcntl$dupfd(r4, 0x406, r7) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(0xffffffffffffffff, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2792.801401] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2792.808243] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:58:31 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x800000, 0x0, 0x0, 0x0) 02:58:31 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x41200, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:58:31 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) io_uring_enter(r0, 0x56e0, 0x6935, 0x2, &(0x7f00000000c0)={[0xc9]}, 0x8) mprotect(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1) r4 = socket$nl_route(0x10, 0x3, 0x0) fallocate(r4, 0x0, 0x2, 0x7) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r3, 0xc018937c, &(0x7f0000000100)={{0x1, 0x1, 0x18, r4, {0x4}}, './file0\x00'}) r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000000)=0x20000000) fstatfs(r6, &(0x7f00000004c0)=""/89) ioctl$AUTOFS_DEV_IOCTL_READY(r5, 0xc0189376, &(0x7f0000000180)={{0x1, 0x1, 0x18, r6, {0xc5cd}}, './file0\x00'}) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2793.074300] loop5: detected capacity change from 0 to 266752 [ 2793.090918] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2793.109160] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2793.130222] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:58:51 executing program 6: mknod$loop(&(0x7f0000000400)='./file0\x00', 0x0, 0x0) link(&(0x7f0000000080)='./file0\x00', 0x0) 02:58:51 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x20000000, 0x0, 0x0, 0x0) 02:58:51 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x401, 0x0) sendmsg$AUDIT_TTY_SET(r2, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x18, 0x3f9, 0x4, 0x70bd28, 0x25dfdbfc, {0x1, 0x1}, ["", "", "", ""]}, 0x18}, 0x1, 0x0, 0x0, 0x814}, 0x20000010) fallocate(r1, 0x3, 0x4077, 0x8000) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) r4 = accept4(r3, &(0x7f0000000400)=@sco={0x1f, @fixed}, &(0x7f0000000480)=0x80, 0x80800) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r4, 0x10e, 0x4, &(0x7f00000004c0)=0x2, 0x4) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:58:51 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0xffffffff00000000, 0x0, 0x0) 02:58:51 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) io_uring_setup(0x587d, &(0x7f0000000240)={0x0, 0x90e7, 0x2, 0x0, 0x17f}) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) 02:58:51 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x41201, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:58:51 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) syz_io_uring_setup(0x24, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000140)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000300)=@IORING_OP_SPLICE, 0x0) r6 = accept(r3, &(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000180)=0x80) r7 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x2, 0x0) ioctl$AUTOFS_IOC_PROTOSUBVER(r7, 0x80049367, 0x0) r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f00000013c0)=@IORING_OP_READ_FIXED={0x4, 0x0, 0x4000, @fd, 0x0, 0xf8, 0x80000001, 0xa, 0x1, {0x3, r8}}, 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f0000000400)=@IORING_OP_ACCEPT={0xd, 0x5, 0x0, r6, &(0x7f0000000340)=0x80, &(0x7f0000000380)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @loopback}}}, 0x0, 0x800, 0x1, {0x0, r8}}, 0x8) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) link(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00') 02:58:51 executing program 7: r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, @perf_config_ext, 0x10200, 0x800, 0x0, 0x0, 0xfff, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080)={0x0, 0xb55c, 0x8, 0x0, 0x1aa}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000040)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000240)={0x2000}, &(0x7f0000000280)='./file0\x00', 0x18}, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r1, 0x0) r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r1, 0x8000000) syz_io_uring_submit(r4, r3, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd, 0x0, 0x0}, 0x80000001) r5 = socket$inet(0x2, 0x3, 0x2) fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f0000000180)=0x2) setsockopt$inet_mreqn(r5, 0x0, 0xcb, 0x0, 0x0) ioctl$BTRFS_IOC_SET_FEATURES(r5, 0x40309439, &(0x7f0000000140)={0x3}) r6 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0) io_uring_enter(r1, 0x58ab, 0x0, 0x0, 0x0, 0x300) ioctl$AUTOFS_DEV_IOCTL_VERSION(r6, 0xc0189371, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000007c0)={'ip6_vti0\x00', &(0x7f0000000740)={'syztnl2\x00', 0x0, 0x2d, 0x6, 0x1, 0xfffffff7, 0x0, @loopback, @remote, 0x8000, 0xcd97d9e48b610033, 0x0, 0x6}}) sendmsg$TEAM_CMD_NOOP(r7, &(0x7f0000000cc0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000c80)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x0) [ 2812.412083] loop5: detected capacity change from 0 to 266752 [ 2812.456342] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem [ 2812.532771] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended 02:58:51 executing program 6: mknod$loop(&(0x7f0000000400)='./file0\x00', 0x0, 0x0) link(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='./file2\x00') (fail_nth: 1) [ 2812.555247] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue 02:58:51 executing program 5: syz_mount_image$ext4(&(0x7f0000000180)='ext2\x00', &(0x7f0000000040)='./file0\x00', 0x41202, 0x3, &(0x7f0000000200)=[{&(0x7f0000010000)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655ffe0000000000000001000000000000000b0000000001", 0x5a, 0x400}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000000100)="ed4100000093b200dff4655fe0f4655fe0f4655f000008000000040004", 0x1d, 0x2100}], 0x0, &(0x7f00000004c0)=ANY=[]) 02:58:51 executing program 4: openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x46e2, 0x0) sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20048007}, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$binfmt_elf64(r1, &(0x7f0000000100)=ANY=[@ANYRESHEX], 0xfdef) openat2$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000200)={0x80000, 0x45, 0x8}, 0x45) ioctl$INCFS_IOC_READ_FILE_SIGNATURE(r1, 0x8010671f, &(0x7f0000000380)={&(0x7f0000000180)=""/40, 0x28}) perf_event_open(&(0x7f0000000280)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4, @perf_bp={&(0x7f0000000080), 0x8}, 0x0, 0x53f, 0x10000000, 0x0, 0x0, 0xfffffff3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fallocate(r1, 0x3, 0x4077, 0x8000) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002700)='/proc/stat\x00', 0x0, 0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000240)=0x0) perf_event_open(&(0x7f0000000300)={0x1, 0x80, 0x8, 0xff, 0x6, 0x2c, 0x0, 0x1, 0x10505, 0xb, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x240000, 0x4, @perf_bp={&(0x7f0000000000), 0xb}, 0x20, 0x7, 0x2, 0x0, 0x3, 0xffff, 0x3ff, 0x0, 0xb81}, r3, 0xf, r2, 0x2) openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x8400, 0x100) 02:58:51 executing program 6: mknod$loop(&(0x7f0000000400)='./file0\x00', 0x0, 0x0) link(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='./file2\x00') 02:58:51 executing program 0: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x2000) 02:58:51 executing program 1: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x2000, 0x0, 0x0) 02:58:51 executing program 2: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000000)=0x20000000) fstatfs(r4, &(0x7f00000004c0)=""/89) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0) syz_io_uring_setup(0x24, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000140)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000300)=@IORING_OP_SPLICE, 0x0) syz_io_uring_submit(r1, r7, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x2004, @fd_index=0x7, 0xfffffffffffffff7, &(0x7f0000000100)=[{&(0x7f00000000c0)=""/48, 0x30}, {&(0x7f0000000340)=""/154, 0x9a}, {&(0x7f0000000240)=""/82, 0x52}, {&(0x7f0000000400)=""/90, 0x5a}], 0x4, 0x1b, 0x1, {0x0, r5}}, 0x0) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) [ 2812.914505] loop5: detected capacity change from 0 to 266752 [ 2812.934861] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem 02:58:51 executing program 3: r0 = syz_io_uring_setup(0x4d7f, &(0x7f00000002c0), &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd=r3}, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/exe\x00', 0x0, 0x0) r5 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x5, 0x80010, r4, 0x8000000) syz_io_uring_submit(r5, 0x0, &(0x7f0000000140)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}, 0xf8b) r6 = socket$inet6_udp(0xa, 0x2, 0x0) openat$cgroup_ro(r4, &(0x7f0000000100)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x2, 0x194) connect$inet6(r6, &(0x7f0000000600)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c) close(r3) mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0}, 0x1) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10010, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) io_uring_enter(r0, 0x58ab, 0x0, 0x0, 0x0, 0x0) fchmod(r4, 0x30) [ 2812.964772] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended [ 2812.969629] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue BUG: leak checking failed VM DIAGNOSIS: 02:58:52 Registers: info registers vcpu 0 RAX=0000000000000001 RBX=ffff88806ce3b380 RCX=ffffffff81250e4e RDX=0000000000000001 RSI=1ffff11009274729 RDI=ffff88806ce3c128 RBP=ffffffff8567953c RSP=ffff88806ce09c38 R8 =0000000000000000 R9 =ffffffff8567850f R10=fffffbfff0acf0a1 R11=0000000000000001 R12=0000000000000001 R13=0000000000000000 R14=0000000000000000 R15=dffffc0000000000 RIP=ffffffff812e2340 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 000055557b183400 00000000 00000000 GS =0000 ffff88806ce00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055557b18cc58 CR3=000000004541a000 CR4=00350ef0 DR0=0000000100000000 DR1=0000000100000000 DR2=0000000100000000 DR3=0000000100000000 DR6=00000000ffff0ff0 DR7=00000000111106aa EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=0000000000000000ff000000000000ff XMM01=25252525252525252525252525252525 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000 XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000 XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=ffffffff83e7e9b0 RBX=0000000000000001 RCX=ffffffff83e6658c RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff83e7efb8 RBP=0000000000000001 RSP=ffff888008987e70 R8 =0000000000000001 R9 =ffff88806cf3c12b R10=ffffed100d9e7825 R11=0000000000000001 R12=0000000000000001 R13=ffffffff85678508 R14=0000000000000000 R15=dffffc0000000000 RIP=ffffffff83e7e9be RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 00000000 00000000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 00000000 00000000 FS =0000 0000000000000000 00000000 00000000 GS =0000 ffff88806cf00000 00000000 00000000 LDT=0000 fffffe0000000000 00000000 00000000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f208fca1000 CR3=000000000fdc6000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=b4bb414b90d0523a0c70b01a53bd8f36 XMM02=7d0dcdb835d0820606e5932e3f0db482 XMM03=5bbb9fd8cb27f7f1b604b2fd0965d19a XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=0d0c0f0e09080b0a0504070601000302 XMM07=0e0d0c0f0a09080b0605040702010003 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000