0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 52)
[ 1515.796078] FAULT_INJECTION: forcing a failure.
[ 1515.796078] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1515.797510] CPU: 0 PID: 8687 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1515.798309] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1515.799252] Call Trace:
[ 1515.799564] dump_stack+0x107/0x167
[ 1515.799998] should_fail.cold+0x5/0xa
[ 1515.800442] ? copyin.part.0+0x112/0x140
[ 1515.800914] copy_page_from_iter+0x74d/0x900
[ 1515.801441] blk_rq_map_user_iov+0x138b/0x1a60
[ 1515.801981] ? blk_rq_unmap_user+0x750/0x750
[ 1515.802494] ? __sanitizer_cov_trace_pc+0x52/0x60
[ 1515.803046] ? __import_iovec+0x458/0x590
[ 1515.803537] ? import_iovec+0x83/0xb0
[ 1515.803997] sg_common_write.constprop.0+0xba7/0x1a30
[ 1515.804601] ? sg_build_indirect.isra.0+0x710/0x710
[ 1515.805178] ? __might_fault+0x73/0x180
[ 1515.805639] ? lock_downgrade+0x6d0/0x6d0
[ 1515.806125] ? cap_capable+0x1cd/0x230
[ 1515.806588] ? capable+0xe1/0x100
[ 1515.806992] sg_new_write.isra.0+0x529/0x770
[ 1515.807509] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1515.808146] ? lock_downgrade+0x6d0/0x6d0
[ 1515.808647] ? _cond_resched+0x12/0x80
[ 1515.809103] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1515.809774] ? scsi_check_sense+0x10f0/0x10f0
[ 1515.810301] ? perf_trace_lock+0xac/0x490
[ 1515.810785] ? SOFTIRQ_verbose+0x10/0x10
[ 1515.811264] sg_ioctl_common+0x828/0x2570
[ 1515.811752] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1515.812359] ? do_vfs_ioctl+0x283/0x10d0
[ 1515.812828] ? sg_write+0x120/0x120
[ 1515.813253] ? generic_block_fiemap+0x60/0x60
[ 1515.813774] ? lock_downgrade+0x6d0/0x6d0
[ 1515.814255] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1515.814814] ? wait_for_completion_io+0x270/0x270
[ 1515.815381] ? selinux_file_ioctl+0xb6/0x270
[ 1515.815924] ? sg_compat_ioctl+0x120/0x120
[ 1515.816416] sg_ioctl+0x8f/0x120
[ 1515.816811] __x64_sys_ioctl+0x19a/0x210
[ 1515.817290] do_syscall_64+0x33/0x40
[ 1515.817718] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1515.818309] RIP: 0033:0x7fde33c83b19
[ 1515.818739] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1515.820875] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1515.821756] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1515.822586] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1515.823415] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1515.824248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1515.825073] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:06:48 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:06:48 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:06:48 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0x0, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:06:48 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 53)
[ 1532.783604] FAULT_INJECTION: forcing a failure.
[ 1532.783604] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1532.785369] CPU: 0 PID: 8701 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1532.786336] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1532.787536] Call Trace:
[ 1532.787927] dump_stack+0x107/0x167
[ 1532.788463] should_fail.cold+0x5/0xa
[ 1532.789022] ? copyin.part.0+0x112/0x140
[ 1532.789605] copy_page_from_iter+0x74d/0x900
[ 1532.790258] blk_rq_map_user_iov+0x138b/0x1a60
[ 1532.790918] ? copy_user_generic_string+0x2c/0x40
[ 1532.791625] ? iovec_from_user+0x104/0x400
[ 1532.792234] ? blk_rq_unmap_user+0x750/0x750
[ 1532.792898] ? __import_iovec+0x458/0x590
[ 1532.793513] ? import_iovec+0x83/0xb0
04:06:48 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x6, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:06:48 executing program 6:
timer_create(0x0, 0x0, &(0x7f0000000040))
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:06:48 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000340)={<r1=>0x0}, &(0x7f0000000380)=0xc)
sendmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@cred={{0x1c, 0x1, 0x2, {r1}}}], 0x20}, 0x40014)
04:06:48 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timer_create(0x3, 0x0, &(0x7f0000000040)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
clock_gettime(0x0, &(0x7f00000000c0)={<r2=>0x0, <r3=>0x0})
timer_settime(r1, 0x1, &(0x7f00000001c0)={{}, {r2, r3+60000000}}, &(0x7f0000000200))
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x8800)
bind$bt_l2cap(r5, &(0x7f0000000140)={0x1f, 0xe8a, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0xfefb}, 0xe)
connect$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
[ 1532.794073] sg_common_write.constprop.0+0xba7/0x1a30
[ 1532.795009] ? sg_build_indirect.isra.0+0x710/0x710
[ 1532.795738] ? __might_fault+0x73/0x180
[ 1532.796321] ? lock_downgrade+0x6d0/0x6d0
[ 1532.796921] ? cap_capable+0x1cd/0x230
[ 1532.797482] ? capable+0xe1/0x100
[ 1532.797980] sg_new_write.isra.0+0x529/0x770
[ 1532.798604] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1532.799380] ? lock_downgrade+0x6d0/0x6d0
[ 1532.799998] ? _cond_resched+0x12/0x80
[ 1532.800577] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1532.801408] ? scsi_check_sense+0x10f0/0x10f0
[ 1532.802051] ? perf_trace_lock+0xac/0x490
[ 1532.802651] ? perf_trace_lock+0xac/0x490
[ 1532.803254] sg_ioctl_common+0x828/0x2570
[ 1532.803861] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1532.804634] ? do_vfs_ioctl+0x283/0x10d0
[ 1532.805201] ? sg_write+0x120/0x120
[ 1532.805712] ? generic_block_fiemap+0x60/0x60
[ 1532.806353] ? lock_downgrade+0x6d0/0x6d0
[ 1532.806976] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1532.807711] ? wait_for_completion_io+0x270/0x270
[ 1532.808448] ? selinux_file_ioctl+0xb6/0x270
[ 1532.809081] ? sg_compat_ioctl+0x120/0x120
[ 1532.809692] sg_ioctl+0x8f/0x120
[ 1532.810195] __x64_sys_ioctl+0x19a/0x210
[ 1532.810788] do_syscall_64+0x33/0x40
[ 1532.811326] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1532.812058] RIP: 0033:0x7fde33c83b19
[ 1532.812611] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1532.815250] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1532.816351] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1532.817372] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1532.818385] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1532.819403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1532.820437] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:06:48 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040)=<r1=>0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
clock_gettime(0x0, &(0x7f0000000240)={<r2=>0x0, <r3=>0x0})
timer_settime(r1, 0x1, &(0x7f0000000280)={{0x77359400}, {r2, r3+60000000}}, &(0x7f00000002c0))
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
timer_create(0x5, &(0x7f00000000c0)={0x0, 0x2c, 0x1, @tid=r0}, &(0x7f0000000100)=<r5=>0x0)
clock_gettime(0x0, &(0x7f0000000140)={<r6=>0x0, <r7=>0x0})
timer_settime(r5, 0x0, &(0x7f00000001c0)={{0x77359400}, {r6, r7+10000000}}, &(0x7f0000000200))
ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r4, 0x4008941a, &(0x7f0000000300)=0x2)
04:06:48 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:06:48 executing program 6:
timer_create(0x0, 0x0, &(0x7f0000000040))
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:06:48 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 54)
04:06:48 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xffffffff, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
syz_io_uring_submit(0x0, r3, &(0x7f0000000a40)=@IORING_OP_SENDMSG={0x9, 0x5, 0x0, r0, 0x0, &(0x7f0000000a00)={&(0x7f0000000440)=@can, 0x80, &(0x7f0000000740)=[{&(0x7f00000004c0)="fd2b784642cb5acc6595d5ef0c5f6d27cf0e2b", 0x13}, {&(0x7f0000000500)="283c7f25830306345b503766ca7121479f3733c97540170cc896ad198782518544526d65e036fe2ea3e3eb56a9ba2dd52eda866380f66e533f64498ee10fc1df86b85a3822ac7e6515a648f1ec02f29799d4bc9b1698455708e2d7bfe098b36fc8916a4cf7f33da4a367e4f794e6d1ceb8493736643a10503163c059417249016bf3e74e6d354a18f90daf7f1b2927f6341a2b6eb67124d3423b5b510ca47aa8", 0xa0}, {&(0x7f00000005c0)="cabb830d027ed3b5358c795bc2614f9fe714ab25b313caf95e87e934c2045bcb18e9f8d61c1bedab13058001adf569e122b8211bd4796e6672d1dbcf792cdf343a481a4e9a337492b9e5503018a01d0ddb56b0c6d99abc00ef8bcbba879b1300eae6f18b8786a9a2a34d1906753d48e95bfe6e6812701c4c57613db3d4b8c8bccf0f729359b2048fdd3d0fb9d8468a022cad3593e6ae69156389366510b7b7604499ca9fbc67a12b24087044fa4ec35511", 0xb1}, {&(0x7f0000000680)="380b1bb57c6a2d330ef1702379d59d0dbc14a3236e59fe95ca3b1bf60d39b2a5134410d16eda58ac3da74121128ca29d5694af3e8338925f537393ff4f0cdf2cc86e3811a4e11906b23b2bb51cd3c1ba9550b1d55933de27fab9a4fbf7ae27324a5c681ab42a21e6adc3a73619e1751c180042c4173de0eca6a27a383ae39d33e8", 0x81}], 0x4, &(0x7f0000000780)=[{0x68, 0x117, 0x3, "54f047548105d4cc3127e2847a4b79da4b450928218d0e65117eb5cc95ec9bd407db7fd2e7d9f2bb6edba4d55b8eaa21fffd72bf7c081e8cd768f6f9662d779df45b5655e510d6fe46152198abd16aa38d0278942e"}, {0x48, 0x11, 0x1, "7893f9ac948eaacb01bfdd1c4d3634a62a0de437af5728bb116d37cee9d81535eadd89428180ee8b74d345253999b9eda9d653c1bcab"}, {0x48, 0x111, 0x5, "e148f630677a28082dda182ea4a208fbf5ddbbde3e2092fa71e60ccecc21fb8a44416fb72afda7d4b1a087f8c6ccb51918c3782771b5f1"}, {0x50, 0x115, 0x6, "5fae9afbef9ff7fbdd9b53f2c64e7cc09c068986e2579989c9a6702db52df559b3a9caaf84328c341b4bbf7a273382b0d2117946da9942354506fce84dc4dddd"}, {0x110, 0x115, 0x10000, "bbef4acc4560dbef30e000a07477a2f71c185f6a8f0d9f8d845e5fda88e598b9c8d4c4bc57e2b1cebf4101cce51985f22735ec26e791081a3a1263b6b8b059be10134ff99b205964539dd2de073327c02db0b687dafd702e314fb52029e7467d475bf9d599e3bda2602c9b02f5490b4d475cdae29ffabbaa83ca641fd62e0dd81d8fb10c93f0b18e18e49278723e6ca8b75d7fe7024790d7f4c0aa62dffcd77dc24f5d2534952adae2a310aa719c6ac3d52d669b96cab486b2890b823029a58fff11e683ae3a07463897e1190e693df1485bfeba44d598e9da56eb98d9d5859cf6246606fe94c3d162bf5e4251ee0c7a0f78e4580906f0a041"}], 0x258}, 0x0, 0x4800, 0x1}, 0x8)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000340)={<r4=>0x0}, &(0x7f0000000380)=0xc)
sendmsg$NL80211_CMD_ASSOCIATE(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000080)={0x204, 0x0, 0x200, 0x70bd26, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x5, 0x49}}}}, [@NL80211_ATTR_DISABLE_HT={0x4}, @NL80211_ATTR_IE={0x1d6, 0x2a, [@link_id={0x65, 0x12, {@initial, @device_b, @device_b}}, @ht={0x2d, 0x1a, {0x2000, 0x0, 0x1, 0x0, {0xbc, 0x9, 0x0, 0xff, 0x0, 0x0, 0x1, 0x1, 0x1}, 0x0, 0x6, 0xc0}}, @gcr_ga={0xbd, 0x6, @broadcast}, @random_vendor={0xdd, 0xe8, "5dade49327fcdb484c0840ac3b94bf8923e4c4ecf4ff92486acbcaaf397adb20552e86fa3a76d1ef2aa15da6ad94f42677aa50ddf1a9f632ecd0f55c04f83e0e8ecb4ad6ee6da58a660b2561cd340d0bc03245a03b273070fcb3827731d113ec1d247f2bd1bc960af60c37aa3635e4b4eb7f89e4815bfb519b29b1bc166796e21f48ca7072654cb021c40e4f54b3801f96546e296d656e51619b8ab29e6b0d63211660a17dd23f82026cbebc0afd0593bc4c0cb0fe33b76852645083759ed2cb24f5e68781577d9d76973eb31955dfcbb34fd9985c8212a734da5ba334d18e95b41408e8dbafb059"}, @mic={0x8c, 0x10, {0xd0a, "f13946abf657", @short="abc1991bad14b9ba"}}, @challenge={0x10, 0x1, 0xdd}, @chsw_timing={0x68, 0x4, {0x1ff}}, @random_vendor={0xdd, 0x74, "0398331fc87133060ac3ab7e29bf7365bbda28c5a754d721c309745e9caf1d2c91fb5b09a1b14abef45098584e2ab2fc0079efd5aec039620b905d6605a8879c65faeb17164923732edb562e6a12dd36baa493f2e93084ee909942df6a4eefd40f61ae6d96f7f5c64df3e4822268e76476c9824a"}, @ht={0x2d, 0x1a, {0x40, 0x1, 0x5, 0x0, {0x1, 0x1, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1}, 0x300, 0x3, 0x7}}, @erp={0x2a, 0x1, {0x1}}]}, @chandef_params]}, 0x204}, 0x1, 0x0, 0x0, 0x4880}, 0xc0844)
sendmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r4}}}], 0x20}, 0x0)
04:06:48 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0x0, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:06:48 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x2, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
[ 1532.982405] FAULT_INJECTION: forcing a failure.
[ 1532.982405] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1532.985136] CPU: 0 PID: 8725 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1532.986657] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1532.988522] Call Trace:
[ 1532.989129] dump_stack+0x107/0x167
[ 1532.989947] should_fail.cold+0x5/0xa
[ 1532.990803] ? copyin.part.0+0x112/0x140
[ 1532.991725] copy_page_from_iter+0x74d/0x900
[ 1532.992738] blk_rq_map_user_iov+0x138b/0x1a60
[ 1532.993764] ? copy_user_generic_string+0x2c/0x40
[ 1532.994885] ? iovec_from_user+0x104/0x400
[ 1532.995830] ? blk_rq_unmap_user+0x750/0x750
[ 1532.996829] ? __import_iovec+0x458/0x590
[ 1532.997769] ? import_iovec+0x83/0xb0
[ 1532.998630] sg_common_write.constprop.0+0xba7/0x1a30
[ 1532.999788] ? sg_build_indirect.isra.0+0x710/0x710
[ 1533.000911] ? __might_fault+0x73/0x180
[ 1533.001803] ? lock_downgrade+0x6d0/0x6d0
[ 1533.002732] ? cap_capable+0x1cd/0x230
[ 1533.003621] ? capable+0xe1/0x100
[ 1533.004418] sg_new_write.isra.0+0x529/0x770
[ 1533.005408] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1533.006619] ? lock_downgrade+0x6d0/0x6d0
[ 1533.007565] ? _cond_resched+0x12/0x80
[ 1533.008454] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1533.009732] ? scsi_check_sense+0x10f0/0x10f0
[ 1533.010735] ? perf_trace_lock+0xac/0x490
[ 1533.011660] ? SOFTIRQ_verbose+0x10/0x10
[ 1533.012602] sg_ioctl_common+0x828/0x2570
[ 1533.013530] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1533.014678] ? do_vfs_ioctl+0x283/0x10d0
[ 1533.015583] ? sg_write+0x120/0x120
[ 1533.016414] ? generic_block_fiemap+0x60/0x60
[ 1533.017413] ? lock_downgrade+0x6d0/0x6d0
[ 1533.018343] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1533.019425] ? wait_for_completion_io+0x270/0x270
[ 1533.020522] ? selinux_file_ioctl+0xb6/0x270
[ 1533.021501] ? sg_compat_ioctl+0x120/0x120
[ 1533.022440] sg_ioctl+0x8f/0x120
[ 1533.023194] __x64_sys_ioctl+0x19a/0x210
[ 1533.024093] do_syscall_64+0x33/0x40
[ 1533.024929] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1533.026058] RIP: 0033:0x7fde33c83b19
[ 1533.026878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1533.030941] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1533.032607] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1533.034171] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1533.035713] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1533.037256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1533.038768] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:07:05 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:07:05 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 55)
04:07:05 executing program 3:
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000200)={'wpan1\x00', <r3=>0x0})
sendmsg$IEEE802154_LLSEC_LIST_SECLEVEL(r2, &(0x7f00000005c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x14, 0x0, 0x400, 0x70bd25, 0x25dfdbfe, {}, ["", "", "", "", ""]}, 0x14}}, 0x0)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000680)=ANY=[@ANYBLOB="7bbb554b", @ANYRES16=r0, @ANYBLOB="010000ddffffffffffff1300000008000300", @ANYRES32=r3], 0x24}}, 0x0)
sendmsg$NL802154_CMD_SET_SEC_PARAMS(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)={0x90, 0x0, 0x5, 0x70bd27, 0x25dfdbfb, {}, [@NL802154_ATTR_SEC_OUT_LEVEL={0x8, 0x1f, 0x4}, @NL802154_ATTR_SEC_ENABLED={0x5}, @NL802154_ATTR_SEC_OUT_LEVEL={0x8, 0x1f, 0x4}, @NL802154_ATTR_SEC_OUT_LEVEL={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_SEC_OUT_KEY_ID={0x20, 0x20, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x2}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0xe8}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x7f}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_SEC_ENABLED={0x5, 0x1e, 0x1}, @NL802154_ATTR_SEC_OUT_LEVEL={0x8, 0x1f, 0x6}, @NL802154_ATTR_SEC_OUT_KEY_ID={0x18, 0x20, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0xa5e}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x7}]}]}, 0x90}, 0x1, 0x0, 0x0, 0x20000010}, 0x4000800)
r4 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r4}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r5, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r5, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:07:05 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040)={<r1=>0x0}, &(0x7f0000000380)=0xc)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_TEE={0x21, 0x2, 0x0, @fd_index=0x8, 0x0, 0x0, 0x4, 0x2, 0x0, {0x0, 0x0, r0}}, 0x4)
sendmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r1}}}], 0x20}, 0x0)
[ 1549.479690] FAULT_INJECTION: forcing a failure.
[ 1549.479690] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1549.483055] CPU: 0 PID: 8739 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1549.484987] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1549.487421] Call Trace:
[ 1549.488353] dump_stack+0x107/0x167
[ 1549.489676] should_fail.cold+0x5/0xa
[ 1549.490976] ? copyin.part.0+0x112/0x140
[ 1549.492433] copy_page_from_iter+0x74d/0x900
[ 1549.493957] blk_rq_map_user_iov+0x138b/0x1a60
[ 1549.495390] ? copy_user_generic_string+0x2c/0x40
[ 1549.496782] ? iovec_from_user+0x104/0x400
[ 1549.497916] ? blk_rq_unmap_user+0x750/0x750
[ 1549.499072] ? __import_iovec+0x458/0x590
[ 1549.500184] ? import_iovec+0x83/0xb0
[ 1549.501202] sg_common_write.constprop.0+0xba7/0x1a30
[ 1549.502569] ? sg_build_indirect.isra.0+0x710/0x710
[ 1549.503908] ? __might_fault+0x73/0x180
[ 1549.504983] ? lock_downgrade+0x6d0/0x6d0
[ 1549.506071] ? cap_capable+0x1cd/0x230
[ 1549.507109] ? capable+0xe1/0x100
[ 1549.508021] sg_new_write.isra.0+0x529/0x770
[ 1549.509292] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1549.510543] ? lock_downgrade+0x6d0/0x6d0
[ 1549.511539] ? _cond_resched+0x12/0x80
[ 1549.512542] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1549.513833] ? scsi_check_sense+0x10f0/0x10f0
[ 1549.514786] ? perf_trace_lock+0xac/0x490
[ 1549.515664] ? SOFTIRQ_verbose+0x10/0x10
[ 1549.516534] sg_ioctl_common+0x828/0x2570
[ 1549.517427] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1549.518538] ? do_vfs_ioctl+0x283/0x10d0
[ 1549.519407] ? sg_write+0x120/0x120
[ 1549.520174] ? generic_block_fiemap+0x60/0x60
[ 1549.521174] ? lock_downgrade+0x6d0/0x6d0
[ 1549.522070] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1549.523115] ? wait_for_completion_io+0x270/0x270
[ 1549.524166] ? selinux_file_ioctl+0xb6/0x270
[ 1549.525113] ? sg_compat_ioctl+0x120/0x120
[ 1549.526023] sg_ioctl+0x8f/0x120
[ 1549.526761] __x64_sys_ioctl+0x19a/0x210
[ 1549.527620] do_syscall_64+0x33/0x40
[ 1549.528415] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1549.529523] RIP: 0033:0x7fde33c83b19
[ 1549.530305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1549.534247] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1549.535890] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1549.537415] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1549.538949] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1549.540453] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1549.541966] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:07:05 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:07:05 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x3, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:07:05 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r2 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r2, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r3, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:07:05 executing program 6:
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
chdir(&(0x7f0000000080)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0xc0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4317, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r1, 0xc0189371, &(0x7f0000000380)=ANY=[@ANYBLOB="a0d65efdb86d0b9c7eaa2c9dd3950855a52dcba1cb1d4d61f123e161e3a08cc232fb4105ba8efdd3d62957bbde29778a535ddce17f13dff53d96e9b9553afb3a650e89563cd6f2a2c19207cbb8c1456a01040000b8ef77d6cb6f8a98c7cd3b15788aad5f6c5ab6b47e452a6ecc16def3032374c2c9fb7142228f57451c089cbd9af4e62009d9664fba0352e33a05ee23b8eac1557c0dd35f37df56feacc7b6c7e2e888985842dd4bbb9d1dc3277b179397fb02fe7b9778ce8e0bbe8ca2d44db0d9b35e9ee474acf944fad1da38f014b657105ec0b844", @ANYRES32=<r3=>0xffffffffffffffff, @ANYRESHEX=r0])
openat(r3, &(0x7f00000000c0)='./file0\x00', 0x34880, 0x104)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'lo\x00', <r5=>0x0})
bind$packet(r2, &(0x7f0000000240)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @random="ca73da4133fc"}, 0x14)
ioctl$BTRFS_IOC_TREE_SEARCH(r1, 0xd0009411, &(0x7f0000000480)={{<r6=>0x0, 0x0, 0x1, 0xba, 0x40, 0x0, 0x6, 0xfffffffb, 0x400, 0x49d, 0xff, 0x7fff, 0x3, 0xffffffffffff0000, 0x1}})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000062a80)={0x8, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}], 0x37, "b645be3d4f56a6"})
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r7, 0x107, 0x12, &(0x7f0000001c40)={0x0, 0x3}, 0x4)
r8 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_inet6_SIOCDIFADDR(r8, 0x8916, &(0x7f0000000000)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}})
bind$packet(r3, &(0x7f0000000100)={0x11, 0x19, 0x0, 0x1, 0x9, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, 0x14)
sendfile(r2, r1, 0x0, 0x500000001)
04:07:05 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2, @ANYBLOB], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:07:05 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:07:05 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r2 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r2, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r3, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:07:05 executing program 3:
r0 = gettid()
tkill(r0, 0x9)
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3, 0x1}, 0xe)
04:07:05 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x4, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:07:05 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 56)
04:07:05 executing program 6:
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x3}, 0x11010}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xffffffff, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
r4 = syz_io_uring_setup(0x101, &(0x7f0000000180)={0x0, 0xa9a2, 0x0, 0x0, 0x0, 0x0, r1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r5=>0x0, &(0x7f0000000100)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xffffffff, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
syz_io_uring_submit(r2, r6, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x3, 0x0, @fd=r0, 0x4, 0x0, 0x8000, 0x3}, 0x0)
r7 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x2, 0xf49, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000380)={{{@in6=@ipv4={'\x00', '\xff\xff', @local}, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x5, 0x0, 0xfffffffffffffffd}}, {{@in6=@private1, 0x0, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x2}}, 0xe8)
r8 = dup3(r7, r0, 0x0)
pkey_mprotect(&(0x7f0000fed000/0x13000)=nil, 0x13000, 0x0, 0xffffffffffffffff)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r8, 0xc0189378, &(0x7f0000000480)=ANY=[@ANYBLOB="010000000100000018000000bb7b07220c08462c2cd4ad664dbafd9929c198c8001321ebff45a1f73cddcfe7b5c8100f5fcc9b72c92ea329f554259cf882eabbe62df391bfd573a731b47ca5b13effe8ac72e40351dabcbea3cb79d28df53cb9b6612ddd9aae455d493ffcb3aedcd876d849de8199467000416fd09ee0e36c81a72b8b909ec34d256379f42eb62d0c29eb5cab52f471d2278ee522399145f1c80112029a7a7620d874f6f9c144edcc4475ed7c01fc858d69eaad55daedad7cb474babc77a6956832d1ce67058a969b6534dc935800d45ea17c", @ANYRES32, @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00./file0\x00'])
unshare(0x0)
semget$private(0x0, 0x4, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4317, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x40, 0x3, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x6}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x7fffffff, 0xfff, 0x0, 0xffff, 0x0, 0x6}, 0xffffffffffffffff, 0xf, 0xffffffffffffffff, 0x9)
r9 = creat(&(0x7f0000000000)='./file2\x00', 0x106)
fcntl$setlease(r9, 0x400, 0x1)
[ 1549.877412] FAULT_INJECTION: forcing a failure.
[ 1549.877412] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1549.879764] CPU: 1 PID: 8772 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1549.881112] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1549.882722] Call Trace:
[ 1549.883238] dump_stack+0x107/0x167
[ 1549.883949] should_fail.cold+0x5/0xa
[ 1549.884688] ? copyin.part.0+0x112/0x140
[ 1549.885484] copy_page_from_iter+0x74d/0x900
[ 1549.886349] blk_rq_map_user_iov+0x138b/0x1a60
[ 1549.887230] ? copy_user_generic_string+0x2c/0x40
[ 1549.888167] ? iovec_from_user+0x104/0x400
[ 1549.888984] ? blk_rq_unmap_user+0x750/0x750
[ 1549.889831] ? __import_iovec+0x458/0x590
[ 1549.890633] ? import_iovec+0x83/0xb0
[ 1549.891370] sg_common_write.constprop.0+0xba7/0x1a30
[ 1549.892367] ? sg_build_indirect.isra.0+0x710/0x710
[ 1549.893337] ? __might_fault+0x73/0x180
[ 1549.894141] ? lock_downgrade+0x6d0/0x6d0
[ 1549.894989] ? cap_capable+0x1cd/0x230
[ 1549.895791] ? capable+0xe1/0x100
[ 1549.896502] sg_new_write.isra.0+0x529/0x770
[ 1549.897416] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1549.898506] ? lock_downgrade+0x6d0/0x6d0
[ 1549.899330] ? _cond_resched+0x12/0x80
[ 1549.900088] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1549.901201] ? scsi_check_sense+0x10f0/0x10f0
[ 1549.902063] ? perf_trace_lock+0xac/0x490
[ 1549.902855] ? perf_trace_lock+0xac/0x490
[ 1549.903662] sg_ioctl_common+0x828/0x2570
[ 1549.904459] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1549.905479] ? do_vfs_ioctl+0x283/0x10d0
[ 1549.906246] ? sg_write+0x120/0x120
[ 1549.906938] ? generic_block_fiemap+0x60/0x60
[ 1549.907785] ? lock_downgrade+0x6d0/0x6d0
[ 1549.908583] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1549.909520] ? wait_for_completion_io+0x270/0x270
[ 1549.910448] ? selinux_file_ioctl+0xb6/0x270
[ 1549.911277] ? sg_compat_ioctl+0x120/0x120
[ 1549.912080] sg_ioctl+0x8f/0x120
[ 1549.912727] __x64_sys_ioctl+0x19a/0x210
[ 1549.913550] do_syscall_64+0x33/0x40
[ 1549.914382] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1549.915363] RIP: 0033:0x7fde33c83b19
[ 1549.916069] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1549.919616] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1549.921157] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1549.922588] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1549.923982] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1549.925341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1549.926693] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:07:20 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x5, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:07:20 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:07:20 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 57)
04:07:20 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2, @ANYBLOB], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:07:20 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r2 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r2, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r3, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:07:20 executing program 6:
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
perf_event_open(&(0x7f0000001d80)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x3}, 0x11010}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xffffffff, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
r4 = syz_io_uring_setup(0x101, &(0x7f0000000180)={0x0, 0xa9a2, 0x0, 0x0, 0x0, 0x0, r1}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r5=>0x0, &(0x7f0000000100)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xffffffff, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
syz_io_uring_submit(r2, r6, &(0x7f00000000c0)=@IORING_OP_FADVISE={0x18, 0x3, 0x0, @fd=r0, 0x4, 0x0, 0x8000, 0x3}, 0x0)
r7 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x6f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x2, 0xf49, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000380)={{{@in6=@ipv4={'\x00', '\xff\xff', @local}, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x5, 0x0, 0xfffffffffffffffd}}, {{@in6=@private1, 0x0, 0x32}, 0x0, @in=@empty, 0x0, 0x0, 0x2}}, 0xe8)
r8 = dup3(r7, r0, 0x0)
pkey_mprotect(&(0x7f0000fed000/0x13000)=nil, 0x13000, 0x0, 0xffffffffffffffff)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r8, 0xc0189378, &(0x7f0000000480)=ANY=[@ANYBLOB="010000000100000018000000bb7b07220c08462c2cd4ad664dbafd9929c198c8001321ebff45a1f73cddcfe7b5c8100f5fcc9b72c92ea329f554259cf882eabbe62df391bfd573a731b47ca5b13effe8ac72e40351dabcbea3cb79d28df53cb9b6612ddd9aae455d493ffcb3aedcd876d849de8199467000416fd09ee0e36c81a72b8b909ec34d256379f42eb62d0c29eb5cab52f471d2278ee522399145f1c80112029a7a7620d874f6f9c144edcc4475ed7c01fc858d69eaad55daedad7cb474babc77a6956832d1ce67058a969b6534dc935800d45ea17c", @ANYRES32, @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00./file0\x00'])
unshare(0x0)
semget$private(0x0, 0x4, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4317, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x5, 0x80, 0x40, 0x3, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000000), 0x6}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x7fffffff, 0xfff, 0x0, 0xffff, 0x0, 0x6}, 0xffffffffffffffff, 0xf, 0xffffffffffffffff, 0x9)
r9 = creat(&(0x7f0000000000)='./file2\x00', 0x106)
fcntl$setlease(r9, 0x400, 0x1)
04:07:20 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000000c0)={<r2=>0x0}, &(0x7f0000000380)=0x5)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
fcntl$dupfd(r4, 0x0, r4)
r5 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
fcntl$dupfd(r5, 0x0, r5)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000340)={<r7=>0x0}, &(0x7f0000000380)=0xc)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r8=>0x0})
setresuid(0x0, 0x0, r8)
sendmsg$unix(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r7, r8}}}], 0x20}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000140)={0x0, <r9=>0x0})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000640)={0x958, 0x20, 0x200, 0x70bd27, 0x25dfdbff, {0x4}, [@generic="3c52efdc27010899b5f70b44f43c9eb322c5b3c4d73989fb45549caed5ad0575ed9bd5d115b03507eb0e3a76276b4a33ddaee5b43fe265d1fe24ed46e8e91e7cf7da16488cb6cc93915ed6b6ec88de24656b371a02132065a1795811bf44148230e946c0ec541b0600158a8269432176784f3892aa2618d260092b1035ba678ca42dbe44de7f26e0e20130110ad6239fdd9985447769bf08c8383f04f0f2e2b2219c73db7980c014098df8b109fac2aa0df2a7f3fc3499bcae79760626349250dcc01930d5327cee2e5e1825911bff94985804be9d9e4689009516431680f4084565cba55a082b40306c2086", @typed={0x8, 0x6f, 0x0, 0x0, @fd=r4}, @generic="f268117362a3e045c5e8fe077f736168dfcdb0bd7e025e897b3db55f0fb1130ab9b1fb0313d8c697", @nested={0x2f4, 0x5d, 0x0, 0x1, [@generic="5654737d9845672b294e2a3cd37e3dfece5af8b7887a8040a7e11f24afce377db82ec56487623dd787f2f8b4e7201fb8f186dc101b0f043085fb840a62ea330a0710685184a31f025a9adf79c62a29a8a0ddb704a134447cad358bbf2c00fdc4ae752e429afd534ff4a614340f4bb0f0e9e20e713fd3c90feca41332f7b3801035f1c1c79a855bfbc1039374dde7c23c97b6dc42a01afac6f7903e6796e5206307867616d18936f948eca342c0adaea3f3bc819e745005bf8e19578f9e53a938031be6f8dff22ee6c843109eeb026029dfc0beef673788a82b3639b82133ede50af208f6b342e0612b48447e3ab9", @generic="d8aa9e369b55666999c5d9efd22abb0f08360f49b52797364aa4613a7232222528085064c12c11fc0f0ced838b1120f5531092ec64852f940a13bc8fd6b3217710e3b1fad35ff9af4475a02724268652e3bff873b34f85a32db0629e841fb0f49512bef4f155bc142811dc1a9ecfd670efae70a6a23021f498d1f92731db6220df85bc2f88e33590b57a76d50cdcd53328630d500b034e45da3c3d1756ef27134d3969d5d09f67ec61942310a736f3e60bd207b23fb5458f4365b1b1a13e1dfa7f8108c77d24851bac806fa3a14ed6ded4c95ac1538a16", @generic="c968bf0de6f0215c9ea6550743bcddcf94c75f8f901f0c06e586a8d7dc82069e18e74255f71c4af591e1c08724856a6b82dc3a2b0993fced59ae4c97615a1c42289cf2ac63c1a8333626db494ae6ed6ceb07363381a1591c0ffec9043eaf4e0134dfeb9c858399345558d4628dae076b7b9c5c86719f7a6e6d2c3889be0860587f59d91f2a9a2aaa57b6453e2dd35cdca9fe337376046713ab035c1d7f0a3e65e55b589d9d3069a737ea26e3d70214bc80c75fae9391e6440c1e6d606a27896a6197f5c5cd5c0f387f1c553b8949cae49f274a61f6387c9ebe0cf5d3fa02cbdb5b4e3950d6d19d10743cf6bb637a1b0392b1af65ed9229c11b05", @generic="2b30e08fbb539238b9ec46082d8b6276bb04a5f17de8cf43d7", @typed={0x8, 0x14, 0x0, 0x0, @fd=r5}, @typed={0x8, 0x87, 0x0, 0x0, @uid=0xffffffffffffffff}, @typed={0x8, 0x3, 0x0, 0x0, @fd=r0}]}, @nested={0x118, 0x6e, 0x0, 0x1, [@generic="6d72f8240a2080de28c8ac7fb1abb045b9b7ba199d8229734e184f562786bbc224ca4b7c7de267ef444d4071f1a6dd2edb06b7a773b2024a0c54d188ceb2f4aace92ef54847e401451deb2183c1197ee73dff6461db572487f6a033a5bcf8a2343e71caca4740760b271df4b16d5e6f1e0140bf4f2e6602631fcf9e8843e0ffb2d5f1c02cd4a36fade", @generic="dd412b5bcc3933ecf431a16bf6831beaca22bf0e856c3795d0ada8b8a5c2bdaf667843498b14843579e316d686b0971e37a428ee54a736cbaefaa1af9cb27381629bebe905a9a4a27077e46e4a6afb9b60e1d6d32e53bae0efc2f46699907fa8d5cf4605f54196a2a0edfb6380f52d532268f333547599fa28889cc82cdb0e4475dc890d1cbd68bdcc4c89"]}, @typed={0xc, 0x3, 0x0, 0x0, @u64}, @typed={0xc0, 0x93, 0x0, 0x0, @binary="f9f78d66a530f7db42a8dca481cb0daaa9b0bb6367e941e0e309b0730f892eba09ef1cd9e5663c58767ef7e00f72c7e5d2d26b9eb667343ecb382a03ad6c1fcafa52756b11787a29456aa87bec1705750f192edbc79cb3579ee1bafc974dba1adf22fd8af630bc11438815aec911e6427df267c0e156e585b4f7ea8fe83bd972a9c315898d212269f3933b7435b3fd679a9d657a37e174b829b3269a69d1d872be5fd5063019f2c50aa6903ac979bb896637d2bee432d6b7c9c8b679"}, @nested={0x18d, 0x42, 0x0, 0x1, [@typed={0x8, 0x2, 0x0, 0x0, @u32=0x6}, @generic="540b5d191f8a009348c0a297dec1b5112ea70c4f6dff400766767c0d4987608dd800b4d856802acab51a0892eb7fc4d22a0a92b600c85ba092", @generic="72a10f6942e629df9d43fcbdd1af232d4c136b36af6739e0818252c42970fa02ae13bc0a212e3d99c62ce18354fcdfeccfb78b6652f3ec2877b89c47ddb964b05eb8ec1bec47d656f3cface9c11c79e81c6d3c2551d564ca293d0e9e5d6312dcd5e3d54e541f0422a8082c603264b03f4c5920e184820ed3d05886161dcb763cff006e7fc8792d554abff15a81fe8cab34da5d3c68c321c8c8eddb3f0895cfe54de47da34cd2eb0703ada87e98d83eb4684ec181eb88c5ff2b5c2deb71e31d62f5feb8219d6ca6", @typed={0x8, 0x26, 0x0, 0x0, @uid=r8}, @generic="8a419ee7c79642c99c64104628a90280b2b35d46564d3ca6b9c900bbca6a043a247031a6764ecb988ccb349c4681ecbdf0003984c69711b5856a5733883d672eeb31ae609be42664a761bb8bf3e2aa32403d12d3ddbd34439f0166c9457d96d368d53763bef0c78cd4f6e4f07bc0f8842219a78bf0", @typed={0x4, 0x82}]}, @nested={0x1b5, 0x34, 0x0, 0x1, [@generic="224783b5a48c855ea5665e554c440cb0581726b8a6822239d2b25ed87881ec318e51d3318e0b562be7b840e3c464a4c7d1e3570aaf03119dca7f7196226dc3b7e766b9c5187b8fde22e728d5fac117a4785570cf865501f2d8c8ee4da2b805aca2bd0abbc9a0863796f7e23514477fca47978463b0bbe42e0ce290da31c0d30780e34dcede685f6fc584c4424e3f7d68377fe3d697db34dd921c369fd4fc8b3ae9d0f1748afb557d166b28f0f89704fb1dd710eae37afb9ee1daaa997f4bf3deade31b1029758d000196bb9f01125698424c0ffed549ee02097032fedd4525b9e7cf8066b58d6207cd64e0b5b124f428d685b14b601434479c", @typed={0x8, 0x3d, 0x0, 0x0, @pid=r9}, @generic="fb9efdf0ac54c1640ae967964ab2d5d8592342fa9ecf8b5f180ce55376b75950ccbe07b463cf2414bae9429fc6e7a7f8eb61119b31d61be92219a7193093a2fd6697751683dc2b10eb82b8ad3a6fdb98d41dbc1a20a3985ecd8fda5459c4ddbc6d1f7ed939be49e46c33c3ab542a320a978d1c4cefa5cc6ba32560c15da416aea43e9a3ee07e3975cad73718401c1b95f748f2acdb510d1fe720d9c6961fe71c0e3ede62606e43bba99d6af7585e70ee"]}, @typed={0x8, 0x85, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x16}}]}, 0x958}}, 0x4000000)
r10 = fcntl$dupfd(r3, 0x406, r0)
ioctl$SG_IO(r10, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x4, 0x0})
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sendmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0)
04:07:20 executing program 3:
r0 = gettid()
kcmp(r0, r0, 0x5, 0xffffffffffffffff, 0xffffffffffffffff)
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r2=>r1, {0x4, 0xffffffff}}, './file0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r2, 0x404c534a, &(0x7f0000000100)={0x3ff, 0xfff, 0xffffff01})
[ 1564.461398] FAULT_INJECTION: forcing a failure.
[ 1564.461398] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1564.464607] CPU: 0 PID: 8792 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1564.466621] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1564.468809] Call Trace:
[ 1564.469649] dump_stack+0x107/0x167
[ 1564.470619] should_fail.cold+0x5/0xa
[ 1564.471620] ? copyin.part.0+0x112/0x140
[ 1564.472706] copy_page_from_iter+0x74d/0x900
[ 1564.473908] blk_rq_map_user_iov+0x138b/0x1a60
[ 1564.475148] ? blk_rq_unmap_user+0x750/0x750
[ 1564.476314] ? __sanitizer_cov_trace_pc+0x4/0x60
[ 1564.477582] ? __import_iovec+0x458/0x590
[ 1564.478695] ? import_iovec+0x83/0xb0
[ 1564.479712] sg_common_write.constprop.0+0xba7/0x1a30
[ 1564.481089] ? sg_build_indirect.isra.0+0x710/0x710
[ 1564.482391] ? __might_fault+0x73/0x180
[ 1564.483325] ? lock_downgrade+0x6d0/0x6d0
[ 1564.484288] ? cap_capable+0x1cd/0x230
[ 1564.485211] ? capable+0xe1/0x100
[ 1564.486031] sg_new_write.isra.0+0x529/0x770
[ 1564.487056] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1564.488304] ? lock_downgrade+0x6d0/0x6d0
[ 1564.489297] ? _cond_resched+0x12/0x80
[ 1564.490214] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1564.491543] ? scsi_check_sense+0x10f0/0x10f0
[ 1564.492576] ? asm_sysvec_call_function_single+0x12/0x20
[ 1564.493848] ? sg_ioctl_common+0xd5/0x2570
[ 1564.494830] sg_ioctl_common+0x828/0x2570
[ 1564.495796] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1564.496994] ? do_vfs_ioctl+0x283/0x10d0
[ 1564.497950] ? sg_write+0x120/0x120
[ 1564.498795] ? generic_block_fiemap+0x60/0x60
[ 1564.499829] ? lock_downgrade+0x6d0/0x6d0
[ 1564.500787] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1564.501928] ? wait_for_completion_io+0x270/0x270
[ 1564.503057] ? selinux_file_ioctl+0xb6/0x270
[ 1564.504068] ? sg_compat_ioctl+0x120/0x120
[ 1564.505039] sg_ioctl+0x8f/0x120
[ 1564.505836] __x64_sys_ioctl+0x19a/0x210
[ 1564.506772] do_syscall_64+0x33/0x40
[ 1564.507632] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1564.508813] RIP: 0033:0x7fde33c83b19
[ 1564.509682] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1564.513915] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1564.515669] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1564.517307] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1564.518948] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1564.520585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1564.522219] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:07:20 executing program 6:
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x101142, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[])
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='wchan\x00')
mkdirat(r0, &(0x7f0000000040)='./file0\x00', 0x0)
syz_io_uring_setup(0x52dd, &(0x7f0000000240)={0x0, 0x4, 0x0, 0x0, 0x320}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x80000)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x1000, 0x477856f30f359a1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x11404}, 0x0, 0xffffffffffffffff, r3, 0x0)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
04:07:20 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
rt_tgsigqueueinfo(r0, r0, 0x26, &(0x7f00000000c0)={0x1d, 0xc5e6, 0xffff8001})
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:07:20 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 58)
04:07:20 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r1, {0xffffffffffffffff, 0xee01}}, './file0\x00'})
r2 = openat$hpet(0xffffffffffffff9c, &(0x7f0000000100), 0x1c240, 0x0)
bind$bt_l2cap(r2, &(0x7f0000000080)={0x1f, 0x0, @none, 0xfff8, 0x1}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:07:20 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2, @ANYBLOB], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:07:20 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:07:20 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000340)={<r1=>0x0}, &(0x7f0000000380)=0xc)
sendmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r1}}}], 0x20}, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
fcntl$dupfd(r2, 0x0, r2)
close(r2)
r3 = getpgrp(r1)
syz_open_procfs(r3, &(0x7f00000000c0)='fd/4\x00')
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000040)={0x0, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x10)
04:07:20 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0x0, &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:07:20 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x6, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
[ 1564.693069] FAULT_INJECTION: forcing a failure.
[ 1564.693069] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1564.694592] CPU: 1 PID: 8827 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1564.695559] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1564.696733] Call Trace:
[ 1564.697113] dump_stack+0x107/0x167
[ 1564.697642] should_fail.cold+0x5/0xa
[ 1564.698178] ? copyin.part.0+0x112/0x140
[ 1564.698758] copy_page_from_iter+0x74d/0x900
[ 1564.699389] blk_rq_map_user_iov+0x138b/0x1a60
[ 1564.700046] ? copy_user_generic_string+0x2c/0x40
[ 1564.700733] ? iovec_from_user+0x104/0x400
[ 1564.701336] ? blk_rq_unmap_user+0x750/0x750
[ 1564.701972] ? __import_iovec+0x458/0x590
[ 1564.702571] ? import_iovec+0x83/0xb0
[ 1564.703117] sg_common_write.constprop.0+0xba7/0x1a30
[ 1564.703862] ? sg_build_indirect.isra.0+0x710/0x710
[ 1564.704570] ? __might_fault+0x73/0x180
[ 1564.705139] ? lock_downgrade+0x6d0/0x6d0
[ 1564.705738] ? cap_capable+0x1cd/0x230
[ 1564.706300] ? capable+0xe1/0x100
[ 1564.706796] sg_new_write.isra.0+0x529/0x770
[ 1564.707428] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1564.708198] ? lock_downgrade+0x6d0/0x6d0
[ 1564.708796] ? _cond_resched+0x12/0x80
[ 1564.709347] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1564.710179] ? scsi_check_sense+0x10f0/0x10f0
[ 1564.710809] ? perf_trace_lock+0xac/0x490
[ 1564.711400] ? perf_trace_lock+0xac/0x490
[ 1564.711997] sg_ioctl_common+0x828/0x2570
[ 1564.712585] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1564.713312] ? do_vfs_ioctl+0x283/0x10d0
[ 1564.713887] ? sg_write+0x120/0x120
[ 1564.714404] ? generic_block_fiemap+0x60/0x60
[ 1564.715040] ? lock_downgrade+0x6d0/0x6d0
[ 1564.715632] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1564.716313] ? wait_for_completion_io+0x270/0x270
[ 1564.716999] ? selinux_file_ioctl+0xb6/0x270
[ 1564.717630] ? sg_compat_ioctl+0x120/0x120
[ 1564.718228] sg_ioctl+0x8f/0x120
[ 1564.718703] __x64_sys_ioctl+0x19a/0x210
[ 1564.719276] do_syscall_64+0x33/0x40
[ 1564.719802] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1564.720527] RIP: 0033:0x7fde33c83b19
[ 1564.721054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1564.723648] RSP: 002b:00007fde311d8188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1564.724712] RAX: ffffffffffffffda RBX: 00007fde33d97020 RCX: 00007fde33c83b19
[ 1564.725715] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1564.726713] RBP: 00007fde311d81d0 R08: 0000000000000000 R09: 0000000000000000
[ 1564.727707] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1564.728703] R13: 00007ffff81f1dcf R14: 00007fde311d8300 R15: 0000000000022000
04:07:35 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:07:35 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b7080000790000000c0023800500"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:07:35 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x7, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:07:35 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000340)={<r2=>0x0}, &(0x7f0000000380)=0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_open_procfs(r2, &(0x7f0000000040)='net/anycast6\x00')
syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xffffffff, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r6=>0x0, &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xffffffff, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
r8 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r9 = fcntl$dupfd(r8, 0x0, r8)
ioctl$SG_IO(r9, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x4, 0x0})
r10 = dup2(0xffffffffffffffff, r0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r10, 0xc018937e, &(0x7f0000000180)={{0x1, 0x1, 0x18, r9, @out_args}, './file0\x00'})
syz_io_uring_submit(r4, r7, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, r9, &(0x7f00000000c0), 0x0, 0x0, 0x80000, 0x1}, 0x7fffffff)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f0000000080)=0x242, 0x4)
sendmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0)
04:07:35 executing program 3:
r0 = gettid()
ptrace$getregset(0x4204, r0, 0x202, &(0x7f00000002c0)={&(0x7f0000000280)=""/42, 0x2a})
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000340)={<r2=>0x0}, &(0x7f0000000380)=0xc)
gettid()
stat(&(0x7f0000001600)='./file0\x00', &(0x7f0000001580)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
setresuid(0x0, 0x0, r3)
sendmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r2, r3}}}], 0x20}, 0x0)
clone3(&(0x7f0000001e00)={0x21240400, &(0x7f00000001c0), &(0x7f0000001bc0), &(0x7f0000001b80), {0x1b}, &(0x7f0000001f00)=""/149, 0x95, &(0x7f0000001d00)=""/170, &(0x7f0000001dc0)=[0x0, r2, 0xffffffffffffffff], 0x53}, 0x58)
mq_notify(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x1f, 0x0, @thr={&(0x7f0000000100)="8d07bc8e269fa0a6fe37db0a239d3f2e20ec19a9b47212a57f24cf2c92c083516a84a4d41e514d0cdd0d94d5ce97c70e7e31ccd0546f61164549f5a66709b6f25ab52d09e9cb1917e97e7cae7463834a175a4d11031e976f6d4e6c5cfdda2e3b9c4cc575b352b3f5b872da045a64bf1a4f5fd83c38a45f50ef", &(0x7f0000000200)="f0f0d49f60c9fe0dde25d30be31be3f117f80d6baa794f3882e558fb4e2ed651c5732fa66df41cdd2097c54aa53471c59f6b6909a3901a0fecd8056244f62d2bc57db6d9590914f40bd8fc97fee19c2c91d334e0b20f474d06d408c56fc476f74f67f0b69324c1eaa00ed2f271fac6fc54bde1fe67ac510f"}})
timer_create(0x2, &(0x7f0000000300)={0x0, 0xf, 0x0, @thr={&(0x7f00000004c0)="7933670d561bdeae8c64a0a4adcbef5414354f1d5af4ab8e26c1f3f3991b9949d396c2c771f950a968703c7d5151a3c98220104fd92be8067c55f55dc32d88a7102eb3f3be6e39b90c5ae31496bad1ebedb4f46303eeabebbac29690b9c9065c7c161fd3f06af7ecc52ae046c9b2aa9b7d697d13eb0cd1ea804a1b46af7034da1b4c607310074b4a5a23b70248fd9312c26dc321e884e237f49b1a5c25ccecf28969911863949721e3bfeff7027d3517d862f4d3a0a367d14094ff0a579552132a30a5321959866e30ca91da34f0ad42d2a46c7ff43308556921427dcb725e5ad0d5d4429c1f6dc432f494de73e8ca88aab2a10c71c6ee77e23a4cde3ceeaff5f40356c7d498575c5237a3a9414ab9a0554e639299fdced5b995a9860e69d4ad2bac70603fd381b24bb4e892933f1ad024ddba6006a0193dc21125af90f6d0c799afb3d1d32b966daa517347aacf0b963be6fc4abbcdec6b86ddae5275adff1ae0941cfe19f5496118c3ac62aad0b285d82b8a83573a82523ad72effdd381ff807da66574226a81db0f5fd6dfaa529a6b520a7c4322a56aa23975b5b6198ec4bbd3a5eb3f687e5ac3501793f3030af07d57b808a26cf3e11711b42d550fdcb63ed2a27680246105ced1db497cfa13b8685efd0109c22fc178940b669e09735a46ffe69ea36cd8c116a5e2d1b7a637040f6fd66a7767dd17c0b80fb68e738578fffa10208fd285a1238ccdb5bb02e5faabcf15814a8d3ff03ae61d7efa52522f76b17d6d0099e5de553a95fb5724dacca37dba83e150310f9d793f9c2b0bd0810a7e65660e429cbe1a5b7126305aadf857d93c206d6c1ad698ed01997ee70d684c9a3f45366997c78cf26815c1e640113502fb176f2c4836f220cb6457d431a861b9bf2fc7ca8e4eac376557f508001a219182940832a2c2573a653c19b834d3ad4691466326ce3620507abf2163284daffb29d61a2a1739f6fcc923309378c2c1ef44e70f41dbb043b51610b87fa9849cd6a3d1274d43191a709646407047c56d3e563e018e76d573a4042ff6674a9f711331f516e190481ad84bb52e76655faa98815ca3b0e9eb43cfb78fee51c5030f1f475a2ab64f99aa638d732f002418adb6224726d2f4130cd403c0be05268f59bd896ca0311f3c60695272a28d1a77da00b1e455e82c843ee6b716caa7a46b2c349f3c827d2a0ad1cf1954f51b5a0d389d45b979e2d1effa1317a5be2a7112bd32c358d51356f360e79ad8fc6f3122dc0c090f1497477ce240a9e4a8498143f63d5fbf99c96e5a6fce826e57621489b51cdeafd6b1998d776e7edfe90a7198920d1b3cf331ed76a40b459209f154d656f1cb1b756eb028b631b2e3c04bcbc6557a977a5ab766ff5db6a513e44a7f3a02334c180391cf2e287a5765e0a31aa32767baa950a6e9291ef969ca39753bf673270e616d954c5398227c4eb82976e2b752a123b99792010d07ed1c8fbb1803d5a185c78e8bcc1e7b85bd0a7d42b89c679ab73c0956a46cb7184a91da315f6d8f304c2cd9790225d2534b1a18e98119d7b07b395c32fffd4c4e9d458a5020a4554c552f0f081e5d97af84d467db15f5dc5e1e8036a9e30cc6178211f81059e7c43aafd3e2cae1ac2df6d2e20dd73be490869ffa6f55a6e4e611dcd4e088ca9bc25ba36e02267788a5e0f4c2b8f55a6c52e14d3c0be198327a8907fdb6e672ce22c15251a69b097a691c1107785a1299e952192a47cd95a25971a60ac801e42d7004aa5f44d8f61336c30e9a1bf46490db94d7544ab66426588da6612e1576b7f9b8ae1dc01eed197989b89b2d61c2ebf19d0d188b74cf43406155acd230fc48c1fc49b0759557d5c61318a58c394fa4ea8982bd04c1a4d68f01dc0d8ab51825dacdc8c8ba802c2810cb38310914c0d080b135631e69c11cfe2e0869907e493bb2690d1eea361e43cd03ce8b975f633fb39c968fd55e91c8c12512a3e49bf3b3bbfe9535632accffe0c9e840272e9fa3a55da7501501f742157069856f184f05e5527af5d29bd9d5dbad28a77c94f3f6c0518835db2c315957cf45e9ee030292f9a8aab72eedc18245923eb61837f92ff0f61a2764fd8e6a51f3e51d66b98ceea5e2512db18f3a87e303665e544945da6adfc43428b33365e1c921560c307e19adaa34ae05e433eb84d76d8f6bafbe08c514f5a15fbd958114bf2bc29c824829ddbcb872774bad8575034515e89df751c359769467ec94b59c6b270ceffb6351e826a1964ed3efcd40d677bca095684f8d8567297fa3a94b118a8571b6450b33f78f1293085acd594f7a6cc0830750f09e538cc6b68c371b4bba105e36bf5348e14964251ba16d0d5e7e2f8ff69d386b5e632aae8c179774082b6bb271869c1ee3e17a70d91727d995509a726ef02226b6508bc728d299261468e2b307ad3959331570973de989d8f8dc93adc4f3f8dee11838d16111ea87a9c7a426d6722fcd6aa0da0cf246a9ac6134e5e2e4929e2d7535ecc07358742099cfd856e71ed508261e4dc66aa03bd956e68bda5b56acd10aeae6408f9e16ae749cc52465ee6dd0ca1766ac3c5937fe9d35b6a41cbf1c217be6d6f0301cfe07072b0e0d17ccbb77566db8bb7d6e0fcb789af54301448c3ef6bf7afc4ca2fa484ae73795d2274d52083ba337485cbd12c4da15b2e379210cd0f4a7ae17d7ae0dba95173ef18f5022fcd803f25c0e61fd3e645fac8786643dc273f668f6b077fc1f2a8baa351ec30329173be52eb83fa83f406c74c732571cd0195498da9a3425f7adba2af0b83bd48fc37f760d47265629e2e48a026aecfcf5d99555e5dfb24afe0b807849b8b7a4cd864d9c0c2e01db518207db456625c51b01f0ef0ee998bf2ccaba550b33a8737fe03bbf5c5d3e4fcdc26754fbdb15a569be4418f2abf983a8acc079ed6df99689a5a2052e51205c30a342ed6c6f0e6ed6e44edba9cab399f282432d5da99db213dd14988f7a94e10a7d7952566da716472a91e17ea0d3e184a9f101838f5e39d92b6d80e0809e8f1fb866a345802012770ddcf2f4ddedd1c1f09cb2352b930eb989771ee9c56d13110fbaffcce8d1137c637c7beee0b3fe6865714f97fae84c64740a353ce67dc8c286e72c3f9d5e50989040ab88d7f35122c4c212b9d2765eabe2bc6cf3a7f37390546e4d2241b8ca381c8a2602446262103a312b4965a3ce3659feb0f752ed00c92d8b771572140617f834d9b3a39219f6cd448951e18509b69572da0636b33e1fb74d29552d5a6ed40bb76491e57342b8b0757ef2353448caea4582028c84e2604c5a957dd63ceabeb287032718e8da23e4ca295f8c2c790fa0e13122437714ced87537cfebc712f7f09d87f0f39b2ea0d2c460713b65dd2484f10c81ba8a3ac810844c6820506924cf7bfd2ef72f031bd4ecdc81a360ea29ddaa194c2cdc8b078894a961515d1ee59089b73bd7cc744e1f1cc2cc78603771352ee9e9eebc2c996db872942439df0bef6056e8372ec8b00a2cb9438cff568c3bc7990845eac82b4887a59beadf57534390c44491a5be18b7836fcc8274a5a23c1ee6246441a0d67fd6c8b1ada376322cb2f5617f4efc2b44c7c085e8754d2d53dd5391e34bd15a63320bcba8fe55231b3e5d644a6caadbd9e24dd18101da225381b4abb84bad25ad4a87e9ef222a1250303b51b4c772ede0c4944e258b0a610c5e832128e43a5c2bb01f8f7551477b009ff01abb02a3ef892d706b786f470323bff9e52f4358f11837b04b86d0df8b78adf3a87b3e22d7988a61ba51c6da0ec6c49a4e5f536fa66eb2493b900237ce68a943e40fc6cf1d5ab5f2530f0360fbfa290921c0c8d6e1c7716320639ea75213169d8abdd030d68a6f4bf1f26e130a697040d776b64e7126bd6249739f6654692ebc66e617bcc8b80accd13ef998e0ca628a99a1b4c6bdc3a740589d95f1091ea7fdd6e862aa1647bf7eb399ea07ea4c51ffdbdf3811730271076de4391ddd7dff663b95447ea61c75fbee4207aa47df7821f557cdfcff4a17048f8a5b39e6bc8983f91e2a5bd766d883ed8dad68841111378e4ec580a07957ea06623ba302a5d60226c342eb0790b501f1148f07ecfdda9636ddf9126b3ca282adc5d74352ba9851df6871fc19668739f57fdf9bb9d0faa0702d5d9e7f222df847e73c759c85d9ebb327297744708811c5680911e8bfa9db876b249597829275de1a120b6189822a0cbcff69b9a627e29e9640c33c431f984814f8a8515ad6c76c525b82d276669f47f679c2135df33f05aa6dc9440e827ae943712f355d616c1e2e4ddf296a719e625615f2d5ca8673c8b8d50726380891dc8314fc07deba43a2fd68e5f75a934a26faa7f81b9fcbc4945d4ab549a506f7ac166d7fc72dc201d6cd995afde8a3bcb3ab15d6a482b9e39704200d75f592adf83abef0cbbe2f8a218103ef85370672b6cd4ae0d57839edc28bbf58f6d00967f572a49d4e39ac70baff69a2131b4b4ee09388d4ec4d7a7403bfaff996d46f440a1b0597a953fe611917a9f1fbfa1c5c6537a04b8f33b67c2dc2f1ad71eb18fb14976185a2f480078716bf841288bfb4969a0f041ec5030dee4d61153f117377494005e081e16663797f65dc4bea36c8138647d040dbbc8129233c5a599710a4fe9b662020d5a73edf07e23c21fd42767ab0028e89fb5fb46b219f39d95273936f2b3cf7ba473db6e76760272a4cd5934fbcc3eb76671abc461100635f67ab6ab0dd49291ec8f2153823c39f2e78517dedb3c32637c1ea9340c0568a1560633d5e6861d39a5bc302812cf5392c2df379965ad4d5487b3ce3141b98fe3be736e251feeecdf3467fa7d1fb999cd6f636350d39f14ab9c4259ab2b2a9b1819b4d40a6ae90882f03520a0e6ee986a6106868522466dd0e71d7ebfec6702e030d319aab2ac850c4e72dccee5975f44357ed4fce578269265806812c062eac71fd2ee6928fac7a30b147a0c3b590b3dfc76352dfcb4c2f57091b6be3490b2fad368ab6f57124b6f26ed3f47855a8c8e02382c3dc2802aa90a8e76ca6d829daebcbc8d9d19f45aa111c612dde8d2cf0c36b7c70405e94e6add239dc5d283a9c7a39e52da8485515365d2e770e91a3d2e9c606e3613aaf6c87120807cf95ed079db0e34ab15ee30883993e08c19eaf7fe496fed593745b47ae20df9bbb56341b7124bfc00cab56dca3f2cedfd08d018048cf216decf9e6fa6dcf0b04051cb0d331ddedd24b6ab9b8787bd60c585c1d979a3547f0fbbc75450ad8f6e90e3e6c6f8c48ce60931125229b3dfc096d02b60565197fe867e61b9dc90ec4e0489db27cd44ccfd2b272f4c092c2c8b18085a841c7cd3c0f7a1b6498b7ab355b5063bf27984f0b7d6dd562e573457a24738d3b0719b982ffeea5cca3fab8eaf1c76a031aa3f92ea76b3dadb5af20b07e83665c4c53ab805f63d0a3547f141a5f7b3fa25c1246d2c5b0563f16c81445a34bc2f47686b101f8a3e01895f0e2de57aa3afbfd79fa6af58ec75ac0422e40d71fb1c21ef4e0276dfac3ed6d03d35da92a50c888d2583a5df0c07c159edbe7b6f31b8d5e6846c80f8cc086dd43beaf14f0e0f060e7e429e24b2612f5c36fd44337c8bbef5b934bdb961e80e18a631f16dcaed62307fd62a6696d800f90cddb8805f367988d7fc254bb77e66dadc811102505f0e1ec9bfbd1d746a41ed448a6a6ebd23a89630a71cd1cb3bdae84c85d8b742a3739dd051dd2ae0a9383ac19b533ca49fa6547f0a76da1d4b261575b2178faf3bb4e0", &(0x7f00000014c0)="e2ab6f6818b1885d95b3d6e56629148fcfeed96c40da5b1dc74b202de39728222ef105ad415c6c4ee150be372238599a280fc85861fe37038ec56e2a1ad1167f769d"}}, &(0x7f0000000440)=<r4=>0x0)
timer_gettime(r4, &(0x7f0000001540))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r5, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r5, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:07:35 executing program 6:
syz_mount_image$ext4(0x0, &(0x7f0000000340)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x101142, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
mount(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000000)='cgroup2\x00', 0x0, 0x0)
r0 = syz_mount_image$vfat(&(0x7f0000000380), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x900020, &(0x7f0000000900)=ANY=[])
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='wchan\x00')
mkdirat(r0, &(0x7f0000000040)='./file0\x00', 0x0)
syz_io_uring_setup(0x52dd, &(0x7f0000000240)={0x0, 0x4, 0x0, 0x0, 0x320}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index}, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x80000)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x1000, 0x477856f30f359a1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x11404}, 0x0, 0xffffffffffffffff, r3, 0x0)
unlinkat(r0, &(0x7f00000004c0)='./file0\x00', 0x200)
open(&(0x7f0000000180)='./file0\x00', 0x240880, 0x0)
04:07:35 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0x0, &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:07:35 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 59)
[ 1579.645104] FAULT_INJECTION: forcing a failure.
[ 1579.645104] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1579.648213] CPU: 0 PID: 8850 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1579.650061] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1579.651972] Call Trace:
[ 1579.652593] dump_stack+0x107/0x167
[ 1579.653523] should_fail.cold+0x5/0xa
[ 1579.654512] ? copyin.part.0+0x112/0x140
[ 1579.655566] copy_page_from_iter+0x74d/0x900
[ 1579.656582] blk_rq_map_user_iov+0x138b/0x1a60
[ 1579.657747] ? copy_user_generic_string+0x2c/0x40
[ 1579.658994] ? iovec_from_user+0x104/0x400
[ 1579.660086] ? blk_rq_unmap_user+0x750/0x750
[ 1579.661203] ? __import_iovec+0x458/0x590
[ 1579.662247] ? import_iovec+0x83/0xb0
[ 1579.663207] sg_common_write.constprop.0+0xba7/0x1a30
[ 1579.664469] ? sg_build_indirect.isra.0+0x710/0x710
[ 1579.665614] ? __might_fault+0x73/0x180
[ 1579.666522] ? lock_downgrade+0x6d0/0x6d0
[ 1579.667424] ? cap_capable+0x1cd/0x230
[ 1579.668322] ? capable+0xe1/0x100
[ 1579.669095] sg_new_write.isra.0+0x529/0x770
[ 1579.670095] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1579.671315] ? lock_downgrade+0x6d0/0x6d0
[ 1579.672267] ? _cond_resched+0x12/0x80
[ 1579.673141] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1579.674449] ? scsi_check_sense+0x10f0/0x10f0
[ 1579.675467] ? perf_trace_lock+0xac/0x490
[ 1579.676382] ? perf_trace_lock+0xac/0x490
[ 1579.677334] sg_ioctl_common+0x828/0x2570
[ 1579.678264] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1579.679444] ? do_vfs_ioctl+0x283/0x10d0
[ 1579.680351] ? sg_write+0x120/0x120
[ 1579.681139] ? generic_block_fiemap+0x60/0x60
[ 1579.682157] ? lock_downgrade+0x6d0/0x6d0
[ 1579.683091] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1579.684202] ? wait_for_completion_io+0x270/0x270
[ 1579.685309] ? selinux_file_ioctl+0xb6/0x270
[ 1579.686282] ? sg_compat_ioctl+0x120/0x120
[ 1579.687244] sg_ioctl+0x8f/0x120
[ 1579.688011] __x64_sys_ioctl+0x19a/0x210
[ 1579.688870] do_syscall_64+0x33/0x40
[ 1579.689688] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1579.690821] RIP: 0033:0x7fde33c83b19
[ 1579.691633] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1579.695676] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1579.697335] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1579.698904] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1579.700453] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1579.701999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1579.703564] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:07:35 executing program 6:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
sendto$inet(r0, &(0x7f0000000040)="0dab07b4406058471ca203b03a7e26c67aa3113cc4b4d7abc4b503df9813720cbb31030bc08499b0d1fe797a7ca78c924f24539b81cb46ef5110b1181580bcea9328de02dad8fd6b0d678bd03594455ec71c4b362d0664e2737d1a2d118ebbc8996cffbe", 0x64, 0x4800, 0x0, 0x0)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e24, @loopback}, 0x10)
connect$inet(r0, &(0x7f0000000100)={0x2, 0x4e22, @multicast1}, 0x10)
io_setup(0x5, &(0x7f0000000700)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000003c0)=[&(0x7f0000000280)={0x0, 0x0, 0x8, 0x8, 0x0, r0, 0x0, 0x0, 0x400000000}])
04:07:35 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, 0x0, &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:07:35 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:07:35 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x8, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:07:35 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b7080000790000000c0023800500"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:07:35 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000340)={<r2=>0x0}, &(0x7f0000000380)=0xc)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
setresuid(0x0, 0x0, r3)
sendmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r2, r3}}}], 0x20}, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000340)={<r4=>0x0}, &(0x7f0000000380)=0xc)
r5 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r6 = fcntl$dupfd(r5, 0x0, r5)
fstat(r5, &(0x7f0000000040))
sendmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r4}}}], 0x20}, 0x0)
r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x8, 0x40010, r6, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r6, 0x9, 0x0, 0x0)
syz_io_uring_submit(r7, 0x0, &(0x7f0000000100)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x5, 0x0, 0x400, 0x0, &(0x7f00000000c0)="46c35fd6489fb57389fc66bab0c257a46521178d697bc774f59d8536d30fcd3948841ab2390b75", 0x0, 0x0, 0x0, {0x3, r8}}, 0x0)
04:07:52 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x9, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:07:52 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), 0x0)
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:07:52 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:07:52 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 60)
04:07:52 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_create(0x6, &(0x7f0000000140)={0x0, 0x2d, 0x1, @tid=r0}, &(0x7f00000001c0))
timer_create(0x1, &(0x7f0000000240)={0x0, 0xb, 0x2, @thr={&(0x7f00000004c0)="0412ed2d9fed3537dbb41fbd703d0dca42f98d453bf57d5cd54c5e0af348103a2266c23e1c540784cddca63d7049d57e94733cbb4f0e80198c6b2200781cfc4aa25441b9d3c2efdc98e75e1ad5c06131c44122572d6879ce1c498213b8d93fd9c02bdc9703ab4c975678ecd3022501b2f1d16843fcabb48554b4f8cdca4cb54cca023511d6bfc977182d2fff4d6a5b1c894642f0b907d6e5cff9bece98b6eb507f27473ab8f26bdd705d64ccb7400d307916b87ae9c5c9eb00c58d638d0b4b7f72b122e15e3610f34fcf2cce3019c26ff4336392b6f4d581b9395a9fab9e6f716c1b8b3fa1bc19d60fac7a406886d95056b5575a874cdd36034d46f0c9800ef0751d206931eb60acf464b2d3a761e8f64d90cf487782b59527c57fbf3205fc39b1c58c9d7b6e5478c125e23b42a5ad193ed5ddd1e78042473c1d86eff9b8d5cc2c6e9b258fe974215fc15b4f1dcb56cfdc2bd28927a0ad53be4ab12e41c3acbcb962373b41a730b7332a8b36d15bd799acb8495110ead3c2d59b7dd0deca746b80bb73d2543686f005aa7b0d570ca5babfadc7863602f17ea34d4dcb591f5e4bf949fdd52d9e9e047d9bf69298edfc04f0ce89b3df711159e59fcf5f8135b707b723e275f18bd97dd7bf23372dde2aec77a00aeb92b6e0fdee764a7e05d7af7e9af2d9874638a06005837a02a1a12000f84d03e4514ee745ed0879148537c34737e32cd1949cc3b7c8b1bb785c3f4a70674d27f2bc65deedf98200dcc98e33d0c56dd79deb39599492b0cfead5dae1323a1b6f5172ae8bbe8ad80ddcb49c3c163c9a8d5d7435f92b34180f38049fb5c379019f432c11db013b621358a7f5a05ae2ca5971765cd88807dd08216b4f8defb647a77231bf03050391357e7fe195f9ff6ff665a6176fa09e7cd9ee1ab34809dfbd76c3e1d450135b28aaf4295356470e00679a4926df8a650167238cbb50238d1ca02a3ea66cbb4d00afaf6bd8c7bc30cc668d5e2c0967d1d273d28483e7a9d91f66de20a5112e32cf8cee83e22bf5efacb2e1aa5c2df82b1d7597e961f338c5dde3928e1c1e6f5ac45212b98cf29f273f88bcd7bc2b57a252d4305592683c5def5d16975e87c37d55144883a7bebd22892f8529cd582dbd255031f58cfd270328008e92c0ba13ceec507b89444c4e4ec55b100e8b859b6a051975628ded92cb94f515aa516bfc797b08d8b9138f2be19a6bd02f8cbed065ee35bbba90ebeeebb212d1f32bf2ff4d869d3a2768883fb442e423e08638c42be6cd78232dfbd4cfdd41dde6e95eabbd256bd3a6ef8074777be206ac56f6afd5b677c8c07f233373e0898e3bf6799dd5162fa8e639780a86c458e2d16f5ea0e6d937810a43717375791e767731eedf034fa2519cf9ef68644df2bb15a79516d8addde4fb289ceaa3b633e9e49cdad14579e9cfb747aced81c2b311312d209b0b5156ea00b591e26db1f3672ee81611f772b156650c991f603f654ea171db5e83a08c4127ae94365d2d74c23b09ca47a307a45608a50b981adcb047c73221c09648eff11da944449b51a9ac5ff5d172a3e31a9ead26d42475f86589b16d0933ad34f365170383f779088d27350d7ab75266caff49ed60b05cc250fe0a4dbf84b01d717215099ac25a239456d26c44c39d38c281156043386e5c3ab512df1592c4cd5e70725bb3fa7517bf0e1888573111e80f1fbd60da05fecc5100eb137f807bdd389bf874282e512d3689a1d57561311b57b763a03c71e36bdec48de6d28d5bdd3dbd05e403ce25db10d38f65bbf03f83a107385170abea0a517c0fc3273fd2ad9c768a076b390922ecf2b79de86e9bbb00c2c3c772c1afd33e51933850e7e36b4436d94cb5733ec71e85f3b29f0e2e0f8f0f2452a383e3100e1f1e6901f665199f8db7fcddd075fd6f3e63e5a27b85e85aa87e0f486c84240e80698b4d74c477136f3015623114d30efde839308688c27d770dd6c0a680a88eb6f48e3a38dda397c08b471563d95d50e2bec5618e700199fab66157e888b633a2e25707afc8b6ae250f02f20fcd6471e4077ddc8e0dcda5178402879494e1e7ee9bd658bd1f47a4c9afa84fc5b7119d452bdd13cd071817600380b3dc713651170fda9aa147ff937be45f740b4e2448c4adeb9290b3c7b0e4ac85597b4907e1bd2a851590a6b64b62875b85e38b74998c738961fc56025683af0212f1fd6104be61153dce47d33d0b06343be73acd49b6838217543786bce130c8b41ac03182342d88c978bb0cf48a38c13d463a16f9f2bcf83a476f4fe856d564e95e92290ea06b8480aeccdcd35b5e10f2b61e778b3c697f9c45e676ce787bca34c3717922af6ec498b3271404a425a10d1ed3f56acac0bfd6de4081faa06597df2f3f89a41715df85f7d660f2b6a4fba6f33a31629298b4c9ab92e2555b4be327680832ed235110b189c30132bd1b07f9009d21091dfb168dab23ea46edb60f59ac88070fa793eb61c4ea788a2d699e430e00058d2383549d37da0a80a8db2897e36889da5aa4c27e565d11372240607fcf920816f94582b72779b6d608c2616084b0dd7584a0f209ddd98f9e4ef8d831631e34eaa693d6776fea9f8aa0ab42a61e521992d79c561072317443c2c63397daf5d005129ae97908fb5d132cdca86c28518b9309b6e3380df40cc5725e409ef2807f1bc63d54f31c6acc9e9722d0d1a1895cc91f75b96780b02baca7c5313d738a90ff15620dd2c6c3b62428f7c825f02fe1158933c2b53bf7df0fb19c4367542daec808fcb85b0ae0310871c6ed682a1748b2cc1ee6288e23a6518570ae153b3b1630d65c8297394b40783f94dcae7aa82bd8fdac364e6a4fbbabd235cc723209d8eace6df479d2c58373418fc186ccc434a86f7a8b0365ee882f90abce386447da6de1d880518c240329bb25c7f414b07af7b2cf9e3fd66e1e7f85b1122718954d23a162b3c010f5f1efa1ceacb5a29a704cfa802d77be6f7e1b6fff204ef5439bde3fc22fe6c33ae158f0481faee1e1d78d2f97af7a1fbf47bf9a87628cf89dea18079218e08f0f4a8f757571319c53853d7cdc7b233af0a7d7a4cb5eb80c6fd3124da18c0d9e066d0ddd707a4bfea50dc42c9e2b868dd2b7415cea350f5f0728d4d1826e09258adf36e51685a1f97d3c4e348c7d6727e6b38c6781b8a386a1a3851c4bba2b0f04f11ecd50a57187b45dc69e9af436bf4e4fe59de1a2fb816f13f699bd82148eec495b106914fbb2bcadef00adf2ec5033b83a173d35b5c1fe27c741244436964843e37a73d236409735fdbff2890a148d56c145c31ec79236b997f2c95d4a63c1b50c36950abeaf20a4f5b78cc378aa89801e593f12bab5a82793d04f1d6552c8f027f7979703b67e1df68202418544d571049851c7ef40e9f8d0d3b14ed7f4d5955082fce8e63cd6126fb8fa9cf5ba1eae99884ea6d550d03e2bd15354eb0eda7a4883e7727c0b2601aaafa3b2ff3e124a2fd310075441ceaa1f5e16173482ebe5e41d05575d61eb9a328ab5ba7bfe3150529525b478227899038c887f9ad1f3854baf37535a2ce26ac2fad5b23adc3bb199e4fe8e19fc18b47328ac6cbbf9767278dd6606922a63849c295b73be0c6efbfbf854d169296184b5ecb808fdcc813b290004a560cc0ab0f3e5274cd25a3c99c95428890d7256c80b5a428ac3555406965621719870bd0eb7442817c8991e6c884102083dc7880a7262ac06963d2efcc1ae1ac6de7fea50970e5c528353daf880d2c5d0fc4b90ecffce0254cdaa48ff2d296046dc9fbae0aba072f1254612551b029423017b8afab3d16cbaaceaab0e50683403486fc01d39abffcb125a8cf5e947a33667c0a604416dde8a7539206b3b77f3bfe836185cd9b70e9037f3c9ab806c7f9150fa4b04a2c4a295498b49c1c6c8065750cca7b615df08abba8a78cb2a160df060c900f5b76487e3504149488e095e4a8cbe0adce1125432fa8eb1b7cf63127666995337561e98659849eca5e0117df5cae765b0b8426a2030e4800ea3abb8a72b02708fcc3fa0535bd74b5b6719fa9a10c2cf1d66a64e784911a53aa378f81df30783b3a875c73da6b4e37a7df255febaf975780b20559856c9f56814ffe3d087dca6b192bb5293e8cb97be72f3a4fc1194808eabf2580c685b010944f14727d8125952d374fdbc54e6fb1e8cb00c53d321207fb14095e465366bca67907aeeb9f09654ed88c9641ddb4bb3ec81dfa7ece5de9c8643ae64cf4bab24038d3fe2ffd22ee9308b06e5840d891a2d7c5465ce260cbabd9c60984f6839e249146edba8210ad3876833f3ba9404c14f12898afb86cbaba55b168722638c791c9e11b28c5b692a3bf72a88b5e67496d5d4ba6fd7523486c20bd91463c9993e3a06c6f5184380683c41c104f1246acbbddbfe13d40e6d328aa2f2da309688e43f65a814972876434513130a72bf841e170a7e8a48568c1fdd03e8854915b0de72d1c3be281c7e2a64c3295265d8051f6819a4449c918d9a97b90725ed246560129b7db26e675c8ce8ee7c1c62bd61975f6663df9896211197fb8cc5567253845f8fb84a1b5c2c92e25d462b2193332d788256596ea3412e6249da4db8f7d3cb86b252dcf27dd1de6b89987c0e174ad94d63d31c82bab3da89a27c2b2c9663a41cc2a055e15820c08b29570d83fb768a4a7d17b74a683e447f8634464e4689ee09f248f04ba28a0c1883e68cc042cec7f10f5dfae8a4b743e14a87617c7e91f40254660a6a2356d74a65a1239fad8a6006415d17c2c0fa954845ed7c8e6aef94e2cbcb5edcd50425971285431c79de16ee9eb034d3a10557559a460e98247653812980e4249c8ee23e766881cf35ba91eff0c78da58dcc366dcee45a37e6e7a9ca21c0d0470d215ad9370d63fc3880cc7a0d368d743e84c3323666c52d08f8050f588356e71b49c9865e39337a39ecd176b48e734390d437b337f69df517fb472c5c52de361555d3e9b5dcc3184fb546bf2bae6371720b7dd0c49600d80f208eca958bab2edc0d874e875fd01228b4f0552916747701d8d200210ebc43eec6de1ac56cd1a7e1bd2ccc49eb512299fa7670e89935d6293f1150c7e8b5d76c66d25431f25dcd178de7cee8300c6f0599bf7056ba343176de1373abfdf18bd990d474751c0638cc9381fe7c39a710932b3ea76c55c7e4a780a980ae99a8a6a8f3fab5ff503c903ccb414f7f22fbf40cba4b283c995837592251ee178acc4b6974f597b6e6dfd125f609782fd3d57ea1b2a584c83495dfb43facfccc123ef9851dbf322221cdb6eb81cad74540d885b2270f0f8ee2cbad743b27cc6fe482482a175fa23973b690c2bb39fbdd8a5c76fb366460d1a1ef70c3afed8df1dacae87eb0c8e23cdd1dcacefff36b4ce0f8be3aa780f42e7423414feda582da4db54366ac147f0d7331d0a494ba30464d2f4f771b3e61701fda74e90f1f76a796a349f6658028c2c58cb3a707aa9ae844f6cc2245b436284d741881f1178a4b145ca2d3a9b58211ac9c8d52366a3dcab881ec0263da518b2c676f7710130832c387ed9a823431f05ca0696fb4992d663a5aea7570e40a13fa39e0487fad8bd6e19f7a8600bca08e47037b8d306db78f3a297ad6c97a36f5cda8a0cbbb3f4e65ab62406d3695704f27116be4dad7bf820f2eb7d89c0b5de256f46fbc42d6641d53d9fdfb06a839907307683b56799d35f0b3b703bb074f6ac719435cf92808df37c1425da4018521a1e8fc921e89249b54d702684a2ad618c9525c4f", &(0x7f0000000200)="d2120e01b640b7d878845c3f8b187303bc0ec7ef303722c80d81b7c1a4dc47f227e442474bbe479bb34f"}}, &(0x7f0000000280))
timer_create(0x3, 0x0, &(0x7f0000000040)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timer_settime(r1, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
tgkill(r0, r0, 0x41)
timer_create(0x3, 0x0, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
clock_gettime(0x0, &(0x7f0000000000)={<r3=>0x0, <r4=>0x0})
timer_settime(r2, 0x1, &(0x7f00000000c0)={{0x0, 0x3938700}, {r3, r4+10000000}}, &(0x7f0000000100))
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r5, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
04:07:52 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2, @ANYBLOB], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:07:52 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c}}], 0x20}, 0x0)
04:07:52 executing program 6:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
[ 1597.022928] FAULT_INJECTION: forcing a failure.
[ 1597.022928] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1597.026288] CPU: 0 PID: 8882 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1597.028229] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1597.030555] Call Trace:
[ 1597.031310] dump_stack+0x107/0x167
[ 1597.032333] should_fail.cold+0x5/0xa
[ 1597.033393] ? copyin.part.0+0x112/0x140
[ 1597.034535] copy_page_from_iter+0x74d/0x900
[ 1597.035713] blk_rq_map_user_iov+0x138b/0x1a60
[ 1597.036805] ? copy_user_generic_string+0x2c/0x40
[ 1597.037966] ? iovec_from_user+0x104/0x400
[ 1597.038979] ? blk_rq_unmap_user+0x750/0x750
[ 1597.040029] ? __import_iovec+0x458/0x590
[ 1597.041018] ? import_iovec+0x83/0xb0
[ 1597.041932] sg_common_write.constprop.0+0xba7/0x1a30
[ 1597.043177] ? sg_build_indirect.isra.0+0x710/0x710
[ 1597.044379] ? __might_fault+0x73/0x180
[ 1597.045317] ? lock_downgrade+0x6d0/0x6d0
[ 1597.046304] ? cap_capable+0x1cd/0x230
[ 1597.047255] ? capable+0xe1/0x100
[ 1597.048275] sg_new_write.isra.0+0x529/0x770
[ 1597.049322] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1597.050580] ? lock_downgrade+0x6d0/0x6d0
[ 1597.051576] ? _cond_resched+0x12/0x80
[ 1597.052483] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1597.053819] ? scsi_check_sense+0x10f0/0x10f0
[ 1597.054883] ? perf_trace_lock+0xac/0x490
[ 1597.055848] ? perf_trace_lock+0xac/0x490
[ 1597.056828] sg_ioctl_common+0x828/0x2570
[ 1597.057798] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1597.059010] ? do_vfs_ioctl+0x283/0x10d0
[ 1597.059952] ? sg_write+0x120/0x120
[ 1597.060796] ? generic_block_fiemap+0x60/0x60
[ 1597.061836] ? lock_downgrade+0x6d0/0x6d0
[ 1597.062810] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1597.063935] ? wait_for_completion_io+0x270/0x270
[ 1597.065159] ? selinux_file_ioctl+0xb6/0x270
[ 1597.066137] ? sg_compat_ioctl+0x120/0x120
[ 1597.067095] sg_ioctl+0x8f/0x120
[ 1597.067845] __x64_sys_ioctl+0x19a/0x210
[ 1597.068746] do_syscall_64+0x33/0x40
[ 1597.069564] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1597.070704] RIP: 0033:0x7fde33c83b19
[ 1597.071527] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1597.075578] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1597.077269] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1597.078877] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1597.080432] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1597.081991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1597.083573] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:07:52 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000340)={<r1=>0x0}, &(0x7f0000000380)=0xc)
sendmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r1}}}], 0x20}, 0x0)
socket$netlink(0x10, 0x3, 0xe)
04:07:52 executing program 6:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:07:52 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), 0x0)
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:07:52 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 61)
04:07:52 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2, @ANYBLOB], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:07:52 executing program 6:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x0, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:07:52 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000340)={<r1=>0x0}, &(0x7f0000000380)=0xc)
r2 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$SG_IO(r3, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x4, 0x0})
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000080)=@IORING_OP_OPENAT={0x12, 0x5, 0x0, r3, 0x0, &(0x7f0000000040)='./file0\x00', 0x1, 0xba1e29b2944f2f47, 0x12345}, 0x9)
sendmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r1}}}], 0x20}, 0x0)
04:07:52 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0xa, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
[ 1597.245958] FAULT_INJECTION: forcing a failure.
[ 1597.245958] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1597.249038] CPU: 0 PID: 8904 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1597.250680] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1597.252648] Call Trace:
[ 1597.253275] dump_stack+0x107/0x167
[ 1597.254140] should_fail.cold+0x5/0xa
[ 1597.255044] ? copyin.part.0+0x112/0x140
[ 1597.256007] copy_page_from_iter+0x74d/0x900
[ 1597.257056] blk_rq_map_user_iov+0x138b/0x1a60
[ 1597.258146] ? copy_user_generic_string+0x2c/0x40
[ 1597.259333] ? iovec_from_user+0x104/0x400
[ 1597.260322] ? blk_rq_unmap_user+0x750/0x750
[ 1597.261355] ? __import_iovec+0x458/0x590
[ 1597.262341] ? import_iovec+0x83/0xb0
[ 1597.263264] sg_common_write.constprop.0+0xba7/0x1a30
[ 1597.264493] ? sg_build_indirect.isra.0+0x710/0x710
[ 1597.265674] ? __might_fault+0x73/0x180
[ 1597.266619] ? lock_downgrade+0x6d0/0x6d0
[ 1597.267595] ? cap_capable+0x1cd/0x230
[ 1597.268513] ? capable+0xe1/0x100
[ 1597.269324] sg_new_write.isra.0+0x529/0x770
[ 1597.270355] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1597.271620] ? lock_downgrade+0x6d0/0x6d0
[ 1597.272606] ? _cond_resched+0x12/0x80
[ 1597.273519] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1597.274887] ? scsi_check_sense+0x10f0/0x10f0
[ 1597.275940] ? perf_trace_lock+0xac/0x490
[ 1597.276922] ? perf_trace_lock+0xac/0x490
[ 1597.277926] sg_ioctl_common+0x828/0x2570
[ 1597.278957] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1597.280155] ? do_vfs_ioctl+0x283/0x10d0
[ 1597.281108] ? sg_write+0x120/0x120
[ 1597.281950] ? generic_block_fiemap+0x60/0x60
[ 1597.282994] ? lock_downgrade+0x6d0/0x6d0
[ 1597.283955] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1597.285084] ? wait_for_completion_io+0x270/0x270
[ 1597.286202] ? selinux_file_ioctl+0xb6/0x270
[ 1597.287221] ? sg_compat_ioctl+0x120/0x120
[ 1597.288193] sg_ioctl+0x8f/0x120
[ 1597.288973] __x64_sys_ioctl+0x19a/0x210
[ 1597.289911] do_syscall_64+0x33/0x40
[ 1597.290772] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1597.291959] RIP: 0033:0x7fde33c83b19
[ 1597.292815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1597.297050] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1597.298812] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1597.300433] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1597.302048] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1597.303689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1597.305313] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:07:53 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2, @ANYBLOB], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:07:53 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), 0x0)
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:08:08 executing program 6:
syz_emit_ethernet(0x4a, &(0x7f0000000040)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x29, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, {[@sack={0x5, 0x12, [0x2002, 0xac1414aa, 0x0, 0x0]}]}}}}}}}, 0x0)
syz_emit_ethernet(0x156, &(0x7f00000000c0)={@remote, @local, @val={@val={0x9100, 0x5, 0x1}, {0x8100, 0x1, 0x0, 0x1}}, {@ipv6={0x86dd, @icmpv6={0x3, 0x6, "a8d75d", 0x118, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty, {[@srh={0x33, 0x8, 0x4, 0x4, 0x40, 0x48, 0x3, [@mcast1, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, @empty, @remote]}], @ni={0x8c, 0x0, 0x0, 0x3, 0x8, 0x1, "6fe27d5370e06cc3e0cd54a33f1f34625f1c046a0946eb9fc45cbd853fae0922f5df6186802c949a98f8f2e0ef91e82f82f099cfaf42542ebf3bc97ad9a6edbced293202923859514e152eeac0cb8e6fda62177675e2cdca1565254a09a0b2fcbcbce30bcaca87164eff9ab1afa0a64862ee248e8804de153467a244444f75c30995593355c976cca9a43ef9f90ff2dfb0816727738b821b880582193a8c158b2d60fa81bf3eb3661834c8e016dff1afa5d32f9b4142ed7f467d3c87f44b347c"}}}}}}, &(0x7f0000000000)={0x1, 0x4, [0x593, 0x668, 0x239, 0x5b0]})
04:08:08 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:08:08 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 62)
04:08:08 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0xb, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:08:08 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000340), &(0x7f0000000380)=0xc)
r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000100), 0x200200, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000340)={<r3=>0x0}, &(0x7f0000000380)=0xc)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0x0, 0x0, r4)
sendmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r3, r4}}}], 0x20}, 0x0)
clone3(&(0x7f0000001e00)={0x21240400, &(0x7f00000001c0), &(0x7f0000001bc0), &(0x7f0000001b80), {0x1b}, &(0x7f0000001f00)=""/149, 0x95, &(0x7f0000001d00)=""/170, &(0x7f0000001dc0)=[0x0, r3, 0xffffffffffffffff], 0x53}, 0x58)
sendmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r3}}}], 0x20}, 0x4875)
04:08:08 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r3, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:08:08 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c0099"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:08:08 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @thr={&(0x7f00000001c0)="1564009140e7977abb7e59e53f8691909b05c3a0d9639e036f65e113c8e62e179b3f360bca4556e560d2c1c2d07c7143337b9fdedfdee6a885743b0fa8fc0dfba3cd03756dbbe3426404d4d20528ee43ecdc23eb111c78fa33ae17d36bad424853326a2c2f04b70e6af4dda375cdce4e627e430cc4a00582c999c9586e3a6582f9bde0", &(0x7f0000000280)="e0f61ddb7e606dfbfa916742c2990aa494497474ae893999e2b63f80735c30de7ae14f3a1dbc61df32c0aef05546f4533eed9640efa74b94622b7a893c09152e0c4f35130d74951f89d5f699674c37b3bde18b694583e0c2ac6d030a3f28e37168f344ee25281f5a0ce1ca8f82ca8c29cc93405f1cd1125417376222c2a718ccece126f70393cebd89aa0d0234cf01257a36e3d49e7240fba10cfa839a0dce45398fd3afb9e545d54f2c7be55009103d2e8985d789ae4bf56458623f8f92a2e5bbadb72adbc84b3880e0694fc2239a641abb4dc24b8818ee"}}, &(0x7f0000000040)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f00000000c0)={{0x0, 0x3938700}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000080), 0x2, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$SG_IO(r3, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x4, 0x0})
perf_event_open(&(0x7f0000000380)={0x1, 0x80, 0x1f, 0x7, 0x9, 0x7, 0x0, 0x2, 0x9200, 0x4, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x3, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xffff8f4a, 0x2, @perf_config_ext={0x830, 0x9}, 0x4101, 0x4, 0x7fff, 0x4, 0x8d7f, 0xa61b, 0x7, 0x0, 0x100, 0x0, 0x4}, r0, 0x0, r3, 0x9)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000057b00)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r5=>0x0}], 0x80, "5fabd34a60e47f"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={<r6=>0x0, ""/256, <r7=>0x0, <r8=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={0x0, ""/256, <r9=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000057b00)={0x0, [{}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r8}], 0x80, "5fabd34a60e47f"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r3, 0x81f8943c, &(0x7f0000069d40)={0x0, ""/256, 0x0, <r10=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={<r11=>0x0, ""/256, <r12=>0x0, <r13=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={0x0, ""/256, <r14=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000057b00)={0x0, [{}, {}, {}, {}, {}, {}, {0x0, r13}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r13}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r12}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r14}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r11}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r13}], 0x80, "5fabd34a60e47f"})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(r3, 0xd000943d, &(0x7f0000069f40)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r7}, {}, {0x0, r10}, {0x0, r13}], 0xff, "75e869031df76d"})
bind$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0xfffb, 0x1}, 0xe)
connect$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
[ 1612.847725] FAULT_INJECTION: forcing a failure.
[ 1612.847725] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1612.850408] CPU: 1 PID: 8927 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1612.851925] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1612.853716] Call Trace:
[ 1612.854304] dump_stack+0x107/0x167
[ 1612.855110] should_fail.cold+0x5/0xa
[ 1612.855947] ? copyin.part.0+0x112/0x140
[ 1612.856810] copy_page_from_iter+0x74d/0x900
[ 1612.857788] blk_rq_map_user_iov+0x138b/0x1a60
[ 1612.858779] ? copy_user_generic_string+0x2c/0x40
[ 1612.859871] ? iovec_from_user+0x104/0x400
[ 1612.860770] ? blk_rq_unmap_user+0x750/0x750
[ 1612.861722] ? __import_iovec+0x458/0x590
[ 1612.862648] ? import_iovec+0x83/0xb0
[ 1612.863505] sg_common_write.constprop.0+0xba7/0x1a30
[ 1612.864634] ? sg_build_indirect.isra.0+0x710/0x710
[ 1612.865720] ? __might_fault+0x73/0x180
[ 1612.866605] ? lock_downgrade+0x6d0/0x6d0
[ 1612.867512] ? cap_capable+0x1cd/0x230
[ 1612.868365] ? capable+0xe1/0x100
[ 1612.869114] sg_new_write.isra.0+0x529/0x770
[ 1612.870057] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1612.871230] ? lock_downgrade+0x6d0/0x6d0
[ 1612.872143] ? _cond_resched+0x12/0x80
[ 1612.872972] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1612.874203] ? scsi_check_sense+0x10f0/0x10f0
[ 1612.875166] ? perf_trace_lock+0xac/0x490
[ 1612.876055] ? perf_trace_lock+0xac/0x490
[ 1612.876962] sg_ioctl_common+0x828/0x2570
[ 1612.877901] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1612.879146] ? do_vfs_ioctl+0x283/0x10d0
[ 1612.880151] ? sg_write+0x120/0x120
[ 1612.881028] ? generic_block_fiemap+0x60/0x60
[ 1612.882113] ? lock_downgrade+0x6d0/0x6d0
[ 1612.883123] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1612.884308] ? wait_for_completion_io+0x270/0x270
[ 1612.885479] ? selinux_file_ioctl+0xb6/0x270
[ 1612.886542] ? sg_compat_ioctl+0x120/0x120
[ 1612.887595] sg_ioctl+0x8f/0x120
[ 1612.888405] __x64_sys_ioctl+0x19a/0x210
[ 1612.889381] do_syscall_64+0x33/0x40
[ 1612.890278] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1612.891521] RIP: 0033:0x7fde33c83b19
[ 1612.892409] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1612.896895] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1612.898747] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1612.900478] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1612.902182] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
04:08:08 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0xc, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
[ 1612.903941] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1612.905951] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:08:08 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c0099"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:08:08 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0xd, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:08:08 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 63)
[ 1613.031570] FAULT_INJECTION: forcing a failure.
[ 1613.031570] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1613.034454] CPU: 1 PID: 8949 Comm: syz-executor.5 Not tainted 5.10.232 #1
04:08:08 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040)=<r1=>0x0)
clock_gettime(0x0, &(0x7f00000001c0)={<r2=>0x0, <r3=>0x0})
timer_settime(r1, 0x0, &(0x7f0000000200)={{r2, r3+60000000}}, &(0x7f0000000240))
timer_create(0x3, 0x0, &(0x7f0000000040)=<r4=>0x0)
timer_getoverrun(r4)
timer_settime(r4, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r5, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
clock_gettime(0x0, &(0x7f00000000c0)={<r6=>0x0, <r7=>0x0})
timer_settime(r1, 0x0, &(0x7f0000000100)={{r6, r7+60000000}, {0x0, 0x3938700}}, &(0x7f0000000140))
connect$bt_l2cap(r5, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
[ 1613.036108] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1613.038229] Call Trace:
[ 1613.038828] dump_stack+0x107/0x167
[ 1613.039710] should_fail.cold+0x5/0xa
[ 1613.040620] ? copyin.part.0+0x112/0x140
[ 1613.041604] copy_page_from_iter+0x74d/0x900
[ 1613.042675] blk_rq_map_user_iov+0x138b/0x1a60
[ 1613.043765] ? copy_user_generic_string+0x2c/0x40
[ 1613.044909] ? iovec_from_user+0x104/0x400
[ 1613.045900] ? blk_rq_unmap_user+0x750/0x750
[ 1613.046972] ? __import_iovec+0x458/0x590
[ 1613.047992] ? import_iovec+0x83/0xb0
04:08:08 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r3, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
[ 1613.048893] sg_common_write.constprop.0+0xba7/0x1a30
[ 1613.050255] ? sg_build_indirect.isra.0+0x710/0x710
[ 1613.051471] ? __might_fault+0x73/0x180
[ 1613.052402] ? lock_downgrade+0x6d0/0x6d0
[ 1613.053405] ? cap_capable+0x1cd/0x230
[ 1613.054349] ? capable+0xe1/0x100
[ 1613.055196] sg_new_write.isra.0+0x529/0x770
[ 1613.056274] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1613.057548] ? lock_downgrade+0x6d0/0x6d0
[ 1613.058561] ? _cond_resched+0x12/0x80
[ 1613.059504] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1613.060897] ? scsi_check_sense+0x10f0/0x10f0
[ 1613.061974] ? perf_trace_lock+0xac/0x490
[ 1613.062988] ? perf_trace_lock+0xac/0x490
[ 1613.064022] sg_ioctl_common+0x828/0x2570
[ 1613.065008] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1613.066217] ? do_vfs_ioctl+0x283/0x10d0
04:08:08 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c0099"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
[ 1613.067224] ? sg_write+0x120/0x120
[ 1613.068210] ? generic_block_fiemap+0x60/0x60
[ 1613.069303] ? lock_downgrade+0x6d0/0x6d0
[ 1613.070312] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1613.071485] ? wait_for_completion_io+0x270/0x270
04:08:08 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000340)={<r2=>0x0}, &(0x7f0000000380)=0xc)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0xfc, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x1, 0x4, 0x0})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r5=>r1}, './file0\x00'})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000340)={<r7=>0x0}, &(0x7f0000000380)=0xc)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r8=>0x0})
setresuid(0x0, 0x0, r8)
sendmsg$unix(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r7, r8}}}], 0x20}, 0x0)
syz_open_procfs$namespace(r2, &(0x7f0000000100)='ns/net\x00')
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000340)={<r10=>0x0}, &(0x7f0000000380)=0xc)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r11=>0x0})
setresuid(0x0, 0x0, r11)
sendmsg$unix(r9, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r10, r11}}}], 0x20}, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x0, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r5, 0xffffffffffffffff]}}], 0x20, 0x1c000}, 0x0)
accept(r0, 0x0, &(0x7f0000000080))
setsockopt$sock_int(r0, 0x1, 0x1e, &(0x7f0000000040)=0xb, 0x4)
[ 1613.072667] ? selinux_file_ioctl+0xb6/0x270
[ 1613.073792] ? sg_compat_ioctl+0x120/0x120
[ 1613.074804] sg_ioctl+0x8f/0x120
[ 1613.075641] __x64_sys_ioctl+0x19a/0x210
[ 1613.076615] do_syscall_64+0x33/0x40
[ 1613.077519] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1613.078746] RIP: 0033:0x7fde33c83b19
[ 1613.079675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1613.084213] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1613.086091] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1613.087994] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1613.089699] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1613.091427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1613.093146] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:08:23 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 64)
04:08:23 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0xe, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:08:23 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r3, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
[ 1627.925420] FAULT_INJECTION: forcing a failure.
[ 1627.925420] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1627.928573] CPU: 1 PID: 8968 Comm: syz-executor.5 Not tainted 5.10.232 #1
04:08:23 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt(r1, 0x0, 0x1ff, &(0x7f0000000040)=""/86, &(0x7f00000000c0)=0x56)
syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xffffffff, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
r4 = syz_io_uring_setup(0x3875, &(0x7f00000001c0), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), &(0x7f0000000100))
io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
r5 = syz_io_uring_setup(0x5dfa, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000000040), 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
r6 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(r5, 0xa, 0x0, r6)
syz_io_uring_submit(0x0, r3, &(0x7f0000000240)=@IORING_OP_FALLOCATE={0x11, 0x1, 0x0, @fd_index=0x8, 0x40, 0x0, 0x7, 0x0, 0x1, {0x0, r6}}, 0x800)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000340)={<r7=>0x0, <r8=>0x0}, &(0x7f0000000380)=0xc)
sendmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r7}}}], 0x20}, 0x0)
r9 = openat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x420082, 0x106)
r10 = syz_open_procfs$namespace(r7, &(0x7f0000000180)='ns/time_for_children\x00')
sendmsg$nl_generic(r9, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000440)={0x390, 0x36, 0x100, 0x70bd29, 0x25dfdbfd, {0xc}, [@generic="0f30c07b31e136436a89289b8a5f7199402aa175d2297a33290e785263415aaab55c0bc5a3904b3414457ed7a87c222b46a2c2c480e4b6b848051a11d4f26530d43b115ee1efe17f54000bf7551b474d620f73957f0946bc790b3e872ed3e1561ddf07629e8c573a324d03c51affe86df2e9588b0b6dd39a7db0321f00e9d88a8c33f90b16b66787287f45c66e821f7dc669e3742338a54781ca43d5f19749c2526b1c9371961445d616d4a4140aa779a053eeb8adc65823", @nested={0x251, 0x49, 0x0, 0x1, [@typed={0xa, 0x45, 0x0, 0x0, @str=',/#{*\x00'}, @typed={0x8, 0x7e, 0x0, 0x0, @fd=r0}, @typed={0xb1, 0x13, 0x0, 0x0, @binary="ac5f0000ef5c23aef18f92e9077ce76b5c05e530233bb69910adeb8113f41b43d5379b55f32ade6a0136f387dbec5b223e6309c9b63f254b0a5794e425ad2dc9cdd53db57a5c5c9ccdb5f323c4711e80cc02fabe773cf894c4f84a04f2ae54c04b3f1f272f51e475804153401be3e564b09d93aabbfb07550021d7cecfb9d2f4f4f6ce1b20d6e71e7b1015b6f01b18dc3e5198e874904dfcf27b79c5b6041669d477325abe80c1930676ab4033"}, @typed={0x8, 0x3d, 0x0, 0x0, @uid=r8}, @generic="d8657252ac1a0b57139f5a5ba07ec41d985f7fc9bb93d3f854b604ff6d3cbd8e", @typed={0x8, 0x47, 0x0, 0x0, @fd=r10}, @generic="b61968cb6679265c732999bd8c3050e0adb733e3817af8b5c6c21e82d5495e6034a8099286d35bcb690a42c207611d809887d72d42e334b1610be36aa4a9aa03872535020e0f89893a174d745511b1c1e07776261dcd0dae60e9adc5dffc8c11304b29553f292b3b3619dee8e7c97f99c8910e16f5147cbb4f0df3dc0301d40566b06360c6c4681904cd1773cc9f4b3d4b1d8ae04090fa6da8641ef64f268a4da464880d505c69a636581674cccc4da20ce3d0079bf5b486f0bb715ec70ad936113e5abced69222d5eb55631d888446515ca0931f1", @generic="b5880745bf5a4479085151926b9580231bfc77997c73818dba84f791d235672c071a90872a34ac334ca93e7622a903e62bed92463b7af86d4f566d5684133f7f7f309bf3ca8cca753d2007c8fa26c244239a2e1ecddd8076d92d828845ab4a268e90f382932ee84c5010a50a17d1805291deb3743fa0cc9bb2b7915036fc0046"]}, @nested={0xb, 0x94, 0x0, 0x1, [@generic="d58a95cc45b2ab"]}, @generic="d641c03c20567aee15833cbda9783293450a7cf06817714b56e6ccb8132bb2bbbaf4abea1546ce9aedb08119a79ae8eb3fd463556b8c293020f00e9ec64639298157554f18fbf6a45694f3fc9f868263125adc11986b546c0ff171c6", @typed={0x8, 0x62, 0x0, 0x0, @pid=r7}]}, 0x390}, 0x1, 0x0, 0x0, 0x5}, 0x2004)
[ 1627.930535] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1627.932618] Call Trace:
[ 1627.933196] dump_stack+0x107/0x167
[ 1627.933987] should_fail.cold+0x5/0xa
[ 1627.934809] ? copyin.part.0+0x112/0x140
[ 1627.935690] copy_page_from_iter+0x74d/0x900
[ 1627.936666] blk_rq_map_user_iov+0x138b/0x1a60
[ 1627.937666] ? copy_user_generic_string+0x2c/0x40
[ 1627.938720] ? iovec_from_user+0x104/0x400
[ 1627.939644] ? blk_rq_unmap_user+0x750/0x750
[ 1627.940618] ? __import_iovec+0x458/0x590
[ 1627.941534] ? import_iovec+0x83/0xb0
[ 1627.942369] sg_common_write.constprop.0+0xba7/0x1a30
[ 1627.943502] ? sg_build_indirect.isra.0+0x710/0x710
[ 1627.944596] ? __might_fault+0x73/0x180
[ 1627.945464] ? lock_downgrade+0x6d0/0x6d0
[ 1627.946371] ? cap_capable+0x1cd/0x230
[ 1627.947230] ? capable+0xe1/0x100
[ 1627.947997] sg_new_write.isra.0+0x529/0x770
[ 1627.948958] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1627.950131] ? lock_downgrade+0x6d0/0x6d0
[ 1627.951053] ? _cond_resched+0x12/0x80
[ 1627.951917] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1627.953166] ? scsi_check_sense+0x10f0/0x10f0
[ 1627.954140] ? perf_trace_lock+0xac/0x490
[ 1627.955047] ? perf_trace_lock+0xac/0x490
[ 1627.955977] sg_ioctl_common+0x828/0x2570
[ 1627.956885] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1627.958010] ? do_vfs_ioctl+0x283/0x10d0
[ 1627.958892] ? sg_write+0x120/0x120
[ 1627.959867] ? generic_block_fiemap+0x60/0x60
[ 1627.960850] ? lock_downgrade+0x6d0/0x6d0
[ 1627.961760] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1627.962818] ? wait_for_completion_io+0x270/0x270
[ 1627.963901] ? selinux_file_ioctl+0xb6/0x270
[ 1627.964866] ? sg_compat_ioctl+0x120/0x120
[ 1627.965794] sg_ioctl+0x8f/0x120
[ 1627.966524] __x64_sys_ioctl+0x19a/0x210
04:08:23 executing program 3:
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
setresuid(0x0, 0x0, r0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {0x0, r0}}}], 0x20}, 0x0)
clone3(&(0x7f0000001e00)={0x21240400, &(0x7f00000001c0), &(0x7f0000001bc0), &(0x7f0000001b80), {0x1b}, &(0x7f0000001f00)=""/149, 0x95, &(0x7f0000001d00)=""/170, &(0x7f0000001dc0)=[0x0, 0x0, 0xffffffffffffffff], 0x53}, 0x58)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000340)={<r2=>0x0}, &(0x7f0000000380)=0xc)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
setresuid(0x0, 0x0, r3)
sendmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r2, r3}}}], 0x20}, 0x0)
clone3(&(0x7f0000001e00)={0x21240400, &(0x7f00000001c0), &(0x7f0000001bc0), &(0x7f0000001b80), {0x1b}, &(0x7f0000001f00)=""/149, 0x95, &(0x7f0000001d00)=""/170, &(0x7f0000001dc0)=[0x0, r2, 0xffffffffffffffff], 0x53}, 0x58)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000640)={{0x1, 0x1, 0x18, <r4=>0xffffffffffffffff, {0x5b}}, './file0\x00'})
clone3(&(0x7f0000000680)={0xa0002000, &(0x7f0000000200), &(0x7f0000000240), &(0x7f0000000280), {0x3e}, &(0x7f00000002c0)=""/84, 0x54, &(0x7f0000000340)=""/60, &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2], 0x8, {r4}}, 0x58)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r5, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r5, &(0x7f00000000c0)={0x1f, 0xfffe, @any, 0x3}, 0x0)
r6 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000006, 0x11, 0xffffffffffffffff, 0x8000000)
syz_io_uring_setup(0x19dc, &(0x7f0000000000)={0x0, 0x3f00, 0x0, 0x2, 0x27d}, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000000100), &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000001c0)=@IORING_OP_FSYNC={0x3, 0x0, 0x0, @fd_index=0x9, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x800)
04:08:23 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b7080000790000"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:08:23 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:08:23 executing program 6:
syz_open_dev$tty1(0xc, 0x4, 0x1)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x81, 0xb2442)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x4, 0x0})
r2 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000340)={0x53, 0xfffffffffffffffd, 0xc8, 0x3f, @buffer={0x0, 0xb6, &(0x7f0000000100)=""/182}, &(0x7f00000001c0)="0da9ca1a6e834bb0f2eb9cecbb80807649ea0327feb874feaf2f7dd2c3ee09f75995235a4f5f42ab01b6a42cd60175ab62326ff0c3b14ce15e2973f8cce7d08a2eebf560b62d44157a02f0eeeb8d9fcf32ca502c155b183694521aaab1655a8c77d4ac0dbdfb33e180c8f2245f2929616c0e98e75857145b704266a6d036e89742b7c80f286ef9494611e527289c64facb17108b1db17219e3946c4c5bf43c1158a2a62a910db69c86a806c7529e629a7e0b4c87a4d2410ead85fad3e067f695229662eae7e0e084", &(0x7f00000002c0)=""/98, 0xe6, 0x10041, 0x3})
ioctl$SG_IO(r3, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x4, 0x0})
r4 = syz_open_dev$vcsa(0x0, 0x800000000, 0x10000)
r5 = epoll_create(0x7ffd)
readv(r5, &(0x7f0000000100), 0x1000000000000073)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000500)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, <r6=>0x0})
ioctl$BTRFS_IOC_WAIT_SYNC(r5, 0x40089416, &(0x7f00000001c0)=r6)
ioctl$BTRFS_IOC_RM_DEV_V2(r4, 0x5000943a, &(0x7f0000000500)={{}, r6, 0x1a, @unused=[0x8000, 0x200, 0x8000, 0xb48d], @subvolid=0x1fc})
perf_event_open(&(0x7f0000000640)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x6}}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
r7 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r7, 0x5000943f, &(0x7f0000000900)={{}, 0x0, 0x4, @inherit={0x60, &(0x7f0000001e00)=ANY=[@ANYBLOB="0100000000000000030000f30000e1000500002e00000009000000ff0000000001ffffff00000000040000fffffffc008180000000000002ffffffff000400000000000000000000ea54ffff2100050001000000002500000000000000000000cc5beff3e58c8d48225443c926718ea11f5b6e6e7fbcd2de3242d2db63c81011018497da6403062bafff858e695e6199bc315b20c1a8f3c00fe9d263127daa5e762e6f5c5a3f95559b8329eab9bddde26408c678a31c29df91d80808e5ddfe3f5d2afdfba5ad51c404276d4ac204fd655a4bd47aa9c8e3424b2c4ec7be1eb67adbec831088000000000000"]}, @devid})
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000000640)={{}, r6, 0x8, @inherit={0x50, &(0x7f0000000440)={0x0, 0x1, 0x1800000000000000, 0x6, {0x8, 0x0, 0x6, 0x8, 0x2}, [0x644]}}, @devid})
ioctl$TIOCL_SETSEL(r3, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x0, 0x8e2, 0x6, 0xffff, 0x10}})
[ 1627.967555] do_syscall_64+0x33/0x40
[ 1627.968475] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1627.969618] RIP: 0033:0x7fde33c83b19
[ 1627.970440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1627.974457] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1627.976126] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1627.977684] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1627.979258] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1627.980848] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1627.982413] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:08:23 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0xf, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:08:23 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b7080000790000"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:08:23 executing program 6:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000340), &(0x7f0000000380)=0xc)
r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000100), 0x200200, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000340)={<r3=>0x0}, &(0x7f0000000380)=0xc)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0x0, 0x0, r4)
sendmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r3, r4}}}], 0x20}, 0x0)
clone3(&(0x7f0000001e00)={0x21240400, &(0x7f00000001c0), &(0x7f0000001bc0), &(0x7f0000001b80), {0x1b}, &(0x7f0000001f00)=""/149, 0x95, &(0x7f0000001d00)=""/170, &(0x7f0000001dc0)=[0x0, r3, 0xffffffffffffffff], 0x53}, 0x58)
sendmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r3}}}], 0x20}, 0x4875)
04:08:23 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:08:23 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000340)={<r2=>0x0}, &(0x7f0000000380)=0xc)
sendmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
listen(r0, 0xffffffff)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x4, 0x0})
newfstatat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, <r5=>0x0}, 0x6000)
statx(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x8, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000440)={0x1348, 0x3e, 0x400, 0x70bd2c, 0x25dfdbfe, {}, [@nested={0xc, 0x85, 0x0, 0x1, [@typed={0x8, 0x3, 0x0, 0x0, @fd=r4}]}, @nested={0x22d, 0x2, 0x0, 0x1, [@generic="c6ee3cafcb41d280a7658d3ac178b5c7604fdcd23ec8c6747885d98b35", @typed={0xc, 0x94, 0x0, 0x0, @u64=0x8}, @generic="69cdf946998a883d85f2d10b48d87d87385bacdcc20c6205e5404d2e316af597aad296205f907d414d2da60624c9414abdfb82eeb2fffb4666f9b1c68ada53448f8c23d899146b3b65ff3e331a0b483d7c91f3fae9a6f893b5469449b24f4461d8a98e0696efcc7a48ad0f4822adfd3fe776e087465d358696a6da2bd52efa91cb2082e71a792a599ea270bd14f48994ea91a462bab0c0fa91179bd33e0252ebd735a5013e6df020a44234ceb227f1fae864a581122590a0a16a29a0c817d987786c5a6c738865524a807a5dd10d11ae19c310550de0c547aaf671ed08b965dbaaf77c", @generic="edf119c9f925e7a095f39b1e6f6aac09ac7079472591dcfef25011c020ee6bb3c3d27ac6224bb323a8885770c9eb68d5e9218917d7c88fd2c322cc82ca44b4e7960cd393d81ff9e23639d59874f4935e88191df5e09e0d1a3c954e34583dfa99ca40a0715db116e7d573e922a512fbee0d7bc70791d51c167fd16c881c7d07543ee840cd6c275b45f0494d06f1ac3be85c194cf4cc6ae351ff37068fd38c487877d764592597cf8241d64053c6cb2909290c6259c4ab774e479641d35be4b13701c64d33abe849f9d3e3ebf06ac9cd", @typed={0x8, 0x13, 0x0, 0x0, @uid=r5}, @generic="8b393780302910dd88dfa080a0322d5be2f10a8938a34f6f5c89ad16a314df6a87670c4d61832fdd038848796976d855bd62c5e05dcb12306f8bf877b62244b70282a866600e"]}, @typed={0x1004, 0x30, 0x0, 0x0, @binary="5f4371d11c21ad98b25e7b4d0c16358efb9a0e5451d4c0438516a7d73dba08d70df2a82b5005e77373ddebce954a5837c648a2d28e5706ca3f40e2693f9d842c926d9812daae9a9db72c1864df8a695924298efb9d9250dd9a1be326503cb92aaa46f3faf033259bbc32897e868b43bfded1151fb07223c6d062632b60df95458e0ba18ddfb7bf8cc32834ce448aaacbb70de27c5d378d5bab8c79f700b89a3c0e8422cb4b963b6f7d4fa489f6b96ffcbd71eb46a54686f8f024a92ea5b361d9cfcc809a9dd429158bc3d2be9ca2cb83c9bbeb429b8b00017b49846cc6d5fc6d06c563abb6b03a7352db7ed7d0875581fe363bd138a2d2fe2e8f9e24760a0db8aa8fedffe85c2eff44869d8b21a909b4a755b55edad5868842aada1a29db0326a7c593343cf16ab3dea48612834766785054183a074ef7388534fed93a490d2bb18c6aee86b2008e21b00aced21486a5b5aa4561a2ad72bc693af75c19c620762cb701aef580c88ab23390d8baaec4d248a02791080b6fbaeaf18ac6782056845f4f2ec735974896b0f20876274eec100c959d77aaf53691f84c44b1d598c9930c84790ad8a327d7a8b17e2532e915b38902518cae9d9572760c2330d16e3047601696831628875c3843eb7457afdc6d3c29902b11eb1cc0565f1eb770d4a491d1fd66d38b945ee3ed6bb44d39879ad38088ef4ce9e6461337548bd91146ae20921906545d9fc7d624751ad75bf63b37c98818cd9f68fd602d9f688f95abe2ac0417b23e0bf0799a68ad324226763d865585c81c7cb55be08c3461e8d864a4328b81c4a3327f051a7c3c378082a0aa1c9e53a3b90bd7ddc31c57c4d3113f11e5e9277b61824f46251ae58803734f551c103a0c5382b6c34ea05a0ace92c286d2c4f0cb7897f07fe397d5c02011d1571ccc0222bd1e3b6188d7935c4713ab7a7f7ea5a877254492eebe11b1243c3ef2edbd9a80179c2980c2f28cd8ce62eb13bffa7dfd42bfd33952a4ff8baabc152e0e18763647f539ef57bf9c6f4b53edf56b79ddb670e2d177dfe88a2d63421b9f5b9eb47ac40a19ef0a706762b406d3c4a858a2533be22556c363dcdd819380436b917e60ab9ae497b7fbcda3c08bbdd00a034923b5a1c97d8923005e0532612eac67ef594dca0bf1f4e4ec1af81722e4434cb9317eccb729adbb0a0b31702ee5a369c753fc45047d34a91b60ad8b8f5954ab8c528b163ad6214abae2e67d1bf3b83b9f86563709d889cff5ffb1df7775fde1a46e4844ec69a2f2276d8e15f93bd726dd2ad3c68f29051896affa6a1ffc09a937f0a86f1eca8339e1612e5b9a503029c4064b259801fc29b56ecbeb5cb51ea4bf49759765b333f58365927d27be5b5f210e054d2f8d24442fc604ca12998d5e463e6bde3ecf9f4ac812969a40fe0100165560651962702c2d3c02fc0baeacdf18be536732f098bcee8d959e1b874eabaa2e02d97897ccd0870daff0c3c8a482280176d42141cffbe642fb70672b0d33947535a1bd89d4e842b7cedad6f200aacec3e5e228efdf60993a5480b2f665cb3b051b6512cb600146e41d781e4e78bd6f1bb09b0ddba2a9c4f2bca4c6c622ddc459f1f4139a04c0b34978915fc7f8d0edde9246b1a44036013726281cfecb83aac1ebfe9fcdf6d7540f45f2ba2cc658eb805d52ccaaa6424f16319b143c9b5c4cf1fc7f4ce2e7dafeb4736d6d803a58a525899a6bbd1be2b1b9e21a4078c659b112cc2b5bb3548d0051f75503f9824c2b99a6f5cd1225f9044fd7d5212f669080045da740c6a633a60f264115bf7ca7a98e7aa5f8082181dd517841eef96c46602f5b7ce8f5e22594bdef81b2db81cba8eceed612ca3ccb5b31c9c41ed2e01bb86ff7afc379006c6a3295e965d2a4ebea045806199d715e15a6fae97a3291b42492cdfed1335f46c24e4128445b4f071f76e740bbd62f3cdfc8779ebb89e0f61d1bb59532c4d6704d857d7975d0c96c0079faba729cbe041eb87bd9c00c2fe8293aa89e38a5892d50f94f480d5f4a84b4298da2274c8800e3867f73d85d958dabe7c661cf0054c1a2fca1c1f469e827aed70737566d2ca1bde4318e6125bbd9defb5d9372f48c10e26399598f3e5a6ac8f956b995fea67bfb8e67f090db205f77fe60351ed22abba9feb9f7d22ad89d8128737c72c3008895d46bc09245e940aef4b313a6f531d6f0a83dd5f60d9e2b90d5c6c12f1bea668a273a173f0d3ba2daae3a1e63360f6b915ffcdc5eac302759244d357f62c3c97f00ccd6e767d3ba404a69716989c99e9b18a305982611a97377fa00ef6aef4ed357ec5caf9306f936214f5fd887a6b64a8eb83b66600b08f793efd7d602bfbdb249f5e5a482035de1351ab844468501bced9352cbc1b6feab0f1dd18d18062368a479013f722b868acf8ea06e884ecfe500fe9dc2501a05a85c82d33d71aa18b35fa067881746ac80a0cc1bd25a2edfea3576915659f5a9b770420e38b32b8e48088cb5575bc1042bb3f7f6868bd5fa8a4181221c56330be0d4512cdfc4147ad2db99cd336d87248f7da8c05e599efe3c0841d840cc9d8e66388f1ed0c1d7e390d2c27e4ebc674f3d5c01227483a9ebb7827c3e11c15a663c80a30830893013ba69351e0cc43cb12bb6cb8efc269669d9a541e195640f7d49bbef627a8a0ba6f0135992ff046d71d8cff3e2f5d290840bc3d89e38305eafe525f7622a145202e81353d70d467bc377ee42b250d76e2aef47325bb8496dee62393c3455b5a59ba8b6d70d845d76da91790eee04ed5ec871a9ccbe5c8e7a4bfd711049769dc52d975c9eba27a24737205df1b59713e2f89e31d91638528347257b5a3eb8905f4d98660e369d86421fe4600f7bb4c2e07b8797519a15a2e0762eb9561f430f8cb9810ab55a7fb2e3dff3a636212d3385b776749c8e361b9535fc96b4ff2e8afa5be36e97a3fefca67c8ac4cc01135dd2b947292b52bca8272f49941596201bffa47a1f720d193221d1659cb6c2da5b45da1274600748e462bdda9f323e51fcae2b3d4466d4277ea5be71fcce9657ab61fb4e2de950a09d2ffd479f9023fee0381aab46da17ac74d3395d20435b99397fe462e4f0b1843e6ed4e7c524c21513a0ed2abb1e1ac38c03ad38cbaba6bd1f5440b34bbc6f339606ea528c7afd59f33c31205d067c526287b06d4dd1e8d01d530fbc5098041a32aa3fcb1035c7b857d1944194177e983cb0647c40339f843d921c3a2bb8daf85385ed2f01319c93bae549200198900d40296a46bc59c4a791de71b97fa877aa9ab78c3c76797393d74c391717dc25a57dc715d5c8b2875a5c6ae49159ffedfcf4a55eedcdd305b53eeb1bc1d3df83ae7ead52e2418a9b22f61589e6fb418f634d3d02a6b7c99587efd617b5ab429475cf09f13b825f9197f0fbeb347f1da7a1c50d0cf6001b9f582f8ff2cd11ac370c07ed6c5948c105a7a7cbf09c2885ecd907da0fb9002874e5ca4d3a4e9702fc75c0ef998bb35320e8ac7c79936c9db37ed30a4d68282d2530c8c545530ddebc74a007dfb9466e6fd0e97748f4f9fc3eacb1116dd565b0fcfd231f3b220f28a54b95f6222d0dc3859f2681c0dc74efd0c7052a129eb974895529d93ad312383c376e2e16673eef358af18356f2edc0f51e878b26dc5605d0616cbf76ce583acf19f2d2d8ea2d2b118775d0ea6bf02d147728c4ed9130076a17b9aa024ba0909c743f1489befc4887c796ba73b2126ef4268ef4db0c3960ceaaafaf96949b55c141472d30a8ddd8f7c90da64c8c523a79b00a050688f0818d1c914bde59cb221ca4474198d0c3022efc2ae8d61bf96368df333636016edfe220a64c450f0f369f1efbd840ac70c303d02aa45fafaf9f4be1d87ec938bdf1a51d96d7babefa40c43223917b4937be85d192c414733c5d7e59a39e4f7e4a696d500804238ecf11a8b280ea6e8e19c049357c08822013c0ace4ba6adee851d0d9983f14ac7bfa8eb35ccbb363dd495f32a8a96a8c8690816cd23e5881a2e13b4929c623a3b4f86a1258a638f873ad3fd6eeb57b7bc7665d5502c4319de81ff5e3695809117e826ec651278d412ec5cf8ba8aad6e52d037a88eff92c438af099dc42addfda754ba37b354ff93a9765fd0760892168163c12005cf9d369a622516bcf1647be646877dff67820dbce3a77dbea8676dd3758b91f1149a52e65a3c8b86ce845aaaafb7d11e78c8619778c0a02d8362f3241519f99ec5cfd7ff775064bf2a642590bf143141bebc9b94c984e899518810c3adca2e189402f877c65d616b4608491251f7469854610f798404f10151cf8a14c13bceaaf8d90a46fb68da61383b75719220f366dd353f5923c72b88515b9a81819ad0d8666181b8c0b6f90fb6eeebd99644cf50dda1e12c711500b33a10f189db03717c369140e5d23a93cfa0ef19e8bef0ca9ebf9e75fabaca4940aea18e5866e5236cb7c392bfaa34e24b581e5a9f7663fb2f71e0f93817a2623cec504d1c83540c202c176d5919d365f7420ffefc1510b2cf22ed1be97d234d8e09f01b2ae927def08bb65b10bd5a58f959488c17dc8f42d5e25d3642bae2b904e265cf8bd18efa3a0db689252d75ab4b188cdc4ce9712e1e11a8da65cd06dcf5899f3cfac456af31f20f151aacd266b1ae1f7dad75cf94629cbd8004a7f94d3419c37a08b8987539dbb7d1166772370b6616108b182b2dae688ce3c1433ba5dd1b8e26606b96df10eeb9c8cb384e1904f5dcf77a358dde03017e262534b904022bf8362faf6e2a599ab299d5c317ea11437c59de8ae59ea97add8a2271e6ddfb9039011b14b9cf06355d7d0b17b853dd41f9694df1522af017fdf17755ad5f7ce1f0e6c3978d211f1509fb275bdc34feaf269b8ca324898683bbaea83d0742514f09cc6561ea60df124ccb9dd8cb69d31eab17f351d58ce1696fd9476db614e396c79b6c4f851e4278b695d55c48a6d3d2d01d143609325f3991600f850dfba3dd3f1e400e0976fdab58334c8ad3b3ce69f5757372425616b3ffbc08c21a910f191be2f33917c0a8fcffa3da3133700bc8747e19b089a6fe024d4f49e707afba6e694a35a501c9f36e408c6b21a7eac031411ed574ace88dcd8a5e825020d77a8d1690a54453a6620609f5fc7296244a1a651a9816f6068eca9a2c2deab4293bd0dd811b1a499097827524859b4c58162705aaa33c18209c4b74a6a0c23340b528dc8afad8d22a816199b6b23e4ead166bddda8d0866edfec0f6266c3c5c9f7f1f90a0769014a0b027d49170e2d0d6f33058e27b563c79106d88377668221c1884acf37ee8853244a50c1f837c5ff17d01f15701c04aa4803371febd87be8593341ffca07842396e6696fa89d2fb054db3dc3b2350b0d8a9dab731a06fc861cdbe75205eab4132e1dd1f1079531b03fa47a533cf728beda30623325eccfa38527187f04fa8aac3a4b48b727ccf8252c8474aa623a6d31febac38a65961fead646f6e3be32c23eeda9cd294fb64b6d2858a0ac41664d8b6332f960eade5bfda3e1d846dc3209c2fe236abb083a011cf9f51e168994647f80924663667c1311963944d66063a1b290f56144feeeeeb3836922056b078b6d53c0f97beeb6b3240c90ea1fd89fb32b078a16adbe984267de2eb697f3b5c3ece1b9db1f71367b0cc672c316407352542ae6dea934f3ebbff5e11fdfaf4d103854a32a6837520dbdce36de8b4fe9ef169c98a2e994a99ccbd34b9dfac9fd4f1c8bd1a053f2791254c444770319d0db19feaf6965"}, @nested={0xe6, 0x59, 0x0, 0x1, [@generic="f77feaab1e301834480ce66699c088e9763ce0b329eac3658dafa0d46148af78acb362ff7558ab43d1dc0bb33df75312d25bd0769d4e1ae25824aa2da58db671605c5eb917cfdfd2e3571b322c3604fd165cb92b28bae1e5cd78a222f85e5979b4fdc2df8ac170dab004b6649a0d1680fac015aa4b322eaa312a8f689b4a6900fb655c54d22c59b042f28eb35f58431818f8c6b3e193a047ff1c18b12dd88b6adad524eb07c849974fcc64090b247926fbfc6f36cc6d4a02f55b18e13148b55827f71283a9ce8c3c6fb94f6e3e958b1b3cde248b14865cd557cf02acfa09ad5a7393"]}, @nested={0xc, 0x4e, 0x0, 0x1, [@typed={0x8, 0x13, 0x0, 0x0, @uid=r6}]}]}, 0x1348}, 0x1, 0x0, 0x0, 0x20000010}, 0x801)
04:08:23 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x10, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:08:23 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x5, &(0x7f0000000040)=[{0x3ff, 0x1f, 0x81, 0x3}, {0x0, 0x1, 0x6d}, {0x0, 0x3, 0x1, 0x2}, {0x5, 0x5d, 0x0, 0xbc}, {0x7, 0x19, 0xbf, 0xdd9d}]})
syz_mount_image$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
rmdir(&(0x7f0000000000)='./file0\x00')
04:08:23 executing program 0:
shmctl$SHM_LOCK(0xffffffffffffffff, 0xb)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000340)={<r0=>0x0}, &(0x7f0000000380)=0xc)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r0}}}], 0x20}, 0x0)
syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xffffffff, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x8, 0xc8df4112babb9774, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(r1, r3, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x3, 0x2004, @fd_index=0x9, 0x10000, 0x0, 0x0, 0x18, 0x1}, 0x5)
04:08:40 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:08:40 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:08:40 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000340)={<r3=>0x0}, &(0x7f0000000380)=0xc)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0x0, 0x0, r4)
sendmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r3, r4}}}], 0x20}, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000040)={<r5=>0x0}, &(0x7f0000000080)=0xc)
r6 = socket$nl_sock_diag(0x10, 0x3, 0x4)
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r6, 0x40089413, &(0x7f0000000140))
sendmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r5}}}], 0x20}, 0x0)
bind$unix(r1, &(0x7f0000000200)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
r7 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
fcntl$dupfd(r7, 0x0, r7)
pwrite64(r7, &(0x7f00000000c0)="1c606c7dacd01096990fde38b04ceb1a7bc232912e0ea6f27964f40bbdf4643cf5346fcd8aa2ee2f6b5db39d1431c8f40d6da72a307b9a0fd0014df9226c9021510bff547dac37fcc75afec72946ff4d34d69f9fa2878a27b763c2d6cf9c7c39a582300ca1b01efb59", 0x69, 0xed)
04:08:40 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 65)
04:08:40 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x11, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:08:40 executing program 6:
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10000000000005a, 0x808, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, @perf_config_ext={0x3, 0x2}, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x7, 0x0, 0x0, 0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000000}, 0x0, 0x8, 0x1, 0x0, 0x0, 0x0, 0xaa0}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/packet\x00')
dup3(r1, r0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
ftruncate(r2, 0x4)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x13, r2, 0x0)
syz_io_uring_setup(0x4, &(0x7f0000000080)={0x0, 0xfffffffe, 0x0, 0xffffffff}, &(0x7f0000ffc000/0x4000)=nil, &(0x7f00000b0000)=nil, &(0x7f0000000000), &(0x7f0000000140)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_SEND={0x1a, 0x2, 0x0, r2, 0x0, &(0x7f0000000300), 0x0, 0x8080, 0x1}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
r5 = syz_open_dev$sg(&(0x7f0000000100), 0x7, 0x10000)
r6 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000240)='./binderfs/binder-control\x00', 0x2, 0x0)
copy_file_range(r5, &(0x7f00000001c0)=0x5, r6, 0x0, 0x81, 0x0)
openat(r1, &(0x7f0000000000)='./file1/file0\x00', 0x141e40, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="6b6f7c66646e032ffe4d6f35fcdfbcb0d3923d00000100ca8962f6d23642bed45aa52eb49740f67be6d79f6c2af8e3e494bc58868474ee1cf7dfa947fa918e6f482fecb9861a551d27b64c962a985e661d37bae5a7ec272be2dce8e7a84b109e3373f8e2dcfcd30f807815dd976911aedc76c9352cb2e15f2cd1aecb8cdbfedf53f8d0c0ea3ef4981cb8b20bb9fb000000000000000000", @ANYRESHEX, @ANYRES32])
04:08:40 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b7080000790000"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:08:40 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
[ 1644.635808] FAULT_INJECTION: forcing a failure.
[ 1644.635808] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1644.638872] CPU: 0 PID: 9022 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1644.640634] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1644.642780] Call Trace:
[ 1644.643467] dump_stack+0x107/0x167
[ 1644.644411] should_fail.cold+0x5/0xa
[ 1644.645401] ? copyin.part.0+0x112/0x140
[ 1644.646456] copy_page_from_iter+0x74d/0x900
[ 1644.647596] blk_rq_map_user_iov+0x138b/0x1a60
[ 1644.648830] ? copy_user_generic_string+0x2c/0x40
[ 1644.650118] ? iovec_from_user+0x104/0x400
[ 1644.651249] ? blk_rq_unmap_user+0x750/0x750
[ 1644.652412] ? __import_iovec+0x458/0x590
[ 1644.653482] ? import_iovec+0x83/0xb0
[ 1644.654454] sg_common_write.constprop.0+0xba7/0x1a30
[ 1644.655786] ? sg_build_indirect.isra.0+0x710/0x710
[ 1644.657084] ? __might_fault+0x73/0x180
[ 1644.658109] ? lock_downgrade+0x6d0/0x6d0
[ 1644.659154] ? cap_capable+0x1cd/0x230
[ 1644.660227] ? capable+0xe1/0x100
[ 1644.661170] sg_new_write.isra.0+0x529/0x770
[ 1644.662375] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1644.663819] ? lock_downgrade+0x6d0/0x6d0
[ 1644.664972] ? _cond_resched+0x12/0x80
[ 1644.666020] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1644.667560] ? scsi_check_sense+0x10f0/0x10f0
[ 1644.668791] ? perf_trace_lock+0xac/0x490
[ 1644.669826] ? perf_trace_lock+0xac/0x490
[ 1644.670821] sg_ioctl_common+0x828/0x2570
[ 1644.671814] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1644.673032] ? do_vfs_ioctl+0x283/0x10d0
[ 1644.673986] ? sg_write+0x120/0x120
[ 1644.674839] ? generic_block_fiemap+0x60/0x60
[ 1644.675910] ? lock_downgrade+0x6d0/0x6d0
[ 1644.676923] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1644.678071] ? wait_for_completion_io+0x270/0x270
[ 1644.679235] ? selinux_file_ioctl+0xb6/0x270
[ 1644.680276] ? sg_compat_ioctl+0x120/0x120
[ 1644.681313] sg_ioctl+0x8f/0x120
[ 1644.682123] __x64_sys_ioctl+0x19a/0x210
[ 1644.683100] do_syscall_64+0x33/0x40
[ 1644.684002] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1644.685258] RIP: 0033:0x7fde33c83b19
[ 1644.686151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1644.690627] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1644.692490] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1644.694231] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1644.695971] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1644.697520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1644.699016] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:08:40 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040)=<r1=>0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timer_create(0x7, &(0x7f0000000100)={0x0, 0x38, 0x1, @tid=r0}, &(0x7f0000000140))
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
timer_gettime(r1, &(0x7f00000000c0))
bind$bt_l2cap(r2, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:08:40 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b7080000790000000c0023"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:08:40 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000340), &(0x7f0000000380)=0xc)
sendmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000340)={<r2=>0x0}, &(0x7f0000000380)=0xc)
stat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
setresuid(0x0, 0x0, r3)
sendmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r2, r3}}}], 0x20}, 0x0)
ioctl$SIOCGSTAMPNS(r0, 0x8907, &(0x7f0000000040))
04:08:40 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:08:40 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 66)
04:08:40 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x12, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:08:40 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b7080000790000000c0023"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
[ 1644.922280] FAULT_INJECTION: forcing a failure.
[ 1644.922280] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1644.924774] CPU: 1 PID: 9051 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1644.926197] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1644.927919] Call Trace:
[ 1644.928482] dump_stack+0x107/0x167
[ 1644.929246] should_fail.cold+0x5/0xa
[ 1644.930046] ? copyin.part.0+0x112/0x140
[ 1644.930899] copy_page_from_iter+0x74d/0x900
[ 1644.931829] blk_rq_map_user_iov+0x138b/0x1a60
[ 1644.932813] ? blk_rq_unmap_user+0x750/0x750
[ 1644.933733] ? __sanitizer_cov_trace_pc+0x42/0x60
[ 1644.934741] ? __import_iovec+0x458/0x590
[ 1644.935604] ? import_iovec+0x83/0xb0
[ 1644.936419] sg_common_write.constprop.0+0xba7/0x1a30
[ 1644.937492] ? sg_build_indirect.isra.0+0x710/0x710
[ 1644.938519] ? __might_fault+0x73/0x180
[ 1644.939338] ? lock_downgrade+0x6d0/0x6d0
[ 1644.940208] ? cap_capable+0x1cd/0x230
[ 1644.941029] ? capable+0xe1/0x100
[ 1644.941745] sg_new_write.isra.0+0x529/0x770
[ 1644.942657] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1644.943769] ? lock_downgrade+0x6d0/0x6d0
[ 1644.944660] ? _cond_resched+0x12/0x80
[ 1644.945460] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1644.946641] ? scsi_check_sense+0x10f0/0x10f0
[ 1644.947553] ? perf_trace_lock+0xac/0x490
[ 1644.948407] ? perf_trace_lock+0xac/0x490
[ 1644.949281] sg_ioctl_common+0x828/0x2570
[ 1644.950131] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1644.951189] ? do_vfs_ioctl+0x283/0x10d0
[ 1644.952006] ? sg_write+0x120/0x120
[ 1644.952767] ? generic_block_fiemap+0x60/0x60
[ 1644.953681] ? lock_downgrade+0x6d0/0x6d0
[ 1644.954534] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1644.955511] ? wait_for_completion_io+0x270/0x270
[ 1644.956513] ? selinux_file_ioctl+0xb6/0x270
[ 1644.957399] ? sg_compat_ioctl+0x120/0x120
[ 1644.958253] sg_ioctl+0x8f/0x120
[ 1644.958948] __x64_sys_ioctl+0x19a/0x210
[ 1644.959775] do_syscall_64+0x33/0x40
[ 1644.960539] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1644.961581] RIP: 0033:0x7fde33c83b19
[ 1644.962341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1644.966104] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1644.967657] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1644.969122] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1644.970564] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1644.972022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1644.973469] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:08:40 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x13, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:08:40 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x58, &(0x7f0000000080)=ANY=[@ANYBLOB="000000de270fa6ff650000000000410081eaf3a77d51ad8c0749d3ddba989ae6f0768bacc5ade6728d7b", @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00'], 0xfffffffffffffede, 0x40044001}, 0x0)
04:08:57 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:08:57 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(0xffffffffffffffff, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:08:57 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 67)
04:08:57 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000340), &(0x7f0000000380)=0xc)
sendmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)}, 0x4000)
04:08:57 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b7080000790000000c0023"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:08:57 executing program 6:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
io_setup(0x5, &(0x7f0000000080)=<r0=>0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
io_setup(0x1, &(0x7f0000000040)=<r2=>0x0)
r3 = eventfd(0x0)
io_submit(r2, 0x1, &(0x7f00000004c0)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r3, 0x0}])
io_submit(r0, 0x1, &(0x7f00000002c0)=[&(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x5, r3}])
04:08:57 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x14, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:08:57 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f00000007c0)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040)=<r1=>0x0)
process_vm_readv(0x0, &(0x7f0000000300)=[{&(0x7f00000001c0)=""/148, 0x94}, {&(0x7f0000000280)=""/99, 0x63}], 0x2, &(0x7f0000000740)=[{&(0x7f0000000340)=""/49, 0x31}, {&(0x7f0000000380)=""/209, 0xd1}, {&(0x7f0000000480)=""/192, 0xc0}, {&(0x7f0000000540)}, {&(0x7f0000000580)=""/168, 0xa8}, {&(0x7f0000000640)=""/209, 0xd1}], 0x6, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
timer_settime(r1, 0x1, &(0x7f0000000100), &(0x7f0000000140))
bind$bt_l2cap(r2, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x10, @fixed, 0x3}, 0xe)
timer_create(0x3, 0x0, &(0x7f0000000040)=<r3=>0x0)
timer_settime(r3, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000340)={<r5=>0x0}, &(0x7f0000000380)=0xc)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
setresuid(0x0, 0x0, r6)
sendmsg$unix(r4, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r5, r6}}}], 0x20}, 0x0)
clone3(&(0x7f0000001e00)={0x21240400, &(0x7f00000001c0), &(0x7f0000001bc0), &(0x7f0000001b80), {0x1b}, &(0x7f0000001f00)=""/149, 0x95, &(0x7f0000001d00)=""/170, &(0x7f0000001dc0)=[0x0, r5, 0xffffffffffffffff], 0x53}, 0x58)
ioprio_get$pid(0x3, r5)
clock_gettime(0x0, &(0x7f00000000c0))
timer_settime(r3, 0x0, &(0x7f0000000540)={{}, {0x0, 0x989680}}, 0x0)
[ 1661.642290] FAULT_INJECTION: forcing a failure.
[ 1661.642290] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1661.644310] CPU: 1 PID: 9068 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1661.645277] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1661.646424] Call Trace:
[ 1661.646795] dump_stack+0x107/0x167
[ 1661.647306] should_fail.cold+0x5/0xa
[ 1661.647841] ? copyin.part.0+0x112/0x140
[ 1661.648406] copy_page_from_iter+0x74d/0x900
[ 1661.649033] blk_rq_map_user_iov+0x138b/0x1a60
[ 1661.649694] ? blk_rq_unmap_user+0x750/0x750
[ 1661.650325] ? __sanitizer_cov_trace_pc+0x4/0x60
[ 1661.650995] ? __import_iovec+0x458/0x590
[ 1661.651589] ? import_iovec+0x83/0xb0
[ 1661.652137] sg_common_write.constprop.0+0xba7/0x1a30
[ 1661.652866] ? sg_build_indirect.isra.0+0x710/0x710
[ 1661.653582] ? __might_fault+0x73/0x180
[ 1661.654141] ? lock_downgrade+0x6d0/0x6d0
[ 1661.654721] ? cap_capable+0x1cd/0x230
[ 1661.655298] ? capable+0xe1/0x100
[ 1661.655798] sg_new_write.isra.0+0x529/0x770
[ 1661.656429] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1661.657216] ? lock_downgrade+0x6d0/0x6d0
[ 1661.657818] ? _cond_resched+0x12/0x80
[ 1661.658383] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1661.659190] ? scsi_check_sense+0x10f0/0x10f0
[ 1661.659842] ? perf_trace_lock+0xac/0x490
[ 1661.660417] ? SOFTIRQ_verbose+0x10/0x10
[ 1661.661002] sg_ioctl_common+0x828/0x2570
[ 1661.661586] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1661.662307] ? do_vfs_ioctl+0x283/0x10d0
[ 1661.662866] ? sg_write+0x120/0x120
[ 1661.663371] ? generic_block_fiemap+0x60/0x60
[ 1661.663994] ? lock_downgrade+0x6d0/0x6d0
[ 1661.664568] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1661.665252] ? wait_for_completion_io+0x270/0x270
[ 1661.665927] ? selinux_file_ioctl+0xb6/0x270
[ 1661.666534] ? sg_compat_ioctl+0x120/0x120
[ 1661.667118] sg_ioctl+0x8f/0x120
[ 1661.667589] __x64_sys_ioctl+0x19a/0x210
[ 1661.668155] do_syscall_64+0x33/0x40
[ 1661.668672] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1661.669395] RIP: 0033:0x7fde33c83b19
[ 1661.669908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1661.672461] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1661.673522] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1661.674510] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1661.675503] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1661.676506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1661.677511] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:08:57 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x15, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:08:57 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(0xffffffffffffffff, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:08:57 executing program 0:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x4, &(0x7f0000001800)=[{&(0x7f0000000280)="2000000080000000060000006a0000000f000000000000000100000001000000004000000040000020000000e0f4655fe0f4655f0100ffff53ef010001000000dff4655f000000000000000001000000000000000b0000000001", 0x5a, 0x400}, {0x0, 0x0, 0xffffffffdffffff8}, {&(0x7f0000010400)="020000000300000004", 0x9, 0x800}, {&(0x7f0000011600)="ed41000000080000dff46552e0f4655fe0f4655f000000000000040004", 0x1d, 0x2100}], 0x0, &(0x7f0000000140)={[{@abort}]})
04:08:57 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
timer_create(0x0, &(0x7f0000000100)={0x0, 0x38, 0x1, @thr={&(0x7f00000000c0)="7f7d673f601775d2beb21e8acd7f6d5186605b5e13fdae504638e3c8213ef4595196eff1a17ca292e64042e156", &(0x7f00000001c0)="5101df0d295aaab3f6b3dd39977b3b53b09b55b30a4663fb6f560ff2cd2a84b5996c373309e17885dbb80cb14a0a0d96d38fa63ea3114f74c0c5206d0cc956bec5f05b8c11783071a0f37e5f9cc165dceb372faf25877f2f5e7c98a36815807baa09738d89c816c81b90595e93aca060604a7a2bddd2bdf5cc9ab594059e455c12c618becd00921e57babe245433d2164b894d0da710d883b935ff7afd6359cb0defb9b4061c937b675814b06bc1c795af7b6f224dc4645b624511c5ad812789274c3ca1ba1760db9f5f1a7ff5eaa5721f3b4f683d"}}, &(0x7f0000000140)=<r2=>0x0)
timer_settime(r2, 0x1, &(0x7f00000002c0)={{}, {0x77359400}}, 0x0)
04:08:57 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x16, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:08:57 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0)
fallocate(r0, 0x10, 0x0, 0x5)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000340)={<r3=>0x0}, &(0x7f0000000380)=0xc)
stat(&(0x7f0000000200)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0x0, 0x0, r4)
sendmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r3, r4}}}], 0x20}, 0x0)
clone3(&(0x7f0000001e00)={0x21240400, &(0x7f00000001c0), &(0x7f0000001bc0), &(0x7f0000001b80), {0x1b}, &(0x7f0000001f00)=""/149, 0x95, &(0x7f0000001d00)=""/170, &(0x7f0000001dc0)=[0x0, r3, 0xffffffffffffffff], 0x53}, 0x58)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x3, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, r3, 0x0, 0xffffffffffffffff, 0xb)
openat(r1, &(0x7f0000000240)='./file1\x00', 0x54a8bec624e7f982, 0x12a)
ioctl$PERF_EVENT_IOC_PERIOD(0xffffffffffffffff, 0x40082404, &(0x7f0000000180)=0x400)
r5 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FS_IOC_GETFSMAP(r5, 0xc0c0583b, &(0x7f0000000080)={0x0, 0xfdfdffff, 0x102, 0x0, '\x00', [{}, {0x800, 0x0, 0x400000000000000}], ['\x00']})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
openat(r5, &(0x7f00000002c0)='./file1\x00', 0x0, 0x0)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), 0xffffffffffffffff)
socket$packet(0x11, 0x2, 0x300)
unshare(0x48020200)
04:08:57 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 68)
04:08:57 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079000000"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
[ 1661.933902] FAULT_INJECTION: forcing a failure.
[ 1661.933902] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1661.936752] CPU: 0 PID: 9104 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1661.938397] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1661.940288] Call Trace:
[ 1661.940892] dump_stack+0x107/0x167
[ 1661.941745] should_fail.cold+0x5/0xa
[ 1661.942613] ? copyin.part.0+0x112/0x140
[ 1661.943542] copy_page_from_iter+0x74d/0x900
[ 1661.944560] blk_rq_map_user_iov+0x138b/0x1a60
[ 1661.945621] ? copy_user_generic_string+0x2c/0x40
[ 1661.946724] ? iovec_from_user+0x104/0x400
[ 1661.947692] ? blk_rq_unmap_user+0x750/0x750
[ 1661.948694] ? __import_iovec+0x458/0x590
[ 1661.949662] ? import_iovec+0x83/0xb0
[ 1661.950540] sg_common_write.constprop.0+0xba7/0x1a30
[ 1661.951727] ? sg_build_indirect.isra.0+0x710/0x710
[ 1661.952860] ? __might_fault+0x73/0x180
[ 1661.953783] ? lock_downgrade+0x6d0/0x6d0
[ 1661.954733] ? cap_capable+0x1cd/0x230
[ 1661.955640] ? capable+0xe1/0x100
[ 1661.956430] sg_new_write.isra.0+0x529/0x770
[ 1661.957441] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1661.958648] ? lock_downgrade+0x6d0/0x6d0
[ 1661.959606] ? _cond_resched+0x12/0x80
[ 1661.960494] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1661.961788] ? scsi_check_sense+0x10f0/0x10f0
[ 1661.962802] ? perf_trace_lock+0xac/0x490
[ 1661.963741] ? SOFTIRQ_verbose+0x10/0x10
[ 1661.964675] sg_ioctl_common+0x828/0x2570
[ 1661.965633] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1661.966794] ? do_vfs_ioctl+0x283/0x10d0
[ 1661.967707] ? sg_write+0x120/0x120
[ 1661.968523] ? generic_block_fiemap+0x60/0x60
[ 1661.969544] ? lock_downgrade+0x6d0/0x6d0
[ 1661.970479] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1661.971571] ? wait_for_completion_io+0x270/0x270
[ 1661.972782] ? selinux_file_ioctl+0xb6/0x270
[ 1661.973995] ? sg_compat_ioctl+0x120/0x120
[ 1661.975156] sg_ioctl+0x8f/0x120
[ 1661.976092] __x64_sys_ioctl+0x19a/0x210
[ 1661.977236] do_syscall_64+0x33/0x40
[ 1661.978262] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1661.979660] RIP: 0033:0x7fde33c83b19
[ 1661.980672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1661.985751] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1661.987816] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1661.989746] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1661.991658] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1661.993590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1661.995495] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:09:13 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 69)
04:09:13 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x46e2, 0x0)
r1 = inotify_init1(0x0)
inotify_add_watch(r1, &(0x7f0000000080)='./file0\x00', 0xc2000258)
ioctl$int_in(r1, 0x5452, &(0x7f0000000000)=0x8f4)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
write(r2, &(0x7f00000000c0)="ddf1f1bd6b33b0b816630cc3c83e51a3a26f723b54d5708e76e80a886de04b0da13253e1b38130f0fa04d8f5ba4621a9f3f26b91c3b530e60ca2847994e026c27a229cc80b863c6ca6f8a9965ffb967b83454d42291352bf939d0ee4113c301ec14a3836193da060ffa61c147333340d15973f13ab4d051c1269fc5c1ff860f93d5221534f3c17ccde057076a7b8b07f5051041049fe3424866b330234c084ed8b60a7d9c0290f5ba6741c8ffcdc7274c40357e081d6aa0ab0f76d5254fe9211a096d34822f6379965009a80ad3960a35876bb308537e79a3a16362c396997d66b6217461a0dc5", 0xe7)
r3 = dup2(r1, r2)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r0, 0xc0189378, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r0, {<r4=>r3}}, './file1\x00'})
inotify_add_watch(r4, &(0x7f0000000200)='./file0\x00', 0x92000812)
04:09:13 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x17, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:09:13 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(0xffffffffffffffff, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:09:13 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:09:13 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079000000"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:09:13 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, @thr={&(0x7f00000000c0)="9d212fb3ecd9ac909dc05e407ead807bd0ad225bef43e9c127ef29f051007bf54d7c7a1d7510cbbad9d5eed35a4eecc2a29c7045136db16ce89d12b55357c2808c0b3596de7a4e48480b739c04fde1bdfc13bce6eee4e6d7aab1a8f3e89eea09c5fa48329b56cd3ad08aee14d2b64da4a90620cd4974ea070d8a68eb972b2e44a29b8f87b4f093fd81393b4fdb954a74c52143573464", &(0x7f00000001c0)="30392c6be079eb6853acef5756460db5a2684b6eadfd1dc18b3775b5995a42f681468a473fedd5a723ee05fd9ad31506cee3d0b6547f43b2c689e2af1daf6ae6004d94c5"}}, &(0x7f0000000280))
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:09:13 executing program 6:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b7080000790000000c0023"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
[ 1677.870524] FAULT_INJECTION: forcing a failure.
[ 1677.870524] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1677.873322] CPU: 1 PID: 9118 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1677.874918] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1677.876847] Call Trace:
[ 1677.877485] dump_stack+0x107/0x167
[ 1677.878375] should_fail.cold+0x5/0xa
[ 1677.879269] ? copyin.part.0+0x112/0x140
[ 1677.880217] copy_page_from_iter+0x74d/0x900
[ 1677.881259] blk_rq_map_user_iov+0x138b/0x1a60
[ 1677.882381] ? copy_user_generic_string+0x2c/0x40
[ 1677.883497] ? iovec_from_user+0x104/0x400
[ 1677.884466] ? blk_rq_unmap_user+0x750/0x750
[ 1677.885489] ? __import_iovec+0x458/0x590
[ 1677.886471] ? import_iovec+0x83/0xb0
[ 1677.887359] sg_common_write.constprop.0+0xba7/0x1a30
[ 1677.888557] ? sg_build_indirect.isra.0+0x710/0x710
[ 1677.889719] ? __might_fault+0x73/0x180
[ 1677.890633] ? lock_downgrade+0x6d0/0x6d0
[ 1677.891587] ? cap_capable+0x1cd/0x230
[ 1677.892504] ? capable+0xe1/0x100
[ 1677.893324] sg_new_write.isra.0+0x529/0x770
[ 1677.894356] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1677.895595] ? lock_downgrade+0x6d0/0x6d0
[ 1677.896559] ? _cond_resched+0x12/0x80
[ 1677.897454] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1677.898767] ? scsi_check_sense+0x10f0/0x10f0
[ 1677.899786] ? perf_trace_lock+0xac/0x490
[ 1677.900728] ? perf_trace_lock+0xac/0x490
[ 1677.901709] sg_ioctl_common+0x828/0x2570
[ 1677.902666] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1677.903833] ? do_vfs_ioctl+0x283/0x10d0
[ 1677.904756] ? sg_write+0x120/0x120
[ 1677.905606] ? generic_block_fiemap+0x60/0x60
[ 1677.906625] ? lock_downgrade+0x6d0/0x6d0
[ 1677.907571] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1677.908668] ? wait_for_completion_io+0x270/0x270
[ 1677.909796] ? selinux_file_ioctl+0xb6/0x270
[ 1677.910786] ? sg_compat_ioctl+0x120/0x120
[ 1677.911741] sg_ioctl+0x8f/0x120
[ 1677.912511] __x64_sys_ioctl+0x19a/0x210
[ 1677.913439] do_syscall_64+0x33/0x40
[ 1677.914305] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1677.915457] RIP: 0033:0x7fde33c83b19
[ 1677.916300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1677.920464] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1677.922229] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1677.923814] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1677.925411] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1677.927015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1677.928599] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:09:13 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x18, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:09:13 executing program 0:
timerfd_settime(0xffffffffffffffff, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x20044, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0xd}, 0x0, 0x0, 0x3, 0x7, 0x1, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
timerfd_settime(r0, 0x0, &(0x7f0000000000), &(0x7f0000000080))
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000180)='/sys/class/pps', 0x82000, 0x26)
perf_event_open(&(0x7f00000002c0)={0x0, 0x80, 0xff, 0x5, 0x4, 0x3, 0x0, 0x10000, 0x84390, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x3, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, @perf_bp={&(0x7f0000000140)}, 0x1, 0x5, 0x3, 0x5, 0x0, 0xfffffe01, 0x401, 0x0, 0x1, 0x0, 0xffff}, 0x0, 0xb, r1, 0x1)
readv(r0, &(0x7f0000000280)=[{&(0x7f0000001e00)=""/4098, 0x1002}], 0x1)
timerfd_gettime(r0, &(0x7f0000000200))
getpgrp(0x0)
open$dir(&(0x7f00000003c0)='./file0\x00', 0x222001, 0x0)
timerfd_gettime(r0, &(0x7f0000000240))
timerfd_settime(r0, 0x0, &(0x7f00000000c0)={{}, {0x0, 0x3938700}}, &(0x7f0000000100))
unshare(0x48020200)
04:09:13 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040)=<r1=>0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r2, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
timer_create(0x7, &(0x7f00000000c0)={0x0, 0xf, 0x4, @tid=r0}, &(0x7f0000000100)=<r3=>0x0)
clock_gettime(0x0, &(0x7f0000000140)={<r4=>0x0, <r5=>0x0})
clock_gettime(0x0, &(0x7f0000000240)={<r6=>0x0, <r7=>0x0})
timer_settime(r1, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {r6, r7+60000000}}, &(0x7f00000002c0))
timer_settime(r3, 0x1, &(0x7f00000001c0)={{0x0, 0x989680}, {r4, r5+10000000}}, &(0x7f0000000200))
connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:09:13 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, 0x0, 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:09:13 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:09:13 executing program 6:
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000001240), 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001080)=ANY=[@ANYBLOB="b8000000130001000000000000000000ffffffff000000000000000000000000ff02000000000000000000000000000100000000000000000a00403c00000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a566a0950c064f06f473c769a6d7ddc77fd66cd528e610ecafa832ef4219db3dfb51388f68c9a415242ca0fa6d18ea3683ee0449dc1aaf25947a54d13e6fed4204dc32085a45b3d263d85bb4082730a05933782d16b3d5c980882bcb9066877a015eca7a0fc0144d9a27260e39861dee9c6a0966045bac8a864db83d66d6e4c0515781b873b29ab30971889f1cfaf1bea4da0ec0faf677767f06c0df9d3eafb357666a9e360aee6515641159a9c095972e9fa865036a50e275dcb5cf1cf5bf0b03acf746b7bf719c4288c5aec8f5c5fdf0571c663b160983cf7936815767b27758d2b8be395625084cb06434867479a985f8a68efc245002fa99db89c5c0eaf3011a6b"], 0xb8}}, 0x0)
r2 = pidfd_open(0xffffffffffffffff, 0x0)
setsockopt$inet6_mreq(r0, 0x29, 0x15, &(0x7f0000000400)={@private2={0xfc, 0x2, '\x00', 0x1}}, 0x14)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000180)={r2, 0x0, 0x800, 0x2})
r3 = perf_event_open(&(0x7f0000001d80)={0x6, 0x80, 0x7, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xffffffff81000000}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000140)='oom_adj\x00')
r5 = dup3(r4, r3, 0x0)
openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x40, 0x28)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@newspdinfo={0x3c, 0x24, 0x800, 0x70bd2a, 0x25dfdbfd, 0x7, [@XFRMA_SPD_IPV6_HTHRESH={0x6}, @XFRMA_SPD_IPV6_HTHRESH={0x6}, @XFRMA_SPD_IPV6_HTHRESH={0x6}, @XFRMA_SPD_IPV4_HTHRESH={0x6}, @XFRMA_SPD_IPV6_HTHRESH={0x6}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x4040000)
syz_io_uring_setup(0x5606, &(0x7f0000000040)={0x0, 0xef33, 0x2, 0x1, 0x256}, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f00000000c0), &(0x7f0000000340))
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r4, 0xc0189373, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r6=>r5, {0x8000}}, './file1\x00'})
syz_io_uring_setup(0x4d4f, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6}, &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r7=>0x0, &(0x7f0000000140))
syz_io_uring_submit(r7, 0x0, &(0x7f0000000280)=@IORING_OP_WRITE={0x17, 0x5, 0x0, @fd, 0x11aa7d53, 0x0, 0x0, 0x0, 0x1}, 0x6)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001480)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000480)="a86b250a0b673d58e647d59aa3ed1ce829f488df1b605168be3b4565051bc04aa6713448cf73a670e9ec210605032f05ca6acb0da7fec68dd53250af6a048bc360359cd1cb2de0b474278c0bf7939208fe49442fae2a4c67f092053db682aef034c592981849e226a8d3163f0eb99952a89e3fcb3cb3fc809626a09380ec9683b29838473ac8f631fc9779557e75851df910a6a77858c1f68629a16c76fc077223f2cfe70758efb50f7c1a05d2723db625a4ecabada70e5ccc83a4f41149b5edb74e09e265e299511435baa459e0aa5cd752f1fa8d6e8fc69748e8fee543011540e4c64164964080d5b8939783516aa486afe3440d4219eb52e204a9b5a2683f76686c2262a5aa76081304305b713b08d6fb8f9d60102888f12cce73bd619d0f9db59daab98bfce53bce107a48c7008511663cfca06af0898fcc2c1e045f1bdcd608c52fa12f52737810a4bdcef4b12e9a0eba82b22f7fcc2f328c03b00f796f2a7af07292cce2ff2bd6c0ea18298aa5551c0e3f52e2785fca169338d6be171506ddfb25970d435da36a51ee54c2158c6dfa67896601f4c389a431bae999b429641b8f47143e339940169699b8f9345d2df361ca4e0bf20c8c01d5c9610fb34e16ea9aa531fb785f62cccec66537a9d1411f6be290b998aa618077483eea143dcd00e9ae4be179834eed71a6710a0314f4dfb4dc1a4652dbcfd613b56adceeaddc76bdd4b53f6a3cac0acfd03fc6a3120fc2bcd37b20a221cd63712021b95d6c5c0d1bca39a556a0ffddbd4c5801b6e5a9b401bcdade9a5eaf48e09b966c3eb58e2ded8106a28c9204f394c01928c556acd0c6aae81e4e3856c622214132cc5a9abf18c5eaef88661405cc30f0cdf8a264b2590cd2e335a13a703bc506d97430168a64deb2f852624cec1d993c05c3e17fd2eba3235d9b188ff419bbf2e08676c109cc33b747b668ea16af294e7ca2b373a94a3e7160a6232c46544c1b67e96822c08c7a1431329be0a341e483fb615ced56b5d6592d7b0f8502604eb2fcba5c6a7a66a5ab86ea9542dbd6f5bec4070e4d73a762070dd800adef5ae8a2797c2607c4c7bc350afb6257e9dce527a8931451c8216b7bc39c36c051fee01af5b45b6019a421b51472b6578707ca00cb1635bf4e08a938c96ceee8e8dca38f5a16f7c96ff565521b5f6f1742df63ec0011c5647272fac4208dde74089c496281683bbf18f3284f9395574b5bf77d937c3ba3562a5d79d613787992e3798a918ddd9558015c1398cfc970704aeb848d065e869753870448a381e22e780b22f857e29aea44018dd276d1132934b1e8b0a30e20847c8b7e633614e59a77196039c7eccc2d641cdc0b545fd2faed306d76a60c3f8431ffde5d8c90fdb273dc17a29a106839e87b4de39c8b1f79d7f0b511c8882757d203cda79f4a733a7395c08f72ed6c29ddbbbca13aa71817448812e1d6d6aa1a698f16c7281788632db33df5daf6a9ffec6d5367f422fe038e176417c3c7f57acbfc35db4ebed337ced045b51509e335a9fc538bb24dbadc5a8e4dad926e0bd77d4c10aba5f72e452bf74940dbaeed3b2247273a2e5d3ae944d9dc10069377fe7cec6e49f2b463babd7b1837f0e997b172f4971e2db378575030d28b4872864a59be37f2332e79b951e681f0cbbbedb385d48da7d53586d5c239244abeae8e6ab1efeaab21af28d94b55f21a7dfda8e09d42756eec9c28ea67a7092e316a507f8770efc040f5994335b23646ebd722c9e810b2d6afeedce9cf0d181d667c903a258b9faa7eb51a149293e295983e4a302305bb145d08348aea9ce33c31266016731b2c1d475ed35e6b91a47acb3ff86aa6e3a348f9c3f72ba51136395737e3ffb5c2c680e303a80063ddc960d2203170e171a7bbc5e401ae0ec48e09bd235757dd0b036064b2faaa364230c62ab976d09f39821aa7074f1822101ff1d3f0ffb55d8ec3ebd6651d8ce724f3d2c462f490a39da182bba80bebc2877ce44d25a8e5ba1b2c608b1b9b6033f3c02ca23f3cf63fbe105251a246bc98b4d28202912060258099ae35b4aa8e720c9ca6b2fa6ea75dda3f7d4178fb83d0c9e86f552153d33e161889e7652f0c64f139970bc7c252db9b09bf8ab166e42eba3f3ca5716e7651ed585658921c55f4f20570ff0067d43cb25e157c91df4fc57b4386a4b9c3c6bca269f12842a2aba34bd5ab28fe54c4335026807c1a59c08fd8084a860bc32a6a85402fd8f6766b07bcb4d149bf70cc7b02a6630b037c7ff118ef92e9fa770373ae184606391f7444ce5301f7294c341299ad3d077dc93f334924079dd4d4df5fb501aa312f6b7dcc5f06fae87defeb23b0f6b70dd468aca34b3cb799badcbf8cd879f0418fe0d9bb083c92ed315b51e10da7dead45f8f6ee81a1539bae17b9434f6ab54a80e871b3e2f5ae30efcd42a84dbac70c6f9dee684e1ca33a2af8ea93cc233131a433b8ffe901d958edd2c5c7d535453c5fbd7f3d367d810a91111c10128d3ced036bb7cab0aa0bf89325f44bdf942e8bde68df8f193cc41e8e6b18c4265e7fc5a46b2ba4b896c0844d9960093211558e512d0a53ad790716797ddb3522106776165d8e73c51ef321a9d4ac3a1d5bf01db5e045781fda1a4ddafa96581aad251926170f12d3ad87d0342b9b092fc2754e3ac30911280b84285740c0503fb6f59cdbdc34d0d7c4ef46953f7bc203fdfb6e285a108e03995d31cc7da4aeea31d9bab5d5cb896dac0fd7ca2abd3033943ed5423def9d4a12fab54489385de56e0b91a8f02e381f48cc0c117fb6f3c56a11bc99980a82d3d4c99f30a52bd16b38902d29fb84125b20e0052eba9b88354edfda3d8ff6407bcd4efe01d38ce1f336c061d8bff072fd6220c1468850db2065dfdf33bf036c9d33ad9d18f34a74e48dc9e2356ddaeb2bbfefbe8c36c8f203a39ff8c0273bf48d28ebe1d820d87721bbf8bbbd5e91fc8c4584ced9cb58773fe19a19dcfb8b48b302c3659020269a9373b4823a0bd5377e8fda1bb4ae3649b73029b6f875dd8a5659514093fbe83e7220ebb8f1e66755e6d334837c1c731077c0330ff59c6b0dd8224bfa0ac0a9000332d6f2e49361cd43d4e31da299f8a6544d3ddd3635c6e378ff960a4ecd9e6c497a9a78f4b781bdf04c092402799cd10a2276895ae723785c26e5a0e1f0de6cf5709c402816646a88cdbc468e1cc8dbc722466595d59fd04f12ba9be2ee47730125906ebb164bfe7d0eba805a53b59a88d2e40659ceae721450fdcfd800cba045d6af5fc8a473e6614c649d6a5b9c982fab9a397f23d62907cff91ab676c9941635d5442c792624f56681d9b49de7aeac67f758783c9bc87a0e4f16e0f5dc6b047ccf9d8494c53cf3befb568a856b052fc1ff93eb199aee7442ae6986cc735ca737f6cd22231a962017dd9edaf4041a4fc8af3de6fc3915ceede9ad0058529620de374a6c8410312bcc44f4cfb7fac75cf3508cd22a0c81a75e21bd1738f11353796764f446489a91ffd0ca35ead7cd2fbec8d43cfec8aac975746164c3cadb8800bf51658fb8fb3c4c6d7be05cb3e16af0dfc59b38a56803e6fe88c432cbb20da1dcfc3a605f0c7c5fe984c5a01e7b073ffad3acaab4961077c4ff0a92b19a0894648df78806cdbae05d0f4e8ff3910b579348f8d32646ba2beb9542962c07d0bfd9c3350436314ae8d428d552ffffe3f50f12d422b9a2f1446582ac417fdbe56dc8cf1768af982b9bcf969e30d0fdd1e35b035d8800636fa15c134ad4f94f92f9a43401c505c5ad64003b9f4ebf77ff472fb6f45d18a7be0cf9b5beb26b26d648836c9b78f8c65a53bcc27959cf9178bbf71445f8cdc334ef31d414f5518e3a10768a97a7628a118279d66b4d81a9447d3060d9d2d09ef4e34063c51d284aee1a77babba353ae7dfdf8f07dd7d3419bbb0fb5eed19c911d8747773b8a5cb71441e2c459fc05e83ce603a021bdd91f004a7e13310144d70c13693852640c67f5a2b8ef8a2e67a5e21a9bc679a664bcbd7f1dbe751a0063f49f803eff2dfbe801a798bb5f5c3eaf14767179b10b71f42a16256e99d5d586440484b6161cc600247464ca29202036b0acc5bfd662dc08adc974219dc6dac3e9286aa8966ad116d3814324a8d06e62afd33ec76ee66d29fb2d332458d7ee0d94a77eb7b269e3d6acd48c5c2f1b820e0d40e6ae53a561188dcda0fba9364073d4aa699cb856c5d30d47587ba80b34c1822f45bb597ffa814f39a462a33195d7ccbfecffa3dfaa29e03a4a5384f469f1b6d2821a57ca3877129d575db6f5b9219c67abf949d06ef41fd3057b39fe02c85d627c162e36", 0xc00, 0x40000002, 0x3}, 0x8)
syz_mount_image$vfat(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x0, 0x0)
04:09:13 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 70)
[ 1678.117438] FAULT_INJECTION: forcing a failure.
[ 1678.117438] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1678.119451] CPU: 1 PID: 9140 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1678.120553] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1678.121875] Call Trace:
[ 1678.122276] dump_stack+0x107/0x167
[ 1678.122847] should_fail.cold+0x5/0xa
[ 1678.123465] ? copyin.part.0+0x112/0x140
[ 1678.124131] copy_page_from_iter+0x74d/0x900
[ 1678.124856] blk_rq_map_user_iov+0x138b/0x1a60
[ 1678.125620] ? copy_user_generic_string+0x2c/0x40
[ 1678.126394] ? iovec_from_user+0x104/0x400
[ 1678.127085] ? blk_rq_unmap_user+0x750/0x750
[ 1678.127789] ? __import_iovec+0x458/0x590
[ 1678.128445] ? import_iovec+0x83/0xb0
[ 1678.129073] sg_common_write.constprop.0+0xba7/0x1a30
[ 1678.129923] ? sg_build_indirect.isra.0+0x710/0x710
[ 1678.130728] ? __might_fault+0x73/0x180
[ 1678.131361] ? lock_downgrade+0x6d0/0x6d0
[ 1678.132024] ? cap_capable+0x1cd/0x230
[ 1678.132657] ? capable+0xe1/0x100
[ 1678.133231] sg_new_write.isra.0+0x529/0x770
[ 1678.133940] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1678.134793] ? lock_downgrade+0x6d0/0x6d0
[ 1678.135463] ? _cond_resched+0x12/0x80
[ 1678.136090] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1678.137007] ? scsi_check_sense+0x10f0/0x10f0
[ 1678.137716] ? perf_trace_lock+0xac/0x490
[ 1678.138383] ? perf_trace_lock+0xac/0x490
[ 1678.139055] sg_ioctl_common+0x828/0x2570
[ 1678.139734] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1678.140565] ? do_vfs_ioctl+0x283/0x10d0
[ 1678.141213] ? sg_write+0x120/0x120
[ 1678.141800] ? generic_block_fiemap+0x60/0x60
[ 1678.142536] ? lock_downgrade+0x6d0/0x6d0
[ 1678.143203] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1678.143990] ? wait_for_completion_io+0x270/0x270
[ 1678.144776] ? selinux_file_ioctl+0xb6/0x270
[ 1678.145481] ? sg_compat_ioctl+0x120/0x120
[ 1678.146176] sg_ioctl+0x8f/0x120
[ 1678.146731] __x64_sys_ioctl+0x19a/0x210
[ 1678.147387] do_syscall_64+0x33/0x40
[ 1678.148001] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1678.148832] RIP: 0033:0x7fde33c83b19
[ 1678.149432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1678.152391] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1678.153616] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1678.154757] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1678.155910] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1678.157058] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1678.158217] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:09:13 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:09:13 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x19, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:09:13 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:09:14 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 71)
04:09:14 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, 0x0, 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:09:14 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
[ 1678.337330] FAULT_INJECTION: forcing a failure.
[ 1678.337330] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1678.339300] CPU: 1 PID: 9160 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1678.340404] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1678.341757] Call Trace:
[ 1678.342182] dump_stack+0x107/0x167
[ 1678.342780] should_fail.cold+0x5/0xa
[ 1678.343423] ? copyin.part.0+0x112/0x140
[ 1678.344093] copy_page_from_iter+0x74d/0x900
[ 1678.344820] blk_rq_map_user_iov+0x138b/0x1a60
[ 1678.345570] ? copy_user_generic_string+0x2c/0x40
[ 1678.346351] ? iovec_from_user+0x104/0x400
[ 1678.347036] ? blk_rq_unmap_user+0x750/0x750
[ 1678.347752] ? __import_iovec+0x458/0x590
[ 1678.348436] ? import_iovec+0x83/0xb0
[ 1678.349053] sg_common_write.constprop.0+0xba7/0x1a30
[ 1678.349881] ? sg_build_indirect.isra.0+0x710/0x710
[ 1678.350675] ? __might_fault+0x73/0x180
[ 1678.351317] ? lock_downgrade+0x6d0/0x6d0
[ 1678.351995] ? cap_capable+0x1cd/0x230
[ 1678.352650] ? capable+0xe1/0x100
[ 1678.353209] sg_new_write.isra.0+0x529/0x770
[ 1678.353926] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1678.354790] ? lock_downgrade+0x6d0/0x6d0
[ 1678.355468] ? _cond_resched+0x12/0x80
[ 1678.356108] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1678.357046] ? scsi_check_sense+0x10f0/0x10f0
[ 1678.357764] ? perf_trace_lock+0xac/0x490
[ 1678.358428] ? perf_trace_lock+0xac/0x490
[ 1678.359095] sg_ioctl_common+0x828/0x2570
[ 1678.359768] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1678.360613] ? do_vfs_ioctl+0x283/0x10d0
[ 1678.361271] ? sg_write+0x120/0x120
[ 1678.361879] ? generic_block_fiemap+0x60/0x60
[ 1678.362588] ? lock_downgrade+0x6d0/0x6d0
[ 1678.363237] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1678.364009] ? wait_for_completion_io+0x270/0x270
[ 1678.364777] ? selinux_file_ioctl+0xb6/0x270
[ 1678.365491] ? sg_compat_ioctl+0x120/0x120
[ 1678.366195] sg_ioctl+0x8f/0x120
[ 1678.366746] __x64_sys_ioctl+0x19a/0x210
[ 1678.367399] do_syscall_64+0x33/0x40
[ 1678.367989] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1678.368834] RIP: 0033:0x7fde33c83b19
[ 1678.369425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1678.372445] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1678.373679] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1678.374831] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1678.375990] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1678.377141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1678.378292] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:09:14 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:09:14 executing program 6:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:09:14 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x1a, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:09:14 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 72)
04:09:14 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
[ 1678.579347] FAULT_INJECTION: forcing a failure.
[ 1678.579347] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1678.581340] CPU: 1 PID: 9175 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1678.582442] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1678.583747] Call Trace:
[ 1678.584159] dump_stack+0x107/0x167
[ 1678.584740] should_fail.cold+0x5/0xa
[ 1678.585334] ? copyin.part.0+0x112/0x140
[ 1678.585997] copy_page_from_iter+0x74d/0x900
[ 1678.586715] blk_rq_map_user_iov+0x138b/0x1a60
[ 1678.587434] ? copy_user_generic_string+0x2c/0x40
[ 1678.588193] ? iovec_from_user+0x104/0x400
[ 1678.588852] ? blk_rq_unmap_user+0x750/0x750
[ 1678.589552] ? __import_iovec+0x458/0x590
[ 1678.590223] ? import_iovec+0x83/0xb0
[ 1678.590820] sg_common_write.constprop.0+0xba7/0x1a30
[ 1678.591643] ? sg_build_indirect.isra.0+0x710/0x710
[ 1678.592427] ? __might_fault+0x73/0x180
[ 1678.593051] ? lock_downgrade+0x6d0/0x6d0
[ 1678.593718] ? cap_capable+0x1cd/0x230
[ 1678.594346] ? capable+0xe1/0x100
[ 1678.594887] sg_new_write.isra.0+0x529/0x770
[ 1678.595589] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1678.596470] ? lock_downgrade+0x6d0/0x6d0
[ 1678.597133] ? _cond_resched+0x12/0x80
[ 1678.597760] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1678.598724] ? scsi_check_sense+0x10f0/0x10f0
[ 1678.599432] ? perf_trace_lock+0xac/0x490
[ 1678.600084] ? perf_trace_lock+0xac/0x490
[ 1678.600733] sg_ioctl_common+0x828/0x2570
[ 1678.601404] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1678.602245] ? do_vfs_ioctl+0x283/0x10d0
[ 1678.602872] ? sg_write+0x120/0x120
[ 1678.603459] ? generic_block_fiemap+0x60/0x60
[ 1678.604168] ? lock_downgrade+0x6d0/0x6d0
[ 1678.604824] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1678.605598] ? wait_for_completion_io+0x270/0x270
[ 1678.606397] ? selinux_file_ioctl+0xb6/0x270
[ 1678.607101] ? sg_compat_ioctl+0x120/0x120
[ 1678.607769] sg_ioctl+0x8f/0x120
[ 1678.608303] __x64_sys_ioctl+0x19a/0x210
[ 1678.608963] do_syscall_64+0x33/0x40
[ 1678.609550] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1678.610379] RIP: 0033:0x7fde33c83b19
[ 1678.610972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1678.614001] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1678.615224] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1678.616394] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1678.617814] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1678.619097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1678.620360] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:09:31 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:09:31 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:09:31 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, 0x0, 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:09:31 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0xb6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x1, @perf_config_ext, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=ANY=[@ANYBLOB="980000002000390400000000000000000200e2ff0dc0c23671f1a964651e4d52c3dc9432e6af519d60c901a7ea83dce8f6a9c36adbbf7c23348ed7953cc12433e6e2f1324bf1187b4e1f5a7bf5116e03f38056144e579e46004fbfb9ae80572129d57aa41a4c792b56978ebd2e72f57ca14145d7bcd879afed4e97abd6910100f2d815f272170c0011000008000000000000bb3e3c7562af739c74b82fd57e7bd51e163e9c2394948632056b9357f234b64631cba457c59e6d0eae9098c89e3c7aa8b1cbc03bd674263161cff69945516e14595dfad881c353d7fb9bbdc2fb19f3306b4f29f5ac8dddb9184da055b9a9547a834f1d619073f3ccf4b3acda5d78a8cff254a2de72f20938d689ca4044e9b0a30200278183e00f05d56ee58c70cc78d1fe11e55c898d61e09dd9cc4bde7d952f33df697d06"], 0x98}}, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f00000003c0)=0x1, 0x4)
close_range(r1, r0, 0x0)
perf_event_open(&(0x7f0000000640)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r0, 0x0)
fcntl$addseals(r1, 0x409, 0x8)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = add_key$keyring(0x0, &(0x7f0000000400)={'syz', 0x2}, 0x0, 0x0, 0x0)
add_key$keyring(&(0x7f00000000c0), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0x0)
r4 = add_key$keyring(&(0x7f0000000080), 0x0, 0x0, 0x0, r3)
r5 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
fcntl$dupfd(r5, 0x0, r5)
readv(r5, &(0x7f0000001a40)=[{&(0x7f0000000000)=""/58, 0x3a}, {&(0x7f0000000440)=""/155, 0x9b}, {&(0x7f0000000800)=""/4096, 0x1000}, {&(0x7f0000000500)=""/239, 0xef}, {&(0x7f0000001800)=""/138, 0x8a}, {&(0x7f00000001c0)=""/71, 0x47}, {&(0x7f0000000040)=""/32, 0x20}, {&(0x7f00000018c0)=""/96, 0x60}, {&(0x7f0000001940)=""/237, 0xed}], 0x9)
request_key(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000340)={'syz', 0x2}, &(0x7f0000000380)='\x00', r4)
ioctl$KDSKBENT(r2, 0x4b47, &(0x7f0000000140)={0x6, 0x1, 0x200})
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x41, &(0x7f0000001b00), 0x4)
ioctl$GIO_FONTX(r2, 0x4b6b, &(0x7f0000000600)={0xc8, 0xf, &(0x7f0000001e00)})
add_key$keyring(&(0x7f0000000100), &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0, 0x0)
unshare(0x48020200)
04:09:31 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x1b, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
[ 1695.519605] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.0'.
04:09:31 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:09:31 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 73)
04:09:31 executing program 6:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x11, &(0x7f0000000000)=0x7b90eaf2, 0x4)
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
listen(r1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000140)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r2=>0xffffffffffffffff, @ANYBLOB="00000000000000002e2f666926d1ee385009f5ffee9fd94f148ef9f7e1b7c341ef9932668fc2199e57fac6d5ffe8901b9a68e154f8a907cea2f708a9d2018c53ffa2784485d83daf8ed3237925181294aa111ff20abe0e4ea9ea9f92ce3efb7e9e5eedba6809"])
ioctl$AUTOFS_DEV_IOCTL_FAIL(r2, 0xc0189377, &(0x7f0000000100)={{0x1, 0x1, 0x18, r1, {0x1, 0x80000000}}, './file0\x00'})
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
[ 1695.536334] FAULT_INJECTION: forcing a failure.
[ 1695.536334] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1695.539606] CPU: 0 PID: 9199 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1695.541048] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1695.542804] Call Trace:
[ 1695.543363] dump_stack+0x107/0x167
[ 1695.544138] should_fail.cold+0x5/0xa
[ 1695.544953] ? copyin.part.0+0x112/0x140
[ 1695.545801] copy_page_from_iter+0x74d/0x900
[ 1695.546764] blk_rq_map_user_iov+0x138b/0x1a60
[ 1695.547722] ? copy_user_generic_string+0x2c/0x40
[ 1695.548743] ? iovec_from_user+0x104/0x400
[ 1695.549640] ? blk_rq_unmap_user+0x750/0x750
[ 1695.550595] ? __import_iovec+0x458/0x590
[ 1695.551481] ? import_iovec+0x83/0xb0
[ 1695.552286] sg_common_write.constprop.0+0xba7/0x1a30
[ 1695.553380] ? sg_build_indirect.isra.0+0x710/0x710
[ 1695.554461] ? __might_fault+0x73/0x180
[ 1695.555299] ? lock_downgrade+0x6d0/0x6d0
[ 1695.556172] ? cap_capable+0x1cd/0x230
[ 1695.557020] ? capable+0xe1/0x100
[ 1695.557759] sg_new_write.isra.0+0x529/0x770
[ 1695.558711] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1695.559869] ? lock_downgrade+0x6d0/0x6d0
[ 1695.560776] ? _cond_resched+0x12/0x80
[ 1695.561592] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1695.562822] ? scsi_check_sense+0x10f0/0x10f0
[ 1695.563776] ? perf_trace_lock+0xac/0x490
[ 1695.564652] ? perf_trace_lock+0xac/0x490
[ 1695.565528] sg_ioctl_common+0x828/0x2570
[ 1695.566431] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1695.567531] ? do_vfs_ioctl+0x283/0x10d0
[ 1695.568398] ? sg_write+0x120/0x120
[ 1695.569157] ? generic_block_fiemap+0x60/0x60
[ 1695.570096] ? lock_downgrade+0x6d0/0x6d0
[ 1695.571023] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1695.572047] ? wait_for_completion_io+0x270/0x270
[ 1695.573071] ? selinux_file_ioctl+0xb6/0x270
[ 1695.574000] ? sg_compat_ioctl+0x120/0x120
[ 1695.574904] sg_ioctl+0x8f/0x120
[ 1695.575640] __x64_sys_ioctl+0x19a/0x210
[ 1695.576514] do_syscall_64+0x33/0x40
[ 1695.577292] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1695.578426] RIP: 0033:0x7fde33c83b19
[ 1695.579206] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1695.583129] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1695.584722] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1695.586233] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1695.587753] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1695.589450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1695.590986] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:09:31 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x1, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:09:31 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x1c, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
[ 1696.327740] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.0'.
04:09:45 executing program 0:
syz_open_procfs(0x0, &(0x7f00000000c0)='net/raw6\x00')
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='ns\x00')
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0xc}, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$inet6_udp(0xa, 0x2, 0x0)
r1 = creat(&(0x7f0000000000)='./file2\x00', 0x0)
fcntl$setlease(r1, 0x400, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, 0x0)
r3 = socket$inet(0x2, 0xa, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_FADVISE={0x18, 0x2, 0x0, @fd=r3, 0x9, 0x0, 0x8, 0x5}, 0xfff)
dup3(0xffffffffffffffff, r2, 0x0)
fork()
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'sit0\x00'})
ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, &(0x7f0000000240)=ANY=[@ANYBLOB="ffffffff0000000001000000000000000400000000000000", @ANYRES32, @ANYBLOB="00000000000003775159ffff000000000000e5ffffff000000000000", @ANYRES32=r0, @ANYBLOB="00000000920e0000dfa80000000000000000000018eb204a449e630c4dd95b89c1e2fe00000000000000", @ANYRES32, @ANYBLOB="00000000ffffff7f0000089700"/28, @ANYRES32, @ANYBLOB="d60000020000000000000f000000000040080000"])
r4 = fork()
ptrace(0x10, r4)
ptrace$cont(0x1f, r4, 0x68c, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r5, 0x8914, &(0x7f0000000140)={'lo\x00'})
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
04:09:45 executing program 3:
r0 = syz_open_dev$mouse(&(0x7f0000000200), 0x1000, 0xa0b40)
ioctl$FICLONERANGE(0xffffffffffffffff, 0x4020940d, &(0x7f0000000240)={{r0}, 0x3, 0x100000001})
r1 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r1}, &(0x7f0000000040))
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000001c0)=<r2=>0x0)
perf_event_open(&(0x7f0000000100)={0x3, 0x80, 0x9, 0x5, 0x5e, 0x6, 0x0, 0x4a9, 0x80, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x4, @perf_bp={&(0x7f00000000c0), 0x8}, 0x14004, 0x5, 0x1000009, 0x3, 0x800, 0x9, 0x8, 0x0, 0x5, 0x0, 0x5}, r2, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
timer_create(0x3, 0x0, &(0x7f0000000040)=<r3=>0x0)
timer_settime(r3, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timer_create(0x3, 0x0, &(0x7f0000000040)=<r4=>0x0)
timer_settime(r4, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timer_gettime(r4, &(0x7f00000004c0))
clock_gettime(0x0, &(0x7f0000000180)={<r5=>0x0, <r6=>0x0})
clock_gettime(0x0, &(0x7f00000002c0)={<r7=>0x0, <r8=>0x0})
timer_settime(r3, 0x0, &(0x7f0000000280)={{r5, r6+60000000}, {r7, r8+10000000}}, 0x0)
r9 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r9, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
timer_create(0x5, &(0x7f0000000400)={0x0, 0x3d, 0x0, @thr={&(0x7f0000000300)="981a8a32ca7436f891e95396ca9b39f077217c72782cf18efe7c59d1bc89e39cc175b5e8f87485548dc4082565ec43b900b9fa3e50ecfa984462579bd8056e843aef6aa1410471992af43e059ddbb0df05f120ecb12100e4b4f480b480afaf9ac24f104505644c54dd9daa26b7838d982e85", &(0x7f0000000380)="e5e823d786042e166bd09b533a248488c98c4e76871365e3cce9e4e825b9f376ef3ccd0e9f48b6595c62c63314df7a820f2e2d610126567d956960e247f2b23ccca39b5d328750f4236ba11b7f0598828321b2e6c3a841959fe496da61"}}, &(0x7f0000000440))
connect$bt_l2cap(r9, &(0x7f0000000000)={0x1f, 0x0, @none, 0x3}, 0xe)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000500)=ANY=[@ANYBLOB="010000180000000000000000", @ANYRES32=<r10=>r9, @ANYBLOB='?\x00\x00\x00\x00\x00\x00\x00./file0\x00'])
mq_timedsend(r10, &(0x7f0000000540)="dd17468da4e8933133c36044045cdca5f2fa869c0e9aec3892b7043bc0e378a0eb1c8f38e9a275ee0a54f7828932010e4e1b90d9a4696f17fcf5343a7c30ff9a117d25afac28fe7934449afb21e3e76c6ba1ee374b8c1808a6cead2c1edcc6417a8ac15e3a1709933bfc5b88d0d214bc3e87f054dde44e511f538e1b2ddd380a04c0c5bd50055853bf3e813f7c6e3d88ca472f80287f05b49e62df55a2edd115fbb9c7ae89c7f16d1048b56f26a791e9337500eb1a0ea27406b168d0", 0xbc, 0x1, 0x0)
04:09:45 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:09:45 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:09:45 executing program 6:
perf_event_open(&(0x7f0000000140)={0x0, 0x80, 0x8, 0x6, 0x7f, 0x6, 0x0, 0x8, 0x4010, 0x2, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1ff, 0x2, @perf_bp={&(0x7f0000000080), 0x2}, 0x49024, 0x2, 0x2, 0x1, 0xffffffff, 0x200, 0x7, 0x0, 0x401, 0x0, 0x9}, 0xffffffffffffffff, 0x2, 0xffffffffffffffff, 0x2)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0xfffffffffffffffd, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="01434430303101004c494e55582020202020202020202020202020202020202020202020202020204344524f4d2020202020202020202020202020202020202020202020202020200000000000000000b8000000000000b80000000000000000000000000000000000000000000000000000000000000000010000010100000100080800180000000000001813000000000000000000001500000000220017", 0x9f, 0x8000}, {&(0x7f0000010900)="8800170000000000001700080000000008007809140b2a3a0802000001000001010053500701beef005252050181505824016d4100000000416d03000000000000030000000000000000000000000000000054461a010e7809140b2a3a087809140b2a3a087809140b2a3a0843451c0119", 0x71, 0xb800}], 0x0, &(0x7f0000000040)={[{@check_strict}, {@hide}, {@check_strict}, {@map_normal}]})
04:09:45 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b7080000"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:09:45 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x1d, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:09:45 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 74)
[ 1709.338161] FAULT_INJECTION: forcing a failure.
[ 1709.338161] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1709.339663] CPU: 1 PID: 9232 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1709.340495] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1709.341463] Call Trace:
[ 1709.341789] dump_stack+0x107/0x167
[ 1709.342233] should_fail.cold+0x5/0xa
[ 1709.342698] ? copyin.part.0+0x112/0x140
[ 1709.343203] copy_page_from_iter+0x74d/0x900
[ 1709.343751] blk_rq_map_user_iov+0x138b/0x1a60
[ 1709.344325] ? copy_user_generic_string+0x2c/0x40
[ 1709.344901] ? iovec_from_user+0x104/0x400
[ 1709.345402] ? blk_rq_unmap_user+0x750/0x750
[ 1709.345923] ? __import_iovec+0x458/0x590
[ 1709.346424] ? import_iovec+0x83/0xb0
[ 1709.346900] sg_common_write.constprop.0+0xba7/0x1a30
[ 1709.347525] ? sg_build_indirect.isra.0+0x710/0x710
[ 1709.348115] ? __might_fault+0x73/0x180
[ 1709.348595] ? lock_downgrade+0x6d0/0x6d0
[ 1709.349090] ? cap_capable+0x1cd/0x230
[ 1709.349562] ? capable+0xe1/0x100
[ 1709.350005] sg_new_write.isra.0+0x529/0x770
[ 1709.350540] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1709.351507] ? lock_downgrade+0x6d0/0x6d0
[ 1709.352182] ? _cond_resched+0x12/0x80
[ 1709.352763] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1709.353753] ? scsi_check_sense+0x10f0/0x10f0
[ 1709.354402] ? perf_trace_lock+0xac/0x490
[ 1709.355025] ? SOFTIRQ_verbose+0x10/0x10
[ 1709.355644] sg_ioctl_common+0x828/0x2570
[ 1709.356365] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1709.357284] ? do_vfs_ioctl+0x283/0x10d0
[ 1709.358098] ? sg_write+0x120/0x120
[ 1709.358715] ? generic_block_fiemap+0x60/0x60
[ 1709.359516] ? lock_downgrade+0x6d0/0x6d0
[ 1709.360316] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1709.361020] ? wait_for_completion_io+0x270/0x270
[ 1709.361741] ? selinux_file_ioctl+0xb6/0x270
[ 1709.362389] ? sg_compat_ioctl+0x120/0x120
[ 1709.363014] sg_ioctl+0x8f/0x120
[ 1709.363509] __x64_sys_ioctl+0x19a/0x210
[ 1709.364117] do_syscall_64+0x33/0x40
[ 1709.364657] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1709.365416] RIP: 0033:0x7fde33c83b19
[ 1709.365991] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1709.368695] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1709.369808] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1709.370855] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1709.371895] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1709.372926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1709.373959] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:09:45 executing program 6:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x7}, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000340)={<r2=>0x0}, &(0x7f0000000380)=0xc)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
setresuid(0x0, 0x0, r3)
r4 = syz_open_dev$mouse(&(0x7f0000000000), 0x7, 0x4a000)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r4, 0x2405, r0)
sendmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r2, r3}}}], 0x20}, 0x0)
clone3(&(0x7f0000001e00)={0x21240400, &(0x7f00000001c0), &(0x7f0000001bc0), &(0x7f0000001b80), {0x1b}, &(0x7f0000001f00)=""/149, 0x95, &(0x7f0000001d00)=""/170, &(0x7f0000001dc0)=[0x0, r2, 0xffffffffffffffff], 0x53}, 0x58)
r5 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8000000000000, 0xfffffffffffffffe}, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0xfffc}, r2, 0xffffffffffffffff, r0, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(r0, 0x2401, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x13, r5, 0x0)
04:09:45 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
[ 1711.384991] Bluetooth: hci7: command 0x0405 tx timeout
04:10:04 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x1e, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:10:04 executing program 6:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
r0 = epoll_create1(0x0)
r1 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
r2 = pidfd_open(0x0, 0x0)
fcntl$setstatus(r2, 0x4, 0x800)
r3 = socket$inet6(0xa, 0x8, 0x1)
lseek(r3, 0x2, 0x0)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x20000000}, 0x80)
r4 = epoll_create(0x3ff)
r5 = perf_event_open(&(0x7f0000001d80)={0x3, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8405a, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000300), 0x8}, 0x5, 0x80, 0x1, 0x6, 0x0, 0x0, 0x0, 0x0, 0x1b5, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
ioctl$TIOCL_SELLOADLUT(r1, 0x541c, &(0x7f0000000000)={0x5, 0xfff, 0x8, 0x7, 0x6})
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r0, &(0x7f0000000200)={0x20000001})
dup2(r5, r0)
04:10:04 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:10:04 executing program 3:
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, &(0x7f00000001c0)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:10:04 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:10:04 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 75)
04:10:04 executing program 0:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0x1000000000, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8120}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0)
fallocate(0xffffffffffffffff, 0xa, 0x62c, 0x10000000005)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0x0)
ioctl$PERF_EVENT_IOC_QUERY_BPF(0xffffffffffffffff, 0xc008240a, &(0x7f0000000040)={0x4, 0x0, [0x0, 0x0, 0x0, 0x0]})
sendfile(r0, r1, &(0x7f0000001600)=0xf3, 0x80)
r3 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x100000001)
04:10:04 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b7080000"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
[ 1728.554278] FAULT_INJECTION: forcing a failure.
[ 1728.554278] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1728.556894] CPU: 1 PID: 9269 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1728.558484] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1728.560507] Call Trace:
[ 1728.561185] dump_stack+0x107/0x167
[ 1728.561997] should_fail.cold+0x5/0xa
[ 1728.562973] ? copyin.part.0+0x112/0x140
[ 1728.563885] copy_page_from_iter+0x74d/0x900
[ 1728.564880] blk_rq_map_user_iov+0x138b/0x1a60
[ 1728.565901] ? copy_user_generic_string+0x2c/0x40
[ 1728.566978] ? iovec_from_user+0x104/0x400
[ 1728.567919] ? blk_rq_unmap_user+0x750/0x750
[ 1728.568899] ? __import_iovec+0x458/0x590
[ 1728.569827] ? import_iovec+0x83/0xb0
[ 1728.570681] sg_common_write.constprop.0+0xba7/0x1a30
[ 1728.571842] ? sg_build_indirect.isra.0+0x710/0x710
[ 1728.572945] ? __might_fault+0x73/0x180
[ 1728.573826] ? lock_downgrade+0x6d0/0x6d0
[ 1728.574742] ? cap_capable+0x1cd/0x230
[ 1728.575627] ? capable+0xe1/0x100
[ 1728.576390] sg_new_write.isra.0+0x529/0x770
[ 1728.577363] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1728.578552] ? lock_downgrade+0x6d0/0x6d0
[ 1728.579488] ? _cond_resched+0x12/0x80
[ 1728.580348] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1728.581602] ? scsi_check_sense+0x10f0/0x10f0
[ 1728.582587] ? perf_trace_lock+0xac/0x490
[ 1728.583508] ? SOFTIRQ_verbose+0x10/0x10
[ 1728.584412] sg_ioctl_common+0x828/0x2570
[ 1728.585340] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1728.586475] ? do_vfs_ioctl+0x283/0x10d0
[ 1728.587391] ? sg_write+0x120/0x120
[ 1728.588191] ? generic_block_fiemap+0x60/0x60
[ 1728.589173] ? lock_downgrade+0x6d0/0x6d0
[ 1728.590092] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1728.591159] ? wait_for_completion_io+0x270/0x270
[ 1728.592244] ? selinux_file_ioctl+0xb6/0x270
[ 1728.593208] ? sg_compat_ioctl+0x120/0x120
[ 1728.594129] sg_ioctl+0x8f/0x120
[ 1728.594866] __x64_sys_ioctl+0x19a/0x210
[ 1728.595767] do_syscall_64+0x33/0x40
[ 1728.596582] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1728.597690] RIP: 0033:0x7fde33c83b19
[ 1728.598501] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1728.602494] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1728.604435] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1728.606230] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1728.608047] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1728.609540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1728.610981] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:10:04 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x21, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:10:04 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r1 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r2 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r1}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r2, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(0xffffffffffffffff, &(0x7f0000002e00)=""/4102)
r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r3, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:10:04 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b7080000"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:10:04 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x82000, 0x80)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:10:04 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r1 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r2 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r1}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r2, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(0xffffffffffffffff, &(0x7f0000002e00)=""/4102)
r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r3, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:10:04 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:10:04 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x3, @fixed, 0x3}, 0xe)
04:10:04 executing program 6:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x11, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, @perf_config_ext={0x8, 0x7}, 0x10, 0xffffffffffffffff, 0x0, 0x3, 0x1, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f00000000c0))
r1 = syz_open_procfs(0x0, &(0x7f0000001580)='net/snmp\x00')
readv(r1, &(0x7f0000000000)=[{&(0x7f0000001780)=""/251, 0xfb}, {&(0x7f0000001880)=""/102, 0x66}, {&(0x7f0000001900)=""/130, 0x82}, {&(0x7f00000019c0)=""/95, 0x5f}], 0x4)
readv(r1, &(0x7f0000001600)=[{&(0x7f00000004c0)=""/4096, 0x1000}], 0x1)
r2 = syz_open_procfs(0x0, &(0x7f0000000340)='net/raw\x00')
ioctl$FIONREAD(r2, 0x6801, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r1, 0xc0189372, &(0x7f0000000340)=ANY=[])
getdents(0xffffffffffffffff, &(0x7f0000000380)=""/215, 0xd7)
fsetxattr$trusted_overlay_nlink(r0, &(0x7f0000000280), &(0x7f0000000180)={'L+', 0x7ffffffd}, 0x16, 0x2)
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0/file1\x00', 0x0)
mount$9p_unix(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x173000, 0x0)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x0)
fsetxattr$security_selinux(r3, &(0x7f0000000240), &(0x7f00000002c0)='system_u:object_r:dlm_control_device_t:s0\x00', 0x2a, 0x6a4e5309ea842515)
write$P9_RXATTRCREATE(r2, &(0x7f0000000200)={0x7, 0x21, 0x1}, 0x7)
r4 = openat$bsg(0xffffffffffffff9c, &(0x7f00000014c0), 0x103, 0x0)
getdents64(r4, &(0x7f0000001500)=""/125, 0x7d)
mkdir(&(0x7f0000000300)='./file0/file0\x00', 0x0)
unshare(0x48020200)
04:10:20 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040)=<r1=>0x0)
sched_getscheduler(r0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timer_settime(r1, 0x0, &(0x7f00000001c0)={{0x77359400}}, &(0x7f0000000200))
timer_gettime(r1, &(0x7f0000000140))
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000580)={&(0x7f0000000280)=ANY=[@ANYBLOB="c80200001600020026bd7000fddbdf251700000014009600fc0200000000f5ff000000000000000118d58c37b06efc6233382872868f5dfd06774fe4d9cf08c9a8cc49bb99805cd1598ed2e694cd0a0c9237bde018423f577813a3ceba3c7b0846352e607b09f7fa6e986273251fbca19de9d63b492a85b48365d56e166f32a219ad3b0602b189e1f1a465e1f3ce1bd3f9365c7eee5cc3cf1b01d843e506299d8566b369093dace60c0d0f11896f269e583aff47c1a5df7808ebda761921f8946f05249ae68d85e1d3a428ff6e6b0e7f9d0a65518b264eb6000d80bf7c761bde8c07aabe3203e73de36095d293fd6fb051f192db44bd3ee306c5b52d3d7997ec4081743b4a30e4d9698e5602dd658b56cac61a1ffcc48582aea71375985a791235e85e5eb1364deffb45f4a0389a57fafb8e9be6bc6a3e1cfab52b18e5a46ce6ed60266539fdde68c95c94e1a18bc4e2a3bc9bb7a211b63c1693d2246dfbbcc4745d3acc4580c13fe9c1bbe50a931b3c6119e983aaf35b92fde5832c61e281f618e1027ad8ae1a0041cbd97b8c0000900013808a00630019e0076c14eb84ce4ca709889bb98fe20e7cd88bf10f3bc22132c3c345013b5aa0aacc2b0c99be28d24aefca84985c09c43f952ff3fa48e016a854b0fb0c87fb9ab07460d985dab2ec10a06eacdf0c381c419af6349f4f87db42359ea274150afe118d8b74d51f6c17acf84870d24c34ece74678e8337af2530000f7619b976552bc17bd903c9fc244b6a4a35c58398562615d21413cdf643a61382f3e7a4e0382b511cc59c6411c956d3ede2196db49c60864d10f5eb111f48adab77fee138777fe7d0197481dbb01189f955111f63083b990060000003bb28a8415fdf6df569cc7d19b59ac62fed7f587cd735748bfb38e511c727199f442b636c1bc484182493d5d8dc54716a1eb0edeaf9fb019c1612d586547d6b52898b417ab8d42c37967139c00"], 0x2c8}, 0x1, 0x0, 0x0, 0x20004811}, 0x4)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
timer_settime(r1, 0x0, &(0x7f00000000c0)={{0x0, 0x3938700}, {0x77359400}}, &(0x7f0000000100))
bind$bt_l2cap(r2, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:10:20 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:10:20 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
fallocate(0xffffffffffffffff, 0x2, 0x100000000000000, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x10002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000200)={'gretap0\x00', 0x0})
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
syz_io_uring_setup(0x84a, &(0x7f0000000240)={0x0, 0x0, 0x4, 0x1, 0x10000284}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200), &(0x7f0000000100))
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x47e2, 0x12e)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2, 0x1010, r2, 0x0)
r4 = syz_io_uring_complete(r3)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x1, 0x2004, @fd=r4, 0xfffffffffffff801, 0x0, 0x0, 0x1}, 0x80000001)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet6(r1, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000080)='K', 0x1}], 0x1}}], 0x7ffff000, 0x0)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
dup(r1)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000007780)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000080}, 0x20000000)
fspick(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
04:10:20 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 76)
04:10:20 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r1 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r2 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r1}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r2, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(0xffffffffffffffff, &(0x7f0000002e00)=""/4102)
r3 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r3, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:10:20 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x22, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:10:20 executing program 6:
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./mnt\x00', 0x100000000000001, 0x0, 0x0, 0x2000080, 0x0)
syz_mount_image$nfs4(0x0, &(0x7f00000010c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000004c0)='mnt/encrypted_dir\x00', 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
rename(&(0x7f0000000180)='mnt/encrypted_dir\x00', &(0x7f0000000040)='./file0/file0\x00')
04:10:20 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
[ 1744.653647] FAULT_INJECTION: forcing a failure.
[ 1744.653647] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1744.656433] CPU: 1 PID: 9309 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1744.658022] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1744.659948] Call Trace:
[ 1744.660560] dump_stack+0x107/0x167
[ 1744.661405] should_fail.cold+0x5/0xa
[ 1744.662282] ? copyin.part.0+0x112/0x140
[ 1744.663229] copy_page_from_iter+0x74d/0x900
[ 1744.664272] blk_rq_map_user_iov+0x138b/0x1a60
[ 1744.665335] ? copy_user_generic_string+0x2c/0x40
[ 1744.666462] ? iovec_from_user+0x104/0x400
[ 1744.667441] ? blk_rq_unmap_user+0x750/0x750
[ 1744.668478] ? __import_iovec+0x458/0x590
[ 1744.669450] ? import_iovec+0x83/0xb0
[ 1744.670338] sg_common_write.constprop.0+0xba7/0x1a30
[ 1744.671541] ? sg_build_indirect.isra.0+0x710/0x710
[ 1744.672706] ? __might_fault+0x73/0x180
[ 1744.673627] ? lock_downgrade+0x6d0/0x6d0
[ 1744.674590] ? cap_capable+0x1cd/0x230
[ 1744.675504] ? capable+0xe1/0x100
[ 1744.676319] sg_new_write.isra.0+0x529/0x770
[ 1744.677341] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1744.678587] ? lock_downgrade+0x6d0/0x6d0
[ 1744.679562] ? _cond_resched+0x12/0x80
[ 1744.680471] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1744.681798] ? scsi_check_sense+0x10f0/0x10f0
[ 1744.682832] ? perf_trace_lock+0xac/0x490
[ 1744.683789] ? perf_trace_lock+0xac/0x490
[ 1744.684769] sg_ioctl_common+0x828/0x2570
[ 1744.685732] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1744.686924] ? do_vfs_ioctl+0x283/0x10d0
[ 1744.687860] ? sg_write+0x120/0x120
[ 1744.688709] ? generic_block_fiemap+0x60/0x60
[ 1744.689743] ? lock_downgrade+0x6d0/0x6d0
[ 1744.690704] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1744.691826] ? wait_for_completion_io+0x270/0x270
[ 1744.692958] ? selinux_file_ioctl+0xb6/0x270
[ 1744.693971] ? sg_compat_ioctl+0x120/0x120
[ 1744.694947] sg_ioctl+0x8f/0x120
[ 1744.695730] __x64_sys_ioctl+0x19a/0x210
[ 1744.696698] do_syscall_64+0x33/0x40
[ 1744.697562] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1744.698746] RIP: 0033:0x7fde33c83b19
[ 1744.699604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1744.703870] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1744.705642] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1744.707290] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1744.708943] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1744.710588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1744.712245] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:10:20 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x89)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x13, r0, 0x0)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r2 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x13, r2, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000280)=ANY=[], 0xfdef)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x880, 0x0)
ioctl$BTRFS_IOC_LOGICAL_INO_V2(r3, 0xc038943b, &(0x7f0000000100)={0x5, 0x28, '\x00', 0x1, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0]})
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0xfffc}, 0x0, 0xffdfffffffffffff, 0xffffffffffffffff, 0x3)
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)
04:10:20 executing program 6:
syz_80211_inject_frame(&(0x7f00000000c0), &(0x7f0000000000)=ANY=[@ANYRESDEC=0x0], 0x3f)
syz_80211_inject_frame(&(0x7f0000000040)=@broadcast, &(0x7f0000000200)=@mgmt_frame=@assoc_req={@with_ht={{{0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1}, {0x4}, @broadcast, @broadcast, @initial, {0x4}}, @ver_80211n={0x0, 0x1, 0x2, 0x3, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1}}, 0x4000, 0x1, {0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x1, [{0x60}]}, @val={0x2d, 0x1a, {0x8000, 0x0, 0x7, 0x0, {0x3, 0x80, 0x0, 0x5, 0x0, 0x1, 0x1, 0x2}, 0x7f640b0422e136b2, 0xffff}}, [{0xdd, 0x3d, "5a532353b259b8503196d4d7b90b6c681e4aa9f4e2042ba349ee4c18f5e1c53761bbcbb9cb311fa762a0b64e8fe032606214bceec0a2de0500854c122f"}, {0xdd, 0x57, "f33838f3a8c43e0be8da3a59a5b312d740d459db7b56215f8e1096820a0d911983d5cd15808c8125a8e1e5cc217b0b5252a08cfc835fbbc5d498f902ce38e726d460cd1d0e9c39656467c16f06daa77982b7f216c56bf9"}, {0xdd, 0x58, "bb85894be0f1a2ebd3d9c9334d66388e74089497cc752aa5d4eaf09354f930b98c51937d3c14b537e6cec9f6ac862578b9c33bb96bfc486fbae9bf856f62a441482e1b40cdf4050036125965efcca34b83d8a7042202e3dc"}]}, 0x139)
04:10:20 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:10:20 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x23, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:10:20 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 77)
04:10:20 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, 0x0)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
[ 1744.932606] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1744.950611] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
04:10:20 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
[ 1744.971506] FAULT_INJECTION: forcing a failure.
[ 1744.971506] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1744.974325] CPU: 1 PID: 9339 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1744.975914] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1744.977820] Call Trace:
[ 1744.978435] dump_stack+0x107/0x167
[ 1744.979280] should_fail.cold+0x5/0xa
[ 1744.980167] ? copyin.part.0+0x112/0x140
[ 1744.981125] copy_page_from_iter+0x74d/0x900
[ 1744.982159] blk_rq_map_user_iov+0x138b/0x1a60
[ 1744.983222] ? iovec_from_user+0x16b/0x400
[ 1744.984207] ? __sanitizer_cov_trace_pc+0x4e/0x60
[ 1744.985318] ? iovec_from_user+0x104/0x400
[ 1744.986293] ? blk_rq_unmap_user+0x750/0x750
[ 1744.987312] ? __import_iovec+0x458/0x590
[ 1744.988291] ? import_iovec+0x83/0xb0
[ 1744.989182] sg_common_write.constprop.0+0xba7/0x1a30
[ 1744.990395] ? sg_build_indirect.isra.0+0x710/0x710
[ 1744.991544] ? __might_fault+0x73/0x180
[ 1744.992469] ? lock_downgrade+0x6d0/0x6d0
[ 1744.993431] ? cap_capable+0x1cd/0x230
[ 1744.994343] ? capable+0xe1/0x100
[ 1744.995150] sg_new_write.isra.0+0x529/0x770
[ 1744.996178] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1744.997426] ? lock_downgrade+0x6d0/0x6d0
[ 1744.998411] ? _cond_resched+0x12/0x80
[ 1744.999324] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1745.000659] ? scsi_check_sense+0x10f0/0x10f0
[ 1745.001695] ? perf_trace_lock+0xac/0x490
[ 1745.002650] ? SOFTIRQ_verbose+0x10/0x10
[ 1745.003600] sg_ioctl_common+0x828/0x2570
[ 1745.004566] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1745.005766] ? do_vfs_ioctl+0x283/0x10d0
[ 1745.006710] ? sg_write+0x120/0x120
[ 1745.007550] ? generic_block_fiemap+0x60/0x60
[ 1745.008594] ? lock_downgrade+0x6d0/0x6d0
[ 1745.009552] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1745.010667] ? wait_for_completion_io+0x270/0x270
[ 1745.011790] ? selinux_file_ioctl+0xb6/0x270
[ 1745.012808] ? sg_compat_ioctl+0x120/0x120
[ 1745.013783] sg_ioctl+0x8f/0x120
[ 1745.014567] __x64_sys_ioctl+0x19a/0x210
[ 1745.015513] do_syscall_64+0x33/0x40
[ 1745.016380] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1745.017561] RIP: 0033:0x7fde33c83b19
[ 1745.018422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1745.022678] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1745.024447] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1745.026095] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1745.027743] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1745.029397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1745.031041] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:10:20 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
[ 1745.258605] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
04:10:34 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 78)
[ 1759.242678] FAULT_INJECTION: forcing a failure.
[ 1759.242678] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1759.245353] CPU: 1 PID: 9352 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1759.246905] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1759.248798] Call Trace:
[ 1759.249394] dump_stack+0x107/0x167
[ 1759.250226] should_fail.cold+0x5/0xa
[ 1759.251089] ? copyin.part.0+0x112/0x140
[ 1759.252013] copy_page_from_iter+0x74d/0x900
[ 1759.253037] blk_rq_map_user_iov+0x138b/0x1a60
[ 1759.254083] ? iovec_from_user+0x199/0x400
[ 1759.255060] ? __sanitizer_cov_trace_pc+0x4/0x60
[ 1759.256140] ? iovec_from_user+0x104/0x400
[ 1759.257117] ? blk_rq_unmap_user+0x750/0x750
[ 1759.258124] ? __import_iovec+0x458/0x590
[ 1759.259078] ? import_iovec+0x83/0xb0
[ 1759.259960] sg_common_write.constprop.0+0xba7/0x1a30
[ 1759.261162] ? sg_build_indirect.isra.0+0x710/0x710
[ 1759.262316] ? __might_fault+0x73/0x180
[ 1759.263239] ? lock_downgrade+0x6d0/0x6d0
[ 1759.264201] ? cap_capable+0x1cd/0x230
[ 1759.265132] ? capable+0xe1/0x100
[ 1759.265938] sg_new_write.isra.0+0x529/0x770
[ 1759.266958] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1759.268199] ? lock_downgrade+0x6d0/0x6d0
[ 1759.269185] ? _cond_resched+0x12/0x80
[ 1759.270095] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1759.271447] ? scsi_check_sense+0x10f0/0x10f0
[ 1759.272498] ? perf_trace_lock+0xac/0x490
[ 1759.273466] ? perf_trace_lock+0xac/0x490
[ 1759.274707] sg_ioctl_common+0x828/0x2570
[ 1759.275690] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1759.276896] ? do_vfs_ioctl+0x283/0x10d0
[ 1759.277839] ? sg_write+0x120/0x120
[ 1759.278862] ? generic_block_fiemap+0x60/0x60
04:10:34 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x4, 0x0})
ioctl$BLKDISCARD(r1, 0x1277, &(0x7f0000000500)=0x3)
r2 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r2}, &(0x7f0000000040)=<r3=>0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timer_settime(r3, 0x1, &(0x7f0000000100)={{0x0, 0x989680}, {0x77359400}}, &(0x7f0000000140))
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r5 = syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r6=>0x0, &(0x7f0000000140)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r5, 0xbb3, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1, 0x1}, 0x0)
syz_io_uring_submit(0x0, r7, &(0x7f0000000480)=@IORING_OP_SENDMSG={0x9, 0x5, 0x0, r4, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)=@ax25={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x3}, [@null, @default, @default, @bcast, @null, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast]}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000240)="67526986b484c14ca381b4af57850c692f8da9988efe8f124f5b6d9d7095a29685678902a44c00e8223ddad63be068339e110323af67e012f0e0bab4a7908cd7bd892e3aadda860b1ac77d6833ef475e2dfefab64de18327c2b98150902025fe1ed1ea5a40305784bc041d55bc996096e6b6cfcd7fcdbe8099c94988e1c9781155aa9446892f24d95574b291d607e811088c75df8fd2a5fd279a234e9a5cd73c8ab6aec0d13e9c6a1b23af590839ac93430c60d06d4e2c69", 0xb8}], 0x1, &(0x7f0000000340)=[{0xd0, 0x97d055001d281673, 0x9, "02482ab06b7c3b09bbf2160971c30a8694da9fcd208816a39c3c0dc014c1c23ab573da31ef97b448b9dac776cdea0989e8b6a1250b956fcb79d8be2848cb451a891b4d7cd40c493853a94dced621cd2b85824749c5d422da5b0d13c768fb26accfa4b2a59e5279cd36f85f079da541cb5c475a838fbfef2daf227473c90266a9a75747dd26d3e34cbbdace90e264b809353a252648859e4b67db9ad8e532f079529df1fc691a010ec8c767bd1bfea5e6a40ef033242c2cd12ea665c5a800af"}], 0xd0}, 0x0, 0x20000000}, 0x1ff)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, 0x2, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0xfffb}, 0xe)
r8 = inotify_init1(0x80800)
syz_io_uring_submit(r6, r7, &(0x7f00000004c0)=@IORING_OP_SPLICE={0x1e, 0x2, 0x0, @fd=r8, 0x6000, {0x0, r5}, 0xffffffe0, 0xd, 0x0, {0x0, 0x0, r4}}, 0x5)
connect$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:10:34 executing program 6:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x0)
openat$hpet(0xffffffffffffff9c, &(0x7f0000000340), 0x20000, 0x0)
r1 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa20a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
r3 = dup(0xffffffffffffffff)
pwrite64(r0, &(0x7f0000000340), 0x0, 0x0)
flock(r0, 0x1)
openat(r2, &(0x7f00000001c0)='./file1/file0\x00', 0x4000, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
fcntl$F_GET_FILE_RW_HINT(r2, 0x40d, &(0x7f0000000240))
sendmsg$NFULNL_MSG_CONFIG(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="3574cf130fec5e05b300000000000006000004dbdf4f0cf74000000000010000000800034000000058615c811fecd8991c2a66e4ac406521fdd0e6cba383e5dc9eadd32dc07554a27c8369de0d7c678db19b45988d9f3c85ecef547ff3c83c3902d41e9628748f992b3cdddc558aa16e9f05bbc30adced3c760e4db05d5901cbb5de4b93d9e28edd4e34cbaa0221d6f2471d61c390e1028d7f1979206c827b0952a5647f0d84885e7518179fde4f8b324a8a9d61155b49677757a4993423754fe3261b6f4cd4562d1ef9aa8d8e4322"], 0x24}}, 0x0)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r4, 0x660c)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000380)=ANY=[@ANYBLOB="ac6671730923f8da57ca9835a7000000000000", @ANYRES32, @ANYBLOB="ffffff7f000000002e2f66696c653000"])
openat(r3, &(0x7f0000000000)='./file1/file0/../file0\x00', 0x290340, 0x91)
r5 = getpgrp(0x0)
pidfd_open(r5, 0x0)
perf_event_open(&(0x7f00000002c0)={0x3, 0x80, 0xf2, 0x1, 0x1d, 0xff, 0x0, 0x98d9, 0x4, 0x3, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x3, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x401, 0x1, @perf_config_ext={0xffff, 0x7f}, 0x42904, 0x400, 0xcd, 0x4, 0x401, 0x5, 0x20, 0x0, 0x80000000, 0x0, 0xc16c}, r5, 0xa, r1, 0x0)
writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000200)}], 0x1)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000080)=ANY=[@ANYBLOB="00000000fffffdfd0201000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001100000000000000000058d700"/256])
unshare(0x48020200)
04:10:34 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, 0x0, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:10:34 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, 0x0)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:10:34 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:10:34 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
ftruncate(r0, 0x1000003)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000)={0x0, 0x0, 0xca})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0)
r2 = perf_event_open(0x0, 0x0, 0xc, 0xffffffffffffffff, 0x3)
r3 = signalfd(0xffffffffffffffff, 0x0, 0x0)
r4 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x104, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={&(0x7f0000000040)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f00000000c0)=ANY=[@ANYBLOB="010000d1dc1fece4b0bf3cbec46b46706371", @ANYBLOB="ff9d23b4c39731527e0042108d25000052"])
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x44000)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(0xffffffffffffffff, 0x80489439, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000007d440)={0x0, [{}, {}, {}, {<r5=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r6=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {<r7=>0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, <r8=>0x0}], 0x0, "46dacd8396fe92"})
ioctl$BTRFS_IOC_TREE_SEARCH(r3, 0xd0009411, &(0x7f000004cc80)={{0x0, 0x2, 0xfffffffffffffff9, 0x6d, 0xa6, 0x0, 0x4e4, 0xe49f, 0x4, 0x7fffffff, 0x5, 0x2, 0xe6b, 0x0, 0x20}})
fallocate(r4, 0xa, 0x800, 0x7)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, &(0x7f0000000100)={<r9=>0x0})
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000007d440)={0x9, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r9}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r7}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r8}], 0x0, "46dacd8396fe92"})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f000004dc80))
lseek(r1, 0x0, 0x2)
r10 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x128)
copy_file_range(r10, 0x0, r1, 0x0, 0x200f5ef, 0x0)
04:10:34 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x24, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
[ 1759.279962] ? lock_downgrade+0x6d0/0x6d0
[ 1759.281265] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1759.282458] ? wait_for_completion_io+0x270/0x270
[ 1759.283621] ? selinux_file_ioctl+0xb6/0x270
[ 1759.284670] ? sg_compat_ioctl+0x120/0x120
[ 1759.285682] sg_ioctl+0x8f/0x120
[ 1759.286503] __x64_sys_ioctl+0x19a/0x210
[ 1759.287478] do_syscall_64+0x33/0x40
[ 1759.288364] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1759.289613] RIP: 0033:0x7fde33c83b19
[ 1759.290509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1759.294964] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1759.296818] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1759.298542] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1759.300263] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1759.302039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1759.303803] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:10:35 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x25, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:10:35 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9721710fdd67b00000000000000", @ANYRES32, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:10:35 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 79)
04:10:35 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, 0x0)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:10:35 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$SG_IO(r2, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x4, 0x0})
sendmsg$nl_generic(r2, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000380)={&(0x7f0000001980)=ANY=[@ANYBLOB="c00100a3406d050700c4e07c2647fcd56ae8978922fb5eeccdf5dd46e43ba6d9ca6b0c9f9bf91331a89adc6c773a45db4c95a6da42cd3b28d5972292f189a3111c4cf07f208631ca06ea304413b1c9db6b1391747ad787f94428d417", @ANYRES32, @ANYBLOB="530109805a32fdcc76732dbdf560b6be8e254a4fe8f09b89a97c9a777542f97d8ec99c6eccf349babf0489ab81e04ac7e5eb10373ef219fbd124a744e5ea4eae80a747a59d7f8a7c8b426b3b5a7786d55048e60e76f2237342b51d4246986b7598f64af89e1d1a7b4dfcebcdf7bdf2395745f30440fae4c56c9a25bf8fc7801ef21ee5d172bed61ded1282d597644322055e87760eeffcc4f850eaa8020485c84e1bc6bec6714cba0ad14780861d5fd1cdabba6101c412fced5a29922300175d5e6dad446598526c7c416817d7a1a01bf283868c3ebe2e2aed38e15c65221ae7e7e6f7002bc465cbe437783254cb19bcd9ed53dbd452dbdc2ffc16a29956351b84eb692361c45f83facf65cd50a985b8a2a06ced7f8bcb34e4c724dd59837083e3f9e08a998710e6f92445685fe087cfeb92f28d059d02a0cd85860dc7426ada45e5e8c130a7afe1689d2b9b60f17004002a000007e83553b0a6b9597bea4112dd0f84aed76a759c63aa6eea07644e3cf6165d090c336e5d11780debf8f5b355ae24891c006c67fe89fbc858305e9164b31f95cc6e54eab531df67a982390b6904006100"], 0x1c0}, 0x1, 0x0, 0x0, 0x20040000}, 0x40080d0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r3, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
openat$zero(0xffffffffffffff9c, &(0x7f0000000440), 0x10000, 0x0)
r4 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$SG_IO(r5, 0x2285, &(0x7f00000003c0)={0x53, 0xffffffffffffffff, 0x6, 0x0, @buffer={0x300, 0xb6, &(0x7f00000018c0)=""/182}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x4, 0x0})
sendmsg$nl_generic(r5, &(0x7f0000000500)={&(0x7f0000000480), 0xc, &(0x7f00000004c0)={&(0x7f0000000640)={0x1280, 0x3b, 0x0, 0x70bd2c, 0x25dfdbfb, {0x14}, [@nested={0x1148, 0x44, 0x0, 0x1, [@generic="835289d36aec0c9a8a5c224166c742d3e2c2951d81badfa7753a5ba260eddc2ef5e8b8207216cd8588294f3132991b1b1a614fb8dcdc248e3fd7cc115a31fd37826d04a30a51c78a4e3aa019d5382f04577c7534260c89962d2acd859d019eb119e1ba918999dfbc2ae07cc5ee4410f6616ddd94c44349234fe86b50fa44bf635f31329a8744951298f812b698db7bdc0c70fce6d8d438978936289ad6dc4dc3567504467cbfe760ca1ebdb60295aab494c53c4c1026813a3c6d4b962bffaf68fb9dafc4a4a8ad030887f5c2cdaeaa240b647fa91e1f7f7fff4921e5252de60dcb541bdd9d30ef58dba7523064763656f657c9fde8f339d47a68f914dd69f2ae064ee2f6bcc2ce4c269c127232d911f5e0a1ac85639e07b75ce27706bb4466351582320bcf798efff59688f63da619eaa10d48260fa1227cc3558df01fbbbe6ac0bb80b17b8fc9b1c2497d860f4a51d5728822f4fb383e87b619df42e1cc854af2574c81c3f3b67202564810c806902ef267f5348b61df1d9db6b1a49b57e11bb82cc506a06c4946dcb36b9ef600bd5da641c403c356094e5d2e16d3717b6e810847dbba7e3d91148c57a88fc1869f7e07e263f14b9d8ce37d5fb6c7b0a22a479f474f05c7dc097f10399c37d9f877127a48281dd05c3bdcf2c4cdc81bd0ecc231f9e045923ae1eab4bff37c0939e40a98d8028b390a1e9fd308a785754674e3d6db2b7c0672a8e672cfa3c3ead1e21ea3b6f6ca578653db6f49d20d7ad282ecbc081dcb7ab844a0e0f9ca34931cc08357154d1feb2e95101e90d157984b84f2fc90e11882273781e8b56fd1332aa6d95de1505960c331131fc21f44872544d428fb5c8ce007d2c8e4d95a450a23a0680d8774cd3ba29a2cac5ef9a9fea4348516ab88674a58e76746ece8e43eb772fc7c08e4a1e2c4fb891da8c4c5cff3383fcaaae5cf558ae05888fe48ec0ba180c6fd7e7c01c607d4be3f59dc46906038b85fc173ed8b2b59b7c4fa25a50cc1998bb47ddc1348110059677b8a967c985bd644ace3af62656ed3d5057b65a396adf9332edfb81acbd26b21dd5ac95957fc3b809c1e7e4b216ae9be90bfaa1a1ffb09a913273ba288ade554bd65cec29a39ddbb527a9a73058a5b62640c9fbc24f78d513cb13bebfa3744e901dff0617a2a8bd773f2ea50db8671b871c036cdcea27a4ac68eca0cbcfbb1e9e1c94d3a25d9ad2740d80d1c2e1057b03234521e981b2476d481bf2ae7bf2fab5be0168a7058b6eb3f934446caa290c23554364f178fd6935fd298096dd4aabcd4dc07a0fc2133b8fcb96031ac75bed29b2fd41021c8aac7ec9ee00793129771674129b891ec721d49ff40f47d79d615886aa54c218e2b2054f5ff4f6a49f66e769fc0fceedc51b77a837c809257dc0dd31a809739f5011808b0a6066bb3cc01ebd8ece11118b6400ee85df6abe05ec2ca6c1b50f8d6041de48e6a1cd804e8497558704d45679a51f918ef18ac07bd1ef1f43ec739adb425e4704af6aee27c1f2f2c2870a8e7288731824476cce4ec04dd7ee8294685c264d9ff2cf46f7b59795ff6367d42b278557642943db5a26d808ca5b41e1d447c631d0b2f936f0980a18240af24a084d72d93a0fc776f889f28758f74334af3b0cb385f7f72dcdbc121948ded81d30a8c67757854bf40efbc602ca60f3146d67f1408561a2462c09580f1dfb6f954f6f0a624797ee8da5cf671ccad4c4c59faf9fa92173be38fa926340e31684a81a6a5d6a9bc405736d190e3565add776fea58599c1c66407b1c7584d299ea73cf78bfabfed80631e7c33cca4ad7e38e61d81534bd0fae65ca6a20b89f10fd7c88b135c591d11996768fc8e26e1a6431e6d01c182d0c610019056f38a88770d72210f1610994d2b06582b7819a95d0be1da11a5766e99c0f483805c95ea7d73f2681055f83584b4e5f5839ea390a1155794c5c8c7db2e51cea9af72be65b674f58faffcfdeb87f351dcb6ce4ae22fcd31c2ed513decf8bf6afb472a00866f1ef5dd6cb24be23b05af84d9332e2cb5bbc234e5452f53f8410baf2d89e2a79e1350bf3fdbfed16734834ba70c7b544fe4f14796cc527e3a466a709075252e237bca50fe5398dd65e0685206c5c89458180da583a05a841c5ad2ce18e65bf5dfbda99a2a25513fc4d12b639ee10b3a6a90b3c7a40ac49dfdf9a447e35a40c7390757bd3f65f33fd042cdfa17fa822455d1e0bb3d18abb902084e06dfd3e812f16530d3787969baa8df457f5124253281ea9cd2429fa12b09a3d643284a3598776e1d6d3e2293fc4df48efa7fad0367af7cf152b9eeaedee74235247a2ae43a95756bd139d55a46dca9124a7b8e91f2523a1fc0c20e33f28af2e179aeb9b11d692a5bb45b60695224558da9cb84f1ef09038741f3aa424eb181fd552c7f32818499d6e9ca4cb958a7d39b328726543df98fe7987571bcb1da9e252b55bf30764689fd4eca7ff66245b14ee47327de2c61582b056da1e990c483be1464101e976c7558a67bfaf7dfd00059ce941ba0bcf8f41b018b7abac2d20b0d24bbae0f06aa0fe012c206426c8c7b9f63af0025258c0e96f75cd89776fe094d505d58eda8b8fdfc5b08a7b46fbe75755715053995ea7853d669123b201eb0910cc7ae5dc3d9cee228dcf27d218e18101a0fdce7b3d16d7baec08a039ee2aaab20f609ae033f680814bf12fbb0785eab21b2a10c9a7da3d27d92ccb62056de49793e0607090fc45b2ee6d297711d915b0cf1b8530e195b046d69c1df032328e90e06516f6f630b7b97a7fbefc6f3978780f3c00fd3a6ec2e9cb28217d7aa667d4ab5359c1ab2ef0f8795735d44a52c7aebe990a15043884cdaaff85cff11a0ac860e83ae4d3b573587b7a98414a674188747823cc4433eaa3dfb9b5ee020ebbf775876c34ec059a35aed8a4c11f76556a43136f24eeb9b4786ef24848ca2e6fc3fe8d42e5891566f854ae5b5fd57566b441615fd35b0b6a37ffb633bc0ba91438e3d610b194384027e0bba5200014a143ffdd2e8b8548d86862391907b2b22500374409420cb291abb14c3c9d3e1a094b31b883df3e52013453d6acc0db8b6557b05aab40dffbe775ae6fc775f0fac5daaad633898f3aca6adbe87fd9124f3d473473750da6c36b842900dbe2d07a22368bb09c91eec546e258646dac71928cbf1abe7fa954912bd68720cd8f480bca0e8c94737fe54c2bfd185c965e83786a61995aabe0a8a9f3ca84b095a8144af5a680af062b740b2a9393209e845a6a3c935067a13b15e1a28747aa4e3f6b3cc2e36adbcb4bccea7e228cc9a3c16b02c90ac6371bd48d8d8ea11f6d586ca3de1db6f67c6f09fb0cc5bcd3724867a81057acf5424ad69ab096d1f7ae3330bd1146fd7a9ee2df41d6e959df8b68d340b0e7edfedfcd992b844a0488c75fe2ce6ba960f039966102f62106793ac3ab7ed2ef0f21c0920e6f1d17b2bece1da8a833e1d7a804f30ae765384d06d222c960f90a92548fb270257e5c573a03bb98ba9350dd4403efb3237e7e588cc939c90c7a2c31962591d0886e4792d3881f75325b45a7ea2b87278391b804025282d3fc2ca35eefed05037c2bff196a41d4a73799283a7d1f8b8d7658f0ca66a1a1c7dba2dad60c97a6fc5c2bc5a412511d0ebdd2e24cd05165dba9d7cb6db06927c9e6d3106e37c49d767abde3f779c19eed1332b088a4d04d1f0c125b38a1a53c4a86aea77d9e316143be6e6441366cb492cfea99cb25190f8e098554758bac9d353f7809bb85e6d2cee4dc0b9732834d874a961a2a016d04bc53e0fcb8f7d00f2a103e2fa8ee321f207668ef76b5d49a9821e58631718093ed1ad9541768f28a2952bc6bc5adb8b68843288d1809acf222dd023d096f831a37b9fde6bf90530a6d4be09388224e45fc66b5292fa4c86777e316c65ee91905d02289a29a688048fb0097b3f601956b67226b066774cac873cdc2064d342277953e4695da02ea1ae7f774e05daef32c3151e1dd19ca41837242fdd86687a92994c2a20d1e087ffe8ea14992fd0a50fbb96dd4ad538e7ef96fd5b0e19d03aa4382c3a6bafc540f1f21667e944ae250b1f5c800dcdfe9364d51947c55282da55dd54fe801f762d5f00efc0b7eea33c6542570ab0d9c20daec0972025c749750329fb963fe9761d544b88a13a1e0611d41924ae1811b26503cb2092df526255d3b1a2d3c24c2e8fe3c43a978917c74bb572e9eb0aa4cc69c22473b98b9e6638f97f75e2c826ca4717f33d2c4f03be93d1c45bc04026f86f036d9d9f44184c2b9af47f288bca3696874e649d325e71e7c2874ed3a3c61688628f12ee26f5bfaf5a053cd5bb90d399693286cd7545bdde6939c139a9dcfdebd82d57b485225609da650b0cf3a69e3030b8fed6e2f6f8c1979b1020a35e1a728f530eae6f17c2991787f4a25d9b0a51151f59c780fd18a09aebfadc2c0253d29b756bb8eb811696ddd274eb8ca42818afe29f46e5262bfd3a2b901148d14487fe3ade0df574f3b98a2fefd3c19bd0647a3d2dc8270933834c7ad5d9d5b7859ffc357eb3b9b45b1ae3c4ea4a51922c0639ac361b0ab935886a0fa88917e5b2f9c910b2d4244b695844a60b4f32636f863d262c044543fcd365e7cd36ac4b4eff2f9c9c9edeff1a9edfa7026b8bcfa40961b4617089d2fb7e1da26b0e1fe7277040095cbd0059668b269424e4252a553f3af7bad9aa71c13b07ee37c5a74c2b92bb9712baae1c4def71e4d9af9592e23e92acdb60ed07573a5990d06dafedf324b7beea6b3cd188991e99c3ba5a49e61ef24f5c89edcf31294f99bea518c4d7a6d841eb8a2c643f3029eed05429dc20f5810afcb9beb6604969f2e092bd2958404fd4026cdd5d90be968655c0f339594460e84f773dd629f36510fd3ab8fa73bffb77883be1f743e7cb78b531799af88782129d67f857d9562a4054e818502590eb42e3fb6d8d939b65befe38a88e0301faa8e17ac2c777deaa9bb0cc18f4610e46d44641cb8eb8f00d518dfd202258a34aa84dc6ace500feb7f4451a7d3e34a7d4924740c2fc28cf2fb0763d5a4e670b347aa0e5d4d7952bfe108f3f98e1841763aea1367810bacaba8dd10fec71834395f8b351ce5ca02fb3dda519c69e01e59c204c2f793922e23ed8c95c27d6847a632c5c2cb9aec95b106d7d777070c248ae153d837f9d7e9b2e8c6f6a35ec6e40d96f0f60cfda32a869eb187a2127c80922e8bf71dc04c04abe74ffd4395b6998f94eaaf553c61f3859a6b6f91f0dabe8977f96be8ef06f417b69c35ac5b35b88df553f0928faa7ded3b654e133cd6d940cfdcb88e90efeb7389f3be19c3068d5837a99d921898addb705d04709fd16014cd8b6d6ffb68101fe8a6f8267f968eb3b64ac6d5b0f12057ad32b53a4a5b244d8c95bf78b07fff4b3924ea6bca9446e440aad520a088482ded8498e131d38301bf75ec5214e3fd9d2096fb192f877c13d9fa2f67a64e410b277b48d4b2b70a2e022879240e8fb8fc6b63930d96a9763aa0da0d60274a7309499e6d9335f46d483cfd96c762029ffef4551a2a1c5bffd3058eed80540d88679664216a6618f29d7ec29bd8d1dc9b49d339abe1d13565ab60e49ac79334f19eb8ed2afc23c702147e3a9e7d6ec5f2dc22d510132f52cae27f3f9748db029bedb3a0eec2fad5a23cacadf6b6d683ac1bda41a7ecd64c2feaef9b77a4f595858aa2931e91ae480b8a995d76726c23811540cc6c370633186e98c4ff4bd19b9f622fbc5187cdbb9545", @typed={0x4, 0x4}, @generic="f646e1a45187a5706d23a3fb128060adf9d93ea41cd00f21c261f22e8fd62219c991cda7582d578b603f6ce9573d17e853364e1723074e4afa3debb5b2df9347751d7a37", @typed={0xa, 0x12, 0x0, 0x0, @str='*@)[#\x00'}, @generic="4ea9425ed13abe18f66e8b00b83045a662e9839b515129b4de81a2d4d8d92425d615c1f08e28af23dc2e59c257df2a4eb0a7656a6d34da410639690377f9b4f94c182054dcab355777901fc4b483b4a9444d88dee3392da2baf35a000a4bcd62e4ba6856df5d75e6b938f0fa416ddaa0d6b44847d7a07549b3b2d35fa91b80b05e5c12c4bd8f6704acef51c5b355fe6469acbd85488b991ccc9891c6dcaa3d31148725c313a4222ff0a533e1b96b970fa06977fb7bdba4af127946a6b5ae012140aef32276bfbafd461d82d9b1b64d5053d721eef323341e12c7d9748efb4ad84198a61e8a774b72", @typed={0x8, 0x4d, 0x0, 0x0, @ipv4=@private=0xa010101}]}, @nested={0x73, 0x75, 0x0, 0x1, [@typed={0x8, 0x4c, 0x0, 0x0, @uid=0xffffffffffffffff}, @typed={0x4, 0x4}, @typed={0x14, 0x95, 0x0, 0x0, @ipv6=@mcast2}, @typed={0x14, 0x76, 0x0, 0x0, @ipv6=@empty}, @generic="08026b4ece2369732028e23a23d8cb9da82c4ae8d613ab657a7c62fbc87b8cd0f54ade857943b5efcd013f4110ad4c6ce298fa5a059dfa7b4a5c56"]}, @typed={0x8, 0xf, 0x0, 0x0, @uid}, @nested={0xa8, 0x2f, 0x0, 0x1, [@typed={0x8, 0x1a, 0x0, 0x0, @ipv4=@loopback}, @generic="3f9a", @typed={0x4, 0x2}, @generic="9dc8bbf67b6e5947e20b910f84b94817b9213be0729fd82092b7341f5c3c055bb6474c71fc95262c6c7b6401d960b64e8aa719b93a019c95f99f33d7e7cae12e620310fefa02cb5106d72c373f4cf9660194e6aa0f6e8e62be9da9c9e84dd5d4d40be52fe6f9d775528b437d330de94f098a931201481e244ee5f88843ea", @typed={0x8, 0x2d, 0x0, 0x0, @fd=r2}, @typed={0x8, 0x4c, 0x0, 0x0, @u32=0x40}, @typed={0x7, 0x88, 0x0, 0x0, @str='\\\xa9\x00'}]}]}, 0x1280}, 0x1, 0x0, 0x0, 0x10}, 0x40000)
timer_create(0x1, &(0x7f00000000c0)={0x0, 0x34, 0x4, @tid=r0}, &(0x7f0000000100))
[ 1759.550808] FAULT_INJECTION: forcing a failure.
[ 1759.550808] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1759.554111] CPU: 0 PID: 9378 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1759.555942] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1759.558103] Call Trace:
[ 1759.558769] dump_stack+0x107/0x167
[ 1759.559699] should_fail.cold+0x5/0xa
[ 1759.560732] ? copyin.part.0+0x112/0x140
[ 1759.561766] copy_page_from_iter+0x74d/0x900
[ 1759.562899] blk_rq_map_user_iov+0x138b/0x1a60
[ 1759.564087] ? copy_user_generic_string+0x2c/0x40
[ 1759.565370] ? iovec_from_user+0x104/0x400
[ 1759.566438] ? blk_rq_unmap_user+0x750/0x750
[ 1759.567561] ? __import_iovec+0x458/0x590
[ 1759.568682] ? import_iovec+0x83/0xb0
[ 1759.569646] sg_common_write.constprop.0+0xba7/0x1a30
[ 1759.571140] ? sg_build_indirect.isra.0+0x710/0x710
[ 1759.572674] ? __might_fault+0x73/0x180
[ 1759.573900] ? lock_downgrade+0x6d0/0x6d0
[ 1759.575043] ? cap_capable+0x1cd/0x230
[ 1759.576088] ? capable+0xe1/0x100
[ 1759.577017] sg_new_write.isra.0+0x529/0x770
[ 1759.578187] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1759.579550] ? lock_downgrade+0x6d0/0x6d0
[ 1759.580667] ? _cond_resched+0x12/0x80
[ 1759.581664] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1759.583127] ? scsi_check_sense+0x10f0/0x10f0
[ 1759.584263] ? perf_trace_lock+0xac/0x490
[ 1759.585327] ? SOFTIRQ_verbose+0x10/0x10
[ 1759.586356] sg_ioctl_common+0x828/0x2570
[ 1759.587451] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1759.588778] ? do_vfs_ioctl+0x283/0x10d0
[ 1759.589841] ? sg_write+0x120/0x120
[ 1759.590761] ? generic_block_fiemap+0x60/0x60
[ 1759.591881] ? lock_downgrade+0x6d0/0x6d0
[ 1759.592938] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1759.594224] ? wait_for_completion_io+0x270/0x270
[ 1759.595463] ? selinux_file_ioctl+0xb6/0x270
[ 1759.596546] ? sg_compat_ioctl+0x120/0x120
[ 1759.597638] sg_ioctl+0x8f/0x120
[ 1759.598507] __x64_sys_ioctl+0x19a/0x210
[ 1759.599546] do_syscall_64+0x33/0x40
[ 1759.600523] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1759.601843] RIP: 0033:0x7fde33c83b19
[ 1759.602792] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1759.607544] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1759.609475] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1759.611295] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1759.613120] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1759.614944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1759.616784] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:10:35 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x26, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:10:50 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, 0x0, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:10:50 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
r2 = perf_event_open(&(0x7f0000000100)={0x4, 0x80, 0x8, 0x4, 0x1, 0x1f, 0x0, 0xffffffffffffffff, 0x4000, 0xc, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x4, @perf_bp={&(0x7f00000000c0), 0x1}, 0x48001, 0x100000000, 0xfffffffd, 0x2, 0x8, 0x81, 0x3, 0x0, 0xffffffff, 0x0, 0xfffffffffffffae9}, r0, 0x3, 0xffffffffffffffff, 0x9)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000500000004000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000fcffffff05000000800000000000000006000000000000007f000000000000000800000000000000000000000000000000000000000000000000000000000000850b00000200000006000000000000000200000000000000ffffff7f000000000700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f9ff000000000000000000000000000000000000000000000000000000000000000000000000000000000300"/512])
04:10:50 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = accept4(r0, &(0x7f00000000c0)=@phonet, &(0x7f0000000000)=0x80, 0x80000)
sendmsg$NFT_BATCH(r1, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)={{0x14}, [], {0x14}}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000340)={<r3=>0x0}, &(0x7f0000000380)=0xc)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0x0, 0x0, r4)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000002740), 0xffffffffffffffff)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000140)={'syz_tun\x00', <r7=>0x0})
sendmsg$ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000002800)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x20, r5, 0x1, 0x0, 0x0, {0x8}, [@ETHTOOL_A_EEE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}]}]}, 0x20}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000f80)={'gretap0\x00', &(0x7f0000000e80)={'gretap0\x00', <r8=>0x0, 0x80, 0x80, 0x6, 0x7, {{0x36, 0x4, 0x0, 0x0, 0xd8, 0x68, 0x0, 0x4, 0x4, 0x0, @local, @local, {[@lsrr={0x83, 0x2b, 0xc5, [@empty, @multicast1, @broadcast, @empty, @dev={0xac, 0x14, 0x14, 0x23}, @multicast1, @broadcast, @rand_addr=0x64010101, @local, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @rr={0x7, 0x23, 0x3d, [@rand_addr=0x64010102, @empty, @local, @local, @broadcast, @multicast1, @dev={0xac, 0x14, 0x14, 0x10}, @empty]}, @cipso={0x86, 0x13, 0x3, [{0x2, 0xd, "5500e5e552139b6220acc6"}]}, @timestamp={0x44, 0xc, 0x4b, 0x0, 0x0, [0x20, 0x1]}, @timestamp_addr={0x44, 0x34, 0xb9, 0x1, 0x1, [{@dev={0xac, 0x14, 0x14, 0x37}, 0x80}, {@broadcast, 0x9}, {@multicast2, 0x7}, {@loopback, 0xbe5}, {@remote, 0x3}, {@loopback, 0xfffffff8}]}, @ra={0x94, 0x4, 0x1}, @end, @timestamp_addr={0x44, 0x1c, 0x82, 0x1, 0x7, [{@empty, 0x4}, {@private=0xa010102, 0x8}, {@multicast1, 0xfff}]}, @noop]}}}}})
accept4$packet(r1, &(0x7f0000001340)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000001380)=0x14, 0x80000)
sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, &(0x7f0000001400)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000013c0)={&(0x7f0000002840)=ANY=[@ANYBLOB='x\b\x00\x00', @ANYRES16=0x0, @ANYBLOB="00032bbd7000fcdbdf250200000008000100", @ANYRES32=0x0, @ANYBLOB="c801028064000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b000000340004000700090409000000000006df070000000000be0007000000080000010500000001012006050000000900011ff300000038000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000500030003000000080004000500000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b0000000800040001000000080007000000000038000100240001006c625f73746174735f726566726573685f696e74657276616c00000000000000050003000300000008000400cb0000003800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004004b00000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000004000008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="6002028038000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000050003000300000008000400000400003c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000050003000300000008000400010000003c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000009000400686173680000000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000800000008000600", @ANYRES32=0x0, @ANYBLOB="44000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b000000140004000900fb020200000008003f40080000003800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="08000700000000003800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000200000008000600", @ANYRES32=0x0, @ANYBLOB="88000100", @ANYRES32=0x0, @ANYBLOB="11fe028040000100000001006c625f686173685f737461747300000000000000000000000000000000000000000003000b00000000000400ff000000000007000000000038000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000050003000300000008000400810000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000e00040062726f6164636173740000003c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000009000400686173680000000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004005b00000008000600", @ANYRES32=r8, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="ec00028040000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b00000008000400030000000800070000000000380001000000010071756575655f69640000000000000000000000000000000000000000000000000000030003000000000004000500000000000600", @ANYRES32=r8, @ANYBLOB="38000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000500030003000000080004003f00000038000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000500030003000000080004000300000008000100", @ANYRES32, @ANYBLOB="6801028038000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000050003000300000008000400540400003c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000009000400686173680000000040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000100000008000600", @ANYRES32=r9, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006e6f746966795f70656572735f696e74657276616c0000000000000000000000050003000300000008000400b33000003c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000009000400686173680000000008000100", @ANYRES32=0x0, @ANYBLOB="4400028040000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000e00040062726f616463617374000000"], 0x878}}, 0x40)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000600)={{0x1, 0x1, 0x18, <r10=>r1, {0x2}}, './file0\x00'})
openat(r10, &(0x7f0000000640)='./file0\x00', 0x42802, 0x100)
sendmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x19, &(0x7f0000000680)=[@cred={{0x1c, 0x1, 0x2, {r3}}}], 0x20}, 0x0)
recvmsg(r2, &(0x7f00000005c0)={&(0x7f00000001c0)=@un=@abs, 0x80, &(0x7f0000000480)=[{&(0x7f0000000380)=""/235, 0xeb}, {&(0x7f0000000240)=""/70, 0x46}], 0x2, &(0x7f00000004c0)=""/207, 0xcf}, 0x10000)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="1b00000011000000000000050000000000a63c8d4000800c001a00316fb892962e7d500000000000000000ecffffff00000000"], 0x2c}}, 0x0)
04:10:50 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x27, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:10:50 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:10:50 executing program 6:
mount$9p_fd(0x0, 0x0, &(0x7f0000000240), 0x0, &(0x7f00000004c0)=ANY=[@ANYRESHEX, @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYRESDEC=0x0, @ANYBLOB=',smackfsdef=s$*),obj_type=,\x00'])
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000000c)
ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x89)
r1 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0xa, 0x13, r0, 0x0)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
socket$packet(0x11, 0x0, 0x300)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
write$binfmt_elf64(r2, &(0x7f0000000280)=ANY=[], 0xfdef)
syz_io_uring_complete(r1)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x8}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffdfffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)
socket$packet(0x11, 0x2, 0x300)
r3 = syz_mount_image$nfs4(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x6, 0x2, &(0x7f0000000200)=[{&(0x7f00000000c0)="aba6022ca8659530b55522c561d9a8270943a71bdbe94cc55488554d8cbd8a5080b3749c530afef1b9582da4fa71daf83ea1f7468b410148d534f7f029248e07a3fb7fd81050d781fdc392903fbd73e35f4e0c33b238245efffc52907f99b0deffa4963a734ee26fccf2a7f3c315e01eeb09ccf8185fd79d0f40f4cc7a78a6dd2e09602150afa3cc662448e5b8fb1d540629fe4c3c734ffae6f3bb5fee2a17c7d2c1d3665ff1a8ecb0cdcde936a4bcb20cfb9b0f512eae0ec84a7df00e99df4d48321f08259839a5b8b1550adc6fec384e4ac97569", 0xd5, 0xfffffffffffffff8}, {&(0x7f00000001c0)="7940fe3180d597d59090f8145895a5dfd75cf6cac41447b6c4f0be1160d265996ec2ecbde77fb6c2d3e007405296a7f7c84f691bc30a864ca5b6c8ca", 0x3c, 0x20}], 0x20001c, &(0x7f0000000280)={[{'9p\x00'}, {'^'}, {'9p\x00'}, {'9p\x00'}, {'./@\'/@*'}, {']!'}], [{@defcontext={'defcontext', 0x3d, 'root'}}]})
openat(r3, &(0x7f00000002c0)='./file0\x00', 0xe29479e7f046bc0e, 0x83)
04:10:50 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 80)
04:10:50 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(0x0, 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
[ 1774.865330] FAULT_INJECTION: forcing a failure.
[ 1774.865330] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1774.866987] CPU: 1 PID: 9405 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1774.867888] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1774.868997] Call Trace:
[ 1774.869367] dump_stack+0x107/0x167
[ 1774.869871] should_fail.cold+0x5/0xa
[ 1774.870387] ? copyin.part.0+0x112/0x140
[ 1774.870940] copy_page_from_iter+0x74d/0x900
[ 1774.871545] blk_rq_map_user_iov+0x138b/0x1a60
[ 1774.872163] ? copy_user_generic_string+0x2c/0x40
[ 1774.872810] ? iovec_from_user+0x104/0x400
[ 1774.873391] ? blk_rq_unmap_user+0x750/0x750
[ 1774.873981] ? __import_iovec+0x458/0x590
[ 1774.874552] ? import_iovec+0x83/0xb0
[ 1774.875074] sg_common_write.constprop.0+0xba7/0x1a30
[ 1774.875770] ? sg_build_indirect.isra.0+0x710/0x710
[ 1774.876452] ? __might_fault+0x73/0x180
[ 1774.877009] ? lock_downgrade+0x6d0/0x6d0
[ 1774.877582] ? cap_capable+0x1cd/0x230
[ 1774.878158] ? capable+0xe1/0x100
[ 1774.878622] sg_new_write.isra.0+0x529/0x770
[ 1774.879219] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1774.879981] ? lock_downgrade+0x6d0/0x6d0
[ 1774.880564] ? _cond_resched+0x12/0x80
[ 1774.881120] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1774.881901] ? scsi_check_sense+0x10f0/0x10f0
[ 1774.882497] ? perf_trace_lock+0xac/0x490
[ 1774.883060] ? SOFTIRQ_verbose+0x10/0x10
[ 1774.883644] sg_ioctl_common+0x828/0x2570
[ 1774.884224] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1774.884927] ? do_vfs_ioctl+0x283/0x10d0
[ 1774.885512] ? sg_write+0x120/0x120
[ 1774.886002] ? generic_block_fiemap+0x60/0x60
[ 1774.886601] ? lock_downgrade+0x6d0/0x6d0
[ 1774.887191] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1774.887866] ? wait_for_completion_io+0x270/0x270
[ 1774.888522] ? selinux_file_ioctl+0xb6/0x270
[ 1774.889133] ? sg_compat_ioctl+0x120/0x120
[ 1774.889719] sg_ioctl+0x8f/0x120
[ 1774.890174] __x64_sys_ioctl+0x19a/0x210
[ 1774.890716] do_syscall_64+0x33/0x40
[ 1774.891213] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1774.891896] RIP: 0033:0x7fde33c83b19
[ 1774.892391] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1774.894817] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1774.895836] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1774.896787] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1774.897743] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1774.898692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1774.899633] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:10:50 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x28, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:10:50 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
r2 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$SG_IO(r3, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x4, 0x0})
getsockopt(r3, 0xc5, 0x3, &(0x7f00000000c0)=""/61, &(0x7f0000000100)=0x3d)
04:10:50 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(0x0, 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:10:50 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:10:50 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x29, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:10:50 executing program 6:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x9, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000002001210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c0011000000000000000000"], 0x28}}, 0x0)
close_range(r1, r0, 0x0)
perf_event_open(&(0x7f0000000640)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x8800}, 0x0, 0xffffffffffffffff, r0, 0x8)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000000480)={&(0x7f0000000340), 0xc, &(0x7f0000000380)={&(0x7f0000000700)=ANY=[@ANYBLOB="5800000002030500000000000000006613000005080005400000003408000340000000050800034000000000092455848a79ef3f31e34dbc505d000200ffffffff010000000800044000000020080004400000000008000100010000080800054000000031"], 0x58}, 0x1, 0x0, 0x0, 0x5f23c62362e7c10b}, 0xc804)
syz_open_dev$tty1(0xc, 0x4, 0x1)
bind$packet(0xffffffffffffffff, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random="ca73da4133fc"}, 0x14)
r2 = add_key$keyring(&(0x7f00000003c0), &(0x7f0000000400)={'syz', 0x2}, 0x0, 0x0, 0x0)
add_key$keyring(&(0x7f00000000c0), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0x0)
r3 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x0}, 0x0, 0x0, r2)
add_key$keyring(&(0x7f0000000040), 0x0, 0x0, 0x0, 0xfffffffffffffffd)
add_key(&(0x7f0000000200)='keyring\x00', &(0x7f00000004c0)={'syz', 0x1}, &(0x7f0000000540)="18726d0eed55eaa57fc580dc3a0b12e0a5ee08da294ac8119c4c73f93694f2a935d17a81959d084839f846dca8739131e4a9c45c6509af44529537eae3b5a4793a9a0aacfd7a75f2b566b874939829b82a35d20d1985a92c5d7ba971251e89286f64438db33a7f05fb0d1707fd3fa27a56032a79c1d09558fbbfcb2e5f36d3e7e1c749ad35c2064fa087cf6359507a36eb69853e0cdd920cbb7586aedf5a2e5a9a1a6b8d11c08a14918b01d07c92179dfae1ef58835b5fa4be28fbd3b3eac1c9f3cf74fbe25748c55d23902439133eecfafb2e0f", 0xd4, 0xfffffffffffffffa)
add_key$keyring(&(0x7f0000000140), &(0x7f00000001c0)={'syz', 0x0}, 0x0, 0x0, r3)
sendmsg$NL80211_CMD_REQ_SET_REG(r1, &(0x7f0000000440)={&(0x7f0000000000), 0xc, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c047313", @ANYRES16=0x0, @ANYBLOB="000100000000fedbdf251b00000006002100610000000800010011000000060021006100000008000100410000000700210062620000"], 0x3c}, 0x1, 0x0, 0x0, 0x24004000}, 0x20000010)
getsockopt(0xffffffffffffffff, 0x6, 0x8, &(0x7f0000000880)=""/237, &(0x7f00000006c0)=0x88)
pread64(0xffffffffffffffff, &(0x7f0000000040)=""/4126, 0x101e, 0x2000)
ioctl$TIOCGSERIAL(0xffffffffffffffff, 0x541e, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001080)=""/27})
keyctl$revoke(0x3, 0x0)
unshare(0x48020200)
04:10:50 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0x4b, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
[ 1775.075903] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=288 sclass=netlink_route_socket pid=9427 comm=syz-executor.6
04:10:50 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 81)
[ 1775.099468] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket pid=9427 comm=syz-executor.6
[ 1775.164548] FAULT_INJECTION: forcing a failure.
[ 1775.164548] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1775.167584] CPU: 1 PID: 9433 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1775.169304] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1775.171381] Call Trace:
[ 1775.172046] dump_stack+0x107/0x167
[ 1775.172961] should_fail.cold+0x5/0xa
[ 1775.173936] ? copyin.part.0+0x112/0x140
[ 1775.174959] copy_page_from_iter+0x74d/0x900
[ 1775.176079] blk_rq_map_user_iov+0x138b/0x1a60
[ 1775.177244] ? copy_user_generic_string+0x2c/0x40
[ 1775.178463] ? iovec_from_user+0x104/0x400
[ 1775.179546] ? blk_rq_unmap_user+0x750/0x750
[ 1775.180688] ? __import_iovec+0x458/0x590
[ 1775.181781] ? import_iovec+0x83/0xb0
[ 1775.182748] sg_common_write.constprop.0+0xba7/0x1a30
[ 1775.184060] ? sg_build_indirect.isra.0+0x710/0x710
[ 1775.185323] ? __might_fault+0x73/0x180
[ 1775.186322] ? lock_downgrade+0x6d0/0x6d0
[ 1775.187367] ? cap_capable+0x1cd/0x230
[ 1775.188358] ? capable+0xe1/0x100
[ 1775.189241] sg_new_write.isra.0+0x529/0x770
[ 1775.190352] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1775.191700] ? lock_downgrade+0x6d0/0x6d0
[ 1775.192758] ? _cond_resched+0x12/0x80
[ 1775.193745] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1775.195180] ? scsi_check_sense+0x10f0/0x10f0
[ 1775.196302] ? perf_trace_lock+0xac/0x490
[ 1775.197345] ? SOFTIRQ_verbose+0x10/0x10
[ 1775.198377] sg_ioctl_common+0x828/0x2570
[ 1775.199420] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1775.200708] ? do_vfs_ioctl+0x283/0x10d0
[ 1775.201728] ? sg_write+0x120/0x120
[ 1775.202632] ? generic_block_fiemap+0x60/0x60
[ 1775.203739] ? lock_downgrade+0x6d0/0x6d0
[ 1775.204764] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1775.205971] ? wait_for_completion_io+0x270/0x270
[ 1775.207180] ? selinux_file_ioctl+0xb6/0x270
[ 1775.208303] ? sg_compat_ioctl+0x120/0x120
[ 1775.209367] sg_ioctl+0x8f/0x120
[ 1775.210209] __x64_sys_ioctl+0x19a/0x210
[ 1775.211216] do_syscall_64+0x33/0x40
[ 1775.212137] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1775.213415] RIP: 0033:0x7fde33c83b19
[ 1775.214335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1775.218902] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1775.220784] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1775.222557] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1775.224325] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1775.226098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1775.227860] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
[ 1775.296303] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=288 sclass=netlink_route_socket pid=9435 comm=syz-executor.6
[ 1775.302622] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=770 sclass=netlink_route_socket pid=9427 comm=syz-executor.6
04:11:06 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
clock_gettime(0x0, &(0x7f00000000c0)={<r1=>0x0, <r2=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000180)={{r1, r2+10000000}, {0x77359400}}, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r3, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:11:06 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, 0x0, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:11:06 executing program 0:
semctl$SEM_INFO(0xffffffffffffffff, 0x1, 0x13, &(0x7f0000000880)=""/4096)
perf_event_open(&(0x7f0000000640)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000002c0)}, 0x45f10, 0x0, 0x1, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = add_key$keyring(&(0x7f00000003c0), &(0x7f0000000400)={'syz', 0x2}, 0x0, 0x0, 0x0)
ioctl$KDGKBLED(r0, 0x4b64, &(0x7f0000000480))
r2 = add_key$keyring(&(0x7f0000000280), &(0x7f0000000080)={'syz', 0x2}, 0x0, 0x0, r1)
r3 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x1}]})
keyctl$KEYCTL_MOVE(0x1e, r3, 0xfffffffffffffffc, r2, 0x0)
r4 = add_key$keyring(&(0x7f0000000740), &(0x7f0000000780)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffa)
request_key(&(0x7f0000000100)='asymmetric\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)='\\&\\^+%))#7\x00', r4)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wpan1\x00', <r6=>0x0})
r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r5, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000540)=ANY=[@ANYBLOB="94c2880a737f9b6e9e1d64139882be82d751a22a57191153f88ab99fc6543ea14f935b0f5790c3e6ddc624286546edab5c48386cdf3542ec68d57469aba2de8a127bbb812b2f0bfe4b220f04cd04203082f2980a6bba159236ba89ab9892590b04589bbe2c1e9ae160e98bdf85ffd6377e216d7c42964206ff771919ee10675800"/139, @ANYRES16=r7, @ANYBLOB="030000b7d6ffffd7a8000800000000000000", @ANYRES32=r6], 0x24}}, 0x0)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r5)
keyctl$revoke(0x3, r4)
r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/snmp6\x00')
ioctl$TIOCGSERIAL(r8, 0x541e, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=""/182})
unshare(0x48020200)
04:11:06 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
[ 1790.878259] FAULT_INJECTION: forcing a failure.
[ 1790.878259] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1790.881264] CPU: 0 PID: 9449 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1790.882994] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1790.885000] Call Trace:
[ 1790.885684] dump_stack+0x107/0x167
[ 1790.886597] should_fail.cold+0x5/0xa
[ 1790.887526] ? copyin.part.0+0x112/0x140
[ 1790.888520] copy_page_from_iter+0x74d/0x900
[ 1790.889621] blk_rq_map_user_iov+0x138b/0x1a60
[ 1790.890742] ? copy_user_generic_string+0x2c/0x40
[ 1790.891954] ? iovec_from_user+0x104/0x400
[ 1790.893012] ? blk_rq_unmap_user+0x750/0x750
[ 1790.894160] ? __import_iovec+0x458/0x590
[ 1790.895201] ? import_iovec+0x83/0xb0
[ 1790.896161] sg_common_write.constprop.0+0xba7/0x1a30
[ 1790.897468] ? sg_build_indirect.isra.0+0x710/0x710
[ 1790.898687] ? __might_fault+0x73/0x180
[ 1790.899643] ? lock_downgrade+0x6d0/0x6d0
[ 1790.900680] ? cap_capable+0x1cd/0x230
[ 1790.901669] ? capable+0xe1/0x100
[ 1790.902847] sg_new_write.isra.0+0x529/0x770
[ 1790.903933] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1790.905247] ? lock_downgrade+0x6d0/0x6d0
[ 1790.906393] ? _cond_resched+0x12/0x80
[ 1790.907395] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1790.908893] ? scsi_check_sense+0x10f0/0x10f0
[ 1790.910061] ? perf_trace_lock+0xac/0x490
[ 1790.911019] ? SOFTIRQ_verbose+0x10/0x10
[ 1790.911982] sg_ioctl_common+0x828/0x2570
[ 1790.912938] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1790.914147] ? do_vfs_ioctl+0x283/0x10d0
[ 1790.915089] ? sg_write+0x120/0x120
[ 1790.915927] ? generic_block_fiemap+0x60/0x60
[ 1790.916939] ? lock_downgrade+0x6d0/0x6d0
[ 1790.917887] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1790.918975] ? wait_for_completion_io+0x270/0x270
[ 1790.920073] ? selinux_file_ioctl+0xb6/0x270
[ 1790.921088] ? sg_compat_ioctl+0x120/0x120
[ 1790.922082] sg_ioctl+0x8f/0x120
[ 1790.922878] __x64_sys_ioctl+0x19a/0x210
[ 1790.923817] do_syscall_64+0x33/0x40
[ 1790.924660] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1790.925846] RIP: 0033:0x7fde33c83b19
[ 1790.926680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
04:11:06 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x2a, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:11:06 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 82)
04:11:06 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(0x0, 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:11:06 executing program 6:
pipe2$9p(&(0x7f0000004a40)={<r0=>0xffffffffffffffff}, 0x80000)
r1 = getpgid(0xffffffffffffffff)
statx(0xffffffffffffffff, &(0x7f0000000180)='./file1\x00', 0x100, 0x8, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r2=>0x0, <r3=>0x0})
fchownat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', r2, r3, 0x1000)
r4 = dup(0xffffffffffffffff)
r5 = open$dir(&(0x7f0000004a80)='./file0\x00', 0x8040, 0x60)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000004ac0)='status\x00')
r7 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
fcntl$dupfd(r7, 0x0, r7)
r8 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
fcntl$dupfd(r8, 0x0, r8)
getresuid(&(0x7f0000004b00), &(0x7f0000004b40)=<r9=>0x0, &(0x7f0000004b80))
statx(0xffffffffffffffff, &(0x7f0000000180)='./file1\x00', 0x100, 0x8, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r10=>0x0, <r11=>0x0})
fchownat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', r10, r11, 0x1000)
r12 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
fcntl$dupfd(r12, 0x0, r12)
r13 = syz_mount_image$iso9660(&(0x7f0000004bc0), &(0x7f0000004c00)='./file0\x00', 0x8, 0x7, &(0x7f0000006000)=[{&(0x7f0000004c40)="c8f2984073664d9279b2149d8052b663dd95e01ebb07536a5f4f446b65f3e7c6d6d2c3bcaf8ffe5e46ef25f2c135a3b20008fef6f0dbc69d636b97b4bde0afa428ccfd6ea8decae6afa7ac47b9bdfb1a6298bd441f2f8dfee8a34c91e8f455b75340739455d597120ffcdb4b35feca110b908326fce690b4c7a7759899b22461d68155f59f9d76675193cfa6af011cfe75d1853876d6fd876a33fa901745330954d85e82e7a332a57ddad1eaa0ac63de3c66a3f664b8febbce668cf3a58a150119d0bdba0b70d7fc634f446403cbb8fd462dab6964c296a0e0f0a51e400bcce6de1b46236a5b245ad3a1a7315c09dddc4bdd26756327", 0xf6, 0x3}, {&(0x7f0000004d40)="b1092ecff6a362f371d8add0d0e23c55e4637e124c51d6c72ecd86ff9252781a64685a4b7cdee5ca5174906b910a37b7f171804f06610386059e9dfd8926abdc791d808d008dc01f287d5c7d9286f02622914ff0bdbb91ddc67f895a6603fce40a4376f2", 0x64}, {&(0x7f0000004dc0)="e9cb67fdea5a77d411471943b6459ca3f14201a13d207ca1da0e09316eaaad9fac4625f0d6", 0x25, 0x2368}, {&(0x7f0000004e00)="906c8d582a107334bd5d3e5e9900713011a253999dbfc2de56b225b97a553b812be2fa7cdf1b0f9e9b0f782a60eddc69fec8b805657447fec27894235be02d51e7d8cb13b3f82d82e75c5c10517cbf66bb9d2e1de5a3edb6cf9af1adc88f39e2dec1855377c719d6e23d6123a5142fac1d9e8f840660b00eaa02517213ac1fddcc7fa7bffe3526aca9b57e8ed41744dba7fdbc4ce7c37c19bfe8f47b1e5d5a28e371cf54e1825410a394c4b85c731b66a4f4d304a7aae4537c46f728b56e6f58ed9d50195a4288fd2ff82b58f83b6e04844e9a6e200bd236e23e84339c47a8d48addb22ed3bd1d3483a0457789a5", 0xee, 0x400}, {&(0x7f0000004f00)="7391b6d4a695d941625c8df5c918a2f30b3b49a522a77fc574a74d67a7bac3cdb853edeb3c463c4d021905f70aecde3357342c4937c8773087b62aac0c87709f369b82a02df207637403b1ed19dbe6c93d9d60eefc75eeb0d301e9f4c989847d66f9bd59e47b85764f7d00d13771bd026f9e72cc972aa36123838b256490de6a103b9b3b1df10ba02351a7b4919dd71e6b1a1ad94ed563f184e19738a5062ce18f106b4b1f6ec5bd621cb3c9a22b03099f831b0c4f4ec0058c85ed4fab9fbfa8c973ca4a3f0373b742ca56fd02d49e4d4746ee1fa4f98651abadd200cf2ca6945fc55ec5b2588b8ee71ee8b7f4b99ceab70034b3159f2e51df8c7c4e337dda1f20ba883ee27513cc166cde446641a2d3de92ba333123276031887f1e45bad65e84e902c82e7c0e83c258b290de99d2ea04e91c2ae3a0af6237cd8003e26464b2449e4d6f007d651b22c9b7cbea2c04117944a4b40ed89fa70fba28a1c30e797a3418d957c615a1dc40408e411fd9fdb93bc4371bf2e5ecb687f1d0996ff7349c5822c42b47ed66248c057d08047f9f7d061fb4c69b0bcd749eec0aac1906e5d6e1e3af3d342e03b4d95cacabeb9d34aec8eb6d7c9d9b2e2c78004ad0af4618b9d93974c8d4de88a3e44d0a40c773b9958b06d5eeef543320d5e05ada046284acf8499760335118631d2b5592ff0552523d1544ec9ac99c6736e4da359fb836b5aa9ff5afd172f95635515cd030b5d2eac2b57f419a569079700b40e2eb1126f54f2589e3e89f92804dcfd998788842d48e7d145ac16aeb120711f221b0ea6c08cd436e4fc62a4984ec1480aed69f819835e4e3c5f9a6e8f58049af6c6c304b77a32f184b49e81a01049cb0f2ba660185b67dbefcff46db16848da835fce2a7b50d28af74622f32eed08de9db864d2a8bd0846cfbf4be1eeddab6b28a90741ed61888c0e2b8a36e42774fda238800cf227341d2abb223ded7b6c25176346f1a9aa7854452f723127da978d282426d4888584c060cf3773fac266f726ed0a6ddcad12641f3e0fbf457727c94ec78dc80f0c71223e53696439d44b563fa982be6e163a961645b5f86ff83e9ae7d60a2c2d538c5ac44fe927885db22a00870ef5d9c5e8cffbf440e0dd244c60942b7895f6d3b3d442edc6ef13e2d20d0a9c41e1da19aec42c6b34df9d230f0c8e7db4dd5240901f683eef47c28116863b42cb1bea253be22c63a0d72ff615e8d16ae0f0329095e62496f71484b8a83bbf6ac90c5866eb846ed790dc99d6f361e86cfcfccac9e2952921512916abc5090cb40eaff6e291ef46c785ada40b792829cb69486981abd3dceba574a7efda0f19e32027a043b4d9999c154ff1f17450470503229555edfa13738e3da9a6e7a1241797609a1aa1c784efa599bccb2a47876ee7023e4e986ecddfeae6f93447c29aef25db262d4764f5714394b1cf9f1604f97ccdaafcdd025ffff898bff00cdba5dc3795c9c0fad8e802386355cd3e563687b2a85e9a3347bef13782ee3b39fa00da43c3657b7d39e787ff5d20f6a83b2d0ae17705ab7ded9dc904fb42fb70a2567a011027fc4ffb1c8f6e84bb1796d399369ff9c8157d3ffbd1dcb86e20aa2417927d404524f93414be902f1961b641c337fef64530483120857641fd1ae6158cf713cd89aef0c7918bc5e967e7e3dff676bc18335530de3ed12614f5a8967feefcc010b29c7330986b7d4594f1aae93ab0434873081fa4999df9c6a84adc07b0052f7e7367e0e5303666ad1aa285855988ea301da2517186c0d18467683642e08eb0d463c6da968a4816df0e7e31ea0b2aec28026a3a622027bf21102df4b6795beb267823412231c2212073578d24ffcca0c01b4e815ba81f763335ccb4554330e59f4560fe5275bea08d0a15f488b19ea252cfe69dab8d40ec39217c4ce7d4bfb95f9d3031842353c164f38196588860962e63b457043af5b6e6e26d31a75aa82c79bfa0d579244cc2b9dcba913e4f8038642409094c11ebadb411fb6eb0ee1519c91fe404649c555503750c17749331c4660e19be690680d3986a8e7e2f12c182a64d6f376d41dfa8560b1b8177dacfed02b15872a7d79f7ff20e4d2d6a5403bc9bbf6e8c7e7c2a6a93ad9bbcb474bcf1fa38660d0a06815f8d48efbb92395838d122af8198391c6e758fe080501e49d71a561faaa7823fccbebed88d4bcd3b428c6bb733c3fe3577b122947e3bbb7c7e708c661d6495bfffdac76b08a13c972d3adacd16063b4db932fe50044bb42a4323ddedcfcc226095a9b141d89f67e769c880075b932cc0e59e08c09251d1518d644c6a4291742bfc7164f06d4c24bff65fff5e9d3f0673690ca410c3682f1d507b03e2f8947a6bdfa0e516a4a20893439def9132f0c41138deaaba269bbbcf8c2f748dd1923d9150a80ee5be7dfe9441fc624e04cae865059ea001620755a2bb5abbca9f334f1e881676a53f990a48103237ba8c976667be9963b49ef09242fa01dbf79facf3f26c67be93b139ab887a7ba9393d9e95dc7ac7653cbfa208f5707c26638db0796f21641e16506f4cee6a99b6d9404302ff7561b069b1b7fc1083c5848b6bcd51f7fc1ffbfe9c3e40eafaf1e86d4b5d9b0c6d1a7d5ce0623a16d74add3c3e9cc71cc2209b3492e4da650eb6faa8845a14394fa427f32be3ca441f6c22ba797bcadbf1f5cbfd771badcc87f5978d9c7453a55c6fd8e2255d18c58001ae70ba355e8ca69ec9686616a904ac95ec02357e432ae8d9c6d99f6630baf603847d4cc031b04a6a4ae7a20b5b751f195fb61204e5ff064429a53e36de94c2b5a0b9524fc09f5bf7fbd1a8ccbf822c7b0b9143c37001c864c107d37f2942bc343b40f6ae73041bc084c2757d05bc1c19f5d06c3c025905d163c608546b7ffe88955792341f7964d545e35bc2739b9bcdeb6dd0cf9011b52c7faf8e2b2f29e12bf2297117d282f183beedc415bbb8bc332400f9d7e7cc8b99bba8a300eb42e52357e57751eefa89b60a38ef19ca72f809ea5ed477b9358242011b84b13eb18f54c695400689d0f7fe7ca53ef91f1cc07b23568e77b1328d149a3a3932982c4d045ba4f22224537023cad18351f436006adeb476f58307bfa4eeddb42a40ec387a83bbce67dee8d4aa1b9f79075d9a73761ad0106991175e533add49736cd8e95b83a2478630d2706b4486e162e6c4e4b2043df868b329ac0018cf49d7da0ffd205df425be2f4fb2ad7b75a9ec126ce09bd57e31cacfbbd2c68abb6e314c91db90a7d77299dd52f104c7224406e8bd6c50d6aa228aa9250814e6a7fab1752ee657888a911fde18283bd1af4898733f5c28d68ec0d78f811c55385dde5668b5ba883ac3bdfdca54343a3d7ce25e9965ce8e6c95840d3e59b1fee2b9eae81f3aef2e6d781f4de6da999058517ad1afa94b363e16e853060f42a8683e5d3b0992d254f68f23e06fad52891326788a1d831e2571a7028d3e816dfd70ab43cd78cb70ed970d514e0245384ad981b28e9f4fa323230805d2a11e8cfc9d4783334b6d06a620945bdb35831d1a50b1e8f73fe4de70e92016ab3b9d42594d69e3fa3876d69322ce7346e569c875787ee5e2dc76a5e932936278e9182979871adbea9708706519123e637b1a262dbe2cb6b9b66bbb3b56b9dc5898d3a71aba0559129bbb630d1a28e9e32a052d03f68f64aa339199f1e8cc4e1111968cf943a52e61db2f739769dd2d33ebab51a127bdcae41274dfb068a6ffc056c035a80035c14dce87ee53d5fed99376a32f07d24e8c5e83baf8da9c3e37af6fac07193fe68caa0b90c54d6fbf3ebad60782f1862c4418e3b5d60665f0670bacfb470e31b63763ccf2b6760ae8f8e187c83768365fc50e3070c56b4c7b850a83848739666e42f1301ea469b8631e9fb3991cf991dc4092401bd82a0cbf0c0d1dc2a7a75489f471137cf92a25db524afebbb10d2ad0cbd83038d1b547a9b3f65ea51eb7432ca926df04f12994f10b4151bdb24518f01239751a7e8b45297bcf8ad96d50faf79013829fb74edd9e401d3b094efb91ab684fe7707d774b0281ad1cc60535c330574eba30c1f7e61e8a7d60d434086efd9130cebbcb59059ba7fcefbe61ec5c85ff1775ee157787db40cd1347d4fcca443cb9fb2ad8b4fe088982c88eb805bfccfff18d7a0281552d5e05c797d7d8c8888effe967b9abcc2086be4bf25ccb4f6482acdeae4e10ca13fe216fd125748b1414c0c98b71131b8ef6273b39b72a221147d4492faf22d35bb96be52d24ef9ae13fe29a8b54d28090b6149ef6417537ef074a352270deb9209f6bba605bbaddcd14020431a26ac1286880dc6cb931a87e9e4493b11668c2a8f7c64b86fff84905ab387672381431aad3ac6fdeaa5f9c9c336d968bb0af1f9104b152a7e3be12e3eed0085110a06ef4497baa7d529c6575a590b6ce13a035be597716e54b7db4b92333b55019f49b588763858a4dbb134ad828393f10d46b440f230705dc1009034fa57321296c216423d9a0ca628f021366c8656e37f2ede7eba387e582ae9514772393276bfb4da33e6fac44912b8de6ea5a2f5cff1388f9647259ad9374791a489521ae5ea6b7c9d444f1a58935ba4c61e348b7ef5711e5227cca6a419968be6fdb9f31fa3b611afb2917fc3664d6178b3b736fc8c481bf5b9c1c11f7d7a18c07fb000b28d6cf103c4c57017e8d710530d104bab7ad53ba19e04913d4ef817d7cceb5592c52d447a37b5ac2c056568bf6eb571aebe087403a87358cd84c3bdd3e73897ea5bd5e1b9e1283fa5f38480765025cf18b468bb14f38275b8a8d6d214dd5d988735b49f9b4b81c259c8eaa5ddff248b689aef596a9e91147cf66bb35845d42b7ca560de71389fc6466d717a926d2453a6ff70a61716ee2ffb5f42a6a535e48e2d583056f9508799d2b55defc632154651f5219d8109f43e04cf0191f27a915eaa604af20e65420cb89e00a7821be834725d6720896f79cc6924389f6f66d1e217ced5f9b67fafb727ff15668afed55a1c34f58bf10b2b0ffd4feed551764932d1b84e5186d978e78dd473c2428e6994e1bf2facd419c2d8c85f99195c60a6c85ddc33c49e1452a004e06f0d951b5ee548c0fbe9db398987fb25b37967e9166abfd6c814d64d98d86f2103b431763a5fa4d6eeded875882dfb52d055c197943ff6c5c7ee4322ba4e08d32fbfb65e196eff1360431bff04f0c2dd5944596467470dacb49d93319b7cba75c02ee931ad8f356e9f712a86631d02289caf6892f2365dacefb43ed1bec458c2b79c00b0a2c5c831b416ed6abedb51ad00f022018816e69baaaa13ba62991ab604af14750e836cf1158ae43ed6a0ceb92f34a1da4efaca3473a95e247c1ff45a456f0cf6bcb56145ac54b4effe07e110515cd9c4314b1ad10e2972ecd07421b52e5d7bf36b19240a47e598ac73511fd565174c95a84f7e4d3cccf023331a6c2304603790eb24becffb86eb6abaf6b99a6b560b4e0f7e89fed1aa9c6cb84dee49872b2d1e2012f708f1becd970eb855ea39c333e277edec11c7f1a29ee59f16d3632463d2e33fbacb01688d48b3f79c01ea068ca2b3ab342d58da7bd0ac30f6274619b20ed616061520b846078969007d32931621c998eb0b50595253c6081186a913008d620beac56804a8c147766d2e94cc7a5d492afb7dd04f616f2d18a43b53ddf0478df1b1d6f51548a5cfde8f85695df4e9a18b29ccd086c383051c0e3f33c1a1c62df5fa3bdb8bc04d53787f3700eba5f184e90d929ba5", 0x1000, 0x10000}, {&(0x7f0000005f00)="ef0a83413b6e9033662ad444234720d70c52167a6efc564adbb82cf0207ce83334c91bace56ec63c69ef9d3ea4c373c6087302f393c9b2059a22e2f6cf01f655e0a92bb37f89c3b6c77bb59ddd1fd8a27751f2ca465a7897467f9c8cc8ac7c519d7659ac1bbe9c0b6476adfeb0ecbf84099a401cee909f7ce0e8b7d70c0f8022eb88fc6c2f1733140558a856a9a1ad", 0x8f, 0x2}, {&(0x7f0000005fc0)="f605dfdff98a0332640a50806d6edaea28ceda81c25be2dc6aaa94cd58d0b1b4ab26620f50499cee4b2b", 0x2a, 0x2}], 0x80086, &(0x7f00000060c0)={[{@nocompress}, {@mode={'mode', 0x3d, 0x6}}, {@dmode={'dmode', 0x3d, 0x4}}, {@gid={'gid', 0x3d, 0xee00}}], [{@hash}, {@subj_type={'subj_type', 0x3d, ':){'}}]})
[ 1790.930945] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1790.930968] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000006240)={&(0x7f0000000000)=@proc={0x10, 0x0, 0x25dfdbfe, 0x40000}, 0xc, &(0x7f00000049c0)=[{&(0x7f0000000040)={0x60, 0x20, 0x4, 0x70bd2a, 0x25dfdbfb, "", [@typed={0x8, 0x3a, 0x0, 0x0, @u32=0x1}, @typed={0x6, 0xe, 0x0, 0x0, @str='#\x00'}, @generic="f31ff13d5437c53cc29539c238d427a2c7d8fef1d45642837d703df688a9b93437ddb8c4b6186ba5dcf1205a9c", @typed={0x8, 0x3b, 0x0, 0x0, @fd}, @typed={0x8, 0x89, 0x0, 0x0, @u32=0x7}]}, 0x60}, {&(0x7f00000000c0)={0x48, 0x19, 0x200, 0x70bd2a, 0x25dfdbff, "", [@nested={0x38, 0x17, 0x0, 0x1, [@generic="78d4fe002be7f28a12f5b90771fbde9693cb421811e3f8a98600b1f8e941c99e60e4192cf38ffea5668c6ab668b5b225cc01fb1e"]}]}, 0x48}, {&(0x7f0000001d80)={0x137c, 0x19, 0x300, 0x70bd29, 0x25dfdbfe, "", [@nested={0x7f, 0x8d, 0x0, 0x1, [@generic="07e5090466e3894f423dac75244e9d6057d5435c0c16c3adb31d983fee52228a50d34c66cb3b7eb360ca1eab3c1f809060bc76898dd15e14184319a7ae2c794b60d0653ec89734b4215bde99748ce1cfdba9dcab4fdb0d8b5478a143a8b794c1eb507f6281c58eb6216f303d4b5ab20f7db63879a0890dbb026b02"]}, @generic="36e84f76e77c1f721f471ea71d8dbe2c360c4c6d87726f65b8", @nested={0x99, 0x8a, 0x0, 0x1, [@generic="d0f810b476e9b995059de16f3d11565bf9", @typed={0x8, 0x6, 0x0, 0x0, @pid}, @typed={0x8, 0x7e, 0x0, 0x0, @u32=0x1}, @generic="a919c9a6042be3b4ddd83dd724d6d39216842c01d2b17798c7513e412829cc226d22bf19cadd8590e2ed472fa671ac4851a9ef20eb40901b3e4b62155d4545c85b1ba8ba8138bbad38c99a106f9c2b20adc2ad3740c47e1bf0fd6d0ad94dd44c8efaef32ed511993b8663fb7e80824f4a9dcf3b4"]}, @nested={0x122, 0x3c, 0x0, 0x1, [@typed={0xc, 0x53, 0x0, 0x0, @u64=0x2}, @generic="e56b8a1ea1737d2ceecd484d14136051ae1c7f28309c53180329ca8534d8e571a3d70e1bcb0265284b6d57a0280f6467b0b68d91e954edcefd97a2c54d68b36e328ce623df55b9134885daf2d125e9264dff07d2091571c2beb2a29f4393b2eca89592063f10b72b6ef3cc6dd6a4c54968e7d3ee6ac4630ac85d41a6403a8f3a17763e66b7634c26e3686b58ea38f203480ca000", @generic="eac26fc5a1a1b2beca3f84def0434e6f07f779f3e33eb87c78cd2a8226d6f38ac49503cbc74538a0d0e0214d7fec830652ccd30a2ae4a7018db7c3025ae77364a4c8b951dc59dcdba49e3b7f30c6782a62cb36ce9fc009601035a0c7f1b785ec29c15acc389428254491774ec4c5", @typed={0x8, 0x77, 0x0, 0x0, @fd}, @typed={0x8, 0x7a, 0x0, 0x0, @uid}]}, @nested={0x110f, 0x6a, 0x0, 0x1, [@generic="a9c142a2a810f9aa4b2183c599a2a9f903afb8d413e11ab1b4efe5904888d22fa7d8339bcbf01eecc7933818097e462355c1f0946a34d099b30c990638e02c62015084a00aeb2c783bc3b9daeee164098ad5410e612c317e2432b2c0569b8ee32247adb54576a2e00dc86d9e9f2878e1e0c355bc0776e2593d46404c46dfcdab74968d569f8195b4b47747ff9291b75f1d0bfb0e5c3065a98b6b1509fa0278c61a1986f57520a9cfa5dca04eacc433bf8e0b6c65", @typed={0x4, 0x85}, @typed={0x8, 0x49, 0x0, 0x0, @ipv4=@local}, @typed={0x8, 0x76, 0x0, 0x0, @fd}, @generic="0087bea509180b4c2b3ec88061f32f2f9636a562fda3c1849f61878852167d1a280eec284b815c56bd820878ca23155dc5d4292a0e44d5b44de64f55a1df220453c841f6664a29a847f48717a233e52740395fe892574f46224b63e3d4f169458018d7943760158bd442cc1adcb3d0761758457390ae503540162b3329365d231403654b573cc2e297268bb10ca4b9e4eef0e5f5c041e61a3540f7968e1f2322864b87bbce072256eff7b61eadbc6a0085e6380b8a05e2db87bd24684dfcf504436b87bfefeca1ce429d8676b20a76518b04ff698ba43d75d024eb25560ea0c8bc735f9286e893aa74dac155298f47367f3722e27bf25404a01e58d162ecd1c13b2d5da6b01cc1eafd6c273411fee567e2fbb6a180553acfc587b8bf116f93fa554181881eeb05e8c7b9618a77c164e7627133a6380eca86a453cee089ed0ac37394b4c6f54cadcb9d8a2b7ebfd1aed052fbcb00be1b0fa0e97913cc907c3d9792aab3b9d6ac2886362cd585be38aef0bd54873ef4acaaf19690f775db1f557987100291951373e9d8ea102fe3e20a70042fb5193b3ccd0b6a6a5632893f4084d50dddad89f85aef987c644d587eb38d5756e53bc8670e5b361b5ab86f325c75ecb25f74ce43e0d1bcebc6ae3d8e0a563174eaabf2a2adf76ad181a9bd5fc0bbc82ee40d32f943dd9d4806cce9abcaa73e9fcc9cd9c635da8a428535ebb6e6e7b815ecd75ac3f1e696587e76dd5efb2df2a1d7e912c626bbed7632414d98f45a878bcb5c7d20a3e694f84747ca7dd516bca9b98f466153f2dc6dff9cb7849550e56617e4d37fc4edddde09011356b7583cdd28ec9d6f9c72ef59a82f0b9d60af5810a1d419ca673adfb1fa74bfbfabd3cd380db05c9731c7e7beb5289c3b52d7ffaa7cd3c0500268749f08c198f17c1a4db03b11d56ac8c1d0283fb10e05e65e3945251c6465e51400f282f9666e6780be34f57004d83f7c3bfc5f383fc1c334a62eeb1c9cddf3e29e0335376c40a873cd3226ef221e7920e7e81ff0e49ab11f5a96c041e7b584441ef5828d4e7744aeabae23a54e1813781e95df94ec0dcd50f2c55a9ba4fc1c24d1406033f156b66bcef02077dc3c9e78a4bac0cc72d2633e997961c6d5b495695873ede54cc3e97f5f87f55600bb96730b801e9d556a45928a1b3c3f77d90cc8cd9ec2282cffba1588084993d62884640c35b06cede518f3869984d8095e599ade168dba2df00543ab0eb2212a53992dc298700be453ba01144ec02b9c6280f88148492ce90023b4483351b5e28bd6a6bb428091aea3b4f0af0277305e8235664bfba7fe83bdd639590445e4377305ce8d13be1275a306fa2b71eecb1c2c5e76a810811e71eeb281882e6ddfc846cf897295781156c2b92f84d0c3bb039608520bf71703d2ef0bb64f10b0fb7eb4c1eeaf75280ccc8efb1abb885bad9ea808acf582e23712a09a24a6d7012302b25753402cf9cf664dcba31e2d65efbbbc0d5b646b68fe5a7d2995b28424546983acff3ada1dab450c7eb1ad4394284f449834bc114c08481f11843157b81505adb4960a53d3aedf12e6732b75dfa357c70f1abc8bac8dcbe8130a945d83979f301a46111058da52214b8cce766a3041cd392e2509df3a89ba6a76aacdde078df0555d6681e400b17f50081b60172534a679b385c54494e866fcf0ced7ee14a0fbf524bff42ab29ce36c2e4afbd95fae9faee57f87887ed22176d33238224b634df446345e381e5ac3c5b22b05012d2fcbaf43297b561103d2dc06e0bfe29925cc57d97b4aa92608b94e45fb752c156063c8c1e0316e8e7a340fba4fb0f96085de2444a955bb21f9d6d4415391f49d00f595f5567663650f0ec198d5441d880e35ddf543845b4d980c9c832c73c50c09edc8cbf4bd676b228aba2a5fd1e8e24063bcb7ca9ca538151670044a8cf25c1122d185d76b86c504967eb4634becbce0f63fb3d57d571e602f27ac83f624594c349973bafef6a49e3ca1aa13c3cc6bebd74144ae44a735a5cf4df492e70c56e19ab822fb29a911ff6c95d91164f4ed4db90a85e9353232790059838a53b0f873fa95d33b4daf58a3a126173dfd1c03b248cc707def936dd18c228b22f364beade445758e7d8a221e7d780ee57dbae3b805726a86aa0c04b5b7c38c0857f0401c5b33a3d522492ce4def3a84a41596388663156d59f43e331812e3a2c3d7c158ce354cd542b742c0fab575d6fc070bde4d07f088acf88ba27c93d45699800211f1687e8ed5b872d3da4c2ec94dc6e44c1cadc77401dc934fa1ea476b3bb7e878b4910b23aadd3b8d9b03b16dc4baff40f697612b2d13bec13cf399ce2c93ba779ee51a41e3e7bb29b8ac4da30a84a8ddcf833d44dd8a93bb01ced4feea8eb1caf840cfd56fb4cf054b7537e4b4afd12039531c375cfd78823e5dfc04ef1084cb45cd4c71095c3fe1b8c0aeee00eeb4f288e40a7e49328027aef2ef58ea82d5ed1ec76f17a5d2a1c273b02cd5800faf2ae0241acf6737e3ca26f86946ffca2ee8a32b9f730ca3ef56ab2a89163f76c903b117ff29800d4e510510d3ea323a00802364bb0de5d1d1505a85461734e88df628029882b8d49cef0d55e836271eda0899314a983e0e18b8d04cf1e054b3226ee77ef0233978190e78be9be61c0f1cfa7898cbda8afac446909d8f326ac1b0465af8db907f6cecc8eadf18ea8d1e8b0eaa45ecd8815374bfbd4670ee1005149dd57e39429798c14be380df04df6b5537aa4c42892b544ccc56b474d21d78a2c806c3bd699fb346106c5bb9d0b3da70e35d51b092efc94db1ea19a430c3baee942f410a94468b4242d42398ee404673783c201fba5da38c63e1c9942b95b141836123125362192d0eb742f95b46557dc8c67253dd5a0847ea8384998f964eaefa894b7a32c63fcb7f5c43532e414efe08ad1e5bb404758778737694a3bbf275351cfa7c9a071caefa227337754d80d36c4a8f6b806b6b0674c69e444001c55a6a6fbfe9a5390e596425091d876f58c4e81211ac5247cc3666fda333400bb247a36d8e0615cec93dec597440430a2c1a8e7b97de2e47b22de78e50a614f198ecd8069ace99d10cf5f14391ad0a6e121715f6440d1efb1a7c9b88124a2cdbc3a761e571b04455bea3eea69e1fa08a05e1576901e76836db30d1142dc98e9ba31b678abe7cdda69e9a7aa573e7c0d47e327d793992ee8bf1a50aef11c69372e914430b7974ed44f16e9e22b6b88eaa577c49d421087208211e7873ef37bdfb1775a71bd2a9a0cac28a86388f9978902b09e4c7c5cc839f061174400b21540cf63186ecb78c94f6849d266b52cf7f3681df93fc8c02126cb8ef22ba4f48c784fcabc390554ec2c84f252d7d2fe5340a30bdfd85ff22e6591855049eae2f5cfe285c75f0114b3c5f962d4b77c18d657a0c427b08289bfbf7a0298861af9b753b98224291142a96f2d4a13b4d6696cd33db9176094132fca7e9b5c64e3571f1cd80810e84f67736871418e55a2408562bf8ce200aa14c4b3f19f5348c25d08a624a4c3c50449266c523a41ba03d18469d26b1c5bd7796fe312b4e47c1265207c5f90c07fbb28c2a874d3d988bbe26a60ec820ce8f4df2904181bdb542a798d5f74d1f830d818aa8255e318ac43dcfeb887c0ac2f8cc75997a188474afecc05d337ebf2935c25a031ed148e5a7d8e961aa807e7da6fc71ea4872e87ee00f8e5530781530c70edf743b99b79665b39a9f1cf2b56235e422a8cb0029b8a206af7b72b92b37490031f9262497a157e1dc609bec3109944bc54fb1d70e90b21c754967ff415f6574b2930896aa4bfba914d8f60ef46cd1fca495f1f95967c981a6a8928e35f125e2f66bfb015deadf5bbcd15a827893103148bf02cd8b06989d640418739c2bae00c71b146cf65eb8cc68eab68cc8c7d43e62da28f31b327c565209ef79fec8507c01680b271c81d97e30c029ed0f024bf8c1773503e8c5aac5eaf269b63a06304f92584ee5706453624822dbe8a48884f4f9b183662f55b88dbc6b9ea3e3858165aa1c28048329f897ad94db65fc2852c8b0e604b3dc28076e7c6c5abec379e71be9b6ebb7011b35a88e28acacb1e961cf80e7954a123b859d6195b692a9c144ef94fd6b559662484b8f4f967cadf2fd0593c0ff37a8e7ac7945d966dd731db120e0cbc44f0d79f3718babdb47833deb77972f5bf7b9649b446099c5a1c294c220cf6ce52726c687beb5b0d9408bcbf058d94f845015ec88fea8bb09b70868a45b6da8452008f2d82602ee105afe94543a0cbebb3de567fe44419482d8df69ec0ec565aeca2e5899032385d570fff8098378b941b0fd6ac75b6ffe50aaeb8408c32f589b4df942f9a32c06eb37d634b78c9ac162441a0c8a33ecba6d282504cd176bbee52781df82c0d449824069910d1863db47764c54505a9f638de76de7daeee34823424c67e62e148b347b8d42c7e9bc2b48a97c53b2de7e8575cc2fcf7aec77a635d6d4d6695588fa11c165929dba790f05efda464f0898b2ce4595d3b55718a2a2381d40b095eae059e54b1a1a231b294eaccdfd7971c6cc13e0784a4cbaebc2c9138e2f1835e37d9c7b140878f4c99a7d1edfd8dd372a3879f477d4dc2241ff641c016dce556f34973ab09cb479ab1f7f53c0bb1f4d6f6add51aa541916dd05556589e101131d47a37745b1568094b75ef821f7ea4fabb6141b7225eb0fff73ba9f9bdcb6842cca80c93e0bb541722216165481d06da7348a775384458e97af3e6892c2d8f31e933735fff9332ff184a1f059fe35e4dab3c37108ba0d0e706f02640825c2912ab9408ce9b9d0ac66284c1c07f73dc1107e316e81cd925a31fb10c90dcfb5faf15a7e1a44b4b464adfb1c653c8d6415b1179df556e70847d6a1139919c2ddfc9d7418ba7df89c763d1d668e5014bf3d0245af2d5f323603e9f6d05fb803a6079a7368d5d9ea19cda2811cdb4f13cc89dbaa00364c68f81de234f0038118145c86c0a517e774da7ff341270d03add7043ec6021a5871cd95456f6e8ccdb42caae94aa2609f95dba036390d0eca253561bce2f9761c17d215ed79de75ceb9a690008506afe7627ec45f73c3c07c24cb5f3f36718931e25712e9c7521f192cb7d34bc79f791ba7ce423d42ed23d091171a97917c169fdc07f885a04ec048f301596ab034b379124d75b7c2200fcedf71329f7b543c00e27d0ff4f166455ef1aa69d7fba617a3394a3d2ba44f2ac5980392a56e82932f11cc202383229e34cf5e485f4357f786540f7c132e276fed7a2d6d601b6b86a248d78fbe605fb2e63632c3b846b12c70272be23f22905ca36ad2249d103f989544c68173e857f1b1a8694573ed6b65d8ea23711ce824ca49d010bd0f45064aebaccbf322a579445dc443c1e498bb5d2462a4d8ce840c2c8a4735f3670d2b2abaec50b7730f4c8b3de25b28ef496e0d8e850caba05a88be4e9bf0c0d88a797e74c394c0b3b39fc52e3a8a3a93d6613225e66c0232692b12da286a274e291949dd34be9b5782b87714d1a424624b18c1c7f65c9cbfe4a870c82342bd1f8edba6d964124ce97261cbdc7553adfd10449237c633ff320b17cad72f5f519e5273099be8b7d1dc5a1cd1fd9e9b2235ec94729c5231bda4c5737c8c6aa438fc22c450b193528feb15822f85a00b4826b098454082e53da80a7c67aa23f75341f9a532ea02715ded4ffbae1c6965c37f0b2a845d49b9648c804d848f25ce2a5d01e2b25cd121fa1230713e9d27ccbe212", @generic="3781309109923d9690cf1560783b60a9f6a768edfaee3c430204ed066dfd30504c4b9f3389fda8baefa6c26c2ef8fba667692fee0a06e09d662e877917d9260f34f339"]}]}, 0x137c}, {&(0x7f0000006280)=ANY=[@ANYBLOB="c41500002400000428bd7000ffdbdf251729c5a4351175bb124d99a0c4a168e6a672a6ec35332162ec319582861b0bd32dde0a7d482d47ea986849ee92dc6842a30e78f02ab193ddb9eb15a3af524c97ded7304b932c3a20330b015280930d63d730f191a420b25410f06d29ac38aeca937cd82ea3f1e4fcb69448ddf4ef801587c243f9d022c7ab136200c1b2201ae49961979dcf7af2e8253dd6e2d6da50979065c5d352849906eb8ba952cc98cbea1cd1b07d169604c1a1fabc0b99cc8b03621bb4ca5b16ffb973f0244dbe0a6686849db562deb90818c34083fe0142e55589489f7bfe7056aa7d9e71ff7bca7c87e1dcf42663d8b3f2e57c6c73351bc03152c58cc5a457dcd70200cfa3a509d2b4495205057f410efcf54e77322aa75693fb9e645bc94af4cb9032b3f9bddbb849386be28ec25407251187ad2785945b0cf7cf0911b96e196f45951a650500ff0000000000abbf6646defb24ad39dc4e7bfa1854c000d3116e8008007b00ac1e0001270078001f7c6843aabd7d71ea26b2baafcf8166a402205bb1c68ec385aaa79260eb402cbdd51d00080015005e2d5b0014004f00ff01000000000000000000000000000108003200", @ANYRES32=0x0, @ANYBLOB="d9eb4df85df56d882a364087cb170b92d1d8431e40d9567a5eeba4ea8ffaee1bb79ee90175560f62b52dd36257196eb7f765a812ada63c7553770585ee7d0a5c07237391257ed397f98a2769509329b131b42e2435f1d05c98b7e9f59d14426f27f2140d9c97d0f2fd2fed10f763f950d4e50b6f1b792907aa32764b735da1b8b9b1e5063652deed95300083892104d944e18b9290d5b47d9ef36b8d9f42b72cadd30a0db6745c7e5226fdc905bbf983dbf191f5a7cae5450695a7aa80709ea2d39693664767041fc177afd0ec10a5aa09152e374985e31984fee35be75977771db5bb1e02837c16982274ce1fd15878383815f14b59703db7f9c614695cad8816fb4760b6f0fb6aaa9e319d891b2eaf6ab11e05fc80d4d5c6bc82feb52603623a6d5575ebde3efe81ddb37a0c193ea2241c49697bbaa6f04c312155b90c80d893b6301e29403ac500057b411fee47f88840a8aac3c97f90aae4a01676d249ec4e17c2cf78138bcaf0bbfcb0392d3dda5a5abc676179834c36aa2c8b2ad6cc0fcbf0eb0835a651aa5d79a4c99c8cfe3ab330b15d99d90419f472f6f422d4525e320e6c5c8cbf0affd0b98908ed33aad8e3f08b663d82a1d765b22df31de22564fbe0383c6dd9eec9bba852cb791fcd170e079d120f3ace2daaacf5c7e1843a169b2635e2fb0f57e8b76ba66ad1a006e698d6528e360ea851c9516744ccbc91a243516c8d23df8281854ab147781fbaa8367db89d411d2de7581cd47dfc73ba0f8efb0a34f6fe9174122a11261a8e4a8486a071fee39db35f72b2c831efe1c38304615f472d9cde687e9c5e882a1e7ea3e826ed07697ee1866bbf42cd6bbd0220e3d539069f3151aac7eb6c6b2e81651ac5923603a9cf8de9b594a58caa2848f578435c32bd70dc3879090d83a4998dc374740299af711ba42162fe9247a7e9065d26c1d7db6d70fda31bdc47884b8683126132a14e5d1ba2b7b9af271c2fa2d1cbf8fd27fe0e759f0752c225571633fa49065053b597e198fb32f4c5291ad886c9f30ed365ee27645eaa2f7fe8e55e7ef827b9c6b8b08df5dc23f845ad88ccb4baa3e30803928dfa78c61b6c00c6406d94d4471458092489162df432b717c28e3ecae30005453dee5f07edc08ea21ec424bd3354bada181572f685f9809106683942bf738160b34c82e780e7034759fbbc1a53aaa19ed9966145b0c7e4d7a7959f3087a3f764e88c249d5dcce99a6d6dd102db35877406176649e9219131e39f881a0722e2e8cd0ec7690fb2a5e9ca6c11c1acd7ec6460286a9b5fc78f2571207aa5932cd9e9371baa9ca31e818f9f714606d184a05bfd1be244325219d237d49bd531abb5d9270b5eb369e8545a09fd2c88605fa1815aab4a33deedfb2325ffea350f85f907423e119ffc905127558bb67a50a8ad69071bd6549f51533b44918d64844685c2af5dae652be5795761b0a44509208ba46af2ada6b9384f252a3b4dcc11b4ed46d2e03268f86d51842fd196dbdcf33ad372e79a54cecf45c8b9b9eb59a02e6311c2d0801961569987789f3e8bd0f5822ab17c9de92b4da494e99c4d28a77789231f5fe1128c29e79f7fde1257cdc8c1254c41a8f81b5a3fa3a9fc69dc36d13319e81842787004b0dcb56a40f918ebbf954740c18f9afe93696dcece7009da74cbccdec4c82389e50ec9594768acfcaabb70a3dbec6a0fdc84af8346800d71b6f205c4064faf61d37eedfc67d1d8da7b42c2dda0043f14109d4f824088bb1dcf7ebad4b557b7838689e69a74edcebff714ab63a0103243383a2db3b278522c151d67ab37b29b289cd9bf56f3bf06d2a3a16567175d8d48151c282da9a26d082f0044724570cb104e821f74429d1fc64ccedecd13262e2188290bf8c4a4af41e16137d191cad4b7b5a347b1e1a42058dff1069ef3795e0edf663b33422193d38810242943b9552b13e4017d70943d0080aeac358cd6444440aa2dbea8f657d20dfe13ab4996b9a9fc5e67cdb99c30f0ab4b2e5b0fc771f196b645efacff6d9a4b72e1ca2742779e45ed642ae9221aaa784d622d23758f08618da46889ce0ba4619347954139b953a949f2818522b595e5bc0a6b0eef714193b61e75166ff3bbc249518a46afb6e5fedb0a6144ed60a8812fa6246f141e47a9f7aa613f0719a8a92f305600442fb4d3d7ab74b983fdf38713394aef6a04b5fad4ae5a2b246bbbaccbadc31b8146e1a21e1954b509010f8989ab8ea5245dc73474820aaa512319cd8e0df06d0fb78049deb5c273154d5cabe97d0e25311b27f3f935d41565eaa61b8f4fb5041f5ed8654016e0784c421e78f303d2cffdf2a4513e1f4f4a81492b46538fdf9e854496c86f7bc39a85e992a680e5ae001866fe72b517522759cb94026d1baf75701e0b780e55837a7df5f0c4fcef7fb3538f1b322f89b252919aa4ce97ad4340b09e77a7e16bb6c05796ccc9aed4f08d5c93f9f752455b5ebcf3e8aeced54ce47ef3211e49215e6f2f5ab2510a891219e1ad4a4e6caad8d14dc8d4734d0e6bed939d04557251f1c9ec04c46319d20c436b530b38835af2f4c7f4b3e68dd83f999fcbd733e7d1162b04ffe6fd6fa84dc75a96567ef2a15add7127d18d445e60e65da8e4511b0ff7f779111b2e79f2ae00a053efba7791673ac642637a1394b5c0c15ab801b24f28941b378e4780f66612916873f58e6dc083e654711fbc6549429b0e402771b262ed6a4896fa2421a205cca6cdc0d468406849c7caf4de517778d5cf1ba2b966f9f748b2aa86080b0f28d47efd71b44197a50d517d01e9263339097ea3ff34adfa4790911b537acd3a1a84f4de21d49f14ac1829a4cbdd591d8647068f575f20fff78fac9f34dc29e414566f89d76338ce5eddc9a52533d5b154917ff337b29693fbecf84022d67b31e07d9bfe92f9dbdbc0d4906657aaae1345fcbffd542b05e014aa5cd96ff0f9e62f0ae15e8e525de7851ec0c2304ff9eefd7e3f95318853e5473d19a8003369ce7505a451dbfb7c4ffe1021ba4a5fd0f3f2305426c766eb4bea37baca76b35d8320c476548db00c7b4dffd7e459f44411e859720a920fe223c985f5defbca4a0b6d9f6342b5aa7b5db41184162507158fb1bd4cf0ab7596dc55b5a673b472ec77a994fcc314d78d7c5ee1eecd3ad5be102f87ace43e8894bae4e72cc97004bbf6302badd0e11f83f87b91bcd76ee25a6bbf5e1bbc4e9d97399a96abd025b18b5a36ec4578446fb14859c224ae0d508c9f543261e8982de7b24b53ce8ea215b28805e4adb223c065e9249591c6d8cf19bbe27ff443dffeb09c3257a159142c9a3c70d8f6b6509a86639c08920ba7443ddd65222bffa7afb0cd17e0d111ccba6113d0abc88d01dc6124320f128cf60f9f56611209fac32ded453b03d484d31d6b135e463b8da92259e013dfeaa0574ff3f723ec9caa3c5ec737804ce6d55402420c6c7eaff1fd3369c094f0568223592b31681583b45dc4a172d6c52cb29017b5162f05ad07673dddd1a2971821864827ad38034dfe7564ff2298966f364e303cd1a197fba172ac4818a038594b86d64dfd913e6cd54193817162c428b6fc8f856038662bdc91b7ddff8362619fae7728042f0607e732ab68a9900b6daab71960b473d330d29cdac58cc09dd0cf77c948eb918487ade6d1bbad7ab5b1e441a5093340d65e16187f125db55cfc6d366e4a218376684d15709a7ef349a7c7e8d1295133d5ac0363e07d0eabe086f744a26bb6a54f9e0040986f5d112b503462724180d4fd109cf39f08ad1acb692c2e8231b1101d4490b9ae026e8a70b85a9150362201044a2afc9a464c56410e16244df13f8aac14e17a5018b1fdad9957b68c27a0360c675fafd913a082f77f7612600aa846842b756e5388c8095c618fd4e4cc4772af58daaf81df4d216f7ac92a9242252a14a28db055cf119d96165416d1e1bb9df581217fbcf03682e6da4dbd111e371d8456d751279333b529d515119befd2992cc91cbfc028c68a7ed9a7807529903c1fb86e5a3194a974ed6741d332bf79163f5468cc6ac9363e368d1fc79b11c9925c93adb3afb8adf3602c211ec2c8800dc9efacbcc7b8f34118f8b51774707e8494be44304a92c962796e290df72a709b5201c2c1a68194f3a3f128037c2d23ffc840f09aa43b3b05bc257d58c9bea18a06d3942a3f129f761d7b609fce2e9c442d03f2daad685d2d2853dbd18661c1ea533a15bddc754bc10f3a906655e389b340062b8d9c1f4fa3577c52947d7468ef8112d597c7339ca7f3fcb9dec8dcef330e59953976b960990844cfcb6c9eafa3d9059fc11a156402f41839ad420249d121a9dee6202ec7fbae996a6473274e3ccb8cbe142ff936cbce4a5c5d384827d6e62b3e80bfe2c05dfab427d8bc47ca2837c12a1aa24935e1cd39ed17213051b8831495fc4edb2bfa67ec89af4cfb492fbd38246490af3b0f54ffdb9947c7f88615b12158257049ffaec2b0ce7829e351b4675a1ef5d652673248e6f256e3bcf422ffe8937c53fb4aa48732ce0db06ef95ddf586fad01f09701295ceba2ea4217f253e904c5bd06e81ee46332c8206171f13066d358bc133eb320977d3c3c061189537bad2d39867611449d02a7d6b787c4dcfaca954a3a1b0d84abd5c52f85863312cb849a35be0c604e8e0a15eaddf37e3956307fc310a1a81e691cbcac295cb7bb7ff0dacb13119c4bcfc6d5e33855388159b8fac1b1bf7a25abcb6f1c6dd26840fa119df702922d5d1f412a80bad72ec1dabf5f0c0430d7c4dfba1be171decac5727feab4e7cbf8214fbff8dccd4639a49451ed845e12d5b4aa9bcd8319ce86948a4cf8c46565e5691077881960254f3170e280ebfbc8d8564326f70865030923c18cb39f4a40ce731c18b2cffafc498bcc525cb39231d7c34fcedfd642ca8c0a9208285af550c423481eb423f70b079f10b0bdb8fe1ee0d3fcd7a246a4f6303561b165221e8caddc2d8fa8add759134b15222fc12c29683a471a30cbd580c7b4769e06d050f7408bdc749466b98b5ac73d0b9639acdb87c0ed5c38b12f0bf771130398dcf038f483efef7e7e967d96cd795c65268c234c2cb225a95f96785c630ef6d84964083bcdb92940d80befe53dd8c244399ef68fe63ce81d19b4c930c4fa5179c0a60c75a7904c59cb854be46a878c944eb7dbe432cf92c142adeef0188bb580b4800dac40181ec21cc0e45a44a9b9452e8f33b041c749bfb0ef47518db22fc44148f67c002f006dc2309cc4343e63d5e9801879bc8b3d4804887d11de881b2e88adfa1e61729cc929060002b06f23b8646a494fa0bc8fe6ada90dbc29f7352107b7ade191a274018698595d8a545687b88951d493cf837265a2fa58fbdf91762a0bd0b19b0955ca9ec4335f202423a0f66851219d767f5ed67eabdf43cc02c89c22cbc0ebf2b57c9a23203b5e446bc0ab1aa4588c012c2b858f20d1127ba695ec9c9e67e92e5afb60e65a55562da4401365728ce6a27e58c55e3f01b1c172f80245fe441df051d2fb0d330286f4791489624e2bdec44cf883273d06645b6158a8605327b4f8a575fa98e67049d085763173fa32570c873a30ef2825555546b047c1bc90d083f1ca7a871e092c4d113cc87220ba5cba4ae2dea1fb6237b32818bdb5793ac97b831a164bc122a530759f8d9b83aec8fc401fe3f78c958cfd67e71dc94fb3601744a947d3f83f2c0b78211ccf900424b79a7d6689a27c1f1608f6d2f857c5f0ac81536d61ec86244e3c44095c08003b00", @ANYRES32, @ANYBLOB="0c005200030000000000000095002c0053559d0faa8dde38c780851ca9da03dea36be634aa68c11505d9ae035f25d0e1ae0fcbf53375900aa6fd695a37e51250b8073ebc58aca4decdbf317a2903010604a5158a8c5605c157d21bcd42cb8f00be0b80c0c087e5cbac7fd9d9a2040c73f4497e3fa9cfda3aafc8ec804c60461fd465fd179a7f4f3e51a2cdb8a00b7e43b7e2047dc6d2e2d5e7c74aa91416672985000000989aac095b3dc6c7053bdaad5ab12a209a47c4c7e6be5ddfc751d13e45429676517a917aaad7f4998f2486f15cd0ba6a134c903324245cad034ed6bb83ecf176eb7213502ef585dbea73cb0e3f7dc4f2037a44079d3312310e6b02ad15e2b0e9df97cd31f8a2d94c639eaf4225159172759c944131c31b947aeedeaaf49663172f0c5b4f098f0f7dfe379e4b77abd57392c7a0e204cefde90440cf33ef962adde22b4374e9b90d63bd30fcd34085f5cf709eb8b1e7f7c327214262e9814a3870a91ae3d348f9c75bafd1d1862655ac0008002700ffffffff7f022980c54d826e931f8a9c19b2453ed77e9250343000c68b97a2973da530e9c14a1cf0d823c04ea5afd0385ead7584ab33d0e29e1acd9ed04f21ee4c08eca72685f68a5832e14b146c74517bb79850d40398992c8acea84b7e0603fea965868ae49ba9a7f0353b8fd4480bd09d0c19fc83df0a6075b1434048bc1609bea3f8ff15fc007a3892f7e475a2e9ac45a3cbbabb4732610279c14bdbaf2aa536f70df45b6ef4fd07d15cfc706a845bed87bcb4325627c80acb2fdb663a4131f97f6e2c720a5795ffa08c0fefe90820f05efb4cb0d20f5a7b46e318547a77df71940f2970382aa0ff7d23fda6fe1bb706308e17c22a5de1990d58a5e499769441ab9710c6db4a30f0a250eb6110002200b4e9bc228ca31e575bc964d406008400bb840000040075006deabec10445c9a9d5af03b578f395339a9dce9ad67b6e145219515f946e2d830f5b6b42419c2e96cc9a10110c77ba73adaeffa4a83a782afea59cde5b8fe23e42ab7251f4ca0ca1bb6a3b78d1cb95288b76b145ad93ade570385c2df40db290e1a46154cd82452cfc5738eede4000e7e435939b6a4caeb7ac9a2e653ddd61e9d23cef46db30570b09d7888da179d9738e984b4506f06ec24c66508c3e627792435822d308f726587d9379a98e8ca0fbdd9c662fb10502aa89ca40e5670b42a92468a984d7d575f3f21fbe19a9b0b3a9927460a1c775ec24194abe9ce07f49ade58041dc139c45412c6fd6648d96bee169cd36d7002ef786cdfc4b9e43749e6e17431038f8e3e34e25f82d6dee2fa6955bcd5ec9924c1868ce8e5291a5db72721b60eb0bac6fdbdeb0f3f7d2145d6dd19967c4348e039042de6705f8be879022ee44904c1a71470ac71400940000000000000000000000ffffe000000100000000be088ff9e195207b86e51f551ec2812e944f208fcceab888e4f88413cf6a82bdd4479fe77da204a203f2472cdaba862cc3fcc2a8fcaf863c9d9bcb0e9075fc122bf3240b989e71f1dff811faecf4a7e9e8aebf3f7fe2d102102350702e580f17747b0a37d6a15242631ace316911fa3ddab3a0cc5247f2ddd5cecc23db709fde8df78e139734e3c4c76546813d6d7f36cb8dc7b47a9795be063f3d8dd38724d21941173c1632bb196d94b0bd1db990d04d220786e4ca74573964e24a21904ed42fb38eeebdef29b6a0e7500aed97dba4f57ed9ce034e5de572b3caeb1109f83e7bbc15"], 0x15c4}, {&(0x7f0000004700)={0x24c, 0x12, 0x100, 0x70bd26, 0x25dfdbfb, "", [@nested={0x20f, 0x9, 0x0, 0x1, [@generic="2254e71f8dcb3c0443dcaa909d01bcfd308b261e165953078d3851713b0eb22c3b6907ad8a514dd4bd7253954d7a9b4a068bfd0a80398aeeeb653759d152d40c1443727ceb566129f30347804a871e5ea6b99f9db2b264bf9c1425be3374c5047ff8d4c425c5f2d5ec3d0c7e6bcd6f54878b3cbcfd21d3", @typed={0x8, 0x1f, 0x0, 0x0, @pid=0xffffffffffffffff}, @generic="144313d4f175e48fe57b8fe8157882d95c9f000125f11bf5affd363bd6eff8fd97af8b6fac13258fcec40e18536c6980b8319cb7899244b04bb57b5477f1f0ad99fe2b662676b3fb1312b5c0776c7a95ac7ae24394f109a2198eaeef3a6f3c94b88e2ca73fc05ba0ba16e2c56af297ce8eeea89fdfb48419334dae70dec57b19545ee21ad91cbf3242af6f097eafb62d9e5aaaa377676b04f7eaac81de7d3e7efe04e8f423659897fbbb3ce12f791ec6211892a697a13e72e14013d5f43a9a1de4f400b812ea762d45b9da9d3d594a0e5157d215c0d77f", @generic="fdf86aaf0bd6722584000467f68b171d4799fbcd13958912e577fee128871a596451846d69c27aec24b41c6a684c54a0638eb7ef24", @typed={0x8, 0x78, 0x0, 0x0, @u32=0xf977}, @typed={0x76, 0x3f, 0x0, 0x0, @binary="353a2a0685effd43d207f99bfbe6188164f06ed4836ab4d5308725ea239298872ae9907d4c505f53e4a12bbaa8118ed5360de2c4e3b0d2e783af7e8b00c950267ae803936ddd9b36926ffe28e77c2c2e2626d11e308606e4ad42a0c4709cb56e11968b9b68a966c70e64fe4565d73e4bb35b"}]}, @generic="1889454203207a9154e414e0969c9e2b7652d30eba", @typed={0x14, 0x3f, 0x0, 0x0, @ipv6=@private2={0xfc, 0x2, '\x00', 0x1}}]}, 0x24c}, {&(0x7f0000004980)={0x18, 0x36, 0x100, 0x70bd2d, 0x25dfdbfc, "", [@typed={0x8, 0x53, 0x0, 0x0, @pid}]}, 0x18}], 0x6, &(0x7f0000006140)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0xffffffffffffffff}}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0]}}, @cred={{0x1c, 0x1, 0x2, {r1, 0xee01, r3}}}, @rights={{0x24, 0x1, 0x1, [r4, r5, r6, r7, r8]}}, @cred={{0x1c, 0x1, 0x2, {0x0, r9, r11}}}, @rights={{0x24, 0x1, 0x1, [r12, 0xffffffffffffffff, 0xffffffffffffffff, r13, 0xffffffffffffffff]}}, @rights={{0x10}}], 0xf0, 0x4001}, 0x40)
r14 = syz_open_dev$tty20(0xc, 0x4, 0x1)
writev(r14, &(0x7f0000000140)=[{&(0x7f00000004c0)="f6ffd261d72c2543e2ee846add3c98ffa380dcbf8df350299bb9a10acbcb6007e53fff39b84188ee83b7d69c56808e2cf2f2d4587c7f0498287a6b3cc31c346846054c846332456494c0b03e8a5671045615240cdcac213c4a6edab47ac721a1b534fe8626f23a438a9a6a42ee81d153c0efa21264db6dc538e63928fbb53d8d36fa8591827ffe2d6bc50f7d0dba3fb553a5b05a8bc4fecf38f301abc86caef22bc53569303fe41226ec492aba960929a83694a8bbdf9c06ac3fa7102d270679615ea641aa2d48652c0c901e22c97c46e84bfaf03ddd739fd77e410e8534fc8d88304bec24c75b879b4236822d1a328d1d52c7ed2a2f29e5ba7d002be717e471b7bba546857afc56deaf9f635ca045a887b58af87baf7b701036673efda0450787de75df4cbccff491993b27a60bcbc317ef86c2e2697ad55959c22653fb8fdfa15552cdb11ef595fccfa0c839086fc4c0c9a37acff5105045386fd3253385556acc1b26a33ff612fb1c0a7c7fba4a078c18297c30cdcbf5bc73a6e9153f4c23c772a96dcf04d01ade4f7a28cf7af6f5d2fb170530549b6badc473084ee12a9967da78bd341c0a2909d987d538ae4fea27792068b0be53ab06afcaba6ea7acea1cfc6bf63dcb58313ac80583cb4941d6296537be9c26f4b0db9de8f4d67a58e38c186f98336df38d5046a33119d4ffd8862e3bf6c77c3dd2ce9f5e04bb9432e3f759ad1259cc124607a30005b563dea3a668746695bc75b316ee055bb3205b79f6de3d5293d5ba1e7770dac830989b5796650941d994121422aa6c4d6b5b09b139d76b99d2519c96ed1fa5cc803b77bfd461773087cec970645cd1980c9f2566c4922b7aa7f438f33ecaa24d0fbd3329d6468ca81af36991cc9d27d648e0c230478c52e2bdb9bc4fad920ffc6aa46c3e159bca25ecd49cf9954a8c3e4403e23cfb1f807b3875b9302b5d02fd5fc0e680af8be7546956585497e48e019c5950041e26ff475bea01de4670f1b83c3ffb6cdabe0ed0d1aa91901774f0003909d677d1aef6b93e9a545f75ea1bf5ae152fac883c72fb5c323c2c8052f26b9ec7c72a9ebc976b36ab8f64be18ca189ac4bedb198c0268f2f6d3be85afb42e2cbcdc40014daa1f93dd21a2bfa60c27242f6644c4f1ce7a2f0774919cb97f5ffd2d252488e2522e09351cae56592c9a679de9270301c596c8fb375714ee4b8de464ac2f7b7aa8fdaa8324a81f04bf2d385148ac1c4e8ba62a22644929a508a0ed55c5ba074c26d964eae7fa2a07c5cde213a4d91fcd4e344c388f15a96fb962f8f9840d9367687c44e26a99c93512c547b4c8a3069e9a4f7048c5ff689b312731e515504dcab28a945f685470a2600dbbe761dd1d48a2301526e0bd51ec5a07f88863c2df832bddd4a2c570e0929cbf7a30fea972e8b3270ed9050123e8f369d6d8af978600faa718665b460507272a1aedb1eea4be2548298957961389d238c047afdbd7858240344a270d868b337f776e9206a5390c4645878dfd3fa79ae3a17d12f25c348902e72394c5d840eb9834fc06ab52c4d81aaa4707eb4db55de72f9a80e081b0131e62da423efb14f300f0c2085398efe03db920363a97255f734d94cb3e8a59a01f7ce441dcb9036e393888ad5c20118e006e77fe0aa596553129ecc4ddb18b672186e8cf7d354f3c399d6fb9586f0b98f04a0e52cef59ace1e656c1a8d3632194143a83b04c90be841e5640eec96da72cd7efdf034f19879a8ee7d18a8696f2a60ead1758d5060e8c4ab65c6785eaaa918b2719c5aba6cd0e1c35d6df9c8f263ec9dc80a315f25e65229bc595e226d5563fe70bbf32a9309c4846bf2d014a40580322b679d0705420e78bcb38a99e55554eac6db3f82778c6c884de564b59cf34ae199e703e85a9d49f8d1299b2fcf2fe634244f1417caac8a5ffc26a468ea2f0fc63aabc60318cef8aced759a6d841906153599c8eeaf4320bdcd0209a0420e741adbc2f6e1a44c84a2b3d88f2f58d3d026f176de9639626b665ead363e723f97358a255563d130bdcf1214c7df77212f1cbd40e36b81dc219e4a9f34d3170842736fb672d2b4c80770ad1837dbc1d84363a8f164aad2acd597ab1f1638bdb3d7b865f81b3cb7655bbb92573776b8a3769979e71efd09c3e0bd2f735ae0c626eefa1c0a6690cc3217968b0173986242d33463c873cc904d17383f0ca628d5f8e9c367c52b968ba1c4abe5480f18b7d41ba612e8b88a610c3b97db7f930ec5c32af7b036bbd11f36069d87f6584c69c30224e79b0becdbc47322a768b09c2977484d906b551c3ff5c77711eaca628d3259981dd0be4fd6518e3f5cc84c20efc44e503d432053212fba8e50d3a843ac8954fca8d9029e7c87ee01b5a635c3b95abbf3bbb64e1e81d297676c0a00fa178ceade3c76730bc1b95f574ff39578f296840a5ffc3bf85e81cce3a69d3724b454c263aaaa4d973128159b3beba2907ce05528a585ab67190be55e44074028c6bd214eb7709db192e88e47807009c3ddd92a5f68f71d6e394261507788e26678b670fc4dea00015eeb9783b11837a5b1a4857c6f67927eb4d2337c462ca3809aa376e7b49bb7c30f338f42c38eb27e4218bfec1ca038197326b8a05e54dd3db7dd759b940af028a200f9640a81bf4bb05560ca2e18fa30d22eee2f7c058b1ef18d75b8088396e92503793269e1ff6e680d648400bbd7c491e5c94bf3e662327544af142c7cc697df8eb80873b4884436f66aeee3abc15d3bc67fc02b51d604f3a08fdf43d0ce19cb0c31938e1072ea292652258a02798bd9ba664dccea601991f8abbaa327eaeb3b7f3e99e6b03e7a32286f9e26a08bf2e4b6cac974ca1bfb634d07469e831be4ca8472430c7a46b2685ef2ac740cd36fe24fb7a15b484f80e50df6e7a04b629e4a5ae1abf0ab5cfa6fbb2ae0b2bfbcb5c9655b449ce8f4f97ef5082e6dd312642b8a69df9c5d656034725bdcdfcfd86e296aef219afb056a22b9b239d43b9d41dd54e4e714b834a464a6d891a6fb9abd5aba9685667e19228d8489c393a1e48b7eea662e3c222d6116da51dc7d3319218aeaaf5f7b79f9b74383b4776db94539d1cc7ca5ca86f427f6a03c5f4be74de5cde62b3ffecc01f208381b5189ee979d21afe82728dbedff7b3bed1f4b98ec0d0e9383437e5973ff1d83bf70f5495250dc68f9c215190a50dde049e8fec37b0c1af50d8e6d8ef3ea0387241777283f0879d3b78070a98ed5561e40c2fceda29db661ecdf4d0c745d3f533d2f22e717952941a60794f1c04216691755e4db43c120163e874927cf104e311ed48a0057eedddf0096303f7871dad31dadb3183b2b7010e8ade6dc852b1e56c0124c7d806a56b8b27092a3bfe2444d191a30f1a9d7843ea55b70f61fad5bd5a2257ca6fcf8a8f23e489e9d23cbc61300f82b2520995db167ad5bdfa3c8048cc1057835f729551a2d73ed2df83cd00270d017a5d3b85f896ddaf9a8c4ac056c3cd1693c10f0e6c74b35c0be17b14768034969841f6acc10df642cb4fade8df0f4f5a3e181121188c6ed247ec8dc0c8208bf2bcd0de335a6b3eda9784c80958cf47665c45b5a9ad3fd8143f6d329e16d7508c339857acef993e3d146ad8276e6fe8393cb076ea9e8f57bf0c0f79e849278c8329c73f04f908e73f2f50b523bc224bb7dcfc77f405eb0253787a10239bed0447515f23ba4a8a974614c3bdcbfe11abc31cffd06b0e354f5282d8fed8a1103351e20ed62ba0e590eb8e124a4f03a35b9669290f33265ea9506ccf18e6885b555e5395bc65d0437da309397a2c0ce416ecc3e8a4b23c690040ac040d83a5f69a1d451a32193453cc86ff2981bf6823b440cb4e7b00c437181932e4c2952defee3cc03f96aaa7d4cb1b3dae0a436d02c96eb4e0f9d54323f1b875a1510b8dfcd7229bd030cfcc1e741661e350c5fc1f975787006deafb24c7e739da04220d1eb3f5db3aa2841c512fc4d44e8db61fcbffff75ad7a72ab620bcbfbf4629be6305491c7fd916012d2b73d564bf142243026e1184ed50584952a48cfc45e83284aa227ef8dbe2744ded1db42b72a5895ed5486cb41d6b0e5c28191ef02291faffa416aad36db4689dc3a2019d8bce41c840261d36b517a46015eeff78233b0d07901995aa54b00a70ed33bdd5dd40c0865a3f553c2738a65e9b671aa8057176de7cf5870869fb5c0c7477e090ec5f2efb72b51f55bcfad946b6ce6b2ed5dc680f9c6b36b68c6cefb19ee178b3dba8fef4037a89c9fca25de8c5eb4fd7a5a6b737c958bc0be76d4fbce09afb2b221a9d7ae446a721e659262934d46f5f5a060ed092111b4c2865671c8d4526384aa6af5da3557c6ea390f08cfbd3ba65f52f446446298316c5a3b7091b4c70b99dd41ab259a92b9d91ea9ec71b4ff19e40cc962b032d3c1f6722f70c36fc1dd87cda7527fa10e7d95375b572cf301387545313ff679881f22feb64a23ffa60cc729878f98338e2b242179c5d19b362f83c0f60b99073c3902704a733d407e30acb5efd32c20de85c29940fba9625bb5fd816fe90cbcf554778cce04fd3fcb45585c453909badc4840e1adeb0019da5707e7670323090d50cb8760833546eaf90d2c5179dc903fec6a9bed2da46a4ad6941432db449e9b3e58f5aa694c3f57ee67a6575f9a5969646570a33e0c0eb5a3c035c79061bb9974b427a9f63f1a3c7087a51884a149ec603fc35a9d99e207373619d84ad406f5975d94d0d3d3eaead9b0a2c0070fb327793b41ad6f724a3a686ca56b3e72583672faa8eab8609826d27aaa08d90a07c9e42fd17d4438aaa9abd1b9dac616758c39202953bc76e1d75fb63b650d2fe5ef3589959a2855efeb9a6f530fc7e43a0b7bbc84344c7d1ee18210c5e536328a1f7b0e1804dfad8600429f3fde3a8554106c43e9ee2fdd74a502d046275d3d8388472b387280968f1edd7e77fc4f8a74581323877b8a152023a303fbf3fb1584ec78b245dd71e2254e7d2cbe0cca7b65eae5376b42fbf0e037a8ba901ca88f39f26db1e36b941fcdd9e8358f044f1ee2c9eff41b316a857a17c469b3258", 0xe12}], 0x1)
04:11:06 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:11:06 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x2b, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
[ 1790.930980] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1790.930991] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1790.931002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1790.931014] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:11:06 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB, @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:11:06 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB, @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:11:06 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f00000000c0)={{0x1, 0x1, 0x18}, './file0\x00'})
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:11:06 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:11:06 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x2c, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:11:06 executing program 6:
r0 = syz_io_uring_setup(0x21, &(0x7f0000000080), &(0x7f00000a0000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000180), &(0x7f0000002a40))
close(r0)
io_setup(0x80000001, &(0x7f0000000280))
execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000000340)=[&(0x7f0000000140)='{{\x00', &(0x7f00000002c0)='}*.@\x00', &(0x7f0000000300)='\x00'], &(0x7f0000000440)=[&(0x7f0000000380)='\r', &(0x7f00000003c0)=':$\'@-.\x00', &(0x7f00000001c0)='\x86\xe0\xdc\'\xc3\xf6qv\xd2\x8d\xc3\xff\a\x00\x00\x00S\xf4\xd9\x95\x86v\x1d\x96+kY\x17\xcf\xa0w\xf2\\\xe4H\x15oCV\x9b\xdf\xe2W\xb1g\f\x87{=YL\x1c\xba\x9d\'\x95\xa4l/F'])
r1 = syz_io_uring_setup(0x3a75, &(0x7f0000000080), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r2=>0x0, &(0x7f0000000100))
r3 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)
syz_io_uring_submit(r2, 0x0, &(0x7f0000001500)=@IORING_OP_WRITE_FIXED={0x5, 0x5, 0x2000, @fd, 0x7fff, 0x5, 0xffffffff, 0x12, 0x1, {0x1}}, 0x349c)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000680)=""/142, 0x8e}], 0x1}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f00000015c0)={{0x1, 0x1, 0x18, <r4=>r1, {0xc76, 0xc735}}, './file0\x00'})
syz_io_uring_submit(0x0, 0x0, &(0x7f0000001640)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r4, 0x0, &(0x7f0000001600)='./file0\x00', 0x80, 0x802, 0x23456}, 0x80)
listen(0xffffffffffffffff, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000880)=@IORING_OP_EPOLL_CTL=@mod={0x1d, 0x3, 0x0, 0xffffffffffffffff, &(0x7f0000000640), r1, 0x3, 0x0, 0x1}, 0xc41a)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
r5 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$SG_IO(r6, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x4, 0x0})
ioctl$SG_IO(r4, 0x2285, &(0x7f0000000800)={0x53, 0xfffffffffffffffd, 0x1000, 0x8, @buffer={0x0, 0x82, &(0x7f0000000740)=""/130}, &(0x7f0000002a80)="0941f165fed42d29e7d9bbcc4068308a181cbc17f8b621e12db5376240042595c461a88ae8ac16fd21c9393d1757957bf6d89e58a6ee71f6af99660e75cc8cb5058664292c1a18ca396a5ee4d8fb71874f9cb13a45c607e733f295badc3b801901e746c16d0a8cbafd944f91e2014bccba160655cbccbcaf7614164173e597ca7c6e88a0b52ce9c34effc0507a26c2f383fcfe18429aee067d2f1fcab52a3c4efd02cd5aa4ea037af5577c4315cf9de7d7fb65f5e0ca252adb216365842d63c6731a0e3619b679f4f7040e7069169059714e1de86acee859c4d0af965a532d9e26fcb0b866c0807d005acc84bf02cd695129cc41aa9a7aab50b94088ac435e4070bca9bf60cf362ea0621319a058d369577b83465cf39480a2ab3a15e69f1d0ca8affc168f252ab8e9e4dc663e3594493f92a65413c4846503fefdfed229e831f0f082ae7ec5be8266a86a1c70ddca445269194e3a3c8d60c0a4bcec0ce175bb4822b38759fe34152205151f728ceb10871ad3c057253fe36f25dd0cc79a38c0578e2609b15932bd3f6a27c23958288715be9a96c5c6f693cdd085537c7050a8f271a5775ae3b2d4c964a8953145876351621915a2d4a8115d1cb7792a8f862d26ebe73996b27325284681a2bc56cd28037ac77f4bad4e11edaf836967a7d7b029a1d4c20b8bf562985272aaa48e932ae2ff7d96031b7f05fb3f0601680e5915c5c232072b1b034368c5d75af2617c42b4cace6f63510effaa6e70eec39f1cf6c803e843a28a4a4d639df14198d99e6de69ec111d06fb79342e5cc6c3b9432c352e32495b4c269a89061539e0db906067338392264044ec884264cec3afb81d48643ce1722676675397b71fd553c6b8dd8053aab3e7be061cb5a6855249821af7130a5bc6d6e2360ada962f5635c152f99f6e6cdf7234fe257a5789d8fc60d2d0e7ae7c7b0de912ffd2cb55e4fedf8a044a3aceb3d61cae6c75e1e85d0b25f894a9823871f2e8fa6a6adae997a765b41432d41b2065361e93a3e87f488542149978b1a7dab35719c10adfffd902a9b5bad28ba175cfa927292b81c27d5e0dd902daf5921800696745c78831bd005f631102bb812d15145df65cc2a5c885527f05cc201e726dd450604b8deda0454f88e45e6eb52118be30e1e13334b94c577c569965728d151ecb7ed0e698c6e08fe83ed1e25ce302e6db961d1e9ffe16cf977c21cf89af29b33ee2b983fed450d64d850098a2b0ab7e809207491589c7349143dd51cc9d16834c945a8c0a68bb8e261411884b980f2d3265faba7351e4c8d061f1ca56592b6a6b58ac1c1e87b590b609627c821033d3e51d4ba18c13fc4a940c2f72b06e97277ececdc7e9012bcc2e6a41e597bad5f12ffcc83b97533b336b3cf6a36f20b3811a1536101c14cb0dc37073121e043a1c83e6d96017c6ee1d28dcc529f14fa0fcf5bd73b4d4e6d5d432ef247c5fbf62918f39013f1adaa57321c1df7654fc545766e25e66ee6b2557e2a6b24414c9574ee32b587224581dc05223019a9f7de07ed7c6190bdd7da27f05ac4e62c5a435056e8f7f410d19ac81ec4461f2651e93472d67e392bdc605eafad42908b5ceb009add5c9b86038c62042ddb384d2db655044ba612b52a313be130b3fee6ed3888fc76af1114fb3bbd7c344466ad397bea9a6487b349b5ee2452003e583e0a69e07e2bdbd6aefce4fc2e91a3653feb896ab278cd45b76efeab528146fca36981c9d342475432a229336b341649dac7e9d0bfbfa82f781dd248e2cfaab5372e165a1a6847cbff90875addeab1eff8d1bed4d1c66a22f4506966811731793edd76c4f596baf6c01e00cce68ec716cfe52a85cfbea13fad6c24069875495eaa6ba2272fb1acaddbf73ad49f15b585a2ed820710ffe0b585b2701c38b24aea3105f1707a7f347db892b8b7b81e091d08ac60dac5b3607a10e0d790fa2feffe32f8a22f13d7a2a895b432884e0c704378b13930069f963b768b5785f04a13c78b5eb89a64235eda5d4aefa9004ac60a27b83e2540e984189d8304394169536934de67e9a4fc3571b32b22e89b141d37f231a59dcfa9c31bc3f40a49d57e9b2e914aa27273d3ec5e9d54e248bf8f5662c674d1b59319ea07fabd5b0b95ad4c9b025bb9bdf71f6a50649769604f01ec4f1bc9e4bc10a52a08b47aea92ba74127a10fc0efc26a58083e4341513a7440e5c7f274feeb1e1723887d2dac2b38aad20917d443c859c425ab5e0205aba67e07f51b6a4b3c88213ae6e28a7170ca747d666e58f4a457e96e131f49342aa0405eaff2b15c0cc51bb82cc25effce6ab65cf19ffd679ce56c75228bb3809ac1827544ef83e199d38be118f480ab0b3ba31b28f0e252863bb26b881f7685ca72064bcbe6966a616c5b31cb23872e003c531f3646a09940d38de95ea384c23fd88897aba1e12d9c02335614e1489d196dea5a893dd31407b2c45491e50560f76b1b7e85b479fa7bd1ae5a189cf8fc378738e3d4ffefccd2b422bff03357bd83fd913fad47e4654227fd3b40553bbbb608d5a2a5984aa62e7eb7bd805987718245eda51659a66c174f3ea38f2e3df6794ee40b1c600f12330f835a5dbb00646f7c9d387e87b4d03fc2dcbba778729022a641d17ae6710bf1c104e123ef5838501be9640a824ba6111b0a08a329b5a1559dc7d43c876f00b5786487ba0ccf1d58aadc234b44385a6376f9574be4cc2d07ff676d1c0f11f6dca4ae69a08ca1caac66840d3a0121536274370ac6bf114a00ff20b95c2b0dae0264b436cae6aef2afe0de33aa0c544ce486eb2ef76c1c84652ec87bb735d4e25b162cbca15809cd8de06211e59cc0d37df1167bbd576d547598a79424714e103ca1cf443eb7878900e3f7db5f58e243db7b05ac982086ebd42934248d83c67ea5057f186df283b57d07dc44d5bfe22790caa073fcc0fe14d97bf8d6b9b080cda946052888cd52b9ff7eb51072598b5843d1b00306337bb9bf34465d6e3a1394523677e2f52e1e7780416b338e1922321644618038c29883efa1338a73db621e106923484be47ae02596838fc6b1864a1eccabecf4e7b8fa46037ce53b1f8800a4279ca4b55dfa77c375f76c78765a4e8f0ddf854c2b0e129510e3fa6b82f5c5bb4bd25a2a0ff34bea515dd0ac1d871a632e1cd0f919e66d5d663dcfc39763e13240fc0dbaaaeca755e7941d5b3b176ec5e70745b121f314f920fb8b12c7ff570f305cae8b33dd37d67bd4738abadbbf8c87e38a67b5e597c553f33e120fe23317596454501ce2b6b45cc0dfd66eb16270d85b83f9a68f9d1357626582a8d3e9da551f4268f231f58fe4ea8e8b33bafc9f47a02db581c98a4128528a0052265e1c7691a0465de10fb74073e3a5529f65bc5f61b83830d9d48065f410dbd8bf40b0de01f1e9b0441ac9cd4659e41a47795d5f1ca27689eaf43f19a1afefd5d3c959a226f997f54c1866e34bfb6cffffc7c380d3441d37fe1d2e15577242f9824c1f83ef0374a4535e3e7e84fe7ca73906e0c5548583dfb148e9a2259a580b1e3c82c7a5d6edb8374f0829898903fbe1c7582b9837f286c7e4a6bd54b02c6d31e4136440a7d252fc9f8b8d2e258c342b51db464b235d9c7dee37073530ae9868ee1430ceae7116a895889387ad3a765cc6ba02885bb06ca157e58cc87805ab411c88ad950cec03641d7d757957f2438c51daf0c0cc99d656a78e27890effd953e7ae6e9bdee54d0ada6e48f3b1e2f2a601d9221329d0dd49c528eb74f1777bc1346b2b67dfbabbe656dc6cbac9d0cdf0501b5141fec2e7d51d86c294001a64e7f0cf6277a57fc933da62e42a14096b2e279b09a53d2d13bf0b5cbd40ba25808441fe4b63d8623baf8e6e8958d58b653b9890711427c60d28430f720908d9eeb55970040da079febfd6ef6d31fc4bde453d092eb4aabea6b28d42851ec4988c0c95eef4c05d85ecfe9b5a9e19dd2676bbc0f1f2f99cd2d07581b06f7789b88209d6adbda0652340e8683f84d7e14e25a2cc0c3111b7c8577405fbc6535b349e578f07a60043069d14073f79aa23b32d1a16f38fe3462edf186d4e69008c1ff1aa9b92379f5c00770e2d23629b03c9db88d07f81e90394cae4c03e617715b1c525bd6b4d867346b3940e21e9cb5b6038de420cc6bf61764a58f9be4ec23d72a4a7daa52aa3aaf0f4dd550261412f33c55177386f903d27495384f2c57e3a762fc93a9e2cb9fb9b1e13665bd0a0f60cc4e630a16ff39c094c003fe452aa24be4ab5ec6692730dd81a17f20045cbed13116812a88cb6842a54e2eee0811d21c22f979edf30185ca00abf29708e708bb49843c016c248ed85740a1ca0b2006cc6b8c2cb44e0f66e31363ea400456df430e198ea9bf2332444d499c21a652f2fec5c523593b2080f7fff968c3f854f67572665bfbaafde02c9de81cac49429c680f5112d7b4427c5a92b7e93ea6c9e9cb04b4375e1dd6afce87e654534589349ac22b9ad114e305a1a4d506d63b60eb19c1e9befbff3a936eff80b798aea61c0f6b14556ffa1c39b74ea57d67f2796c480ff0682cb75f74d8157ac6b8c8b60410887bcffe5d44e758a3213b1ddf677512d1c31a26cb1469ac8d4d33c41d0d21861ddf9516c193fbe57ffa2ecacaf1c7ae2be9ac13db89135e5bd27aeb4a445d641fb0237852022264d6e3f55d30aa5169cf04732a8846d45605f161bd6b138a60c48ea420b7aaabb19350268a5f9979bc1f241534c6908cc6b69793e16094e37e2f63b18eea992bd12f4bb792f5c616b0e31895b54485cc6a6228ce9114e49e7f353bc54a47b0d63ffc879ec58ee61504d3cb6031064e10a962ebd3f0361f6472eca11f12382428e3dc0e694ca0c39d16f4efec5ee22f5f8b19e435c23c711434fe39da385c036afd3f3ff4af3350e24fe10c848e6e2e7f27a8d47964f7fa3b6b62b9a98ca6ac1f7b48f74cfce279f3a2c91683c81cee7d3406f024223451c392652d99cffe3249d4e5ce2f5260d2c3241401006181b8ab5f8b0e9512b7eec9f2f9a894ffbe163923ac3022a0005d379aba3724a97255d596f90e3321b41451b36663ad55f627ff85373b561fc77a7357af2798bb20f16b3f72964f6cb402e45d677deb7f5bf66e0d6835b8973e1f661594b18e395952dcd1205e3ac0a3c8e239aa5d0689b7c94fcd1555bfd6791da0e703713d326fd6882e7f9e51a9e694b280900080ae416d31230d4c2cd7461663738c7a4bdf366a68762d792f109e93c263dc1749287f63275f8482a72d1632e6879b593584363d3008e65beb3df2cfb9f1a0f3e438d1ea8911df9213202de1c63f209a17c662557ba6629c4b92861613b5ce63e797ac228f210a0cc660831f6a857b2329980992a048559c66def97de22f396a71fa7dba6ffa040875878b2337d8e262d54b5e32ee4e9d72e9ea57046dc0158a3682ed59ae78b7352b13892a2622778189786a5fd48dd36b00732ce9019037453e594f1bd7ea39a060195e7cb110461491c6086e55c9dfe22002dc9c8386c6b72ae03c7cb7b2b515bb6b6af431b23d1d888ecf8b2055be77122aea037d6476a892f4dc1a881b7ea628b1426050d2a5a534473ecd33e8baa02e8c6b299493d73d083579623c97c1e50b24d6b544a67c71cd8dad4bcd8a875213bc12b5b11bc260a47c350d7c2d8f84217a2407d38dbd0125ea87e194ebfdb2824a409153b2e040ad4feb8b3958b5cce9eb55242c08a5bac2cac70cada9053fcf02d1975469be555b859c7390e0874a4c9a2fdb", &(0x7f0000000480)=""/60, 0x7, 0x2, 0x1, &(0x7f0000000500)})
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r6, 0xc0189372, &(0x7f00000009c0)=ANY=[@ANYBLOB="010000a7b76266b568a890b27b1ab4b408c464cfb69f5dfe66505cde99e7e4bf52217c9f347a7c49516ab9edb9dbf87aa3ae8550fe63c9f708f19dabc30e17ff430435a977a2efbef0afcce5abfb5ea70ca2da4824ee375780ca01b5c009bd6c36f4ac9f66c1d118f64fb1d95133260c11023ab3266992c2", @ANYRES32=r3, @ANYBLOB="010045b52e7c696c64309fb264ce5ef5ec07be0eb632c930f2f70fa3cb75c9da81e94602d0e357"])
[ 1806.467896] FAULT_INJECTION: forcing a failure.
[ 1806.467896] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1806.469483] CPU: 1 PID: 9494 Comm: syz-executor.5 Not tainted 5.10.232 #1
04:11:22 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(0xffffffffffffffff, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:11:22 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x2d, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:11:22 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0), 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:11:22 executing program 6:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r1 = accept(r0, &(0x7f0000000080)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @private}}}, &(0x7f0000000000)=0x80)
getpeername$inet(r1, &(0x7f0000000100)={0x2, 0x0, @multicast2}, &(0x7f0000000140)=0x10)
socket$inet_udp(0x2, 0x2, 0x0)
recvfrom(r0, 0x0, 0x45, 0x0, 0x0, 0x0)
04:11:22 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 83)
[ 1806.470390] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1806.471837] Call Trace:
[ 1806.472233] dump_stack+0x107/0x167
[ 1806.472681] should_fail.cold+0x5/0xa
[ 1806.473151] ? copyin.part.0+0x112/0x140
[ 1806.473648] copy_page_from_iter+0x74d/0x900
[ 1806.474211] blk_rq_map_user_iov+0x138b/0x1a60
[ 1806.474777] ? copy_user_generic_string+0x2c/0x40
[ 1806.475374] ? iovec_from_user+0x104/0x400
[ 1806.475895] ? blk_rq_unmap_user+0x750/0x750
[ 1806.476433] ? __import_iovec+0x458/0x590
[ 1806.476975] ? import_iovec+0x83/0xb0
[ 1806.477450] sg_common_write.constprop.0+0xba7/0x1a30
[ 1806.478104] ? sg_build_indirect.isra.0+0x710/0x710
[ 1806.478719] ? __might_fault+0x73/0x180
[ 1806.479219] ? lock_downgrade+0x6d0/0x6d0
[ 1806.479733] ? cap_capable+0x1cd/0x230
[ 1806.480236] ? capable+0xe1/0x100
[ 1806.480689] sg_new_write.isra.0+0x529/0x770
[ 1806.481254] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1806.481920] ? lock_downgrade+0x6d0/0x6d0
[ 1806.482478] ? _cond_resched+0x12/0x80
[ 1806.482978] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1806.483692] ? scsi_check_sense+0x10f0/0x10f0
[ 1806.484239] ? perf_trace_lock+0xac/0x490
[ 1806.484747] ? perf_trace_lock+0xac/0x490
[ 1806.485261] sg_ioctl_common+0x828/0x2570
[ 1806.485771] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1806.486418] ? do_vfs_ioctl+0x283/0x10d0
[ 1806.486913] ? sg_write+0x120/0x120
[ 1806.487358] ? generic_block_fiemap+0x60/0x60
[ 1806.487906] ? lock_downgrade+0x6d0/0x6d0
[ 1806.488421] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1806.489017] ? wait_for_completion_io+0x270/0x270
[ 1806.489613] ? selinux_file_ioctl+0xb6/0x270
[ 1806.490178] ? sg_compat_ioctl+0x120/0x120
04:11:22 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB, @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:11:22 executing program 0:
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
capset(&(0x7f0000000180), &(0x7f00000002c0)={0x40, 0x2, 0xfffffaf2, 0x6, 0xffffffff, 0x40})
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000900), r0)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), r0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/locks\x00', 0x0, 0x0)
ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f0000000040)=0x20)
sendfile(r1, r2, 0x0, 0x9)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x3}, 0x0, 0x0, 0x145, 0xf, 0x0, 0x3e}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
move_pages(0x0, 0x2344, &(0x7f0000000080)=[&(0x7f0000ffe000/0x2000)=nil], 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0], 0x0)
04:11:22 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000140)=<r2=>0x0)
perf_event_open(&(0x7f00000000c0)={0x0, 0x80, 0x46, 0x4, 0x7f, 0x4, 0x0, 0x10001, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x7, 0x4, @perf_config_ext={0x0, 0x20}, 0x48, 0xfffffffffffffff7, 0x3, 0x5, 0x1000ffff, 0x68, 0x100, 0x0, 0x9, 0x0, 0x100000001}, r2, 0xc, 0xffffffffffffffff, 0x1)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f00000001c0), 0x10000, 0x0)
bind$bt_l2cap(r3, &(0x7f0000000200)={0x1f, 0x5, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7, 0x2}, 0xe)
[ 1806.490882] sg_ioctl+0x8f/0x120
[ 1806.491375] __x64_sys_ioctl+0x19a/0x210
[ 1806.491929] do_syscall_64+0x33/0x40
[ 1806.492384] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1806.493016] RIP: 0033:0x7fde33c83b19
[ 1806.493465] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1806.495712] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1806.496639] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1806.497506] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1806.498379] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1806.499250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1806.500115] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:11:22 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:11:22 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x2e, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:11:22 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:11:22 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040)=<r1=>0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timer_gettime(r1, &(0x7f00000000c0))
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r2, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x4, 0x0})
setsockopt$inet6_tcp_int(r4, 0x6, 0x22, &(0x7f0000000100)=0x9, 0x4)
connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:11:22 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, 0x0)
04:11:22 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 84)
[ 1806.663258] FAULT_INJECTION: forcing a failure.
[ 1806.663258] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1806.664728] CPU: 1 PID: 9517 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1806.665522] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1806.666481] Call Trace:
[ 1806.666788] dump_stack+0x107/0x167
[ 1806.667210] should_fail.cold+0x5/0xa
[ 1806.667650] ? copyin.part.0+0x112/0x140
[ 1806.668118] copy_page_from_iter+0x74d/0x900
04:11:22 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
[ 1806.668640] blk_rq_map_user_iov+0x138b/0x1a60
[ 1806.669406] ? copy_user_generic_string+0x2c/0x40
[ 1806.669964] ? iovec_from_user+0x104/0x400
[ 1806.670473] ? blk_rq_unmap_user+0x750/0x750
[ 1806.670973] ? __import_iovec+0x458/0x590
[ 1806.671453] ? import_iovec+0x83/0xb0
[ 1806.671893] sg_common_write.constprop.0+0xba7/0x1a30
[ 1806.672491] ? sg_build_indirect.isra.0+0x710/0x710
[ 1806.673062] ? __might_fault+0x73/0x180
[ 1806.673517] ? lock_downgrade+0x6d0/0x6d0
[ 1806.674001] ? cap_capable+0x1cd/0x230
[ 1806.674458] ? capable+0xe1/0x100
[ 1806.674855] sg_new_write.isra.0+0x529/0x770
[ 1806.675359] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1806.675975] ? lock_downgrade+0x6d0/0x6d0
[ 1806.676461] ? _cond_resched+0x12/0x80
[ 1806.676916] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1806.677587] ? scsi_check_sense+0x10f0/0x10f0
[ 1806.678139] ? perf_trace_lock+0xac/0x490
[ 1806.678625] ? SOFTIRQ_verbose+0x10/0x10
[ 1806.679107] sg_ioctl_common+0x828/0x2570
[ 1806.679583] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1806.680172] ? do_vfs_ioctl+0x283/0x10d0
[ 1806.680633] ? sg_write+0x120/0x120
[ 1806.681054] ? generic_block_fiemap+0x60/0x60
[ 1806.681561] ? lock_downgrade+0x6d0/0x6d0
[ 1806.682032] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1806.682591] ? wait_for_completion_io+0x270/0x270
[ 1806.683148] ? selinux_file_ioctl+0xb6/0x270
[ 1806.683648] ? sg_compat_ioctl+0x120/0x120
[ 1806.684129] sg_ioctl+0x8f/0x120
[ 1806.684516] __x64_sys_ioctl+0x19a/0x210
[ 1806.684981] do_syscall_64+0x33/0x40
[ 1806.685405] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1806.685995] RIP: 0033:0x7fde33c83b19
[ 1806.686425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1806.688541] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1806.689410] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1806.690228] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1806.691038] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1806.691845] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1806.692662] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:11:22 executing program 0:
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'lo\x00', <r2=>0x0})
syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xffffffff, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
syz_io_uring_submit(0x0, r4, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x5}, 0x4)
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000040)={r2, 0x1, 0x6, @broadcast}, 0x10)
setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f0000000080)={r2, 0x1, 0x6, @local}, 0x10)
04:11:22 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x2f, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:11:22 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, 0x0)
[ 1806.788082] device lo entered promiscuous mode
[ 1806.790876] device lo left promiscuous mode
[ 1806.802254] device lo entered promiscuous mode
[ 1806.803590] device lo left promiscuous mode
04:11:39 executing program 6:
io_setup(0xc81, &(0x7f0000000040))
io_setup(0x3, &(0x7f0000000000)=<r0=>0x0)
io_submit(r0, 0x2, &(0x7f0000000380)=[&(0x7f0000001080)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x3000000}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
io_destroy(r0)
io_setup(0x3, &(0x7f0000000000)=<r1=>0x0)
r2 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
fcntl$dupfd(r2, 0x0, r2)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x4, 0x0})
io_setup(0x10000, &(0x7f0000000340)=<r5=>0x0)
io_submit(r5, 0x3, &(0x7f0000000300)=[&(0x7f0000001080)={0x0, 0x0, 0x0, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x2, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x400000000003, 0x0, 0x0, r4}, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x5, 0x7f, r2, &(0x7f0000000200)="8807bf40f80b43f43c78b03d062e884c08eedade4589403cc2f54aa3f85be0c8f61c372a16f107128778c28cf9fe4f6d960d53cb2547bc1a0a21c5cb9b811d3c5b6f701e3f6f558910558b4ebcdccda0807065de127bca591178ac9ddaa8123174d7130b97e933da68e517420e16f7a6d57fe00384cf67b95a7313d2d00c1d16d202624346a293e753e8145a4491a887c41a6f", 0x93, 0x0, 0x0, 0x2}])
io_submit(r1, 0x1, &(0x7f00000001c0)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x7d, 0xffffffffffffffff, &(0x7f0000000080)="9cfd7293d3e3a11eb8e7ad5d4ef752d7d7469f9647d2a201e027ffcca1772b24e5346edbae4921d3dac5912065d15893e3238708ca90b1cc53645a3b80c90b81003af3c8a3594cff1f290aa6df294608809c8d58f9a0889b06eb404328850393fd81cb6d3c3311cb978003a24286aa7ed1b736eb2d408c6ae81ee42d7e6a52fd869e4dc89228e69467aba202f3db4b4bab693fdb90e8c49e0e68db61785c9e9c1c3e92bb6d95945971638a6cbd7cfe8bbd69ddf785311586f05b", 0xba}])
04:11:39 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:11:39 executing program 3:
socket$inet_udp(0x2, 0x2, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f00000000c0)={0x0, 0xb, 0x4, @thr={&(0x7f00000001c0)="3c3c8892498393c711cdaf7447c9d2e6a2da3b215aece2c4878aec46fbee259493a818589961ea6a185468fcd14c60b51c047e32f2fcf0553ead0176455e2d2044ab7db04f350ff52cf8088ada91e95badb475d900edabd4ebf6323b05ae162ec417ebd790507496cd0fde67623ffe9e6746f544a9c362b8d950477fa21c26b5a6d8fcceb45381f0dddf969686a66a12beebe54593fd80d6f1c35801b87b2f4637cd9060253b5ac885a487d556350b634dc79838cba45ad2c917db35b53119da34a23f50992f446ab4a7ac6bbabbc2524ff2dbb79ebcc7bf761e40aa39e8212e24d35dbf89da9f44b22c1ef76c749798720b773d5092b0ac445fcf7bfc0ad31d1f5849554528ed4fd92c1852ae3edc982860f979347f9256695289b1dc4a045d8874ab7e2a3d547d86928eeeec8c61ebd56b3a5b47a6dce35f90a34afa7438d325fa96dc16882469b8df59bc2f5ad740835ff133d4a6154495a87a4a45626ca4bdcb1b13a64fa00be8f649fa6c708dbccd5c3a584e698737b3f4713d04d03aa0095fbe6826a77531e50af133c6dfb559adc9778675058b2537583e70f10e2a6e902328cb4b054eb4dc5f89b657415dfb80b364dcd0a92a4f8490007c9a7f55b26830986876781cffb766aa06e730859348d990b0cd22bece0788ce73222fb2401fb677e24474e0d0ec450cc8afc90ad96855877d5b86817f725e207e48e76fad319987226b03699dc3cd346f54fd77b5f5d562d05a1915039a21b1a72cf1210358c29ed160ea482c8af416bf73f3e0e5091627e6c571d372e8715d15827d3cddde16cfc19b7af254c3b18b59875f50716d460b3640375d6f2bb6022330be71137d0cf23ab7676d2711441dc11418480e7ff9ec75ff89142896d43d44e991042164e5b5d3b939d3a08c1cf0438a658556a58892b16516fdb3dee6813691f400fa042b79c6bc84fab71d40e21902da6ad72205fd28b8f7da3aab0f9a8e656e6f21136c8bf52d453ff85e63f862bb981ebdf85e74422cd930f650ffe64c230de52b6c44a845044f139cad9d1f54198c41702c05fb0ae0c54bd2944547c444de1041a6f8b5adb8b64e0723f93376b4544abd74c9d153c6c5d633b59f03eaa16ed7ab583525fc009e84c9ab468d6b62ef4470f534793d8e27aabe4aca9f4fa8942204b966d5b1c165b6859f0668ca891915aee9565320534b2636b4932c87635b7d70cab69c505f2e87379c4408b0610d579974768626b949bed7799bf6fa0c1975d1832a7717b354079bba24c329d04b7dda8c9f41fc7a951c33302f66ebb7c338ab503b65a93a897fb59338a3b0916834845af65e4e6cd1c89060978b287b6e7f28a33e19a4785903c230f40a07fff22a3c7e4dc4d95eb47df3ecd0a1fd32f538271cb7c79ae9a10b15014232ac2cd86793f4e3cb1d4a8f754bf4ec0e106343fbd29454d047102f7a27311dfb9f05a1da90f50bd58556e305d3982375cef60906b3ed0d3248cbe3c58d9a5fa5ea1a26012084e9e6f31ebe6c8b5279b9af9b152f64266c16beb16ff8970356934e19b26d8a5a40e3313743e429e4bf85b0b1f9c746487078bf24bde9ea04e8038185da1172452c87f669743122584dec35a28310b05c1248e611017549cc905b69ededfe7ee7ab113c8986c6ef0c183a46a60d285bf05c60dc766ceae0e4bb89ed4b0834a6f25c72a5e197f9ab6c955cd46f027cb2904c3016b6daf8dad57d599f40c47cfe2190b3182e8c8199976d38f39804138f2233207d123254090fdd132b62b84cddb0af682cb1e655eafc8278c4a02cd36bbe6ea987a24547938bd60510ebcd1b1dd7917d893eea692537ccac600d74c3edfc800002cb95db64369186316614c6ff12614f5e22fcd9158d80acc8f700516d642d2fea43325b1a2971cdd33cdc855b692277f684fc418ddc4b1ad72d29f414830fed9ce8864b072318363904fcb63c101ac33f84faf19e8907d3a4ef5c8669a86a288795ee3ddd68e6b84e24e7f306e4d64fd70ebcc0bf146be003fe10f2b7e5bd5cd2a13f0c65f574e2c460bbbc11b1447cb4279da29e731143ec48c878fe5d8eacd1d468ce95f07546bde1c69cf0281673ea5f75b17276cb7766b9b695ff2898a7666d35273cbe5a96093e15dea02e63309b122f65853975c9cbee9b639c191558a2b6319ce8239f330a2dd5b02d611dbd16596ad5a72a17ff817e6af5be5bf036f5e342ac991941d3ab5338b1423ac0595eb74888c834d78eb9279f3ce3b6dafc39002e12da57bf2dd8a15f934650304b797ab87d4f073782311637af1ab03a6a8726ff2473aad7ea207907bae91f5995437fed59e32b99e62c430ab0a34943638f2249878bfe2ef1eecaf17c0b538e5e47460279905622965363544c1a72fa9501460653c416a7baf9b56b9b4cf8c8ef94168569f1257a2493bd270205822a03a0711087a7877692c8c75a3bbe2be4851645068a27e3dcaae941f276f90371fd85ecd4be7d02d1356553b7347daa3ad530ed33243354f8a13d166671cffd8f40a707fc0f4941c26314d3234256f98cbb393aafdc087e7f74a30ca9874179923374f15145aa2584b73f46fb68174f0f09648164db440652346baf67c8d3765b3e6c900c5297a64802f072737dec931e07ad1f55180e5dd083cd0574ca51b5fab7edbec24b09260c486efe315586ac2dc3a9718f245b405638f8953cf4b7691f5b61d95b518f74b2ca4c410a09c20599a2868cfc5f150baaf7e9ee1c5fe1388279a179a11da30224f6d330e9b0b53deaf11afd88932f0f317fe723aa801f5ce565d71b618d8c095cb429907464121f4669889a62af11ae5a1a82254dc4e428536b1b0483e3f30e9c2bcfd135f85ad053480b41ac94d2e9e2d43376456f193b070d7670fa991aa737bd01f9d378221479436845aa9b825a84aeacdd4c219fe4a65d8fa20945cd7dc53d5569a99ab057ed7c92e9a2c4bb759dea70f5dcfa91aff6767699a8a19a9f9d5b72818e08f637a6f6509bf6918b0d7014f18cd6109701ebc1bddebc3e3bae91dab0a2b5a22c6f7211105894697620258ec7d8f4f0b176e223a6eb1e283e9c13028b31467e2f78c37e13a961248667026cf2ec7dedbf9c02d2a2b49ed7b6d4388399488163b01183fcf359f6f024db84550c0be00360efa771171922fb3e07fa52f8eede949f78f129e5c57445b925ef89f7334018ae5583d68bd122edad409f48e573a2581772879ab11e7e143a16a4f08e231d4f6b5565548e129471ab7aa3dc8a9f119167e22a9b23fcdaebbe95cccb7b29fbd8fa4d171ab478cd5122f9ed4d7606190a4c836abca3962d3128a928ae7e48e0a29e2155726867a720c68cab023d272a5aa5cb842764aabedbf69340db72d9f25d0585774efe4dab3fd24d7084e714ce2c0923bc25fb6dbbc4bcba2234e75a2af61cbfa2e603629d3e8ffad765d5c2410b3fc18046a40bc7632f91d17fb2f3f91af48ab6300e1ffcf9cace6af3de66696981dea3b0f2f8ccad35875806880e13d318abc970bbb5a500173124f2543e6166af8eb351e3a63e7d3b953ff2e735e395fdbfd45302411604b96cf03cca023d031e47f70962883137f95837893701d284919aec2814523b22165e0c782178d4d28d55477f5216a5c480ddf98aff351f31ed4d4802b6848a66f51b49f55bef8d0df840b6a0b51728de007d146f73c3cafd33a0ee85c12779203fc4d4f77fb3413b72f16960b315fc7a09a861de7882974495acd8fb985e43d8822d5041d4465215717fc8df93a9e92d9a57fc1c6234366e10af814cc704b2884282f8789e90f5da4e093b35d0a62659b42ce5485bb1bdd2bb3637f6e04cad6102cdec440040fbef519b8107cc05b087063ae25b80b476006b6c9f618fae36085cc66108a93eb03f428bbcdac84f1f1b213cbfebcb492e12dd92b1593c02cf7c1a4f97cb242db3120dc13de7fd64659c6bbcd8e22847f0fc9f201a99be015fe70c32dbd1d1b96582951497e0820b4360fe9bb41983017c34c135c75f997412e4cb7b2ff279dec9bfaadf772dc72bc9438ce4a441289c083b627b164271d805d51e9fc5f9e2151ce270ba3ba0a3403bb437e4b5631b9c03ac91d846f7724886a7f4ac84ec7d8a14ff27c048fcf8724a026e4ef8cb6acf1e4d62899a7d5860fb0b2788a572237b3e82f17b6c25e2f535db326a3076c17e3393fba37ba49d78c6ede65f2f2370850b629e405e9ba09e28a3f542a85f1ef29d0075c9e98054774583d476bfca704fe1802427929ace4a73f3c37ffa4963d335ccffe572c03d668daf16f8a295ad0c546ed45dd956650365fe0decce4abf1d48a79dc4f24c07f95d2f6bd5b0b64891b171db43d00d928baf946f643864dfe48c7d2d5f855296270b5b91228d0957e4672cc37486aa06d7f24e790b6e16275c74c77e7e32796fde2f83af7c206f43659f26835a8579caa310ff2e5628fdfbb599ad7c5ce34ff3df635212435cd6dbf06e9002d858980e180c0785ee3784219dbb014c6fc2ff8182d93f1db84354bbf8dd178d18294f95803efb883bf71836ed797122e0002e4c5c1574a00662af2a02baa68564042fba99f2d095473da8a607caa10f763bf7fae477abd145837ca570070f7f3ea97c2a3da5dfdad19322fea6bdf230a5745a9f81d3b575bbf898da58ae84d63a1b426663bf41dbfc41fd466bdf10a50b54b9a3136567cbfa30cf8aba0d9a431fcbbe51b780646a4e31316bbf921cdd7aa55fbbc8930b5bd16de2a29024cf09ea394ea1b5432c97510d595286f745be75cec2add5540d9e11d79244db6f8288bc662fded47b9b40885f49b733623f469df4437a2a8b1d310927fab660372fc2133c655a373f61edc75cdfd7572430c6c937f10c21fcd882b4e0b063eb5c65e0c49d892a4bc66524c2f96cf0c3334093a45a9b289a565c9b4e34da2d53cfe92b5d80a46e88104d5955697e4c2daf4b7fcb5c76774141e77d1a34bb32ba06f1615872336a45e6e5f9ca11ee4cc4bd69981abc01dc2549cc687f44b69e3c28af6d9dca574fd45c0520a631ba170deba92851dfb8ba2d51a5a10b1fb18252cd7d5003a7f558cbb65aaa735a4ec128bb82632c9f2036963b55db2a18a1804c40b6446f1573aa2fbc568b551ad0b6d85d23b57baa76b42e6559253ae6bb65a7f5cba397cb34c612d462f96c5b96af8d830d467b086d283b04e671f03fa8db68a53d8216aa86cf2abefa816a6e07de43de658e4766d28d6692d0837bd0b4c43f83e8a54c743dc8ff7076e4f0cb080dd7b2dae4133e0c685ace76e145323dd28fe9b69a181e253e399984b3c44b308fc7004c460fad7483d2da2391b52b456ebbbeb124d7636b8e8448c6d5b49f5658eebc53612457f4b64384049d3d1ecde629db4b82c16a51821b21d2075f987aa417ae4b8f6dcb17b36549fd0c83555bbcd2b4700e2c809a51acfee6eddeb3c5b84cf4ddf38bfaa1d9d07688a02ef000bfc9373bc10da8c95edb7615266e4c16483e3e705cb8c9b4f57ee4321184eef428645c335ed0be11da7370415566372d2645b79ad7f7516f472b7aa05d2a3be651bc27c62c11395a25a89f6e34a222aa676d8582b82776664f62361acbee4c11970313e850c7950788d0932a2291d4223abc84425e730f21131d0c0e87bc8210e37c593b964b421ce1e3f60ffe418ee97134ce30548e5c994fc956cb8edabe0290c7f6c360837408abc333c7eaee95039d93eb847b5cc9708d8b5ccb7ab6650241b4549c17ffae823f7ca8a9c797aa0f911a6a6ff0", &(0x7f00000011c0)="ebd978bc213c3ac5ce7401daa910123aa0c4b2a2537501a2896b1e333b6ba2f8db92947b01219ae67fbf3e553566bf64e6c0b67053b11c3dc47c33d0557d0f85efa7a7de956a25ea5371edac0d26101988528305d8433e0602130e84843e88783f2b19114c7518ba7ff4c2079d7eeda93bfe862414b779fd0e0c3f8bf2cc3270f060fe7a984d44a2f7a724c9f2cd9b21960bb9c16fe6bf03e9f427c863fa3e4a36ee29b864084d3ac92f8727d92aa8d534e77f067be353329d668a9fb69fb86b57e5c967003de96a5216725147ff142cc30ec3d835fce19d456f2d840ac656016e3e94b742bba25a42217c90d0ef9a916ffd0141bb46bf72d9f38f39b0550c16dd0ef28aeef9d57c9e7bd004870e019bcc855e2b806c6cca8ccfc048e95784960c7be743587fbb705d471d420b9fd7317c23596930a177f2d43b139f7a8d5b75a86bc553ae717f0367a0c8b591bfce92a11079af3e2de5c90201bc7c1ad93ec37ed24f90882e9ffad8b6841cb005d8da253d1206f0ff3ad00673d1b693981fc779b186265304b738c7464800989b96904b677624e9e5648ce036188082bc81909f7a3dca455edae76745278599220c19bea62f7f1f9b35737f80ca5e1f2a99ef01af87dc30b7caa4eec42db6b1f0f9dd14f753fe0922e850d7d7992b79bd65648ef9288fc7820d79a058577d4ca0cedfd20168b64917dddd16c663da04e011adaf7c0c89fd3e56a3ef332e2684f271edf9d31df0cb7de346b16dab2493e4a750652250ec063f6ffc92839221cb5d5f30594042d231ed82580348cc989ed41064bdd9eed42095a4b8a729d82a9e280f9af151148ceb5981101dd10fb892ef52ba6b19cd9aeb78f3b33d04dc668d2c14de873074a20689d02866f6eac08753fdb36dbab814288ae5ba9045c9071c52fd06882f22d9d76f417cb5fa169d7da8208538f3460c8f0ecfb7fdcde226a792d50ae2237f160e8465ddfb75caacc4219b4b44d7b77bf43755b568418867dd0cd4d4ee87d49b94a9b4d8b12e501f83e360ea3d1272ec4b4ec4e0f8fca18cf814defc6f47bb98758685f66dc821bb788bea04cdfbbacdbf9651a70d9dee3d04adb646952e82876c5070f30979d2e4c63d5dc9d2c33a1d2eb4e7355d24bef223a8106b5f29fa86e9e8dcb46bbf079de8225fce6eeef7858dd448c47980d99c8839667f62be1aaa1adf087eac37638980aa3eeca8e3db0386c0d51f8beed697c7938a1e3fca454e0757438083fe4cc5bd11c220596f74cc21c1f92d708439f65f5e857ad7c623e9b5a07dbaf6a3e5439477c8a5724d83d14b5773a81d7eafa85c4c3ac196b2a2843a75d8d2b9ba4afdffe55654dc32b30744ad7e3e9480927bb29cfcc08857dea87a2f085c2939f71b00fcd44e8675ad27a04be27b1ff92ee9ba1974ac52b4375bd1afdaa517107c24497aa47e76ad1201f6506eed3c954dbadd84a4a8aafc7bda68f509d028d7fc0d689e9cb7f51d0bb23e36f55fb8373084d4c01a71c125c144401605bf0cf74f37b0890c9f6587b8c208f7617d0dc33c543db60131d0d7a4409d6bb15e8bdc5ade7d99e615fc6e4718e97082f7b1da5ee77cf29738bfc5d4a7806907878d3612697c6ee4f04090b64b8d7754d503151f18231c421c609c42a6baa419fd763c1dd8cb6fc34253c69a447e5a5825e4cece836ca312b9f686da6f2acd67917a2d364197af06a5db634d8efd2d2916d69521d72913c3de8451d4b99114d5e5347e4019ceb050697a416b073260e998a2f240146efd035c7ea94e8597e2c898763697ac91db9fac9f98c0c76aa167d873fa3724b71e8487a1f6c420855c2d6962064211dc78d0e88062787011beaa7112b03fd9193c728a3fc9b89f5cf30fa78d0856b36735aa588433120d9205f6febbae83484c8f857ce7201f2e488eedcf452e7eb5df28bace2d8aa464d6ee13bffc791a5f8b33df7b447ef5b4695a638c7184bf2424d9bc6afbfae3025c679e65ab4c2936128dda44193b16a0336a2cc0940bb2083a82ebb10a5722d07a0268927d50d9a51131ef25016d71b42486d8055d47574e2eab90ba9dd28a603000ecf27f50c5fdd522cd466f20b155e540adac15225bdee9eb341d4ef81df67a8b42466a6e75a078542a27309e2a21a7b01adf3c8736d48c36a275a9027b9add0a8be51625def4f8cb9d355e421cfa3c43732193bef736090d7261b954fe08cd049ac1e9f481f4aed839593f5f0af39f1a1bd3ab09cc3fd6ed8bf9ffedf059ea3f6f2fa0bcf211cddbe1fc0cbb8fe3bd6daa0d0f38d2ccc2f10dfc2af922167eb67b2a6493e85b3a83d065cba9650d59e0bf3b96f98682fd28ead5984f3134eb5eba1cc3a20894e43f4b7d8fbc3e23186227ab5cfb83d9bf1e2d3fcbd1fe1f9794e83983d15ff0be3bb4bb88af98bf3b2c61f46fd82e563ff747ec9448855a25a67e8adfbb2ed441c6e35080727a0ac938877a2991b9426cba120ed7266b3fcc3a15b1c2353b7efb2b0894b9909ed89a9489b8828746400f3b967dedcbe3a97b00d5ffae0a0ba2789ef099fc8471a567449b05134d6776a3ff717898abd0192765594ab7b495204acdecf7b28e0e901da3e9cf402a0e50a4fe42b49aab663d5388b3bdc6ec1d3a3cda4a09a24e73873bb3d7e565376983ec6c888194cd82f98524461e08465c89eb4778aef3ee1aa772ab20de31a6a5c5d30a6c51c7431977cb0352d1ecd5d2a0be6fb32a9e51ee8e27fb0548251a566fc98f98d0b0a2cad1280f60e259df43d069459b1460ebff46ad85642e6801863f18780ae2462d136fae4feb5d6e8937b9891f738b6a89fdeeb58933f00e9edf53adfd30de4a6374d672689d33c653c7cccf47fe2c4aedc79fa9f8faa9bc743d7501e6dd12ecdc6019db032706085b2d5772ff6197eb5e800730540532460659394d08598d6b86e4a2a654371a55d84a3d987046e0984a00b659d5126f6d12927f0c7fea3af0d085891b60ea543db5ca87a4cf257253c5cc0ded6e68ef44fcc1aa70df50f30b1de95092c698ed0a432b624e89a2e6c4b1c7bf3df946d9dcff7d66975ea83203f1f7e8ab0c6d0ad2b39b539d0d63acb0d236b891e7d7fedab814a98e4969b3178faad8cd962aa604172b234bab8ca48b4085873fd31d6f1b2cac06c17641c50e82017efd28afc8c1515dc0c3e9ddd58bab3a6c4f6d8b8156f40b34e274f50cda9cbee84d6fa5f7921632c492f97ac09b89878d389913fa2e4a2d87eafc86cafd480d5e3491327d7b1c64fbb0b6a265c1859b9c453cf896df37b26d4fb9ebf5e070b9a5adaedee4ee75da9a003159d900e691aeda2dcf61ac0f1ab7f8ab7e1d070489ccf16f87d4a4a8908eab1413a4ca8fa81f1da4196cdb83f6dac33b4c133e366e480dc36d16f94f9f394860784c777dc351942dcbac3a72b9cf61bf023b9195caef249743fd8d721fc73383555bc11281148c95dcad34e1034051dfc1fe571610894144a49deaf8f25183d8530b028b17e68ba47b8fdd6e9a1790d32c21720e390bab85f125b578b5974e3a2535b4282a74291e06e16f671631cb2f3aa518a522066fa23e77572995caa4959f935ec82ae5e353b8ca11e986fc532bca2b62655aaf9d997c6dda721a96cd8611e6b5fd8ebae398bf9a7f025b7d74ba98e892d5f44aeb3099662016f13b8cc344567fde5f6f2ee19fec83cec98898310fa33c74bc0316776195b474dbeafef7d7c80bcfa332c5eb194349e11d9275882700812aa8842344ab22c808db68d925d33771be3d9e9d12f6b41c5389ed42a1eee4d35c1f69a6cc48208485af523fa8a09a85914b24c53706b00f20f12c461dbe462b469b9d7476ea1963fe69a80f775214c32423fef8a934e89aaba36230d3cc5f29ebdba9ac249286d309d0e9a132b9f0d239cd7704f25ecd2432de4df6f76c2926ab10d6819728d9940abab43e2edceb784e5eb4ed47a019306bd223140d48b62309a1f87b0df9bde13c0cd1a7e0d0556be8ec9982bb0897998679db0d0f4b1f69b77b8ce3936181ecdcc31e6652902494cd4143b777b2f05a2c4ad3b081d01ff33dc6added3d83103b5925c8213f2ab2dc302f59c297290dfe1fcc6e785c1d511182dd7c4f769945faeddce4817eee9851cc7eec01bdb8a597a752b21c51ab3a82b64eb4d7bf7e429f6ee8a1e9b7beeca640af997752df4309f3da8febec5a89e0e5e3d934c0baa58a0af9c405ac288d5d365b8428de2c59d59d92ce45b8a904a326d31c166c02e383ae5ebc3a92044dced3d6fd778d0cdf88dd931a9a36d4b859d28f20e47efec3f44fa11d04b522e3ba8bf9c6c5d445cbb984a0c93002d340188d89ff992e48a1223bd56fc67194a413bef2d9cf79dd72b7c549da5d3014264a5f4981f73e0be0f4f1ec71633440047932ca5aaea75d0e8030e8e4ea1f8a8c9b7d4b1e5f6ef0919f0f7ef694f152fe71d23aa00979eea1b89b1e6874c3f551188739f8f18974c02fa78c94cf86c77d3a0d3116f8492e996bb2b5189e1ff81be7a67b21e5a81fba14ab602ef661c9a91089a93cced687ab2f27f86bb2e3fb86287672071f80be2690b893c9fd687d17742412328ad90558c76322425685b43b37e5788fcedafabce79c1b251b793fc4f88d10a43b71adc81c127278db18df4a0fc57e33c20995553a8e019da493ef2ddd1c2ed2914f8fe0d3170412f8f927d74d74634125677a75b24415a84e614f0582586d0492d7a7f36b585ed2ac9c643361de59c522f7d70e1fb65f6cf5fc4d37b311cf88a7e4105f1ed9c14be825d6bab5869ae3cd2c409dba3b74cbd2a8c70f7276bc1f8860f1f75ec140bfcb106393889169eb8f9548026275b58c657a2ab3efe22f65a98b030d27bd685d89817d52e4f2cb6a5d0067fc659da92a31905944effbd1e29d14adc28eb1e6784bf850fd758b57966a51f6b2f454e019aaeda6d7c657c044ae389eac365d271c160ac98e9a519061b9241f00369457b3b1351e1607a6d18a4d878092644a4e2786c6b3c28b4731e853a9c43d36f4c46c3089f5858abf5ee596915c9f49050ded79ff2dd013b0e563a35bf509ebcceb19cf1176851da8f88c2f51b1400345125b50f775f22c6564837095bb3b91ba149964b0da330748dbd1422fc76fdba2d0e9a3dab4a70a4242b3f7a6a814aecff6d6010b199146bf5d50b812f7fa226b04a4cea5e8ef9cfc76553dd1022423242107315fc487428b6b39655d07ffc7bc5002cc8990650329741693b56bf7ff043ecb91c985f695bf5d7a11aa1ee82d4e828339bc2ce4b22b1a31418da64cc1fda87b79aee6d2dfa03b610058f3af4e12cd54dd903ebf5ef050c1ce1308be53c2e1e692ed88039bcb6898bad7bd8ab2fbace5c3b950f5bc72d8b7225d41954dd4793499506fd44c2473f0beeb54e3653f6087502c102dfc0cc67e7644c7ed57eccf0b55f70691f435f3703ca8b4bc7d1e0f319f835cbe7a9638c7672a1ea8ec1e7a3dc490cc6e7f3d09a0051e6dd75e1422ffa243fae9f8758c9ddad78501fddd30758d830881c32924e40377878b2bb2d2efcf28e25705a9f082c83288ba4e380343161dab7b37fa01092ce5c46d7c81f6dd93a5933655ac508e214c5b17b62729460f19b15386d2a21bfab4148ad1c04016f168743b7d30932a965247c923920a553bf0cb9f6b7e4a92924385050e02bd739bdd427f64399bbaf6585b6614f3af22cef8441e917e55fa4cd120207bbc206b7810307cf65735c5a912c413285c15ee861cfe30f19e6575dbd01fc057245cb53cea4de"}}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x77359400}, {0x77359400}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
timer_create(0x3, &(0x7f0000000140)={0x0, 0x2, 0xa8f9c62e8ef4e320, @tid=r0}, &(0x7f0000000180)=<r2=>0x0)
clock_gettime(0x0, &(0x7f00000021c0)={<r3=>0x0, <r4=>0x0})
timer_settime(r2, 0x1, &(0x7f0000002200)={{0x0, 0x3938700}, {r3, r4+10000000}}, &(0x7f0000002240))
04:11:39 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 85)
04:11:39 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0), 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:11:39 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x30, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:11:39 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, 0x0)
04:11:39 executing program 0:
r0 = syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$9p_unix(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f0000002f00)='./file0/../file0\x00', 0x0, 0x21000, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext3\x00', &(0x7f00000002c0)='./file0/../file0\x00', 0x0, 0x0, 0x0, 0x2044034, &(0x7f0000000540)={[{@resuid}]})
r1 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$SG_IO(r2, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x4, 0x0})
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x80, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@uname={'uname', 0x3d, 'resuid'}}, {@nodevmap}, {@nodevmap}, {@mmap}, {@loose}, {@nodevmap}]}})
04:11:39 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0))
[ 1823.974542] FAULT_INJECTION: forcing a failure.
[ 1823.974542] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1823.977610] CPU: 0 PID: 9540 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1823.979361] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1823.981468] Call Trace:
[ 1823.982154] dump_stack+0x107/0x167
[ 1823.983112] should_fail.cold+0x5/0xa
[ 1823.984085] ? copyin.part.0+0x112/0x140
[ 1823.985121] copy_page_from_iter+0x74d/0x900
[ 1823.986262] blk_rq_map_user_iov+0x138b/0x1a60
[ 1823.987450] ? copy_user_generic_string+0x2c/0x40
[ 1823.988397] ? iovec_from_user+0x104/0x400
[ 1823.989209] ? blk_rq_unmap_user+0x750/0x750
[ 1823.990062] ? __import_iovec+0x458/0x590
[ 1823.990882] ? import_iovec+0x83/0xb0
[ 1823.991636] sg_common_write.constprop.0+0xba7/0x1a30
[ 1823.992650] ? sg_build_indirect.isra.0+0x710/0x710
04:11:39 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0))
[ 1823.993609] ? __might_fault+0x73/0x180
[ 1823.994606] ? lock_downgrade+0x6d0/0x6d0
[ 1823.995433] ? cap_capable+0x1cd/0x230
[ 1823.995976] EXT4-fs (sda): re-mounted. Opts: resuid=0x0000000000000000,,errors=continue
[ 1823.996367] ? capable+0xe1/0x100
[ 1823.998151] sg_new_write.isra.0+0x529/0x770
[ 1823.999056] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1824.000354] ? lock_downgrade+0x6d0/0x6d0
[ 1824.001189] ? _cond_resched+0x12/0x80
[ 1824.001962] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1824.003106] ? scsi_check_sense+0x10f0/0x10f0
[ 1824.003975] ? perf_trace_lock+0xac/0x490
[ 1824.004779] ? SOFTIRQ_verbose+0x10/0x10
[ 1824.005586] sg_ioctl_common+0x828/0x2570
[ 1824.006418] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1824.007427] ? do_vfs_ioctl+0x283/0x10d0
[ 1824.008221] ? sg_write+0x120/0x120
[ 1824.008956] ? generic_block_fiemap+0x60/0x60
[ 1824.009844] ? lock_downgrade+0x6d0/0x6d0
[ 1824.010669] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1824.011643] ? wait_for_completion_io+0x270/0x270
[ 1824.012588] ? selinux_file_ioctl+0xb6/0x270
[ 1824.013449] ? sg_compat_ioctl+0x120/0x120
[ 1824.014288] sg_ioctl+0x8f/0x120
[ 1824.014967] __x64_sys_ioctl+0x19a/0x210
[ 1824.015769] do_syscall_64+0x33/0x40
[ 1824.016516] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1824.017519] RIP: 0033:0x7fde33c83b19
04:11:39 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
[ 1824.018226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1824.022200] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1824.024036] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1824.025763] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1824.027496] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1824.029230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1824.030970] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
[ 1824.043584] 9pnet: Insufficient options for proto=fd
[ 1824.055104] EXT4-fs (sda): re-mounted. Opts: resuid=0x0000000000000000,,errors=continue
04:11:39 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0), 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
[ 1824.089450] 9pnet: Insufficient options for proto=fd
04:11:39 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x31, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:11:39 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 86)
04:11:39 executing program 0:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0))
04:11:39 executing program 6:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'syz_tun\x00', <r2=>0x0})
sendmmsg$inet(r0, &(0x7f0000002040)=[{{&(0x7f0000000380)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f00000003c0)="db9c", 0xffe7}], 0x1, &(0x7f0000000000)=ANY=[@ANYBLOB="14000000000000000000000007000000c4048f01000000001c000000000000060000f087c10f99e915f59b507015ab9f2462cabb844e558a89ab254c08d488dec92cbf5aea6e52957588d3024cf4275f8d9d6e28d47d298257098f44007f387c8b86dd92b311d77577a08a4955f1c9c7d83c47108225bafa87ab612be93a9580", @ANYRES32=r2], 0x38}}], 0x1, 0x0)
recvmmsg(r0, &(0x7f0000000b00)=[{{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000002080)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0)
04:11:39 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0))
04:11:40 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{0x0}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
[ 1824.266832] FAULT_INJECTION: forcing a failure.
[ 1824.266832] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1824.268258] CPU: 1 PID: 9568 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1824.269046] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1824.270001] Call Trace:
[ 1824.270309] dump_stack+0x107/0x167
[ 1824.270738] should_fail.cold+0x5/0xa
[ 1824.271184] ? copyin.part.0+0x112/0x140
[ 1824.271659] copy_page_from_iter+0x74d/0x900
[ 1824.272178] blk_rq_map_user_iov+0x138b/0x1a60
[ 1824.272715] ? copy_user_generic_string+0x2c/0x40
[ 1824.273285] ? iovec_from_user+0x104/0x400
[ 1824.273768] ? blk_rq_unmap_user+0x750/0x750
[ 1824.274285] ? __import_iovec+0x458/0x590
[ 1824.274776] ? import_iovec+0x83/0xb0
[ 1824.275224] sg_common_write.constprop.0+0xba7/0x1a30
[ 1824.275835] ? sg_build_indirect.isra.0+0x710/0x710
[ 1824.276417] ? __might_fault+0x73/0x180
[ 1824.276880] ? lock_downgrade+0x6d0/0x6d0
[ 1824.277363] ? cap_capable+0x1cd/0x230
[ 1824.277826] ? capable+0xe1/0x100
[ 1824.278230] sg_new_write.isra.0+0x529/0x770
[ 1824.278749] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1824.279366] ? lock_downgrade+0x6d0/0x6d0
[ 1824.279863] ? _cond_resched+0x12/0x80
[ 1824.280318] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1824.280983] ? scsi_check_sense+0x10f0/0x10f0
[ 1824.281495] ? perf_trace_lock+0xac/0x490
[ 1824.281974] ? perf_trace_lock+0xac/0x490
[ 1824.282459] sg_ioctl_common+0x828/0x2570
[ 1824.282956] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1824.283555] ? do_vfs_ioctl+0x283/0x10d0
[ 1824.284021] ? sg_write+0x120/0x120
[ 1824.284441] ? generic_block_fiemap+0x60/0x60
[ 1824.284957] ? lock_downgrade+0x6d0/0x6d0
[ 1824.285438] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1824.285997] ? wait_for_completion_io+0x270/0x270
[ 1824.286560] ? selinux_file_ioctl+0xb6/0x270
[ 1824.287076] ? sg_compat_ioctl+0x120/0x120
[ 1824.287569] sg_ioctl+0x8f/0x120
[ 1824.287962] __x64_sys_ioctl+0x19a/0x210
[ 1824.288431] do_syscall_64+0x33/0x40
[ 1824.288859] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1824.289456] RIP: 0033:0x7fde33c83b19
[ 1824.289891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1824.292042] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1824.292926] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1824.293750] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1824.294577] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1824.295407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1824.296235] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:11:58 executing program 0:
syz_emit_ethernet(0x3e, &(0x7f00000007c0)={@multicast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "00ee6e", 0x8, 0x3a, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1}, @local, {[], @echo_request}}}}}, 0x0)
syz_emit_ethernet(0x101, &(0x7f0000000000)={@multicast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @val={@void}, {@generic={0xf9, "9c858a64d05e52a300801374385f7d54288c5ed04353c80b0ffa1e04ed1a4030c810cf0548bd5dcf4bd028deef07ca5ac3e579e8328b95cb6f01c8df624d810b5dd41e5dc72231a2d661dd59fd8c31c2058f60161f8bcad4da9cb7e1fbb91788c95ebefb41053a39f156a3d50493a17fa3394f2cee6f5e60478bbbb05e88415c7d4cf83df5ece882983eda67c7fc0310e651765a351a6dbb4fb23708643df47d24e51d0532346ea546310295be7d22655292246960d44b62e46aea0bc3952dcbe8c441871fd650ec4acf8eea3b4559016c3d6907366a34b56db1eb4be811f7f6f579a0bcaa5b4cadfd97c4cdf67f7a"}}}, &(0x7f0000000140)={0x1, 0x3, [0x401, 0xf65, 0x31b, 0x40f]})
syz_emit_ethernet(0x56, &(0x7f0000000180)={@multicast, @random="799540a1a52f", @void, {@canfd={0xd, {{0x4, 0x0, 0x1}, 0x2a, 0x3, 0x0, 0x0, "67f5f52df25946d28ddbec04752d4584e360c2b48936a0c393c4a5956d0d24ecd82159a7ee4ff7dcd86560b441dfd819170276f6006c58a75cabeae700f81ed2"}}}}, &(0x7f0000000200)={0x1, 0x4, [0xf44, 0x415, 0x2cd, 0x977]})
04:11:58 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x32, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:11:58 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:11:58 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{0x0}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:11:58 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 87)
04:11:58 executing program 3:
r0 = gettid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000340)={<r2=>0x0}, &(0x7f0000000380)=0xc)
stat(&(0x7f0000000200)='./file0\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
setresuid(0x0, 0x0, r3)
sendmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r2, r3}}}], 0x20}, 0x0)
clone3(&(0x7f0000001e00)={0x21240400, &(0x7f00000001c0), &(0x7f0000001bc0), &(0x7f0000001b80), {0x1b}, &(0x7f0000001f00)=""/149, 0x95, &(0x7f0000001d00)=""/170, &(0x7f0000001dc0)=[0x0, r2, 0xffffffffffffffff], 0x53}, 0x58)
timer_create(0x4, &(0x7f00000000c0)={0x0, 0x1, 0x0, @tid=r2}, &(0x7f0000000100))
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timer_create(0x3, 0x0, &(0x7f0000000040)=<r4=>0x0)
timer_settime(r4, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timer_gettime(r4, &(0x7f0000000140))
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
r5 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$SG_IO(r6, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x4, 0x0})
connect$bt_l2cap(r6, &(0x7f0000000000)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x3}, 0xe)
04:11:58 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}}) (fail_nth: 1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:11:58 executing program 6:
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
sendmsg$NL80211_CMD_GET_SURVEY(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="be3d6b8b046611c697e91dd92fb365edf2feffb40ea4395b0bc93cdc6e94f58a742fc3829b566ae03133304b49f49792c09b120f245cd20bf01d0517c0850e6255891f890ffec91ab444c9b5e8e20232ca2b3758e16d20eb8c65a7c70f76f7e869d4b939b10549dff74bc87c44032bcdbc82a5dee2f67f0000008766233261fac890b2db2d4bb2500d2d284220cc92adafdb5b042a398087933380476900000000000000", @ANYRES16=0x0, @ANYRES32=0x0], 0x1c}, 0x1, 0x0, 0x0, 0x20008010}, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x3, 0x0, 0x0, 0x7, 0x0, 0x4307, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0xd79}, 0x1539, 0x8001, 0x0, 0x4, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000002)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2000, 0x21)
ftruncate(0xffffffffffffffff, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
fcntl$setstatus(r1, 0x4, 0x0)
r3 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x100000001)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r0, 0x0)
[ 1842.856324] FAULT_INJECTION: forcing a failure.
[ 1842.856324] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1842.859419] CPU: 1 PID: 9593 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1842.861141] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1842.863267] Call Trace:
[ 1842.863956] dump_stack+0x107/0x167
[ 1842.864887] should_fail.cold+0x5/0xa
[ 1842.865858] ? copyin.part.0+0x112/0x140
[ 1842.866908] copy_page_from_iter+0x74d/0x900
[ 1842.868073] blk_rq_map_user_iov+0x138b/0x1a60
[ 1842.869255] ? copy_user_generic_string+0x2c/0x40
[ 1842.870523] ? iovec_from_user+0x104/0x400
[ 1842.871617] ? blk_rq_unmap_user+0x750/0x750
[ 1842.872703] ? __import_iovec+0x458/0x590
[ 1842.873652] ? import_iovec+0x83/0xb0
[ 1842.874516] sg_common_write.constprop.0+0xba7/0x1a30
[ 1842.875693] ? sg_build_indirect.isra.0+0x710/0x710
[ 1842.876819] ? __might_fault+0x73/0x180
[ 1842.877712] ? lock_downgrade+0x6d0/0x6d0
[ 1842.878651] ? cap_capable+0x1cd/0x230
[ 1842.879554] ? capable+0xe1/0x100
[ 1842.880341] sg_new_write.isra.0+0x529/0x770
[ 1842.881341] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1842.882567] ? lock_downgrade+0x6d0/0x6d0
[ 1842.883541] ? _cond_resched+0x12/0x80
[ 1842.884415] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1842.885711] ? scsi_check_sense+0x10f0/0x10f0
[ 1842.886725] ? perf_trace_lock+0xac/0x490
[ 1842.887678] ? SOFTIRQ_verbose+0x10/0x10
[ 1842.888615] sg_ioctl_common+0x828/0x2570
[ 1842.889315] FAULT_INJECTION: forcing a failure.
[ 1842.889315] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1842.889573] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1842.893318] ? do_vfs_ioctl+0x283/0x10d0
[ 1842.894240] ? sg_write+0x120/0x120
[ 1842.895070] ? generic_block_fiemap+0x60/0x60
[ 1842.896109] ? lock_downgrade+0x6d0/0x6d0
[ 1842.897058] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1842.898162] ? wait_for_completion_io+0x270/0x270
[ 1842.899264] ? selinux_file_ioctl+0xb6/0x270
[ 1842.900255] ? sg_compat_ioctl+0x120/0x120
[ 1842.901210] sg_ioctl+0x8f/0x120
[ 1842.901981] __x64_sys_ioctl+0x19a/0x210
[ 1842.902897] do_syscall_64+0x33/0x40
[ 1842.903741] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1842.904897] RIP: 0033:0x7fde33c83b19
[ 1842.905740] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1842.909878] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1842.911608] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1842.913217] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1842.914828] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1842.916450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1842.918059] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
[ 1842.919711] CPU: 0 PID: 9594 Comm: syz-executor.1 Not tainted 5.10.232 #1
[ 1842.921278] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1842.923146] Call Trace:
[ 1842.923763] dump_stack+0x107/0x167
[ 1842.924590] should_fail.cold+0x5/0xa
[ 1842.925457] _copy_from_user+0x2e/0x1b0
[ 1842.926360] inet_ioctl+0x2c7/0x390
[ 1842.927182] ? inet_dgram_connect+0x200/0x200
[ 1842.928213] ? __lock_acquire+0xbb1/0x5b00
[ 1842.929187] ? perf_trace_lock+0xac/0x490
[ 1842.930124] ? SOFTIRQ_verbose+0x10/0x10
[ 1842.931053] sock_do_ioctl+0xd3/0x300
04:11:58 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$SG_IO(r2, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x4, 0x0})
newfstatat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, <r3=>0x0}, 0x4000)
sendmsg$nl_xfrm(r2, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000280)={&(0x7f0000000100)=@updpolicy={0x148, 0x19, 0x2, 0x70bd2d, 0x25dfdbfd, {{@in6=@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x4e24, 0xffff, 0x4e21, 0x0, 0xa, 0x0, 0x20, 0x29, 0x0, r3}, {0x0, 0x2, 0x3, 0x3ff, 0x101, 0x83, 0x6, 0x6bd}, {0x1, 0xcf81, 0x401, 0x1b}, 0x1, 0x6e6bb8, 0x1, 0x1, 0x6, 0x3}, [@lifetime_val={0x24, 0x9, {0x5, 0x3, 0x9}}, @XFRMA_IF_ID={0x8}, @srcaddr={0x14, 0xd, @in=@multicast1}, @migrate={0x50, 0x11, [{@in=@local, @in=@empty, @in=@local, @in6=@empty, 0x33, 0x4, 0x0, 0x3503, 0xa, 0x2}]}]}, 0x148}, 0x1, 0x0, 0x0, 0xc004}, 0x4051)
sendmsg$nl_xfrm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=@allocspi={0x100, 0x16, 0x1, 0x0, 0x0, {{{@in6=@local, @in6=@mcast2}, {@in=@remote, 0x0, 0x33}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}}}, [@XFRMA_IF_ID={0x8}]}, 0x100}}, 0x0)
[ 1842.931921] ? compat_ifr_data_ioctl+0x180/0x180
[ 1842.933234] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410
[ 1842.934580] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1842.935787] ? do_vfs_ioctl+0x283/0x10d0
[ 1842.936733] ? selinux_bprm_creds_for_exec+0xb60/0xb60
[ 1842.937946] ? generic_block_fiemap+0x60/0x60
[ 1842.938984] ? lock_downgrade+0x6d0/0x6d0
[ 1842.939961] sock_ioctl+0x3ea/0x700
[ 1842.940807] ? dlci_ioctl_set+0x30/0x30
[ 1842.941735] ? selinux_file_ioctl+0xb6/0x270
[ 1842.942761] ? dlci_ioctl_set+0x30/0x30
[ 1842.943697] __x64_sys_ioctl+0x19a/0x210
[ 1842.944644] do_syscall_64+0x33/0x40
[ 1842.945509] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1842.946696] RIP: 0033:0x7f26989aab19
[ 1842.947568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1842.951847] RSP: 002b:00007f2695f20188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1842.953614] RAX: ffffffffffffffda RBX: 00007f2698abdf60 RCX: 00007f26989aab19
[ 1842.955272] RDX: 00000000200000c0 RSI: 000000000000890b RDI: 0000000000000004
[ 1842.956937] RBP: 00007f2695f201d0 R08: 0000000000000000 R09: 0000000000000000
[ 1842.958595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1842.960262] R13: 00007ffcea6521af R14: 00007f2695f20300 R15: 0000000000022000
04:11:58 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d97217", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:11:58 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 88)
04:11:58 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f00000000c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
timer_create(0x3, &(0x7f0000000240)={0x0, 0x13, 0x0, @thr={&(0x7f0000000100)="43a93e1d04f04df65928aa0f8ca42e91033310c27ba062cdc3d60f6388966345b49b523b176813b8966ec931da36d51158aee8918f42b2fb10c096a87bd7736e2fd1f21e746aba8f", &(0x7f0000000180)="085b1b3edfb9bc1e0d1e6e3f44dca24435060ebee5e0ec584d784343e19000c5071a194a00a5db12ddef0d05f19d9ca53b318281d9b429a37c5df8a63714c68ac5014ff544f9dd4c9b4682e375d9414ae92bbeba58610218aa0ffdc8a4bd0e2632fc3ead9a948192f09f0936091e61eec6b669c1ca0a3184d0ac1ab7fc161926da1c340c803331ff28e68730ba75ef5ed405f53154d2a4"}}, &(0x7f0000000280))
04:11:58 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x33, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:11:58 executing program 6:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000009c0)={0x1, &(0x7f0000000980)=[{0x6}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
r0 = openat2(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x0, 0x120, 0x1a}, 0x18)
io_uring_enter(r0, 0x2298, 0x4c0d, 0xac848827fda91848, &(0x7f0000000100), 0x8)
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="7afeffff03bd73f906bd7000fedbdf08000000090400269000004000c0ffffffffff2a35"], 0x30}, 0x1, 0x0, 0x0, 0x20000000}, 0x800)
04:11:58 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}}) (fail_nth: 2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:11:58 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)=ANY=[@ANYBLOB="280000002000210c00000000000000000200000008000000", @ANYRES32=0x0, @ANYBLOB="0c001100000057afe698bed6a710b43c79bc96f5843d176e634fafbd82c9db211f37c3ff38fdb0c754068c17eb9234cd56f662c630aede1257db7262fb873a40110ac9ca65c30d70afd8a653fba8fb6b6420d8b8eb2d87424dbeef52e5498e4042527d9e37fae5bd5c1fb69470a81be64072687cebcb7c92cd737439906475a68e4fc5a88c43ffec76"], 0x28}}, 0x0)
close_range(r1, r0, 0x0)
perf_event_open(&(0x7f0000000640)={0x0, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0xa}, 0x0, 0x0, r0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
add_key$keyring(&(0x7f00000000c0), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0x0)
add_key$keyring(&(0x7f0000000000), &(0x7f0000000200)={'syz', 0x2}, 0x0, 0x0, 0x0)
r2 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x0}, 0x0, 0x0, 0x0)
r3 = add_key$keyring(&(0x7f0000000040), 0x0, 0x0, 0x0, 0xfffffffffffffffd)
add_key$keyring(&(0x7f00000000c0), &(0x7f0000000500)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc)
add_key(0x0, 0x0, 0x0, 0x0, r3)
add_key$keyring(&(0x7f0000000140), &(0x7f00000001c0)={'syz', 0x0}, 0x0, 0x0, r2)
add_key$keyring(&(0x7f0000000740), &(0x7f0000000780)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffa)
keyctl$revoke(0x3, 0x0)
readv(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000000180)=""/44, 0x2c}], 0x1)
r4 = mmap$IORING_OFF_SQES(&(0x7f0000ffa000/0x1000)=nil, 0x1000, 0x1000001, 0x100010, 0xffffffffffffffff, 0x10000000)
syz_io_uring_submit(0x0, r4, &(0x7f0000000440)=@IORING_OP_ASYNC_CANCEL={0xe, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x7)
ioctl$TIOCGSERIAL(0xffffffffffffffff, 0x541e, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)=""/182})
unshare(0x48020280)
[ 1843.210501] FAULT_INJECTION: forcing a failure.
[ 1843.210501] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1843.213396] CPU: 1 PID: 9609 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1843.214966] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1843.216874] Call Trace:
[ 1843.217487] dump_stack+0x107/0x167
[ 1843.218328] should_fail.cold+0x5/0xa
[ 1843.219199] ? copyin.part.0+0x112/0x140
[ 1843.220145] copy_page_from_iter+0x74d/0x900
[ 1843.221170] blk_rq_map_user_iov+0x138b/0x1a60
[ 1843.222227] ? copy_user_generic_string+0x2c/0x40
[ 1843.223343] ? iovec_from_user+0x104/0x400
[ 1843.224323] ? blk_rq_unmap_user+0x750/0x750
[ 1843.225405] ? __import_iovec+0x458/0x590
[ 1843.226408] ? import_iovec+0x83/0xb0
[ 1843.227293] sg_common_write.constprop.0+0xba7/0x1a30
[ 1843.228503] ? sg_build_indirect.isra.0+0x710/0x710
[ 1843.229647] ? __might_fault+0x73/0x180
[ 1843.230561] ? lock_downgrade+0x6d0/0x6d0
[ 1843.231531] ? cap_capable+0x1cd/0x230
[ 1843.232441] ? capable+0xe1/0x100
[ 1843.233246] sg_new_write.isra.0+0x529/0x770
[ 1843.234264] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1843.235515] ? lock_downgrade+0x6d0/0x6d0
[ 1843.236489] ? _cond_resched+0x12/0x80
[ 1843.237389] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1843.238706] ? scsi_check_sense+0x10f0/0x10f0
[ 1843.239745] ? perf_trace_lock+0xac/0x490
[ 1843.240699] ? SOFTIRQ_verbose+0x10/0x10
[ 1843.241655] sg_ioctl_common+0x828/0x2570
[ 1843.242621] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1843.243827] ? do_vfs_ioctl+0x283/0x10d0
[ 1843.244769] ? sg_write+0x120/0x120
[ 1843.245614] ? generic_block_fiemap+0x60/0x60
[ 1843.246654] ? lock_downgrade+0x6d0/0x6d0
[ 1843.247634] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1843.248756] ? wait_for_completion_io+0x270/0x270
[ 1843.249879] ? selinux_file_ioctl+0xb6/0x270
[ 1843.250886] ? sg_compat_ioctl+0x120/0x120
[ 1843.251868] sg_ioctl+0x8f/0x120
[ 1843.252650] __x64_sys_ioctl+0x19a/0x210
[ 1843.253588] do_syscall_64+0x33/0x40
[ 1843.254442] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1843.255627] RIP: 0033:0x7fde33c83b19
[ 1843.256483] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1843.260714] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1843.262460] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1843.264105] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1843.265734] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1843.267363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1843.269000] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:11:59 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d97217", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
[ 1843.476771] FAULT_INJECTION: forcing a failure.
[ 1843.476771] name failslab, interval 1, probability 0, space 0, times 0
[ 1843.480421] CPU: 1 PID: 9626 Comm: syz-executor.1 Not tainted 5.10.232 #1
[ 1843.482209] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1843.484361] Call Trace:
[ 1843.485044] dump_stack+0x107/0x167
[ 1843.485982] should_fail.cold+0x5/0xa
[ 1843.486935] ? fib_create_info+0x769/0x4a30
[ 1843.488026] should_failslab+0x5/0x20
[ 1843.488970] __kmalloc+0x72/0x390
[ 1843.489834] fib_create_info+0x769/0x4a30
[ 1843.490855] ? perf_trace_lock+0xac/0x490
[ 1843.491889] ? SOFTIRQ_verbose+0x10/0x10
[ 1843.492907] ? __lockdep_reset_lock+0x180/0x180
[ 1843.494286] ? lockdep_rtnl_is_held+0x22/0x30
[ 1843.495563] ? find_held_lock+0x2c/0x110
[ 1843.496650] ? fib_result_prefsrc+0x4a0/0x4a0
[ 1843.497936] ? __inet_dev_addr_type+0x249/0x820
[ 1843.499133] ? lock_downgrade+0x6d0/0x6d0
[ 1843.500357] fib_table_insert+0x1ca/0x1af0
[ 1843.501530] ? __fib_validate_source+0xaa0/0xaa0
[ 1843.502902] ? fib_route_seq_show+0xeb0/0xeb0
[ 1843.504220] ? security_capable+0x95/0xc0
[ 1843.505367] ? fib_new_table+0xfb/0x460
[ 1843.506436] ip_rt_ioctl+0xb28/0x1490
[ 1843.507558] ? fib_validate_source+0x4f0/0x4f0
[ 1843.508830] inet_ioctl+0x2eb/0x390
[ 1843.509914] ? inet_dgram_connect+0x200/0x200
[ 1843.511081] ? __lock_acquire+0xbb1/0x5b00
[ 1843.512303] ? perf_trace_lock+0xac/0x490
[ 1843.513415] ? SOFTIRQ_verbose+0x10/0x10
[ 1843.514560] sock_do_ioctl+0xd3/0x300
[ 1843.515464] ? compat_ifr_data_ioctl+0x180/0x180
[ 1843.516846] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410
[ 1843.518363] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1843.519867] ? do_vfs_ioctl+0x283/0x10d0
[ 1843.520927] ? selinux_bprm_creds_for_exec+0xb60/0xb60
[ 1843.522334] ? generic_block_fiemap+0x60/0x60
[ 1843.523426] ? lock_downgrade+0x6d0/0x6d0
[ 1843.524673] sock_ioctl+0x3ea/0x700
[ 1843.525554] ? dlci_ioctl_set+0x30/0x30
[ 1843.526558] ? selinux_file_ioctl+0xb6/0x270
[ 1843.527877] ? dlci_ioctl_set+0x30/0x30
[ 1843.529081] __x64_sys_ioctl+0x19a/0x210
[ 1843.530110] do_syscall_64+0x33/0x40
[ 1843.531047] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1843.532306] RIP: 0033:0x7f26989aab19
[ 1843.533195] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1843.537608] RSP: 002b:00007f2695f20188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1843.539441] RAX: ffffffffffffffda RBX: 00007f2698abdf60 RCX: 00007f26989aab19
[ 1843.541125] RDX: 00000000200000c0 RSI: 000000000000890b RDI: 0000000000000004
[ 1843.542805] RBP: 00007f2695f201d0 R08: 0000000000000000 R09: 0000000000000000
[ 1843.544480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1843.546150] R13: 00007ffcea6521af R14: 00007f2695f20300 R15: 0000000000022000
[ 1843.658693] audit: type=1326 audit(1736309519.397:82): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=9614 comm="syz-executor.6" exe="/syz-executor.6" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f28f17d9b19 code=0x0
04:12:16 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 89)
04:12:16 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0x2e, 0x4, @tid=r0}, &(0x7f0000000040)=<r1=>0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
clock_gettime(0x0, &(0x7f00000000c0)={<r3=>0x0, <r4=>0x0})
timer_settime(r1, 0x0, &(0x7f0000000100)={{r3, r4+60000000}}, &(0x7f0000000140))
bind$bt_l2cap(r2, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0xfffb}, 0xe)
connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
r5 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$SG_IO(r6, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x4, 0x0})
connect$bt_l2cap(r6, &(0x7f00000001c0)={0x1f, 0x1, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0xdb, 0x2}, 0xe)
04:12:16 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x3eb5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x40000022}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x4, 0x0, @fd=r3, 0x0, 0x0}, 0x80000001)
io_uring_enter(r0, 0x8058ab, 0x2, 0x1, 0x0, 0x0)
04:12:16 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d97217", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:12:16 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x800}, 0x0, 0x0, 0x0, 0x0, 0x9, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000240)=""/134, 0x86}, {&(0x7f0000000000)=""/25, 0x19}], 0x2, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
poll(&(0x7f0000000340)=[{0xffffffffffffffff, 0x5428}, {r0, 0x4004}, {r0, 0x2000}], 0x3, 0x8)
syz_usb_connect$cdc_ecm(0x6, 0x6c, &(0x7f0000000080)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5a, 0x1, 0x1, 0xf8, 0x30, 0x40, [{{0x9, 0x4, 0x0, 0x1, 0x3, 0x2, 0x6, 0x0, 0x87, {{0x6, 0x24, 0x6, 0x0, 0x0, "1b"}, {0x5, 0x24, 0x0, 0xa6}, {0xd, 0x24, 0xf, 0x1, 0xf7, 0xd1c, 0x1000, 0x6}, [@mdlm={0x15, 0x24, 0x12, 0x3f}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x400, 0xe9, 0x9}}], {{0x9, 0x5, 0x82, 0x2, 0x3ff, 0x7f, 0x0, 0x1}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0x2, 0x10, 0x20}}}}}]}}]}}, &(0x7f0000000840)={0xa, &(0x7f0000000640)={0xa, 0x6, 0x310, 0x9, 0x3, 0x12, 0x8, 0x40}, 0xa8, &(0x7f0000000680)=ANY=[@ANYBLOB="050fa800031c100a800409000000779d0000c0000000000000f000000000c0000003100b8410049b0226ca692ec6016ef24f5a6f851db781c52864304dd23f84d61ef411127ef45bfc771c226dab4499f5352f1360e23ead65b14f0ef12950b1cbafc395fba7ecad0d87347ab346ff07000000b3e86574e77cc5ea97b52573adb47d2b2a3088708fee400e598b2d0c9d7bc39cedc594faabdb2e419a805e03c77195a22b212bbab4"], 0x3, [{0x4, &(0x7f0000000740)=@lang_id={0x4, 0x3, 0x1c30}}, {0x4, &(0x7f0000000780)=@lang_id={0x4, 0x3, 0x455}}, {0x5a, &(0x7f0000000140)=ANY=[@ANYBLOB="5a030104530b71390e6a7038be62dd4cf982a81d877967656c200a769250cec0ed9c13bc020f8e94c4f514d3c515d5fb2839a80d0700177e1ebd4722437b0000000000004254dc69d37461c98889519869a13b8fda1dea4913d5287bb8"]}]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000340)={<r2=>0x0}, &(0x7f0000000380)=0xc)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
setresuid(0x0, 0x0, r3)
sendmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r2, r3}}}], 0x20}, 0x0)
clone3(&(0x7f0000001e00)={0x21240400, &(0x7f00000001c0), &(0x7f0000001bc0), &(0x7f0000001b80), {0x1b}, &(0x7f0000001f00)=""/149, 0x95, &(0x7f0000001d00)=""/170, &(0x7f0000001dc0)=[0x0, r2, 0xffffffffffffffff], 0x53}, 0x58)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000440)=<r4=>0x0)
r5 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$SG_IO(r6, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x4, 0x0})
clone3(&(0x7f00000005c0)={0x80000000, &(0x7f0000000380), &(0x7f00000003c0), &(0x7f0000000400), {0x3e}, &(0x7f0000000880)=""/4096, 0x1000, &(0x7f00000004c0)=""/146, &(0x7f0000000580)=[0x0, 0x0, 0x0, r2, 0xffffffffffffffff, 0x0, r4, 0xffffffffffffffff], 0x8, {r6}}, 0x58)
timer_settime(0x0, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x6}}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000300)={0x2, 0x4e23, @loopback}, 0x10)
clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58)
04:12:16 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{0x0}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:12:16 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}}) (fail_nth: 3)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:12:16 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x34, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
[ 1860.999703] FAULT_INJECTION: forcing a failure.
[ 1860.999703] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1861.003358] CPU: 0 PID: 9649 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1861.005612] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1861.007907] Call Trace:
[ 1861.008634] dump_stack+0x107/0x167
[ 1861.009571] should_fail.cold+0x5/0xa
[ 1861.010553] ? copyin.part.0+0x112/0x140
[ 1861.011594] copy_page_from_iter+0x74d/0x900
[ 1861.012748] blk_rq_map_user_iov+0x138b/0x1a60
[ 1861.013940] ? blk_rq_unmap_user+0x750/0x750
[ 1861.015065] ? __import_iovec+0x244/0x590
[ 1861.016129] ? __import_iovec+0x458/0x590
[ 1861.017212] ? import_iovec+0x83/0xb0
[ 1861.018222] sg_common_write.constprop.0+0xba7/0x1a30
[ 1861.019583] ? sg_build_indirect.isra.0+0x710/0x710
[ 1861.020871] ? __might_fault+0x73/0x180
[ 1861.021803] ? lock_downgrade+0x6d0/0x6d0
[ 1861.022750] ? cap_capable+0x1cd/0x230
[ 1861.023665] ? capable+0xe1/0x100
[ 1861.024455] sg_new_write.isra.0+0x529/0x770
[ 1861.025479] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1861.026709] ? lock_downgrade+0x6d0/0x6d0
[ 1861.027689] ? _cond_resched+0x12/0x80
[ 1861.028614] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1861.029948] ? scsi_check_sense+0x10f0/0x10f0
[ 1861.030973] ? perf_trace_lock+0xac/0x490
[ 1861.031928] ? perf_trace_lock+0xac/0x490
[ 1861.032899] sg_ioctl_common+0x828/0x2570
[ 1861.033864] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1861.035041] ? do_vfs_ioctl+0x283/0x10d0
[ 1861.035981] ? sg_write+0x120/0x120
[ 1861.036834] ? generic_block_fiemap+0x60/0x60
[ 1861.037872] ? lock_downgrade+0x6d0/0x6d0
[ 1861.038830] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1861.039954] ? wait_for_completion_io+0x270/0x270
[ 1861.041097] ? selinux_file_ioctl+0xb6/0x270
[ 1861.042115] ? sg_compat_ioctl+0x120/0x120
[ 1861.043100] sg_ioctl+0x8f/0x120
[ 1861.043889] __x64_sys_ioctl+0x19a/0x210
[ 1861.044843] do_syscall_64+0x33/0x40
[ 1861.045706] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1861.046896] RIP: 0033:0x7fde33c83b19
[ 1861.047753] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1861.052044] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1861.053812] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1861.055467] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1861.057130] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1861.058781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1861.060448] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:12:16 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
[ 1861.101628] FAULT_INJECTION: forcing a failure.
[ 1861.101628] name failslab, interval 1, probability 0, space 0, times 0
[ 1861.104426] CPU: 0 PID: 9656 Comm: syz-executor.1 Not tainted 5.10.232 #1
[ 1861.106011] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1861.108148] Call Trace:
[ 1861.108765] dump_stack+0x107/0x167
[ 1861.109615] should_fail.cold+0x5/0xa
[ 1861.110507] ? create_object.isra.0+0x3a/0xa20
[ 1861.111556] should_failslab+0x5/0x20
[ 1861.112456] kmem_cache_alloc+0x5b/0x310
[ 1861.113410] create_object.isra.0+0x3a/0xa20
[ 1861.114430] ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 1861.115608] __kmalloc+0x16e/0x390
[ 1861.116459] fib_create_info+0x769/0x4a30
[ 1861.117394] ? perf_trace_lock+0xac/0x490
[ 1861.118340] ? SOFTIRQ_verbose+0x10/0x10
[ 1861.119278] ? __lockdep_reset_lock+0x180/0x180
[ 1861.120356] ? lockdep_rtnl_is_held+0x22/0x30
[ 1861.121377] ? find_held_lock+0x2c/0x110
[ 1861.122300] ? fib_result_prefsrc+0x4a0/0x4a0
[ 1861.123317] ? __inet_dev_addr_type+0x249/0x820
[ 1861.124428] ? lock_downgrade+0x6d0/0x6d0
[ 1861.125389] fib_table_insert+0x1ca/0x1af0
[ 1861.126364] ? __fib_validate_source+0xaa0/0xaa0
[ 1861.127431] ? fib_route_seq_show+0xeb0/0xeb0
[ 1861.128464] ? security_capable+0x95/0xc0
[ 1861.129397] ? fib_new_table+0xfb/0x460
[ 1861.130296] ip_rt_ioctl+0xb28/0x1490
[ 1861.131160] ? fib_validate_source+0x4f0/0x4f0
[ 1861.132246] inet_ioctl+0x2eb/0x390
[ 1861.133064] ? inet_dgram_connect+0x200/0x200
[ 1861.134080] ? __lock_acquire+0xbb1/0x5b00
[ 1861.135072] ? perf_trace_lock+0xac/0x490
[ 1861.136010] ? SOFTIRQ_verbose+0x10/0x10
[ 1861.136940] sock_do_ioctl+0xd3/0x300
[ 1861.137800] ? compat_ifr_data_ioctl+0x180/0x180
[ 1861.138864] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410
[ 1861.140156] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1861.141312] ? do_vfs_ioctl+0x283/0x10d0
[ 1861.142222] ? selinux_bprm_creds_for_exec+0xb60/0xb60
[ 1861.143393] ? generic_block_fiemap+0x60/0x60
[ 1861.144403] ? lock_downgrade+0x6d0/0x6d0
[ 1861.145340] sock_ioctl+0x3ea/0x700
[ 1861.146157] ? dlci_ioctl_set+0x30/0x30
[ 1861.147063] ? selinux_file_ioctl+0xb6/0x270
[ 1861.148071] ? dlci_ioctl_set+0x30/0x30
[ 1861.148968] __x64_sys_ioctl+0x19a/0x210
[ 1861.149898] do_syscall_64+0x33/0x40
[ 1861.150736] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1861.151884] RIP: 0033:0x7f26989aab19
[ 1861.152736] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1861.156872] RSP: 002b:00007f2695f20188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1861.158570] RAX: ffffffffffffffda RBX: 00007f2698abdf60 RCX: 00007f26989aab19
[ 1861.160185] RDX: 00000000200000c0 RSI: 000000000000890b RDI: 0000000000000004
[ 1861.161780] RBP: 00007f2695f201d0 R08: 0000000000000000 R09: 0000000000000000
[ 1861.163376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1861.164977] R13: 00007ffcea6521af R14: 00007f2695f20300 R15: 0000000000022000
04:12:16 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000600)=@IORING_OP_ASYNC_CANCEL={0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x4)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
r2 = openat$vcsu(0xffffffffffffff9c, &(0x7f00000000c0), 0x10040, 0x0)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r2, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @scatter={0x6, 0x0, &(0x7f0000000580)=[{&(0x7f0000000100)=""/32, 0x20}, {&(0x7f0000000140)=""/48, 0x30}, {&(0x7f00000001c0)=""/205, 0xc8}, {&(0x7f00000002c0)=""/246, 0xf6}, {&(0x7f0000000440)=""/148, 0x94}, {&(0x7f0000000500)=""/74, 0x4a}]}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x3, 0x0})
connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x2, @fixed, 0x3}, 0xe)
04:12:16 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x35, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:12:16 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 90)
04:12:16 executing program 6:
clone3(&(0x7f0000001200)={0x88318d00, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
ioctl$AUTOFS_IOC_ASKUMOUNT(0xffffffffffffffff, 0x80049370, &(0x7f0000000000))
keyctl$set_reqkey_keyring(0xe, 0x0)
keyctl$set_reqkey_keyring(0xe, 0x1)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x0, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x4, 0x0})
openat(r1, &(0x7f00000000c0)='./file0\x00', 0x210000, 0x120)
openat$full(0xffffffffffffff9c, &(0x7f0000000100), 0x432802, 0x0)
request_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f0000000280)={'syz', 0x1, 0x5}, &(0x7f0000000180)=':\x15\x00U\x1bT;\xfa4\b\x00\xa0\x9d&\xb0Z\xdfv\x8b\x84\x87\xa8K\xff\xb5\xce\xb4\xa7\xab\xc6\xf1\a\xdb\xc2m\xb2w\b\xb7*v\xfdo\x83\'\xd9[\xee|4\x00\x00\xe8\xad)\xa3x\xa3\xea\xdb\xf4\xf5F\xc0H\v\x8d\xbc\x9e)&nH\x032\x15\x80\x19\xc0\f\x9aa\xe7\xdb\x8e\xd3\x80*\xed\x82CT\xb3j%\x94\x15\xc6\xc1\xc2\x82\x83\xdc\xf6sqF\x9cX\x00\x00\x00\x00\x00\x00\x000?\a\xa8\x1c\x86\x12\xcf\xda\xd1_\x05\xc3\x8dR\x85#\x02\x96-\xee(^\x841\xc6\xe6', 0x0)
keyctl$set_reqkey_keyring(0xe, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
fcntl$dupfd(r2, 0x0, r2)
fcntl$F_SET_RW_HINT(r2, 0x40c, &(0x7f0000000140)=0x3)
keyctl$set_reqkey_keyring(0xe, 0x0)
keyctl$set_reqkey_keyring(0xe, 0x1)
keyctl$set_reqkey_keyring(0xe, 0x4)
04:12:17 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}}) (fail_nth: 4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:12:17 executing program 0:
r0 = syz_open_dev$vcsa(0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_GET_SURVEY(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat(r0, &(0x7f0000000000)='./file1\x00', 0x882c2, 0x2)
fallocate(r1, 0x0, 0x0, 0x1000002)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x121042, 0xa3)
writev(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000180)='net/ip_tables_matches\x00')
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), r3)
newfstatat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file0\x00', &(0x7f0000000340), 0x1000)
bind(0xffffffffffffffff, &(0x7f00000002c0)=@nfc={0x27, 0x0, 0x0, 0x1}, 0x80)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x40094}, 0x0)
r4 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r2, r4, 0x0, 0x100000001)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1000009, 0x1f012, r1, 0x0)
[ 1861.487938] FAULT_INJECTION: forcing a failure.
[ 1861.487938] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1861.490565] CPU: 1 PID: 9670 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1861.492198] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1861.494210] Call Trace:
[ 1861.494758] dump_stack+0x107/0x167
[ 1861.495516] should_fail.cold+0x5/0xa
[ 1861.496345] ? copyin.part.0+0x112/0x140
[ 1861.497213] copy_page_from_iter+0x74d/0x900
[ 1861.498164] blk_rq_map_user_iov+0x138b/0x1a60
[ 1861.499139] ? copy_user_generic_string+0x2c/0x40
[ 1861.500172] ? iovec_from_user+0x104/0x400
[ 1861.501068] ? blk_rq_unmap_user+0x750/0x750
[ 1861.502002] ? __import_iovec+0x458/0x590
[ 1861.502896] ? import_iovec+0x83/0xb0
[ 1861.503712] sg_common_write.constprop.0+0xba7/0x1a30
[ 1861.504827] ? sg_build_indirect.isra.0+0x710/0x710
[ 1861.505873] ? __might_fault+0x73/0x180
[ 1861.506713] ? lock_downgrade+0x6d0/0x6d0
[ 1861.507593] ? cap_capable+0x1cd/0x230
[ 1861.508430] ? capable+0xe1/0x100
[ 1861.509177] sg_new_write.isra.0+0x529/0x770
[ 1861.510110] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1861.511251] ? lock_downgrade+0x6d0/0x6d0
[ 1861.512150] ? _cond_resched+0x12/0x80
[ 1861.512979] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1861.514190] ? scsi_check_sense+0x10f0/0x10f0
[ 1861.515153] ? perf_trace_lock+0xac/0x490
[ 1861.516031] ? SOFTIRQ_verbose+0x10/0x10
[ 1861.516909] sg_ioctl_common+0x828/0x2570
[ 1861.517793] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1861.518879] ? do_vfs_ioctl+0x283/0x10d0
[ 1861.519730] ? sg_write+0x120/0x120
[ 1861.520508] ? generic_block_fiemap+0x60/0x60
[ 1861.521451] ? lock_downgrade+0x6d0/0x6d0
[ 1861.522330] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1861.523353] ? wait_for_completion_io+0x270/0x270
[ 1861.524386] ? selinux_file_ioctl+0xb6/0x270
[ 1861.525309] ? sg_compat_ioctl+0x120/0x120
[ 1861.526207] sg_ioctl+0x8f/0x120
[ 1861.526926] __x64_sys_ioctl+0x19a/0x210
[ 1861.527789] do_syscall_64+0x33/0x40
[ 1861.528583] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1861.529663] RIP: 0033:0x7fde33c83b19
[ 1861.530450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1861.534359] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1861.535952] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1861.537411] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1861.538858] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1861.540314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1861.541757] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
[ 1861.574655] FAULT_INJECTION: forcing a failure.
[ 1861.574655] name failslab, interval 1, probability 0, space 0, times 0
[ 1861.577643] CPU: 1 PID: 9681 Comm: syz-executor.1 Not tainted 5.10.232 #1
[ 1861.579397] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1861.581317] Call Trace:
[ 1861.581942] dump_stack+0x107/0x167
[ 1861.582891] should_fail.cold+0x5/0xa
[ 1861.583713] ? create_object.isra.0+0x3a/0xa20
[ 1861.584664] should_failslab+0x5/0x20
[ 1861.585555] kmem_cache_alloc+0x5b/0x310
[ 1861.586451] create_object.isra.0+0x3a/0xa20
[ 1861.587486] kmemleak_alloc_percpu+0xa0/0x100
[ 1861.588642] pcpu_alloc+0x4e2/0x1240
[ 1861.589575] fib_nh_init+0xc1/0x4d0
[ 1861.590360] fib_create_info+0x22b3/0x4a30
[ 1861.591408] ? find_held_lock+0x2c/0x110
[ 1861.592383] ? fib_result_prefsrc+0x4a0/0x4a0
[ 1861.593294] ? __inet_dev_addr_type+0x249/0x820
[ 1861.594221] ? lock_downgrade+0x6d0/0x6d0
[ 1861.595056] fib_table_insert+0x1ca/0x1af0
[ 1861.595927] ? __fib_validate_source+0xaa0/0xaa0
[ 1861.596898] ? fib_route_seq_show+0xeb0/0xeb0
[ 1861.597810] ? security_capable+0x95/0xc0
[ 1861.598661] ? fib_new_table+0xfb/0x460
[ 1861.599465] ip_rt_ioctl+0xb28/0x1490
[ 1861.600251] ? fib_validate_source+0x4f0/0x4f0
[ 1861.601209] inet_ioctl+0x2eb/0x390
[ 1861.601943] ? inet_dgram_connect+0x200/0x200
[ 1861.602847] ? __lock_acquire+0xbb1/0x5b00
[ 1861.603704] ? perf_trace_lock+0xac/0x490
[ 1861.604543] ? SOFTIRQ_verbose+0x10/0x10
[ 1861.605380] sock_do_ioctl+0xd3/0x300
[ 1861.606149] ? compat_ifr_data_ioctl+0x180/0x180
[ 1861.607102] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410
[ 1861.608270] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1861.609301] ? do_vfs_ioctl+0x283/0x10d0
[ 1861.610124] ? selinux_bprm_creds_for_exec+0xb60/0xb60
[ 1861.611170] ? generic_block_fiemap+0x60/0x60
[ 1861.612085] ? lock_downgrade+0x6d0/0x6d0
[ 1861.612921] sock_ioctl+0x3ea/0x700
[ 1861.613652] ? dlci_ioctl_set+0x30/0x30
[ 1861.614456] ? selinux_file_ioctl+0xb6/0x270
[ 1861.615347] ? dlci_ioctl_set+0x30/0x30
[ 1861.616183] __x64_sys_ioctl+0x19a/0x210
[ 1861.617104] do_syscall_64+0x33/0x40
[ 1861.617847] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1861.618883] RIP: 0033:0x7f26989aab19
[ 1861.619625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1861.623261] RSP: 002b:00007f2695f20188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1861.624796] RAX: ffffffffffffffda RBX: 00007f2698abdf60 RCX: 00007f26989aab19
[ 1861.626205] RDX: 00000000200000c0 RSI: 000000000000890b RDI: 0000000000000004
[ 1861.627613] RBP: 00007f2695f201d0 R08: 0000000000000000 R09: 0000000000000000
[ 1861.629033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1861.630453] R13: 00007ffcea6521af R14: 00007f2695f20300 R15: 0000000000022000
04:12:17 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x36, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:12:34 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:12:34 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x46e2, 0x0)
ftruncate(r0, 0x1000004)
ioctl$FS_IOC_FSSETXATTR(r0, 0x40086602, &(0x7f0000000000))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {<r2=>r1}}, './file0\x00'})
openat(r2, &(0x7f0000000100)='./file0\x00', 0x408282, 0x1ef)
lseek(r1, 0x0, 0x2)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
fadvise64(r3, 0x0, 0x0, 0x1)
copy_file_range(r3, 0x0, r1, 0x0, 0x200f5ef, 0x0)
04:12:34 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:12:34 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 91)
04:12:34 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}}) (fail_nth: 5)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:12:34 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x37, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:12:34 executing program 6:
r0 = add_key$keyring(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
add_key$fscrypt_v1(0x0, 0x0, &(0x7f0000000440)={0x0, "9b55f610ffe7b9856842eb69443042b20caac33d7dda6ec6986b177fa13c2bd2c68577ea852c8bb47f31ee549b6a921e231ef07ee0f7fca620564faeeeafa440"}, 0x48, 0x0)
r1 = add_key$keyring(&(0x7f0000000040), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f0000000240)='asymmetric\x00', &(0x7f0000000000)=@keyring={'key_or_keyring:', 0x0, 0xa})
r2 = request_key(&(0x7f0000000240)='.request_key_auth\x00', &(0x7f0000000280)={'syz', 0x3}, &(0x7f0000000380)='dns_resolver\x00', r1)
add_key$fscrypt_provisioning(&(0x7f0000000000), &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000900)=ANY=[@ANYRESDEC=r2, @ANYRESDEC], 0x48, r0)
add_key$fscrypt_v1(&(0x7f0000000700), &(0x7f0000000a80)={'fscrypt:', @desc4}, &(0x7f0000000c00)={0x0, "5442d3af94286617e38fbec341d65b5e37c5e85d4c13a61ecbf987289f816e00d4534801f712c80b7eeec11ca269ad6a312fd0f60ed9a7e2dc81db3e462b9f76", 0x24}, 0x48, 0xfffffffffffffffd)
r3 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f00000006c0)={'fscrypt:', @desc3}, &(0x7f0000000740)={0x0, "3ef8a4c24927541ee4e5f8f0b6b073f3a14d9e238c0905546a9d62c9625f460dacb026ba3f615f7fdd3496dc19ed7064fc4d0bd8c5f4b761484442989c621844", 0x37}, 0x48, 0xfffffffffffffffb)
r4 = add_key$keyring(&(0x7f00000003c0), &(0x7f0000000400)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
r5 = add_key$keyring(&(0x7f00000005c0), &(0x7f0000000600)={'syz', 0x3}, 0x0, 0x0, r4)
request_key(&(0x7f0000000080)='dns_resolver\x00', &(0x7f0000000040)={'syz', 0x0, 0x2}, &(0x7f0000000440)='\xe8\xff\xff\xff\xff\xff\xff\xff\x00\x9d\x00\xf1\xad\xa2.\x803\x7f\xb5U\x18w\xae\x91mLO\x85\xc1D\xf8/\x19Vc\xb0\xc8\xaba\xa9T\xb2\xa4\x9d8\x13kc|Lgj V{\xddKF\xbb6\xf5\xa2\xe5\\/\xf0] \x0e2\xb5o4\xba\x98\x1e{\xcfZ\x1d\x84\xe0\xa5V\x1c3\xd78A\x9eK\x16\xfcXD\xe3\x9a,W\xb3\xc0\xeb\xcd\xf6\x89\x95\x9e\xa9\xc2H\xc5\xaa\xd8\x101!\xa3\x83\x1b\x83m\xe3RK8\xeby\xaa\x88\x94a\xea\xab#\xce*\x0f\xa0\x8c\xca\x15\xea\xdaf:\xf6\x1b\xbf\x9fR\xba\xb5\xb0\xf7\xf5g\xb1\xdcU;\x1bL\xbd\v\xc4\xf8\xf5\xd8\xd3\xba\x8a5\xa0\x00\xc2\xd7\xe0Y\xd3\xa27\xb4S\xb1bd\x05\x9bD\x01\x85b5U\xb4\x8c\x17\xf4f0P\x9f\xe9`W\xb4\xe0\xf0\x19\xc2\x87P><\xb48\xd2Jb,7\xdc2/\xdd_\xdbXT\xffZ\x12p\xac\xdb[\x00\x00\x00<J\x98\n\xfbf!3\xd7\xefk\xc0S\x95\x03\x03\xda\xac\xce\xe6Z\x14;87\xcf\xf1\xce\xe6:>\xf1\xdc\xd4\x99C9\x90\x10T\xf4:\xd6\x15\xff\xe06\x99iM;\xd6\x8c\x96\xdes\xa2\xa7v>\xd8W\xf6B\x9e-*\x83\x1c\xe1\x04\x15E\xa2\xe2S\xee\xb1\x97B\xa7\x9cKN\xfb\x14m\x84\x85A\xb7\x10g\x86\x04\x148{\vh\x14\x94\x81?\x14\xc7\xb5\xd9\xc1\x8f\x9e\xb9l\xbb\xb1H\xa3e\x7f-\xfb\xc2L\xe5\xf6p\xc5\x82\xcb\x85\xe80\xaf6\xf3\xd5\xa1\xe0\xc9\xe6\xb0', r5)
request_key(&(0x7f0000000180)='ceph\x00', &(0x7f0000000340)={'syz', 0x1}, &(0x7f0000000640)=',0l\x86\x00', 0xfffffffffffffff8)
request_key(&(0x7f00000008c0)='rxrpc\x00', &(0x7f0000000800)={'syz', 0x1}, &(0x7f0000000c80)='\xb5\x11\xfa\xda^\x1b\a]\xb5\xadOt[\xaa8\x0f\xf6\xe4\xb9Y\xeeUL`\x9f\x02\xff\xd4\xc3\xae>`s\x86C\xf1\xf4\xee\x06\x00}O\x9eGd\xbdv\x1f\x0eF\x00\xb1\x1e\x9f\x9cm\xde\xb5b\xcb\xeb\x9c\xcf\xf4\x14\xc2-\x9b$eq\xf2\xd2l\b\xde\x101\t\xe5\xc7\xd1\x8e\xed\xc7\t]J\r9\\t\xa1\xd5\xa8Q\xc1L\x7f\x9d\x1d\xfb\x1d\xef\x8dY_\xb3l\xaf\xe1\xd2\xb1H~,\xac\xa6]\xa9\xbf\"\xbb\xc1\xd2\xa7_}\xd3\x1a\x89WPD/\xb5\xb5ux+cG\x04\v\tn\xd7\x83tII\xc7\xd7`m\xb8\xdb8\x0ew\x17\x7ffE\xdb\x89\x06\xf9\xcc\xad&=G\xb9\t\xbc?ju2\xd3\xfc\xa8Cq\x01\xc2\xb6\xb2.\x18\xc7\xb5\xb9\xaf\x96\xe7\x06\x05\xd0\\,\xf3\xf5\'/\xeb\xbb\xe2I\x19\xe7x\xdb\xed+\x94@\x8d\xe5\x83#\xd5\x18W\xb4?\xbc^\x93\xfa\xa3\xeb\'\rh\xb9I\x9d\xe9\x80g\x19\x10\xa9\xb56\xde\x82\x80\xf9\xa7\x03Q\xf4\aP\xf0\x9d\xc9\x83\x00'/277, 0xfffffffffffffffd)
add_key$keyring(&(0x7f0000000200), &(0x7f0000000680)={'syz', 0x1}, 0x0, 0x0, r3)
keyctl$KEYCTL_MOVE(0x1e, r3, 0x0, r4, 0x0)
add_key$fscrypt_v1(&(0x7f00000007c0), 0x0, &(0x7f0000000840)={0x0, "9963a2e8c6e15a8df2985ff3f30bfb18231157c43ccd7e75a9467b54425d6e2f479b28c3f7bddce1ef96626900d60d00", 0x4}, 0x48, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0x9}}, 0x0, 0x1, 0xffffffffffffffff, 0x0)
keyctl$update(0x2, r1, &(0x7f0000000b40)="fb5618ef0688b43670845397ffce554b073a6f8b19aabadf037d8367b7fd5fb5acb4a4177f81cb7f11c797e399e8aa75abce52149101ffb3a330b9289bf095f5184e0ca95723c6b88ab495baf426a21b1994e92be84d447fc838cefcd39c0c596aa275d95cfcb4ce4ca905ac4654ab7a1f5dbe0bc4ceb49e8d8707be429f27dcfff966d57db1e17c88ae52ad5dee6db69b30f91ba2e087cd21139c2acc80da72fdaf1df765b76524dd333140b59d30577afb", 0xb2)
clone3(&(0x7f0000000ac0)={0x17412c500, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
[ 1878.710600] FAULT_INJECTION: forcing a failure.
[ 1878.710600] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1878.713639] CPU: 0 PID: 9706 Comm: syz-executor.5 Not tainted 5.10.232 #1
04:12:34 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timer_create(0x3, 0x0, &(0x7f0000000040)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
clock_gettime(0x0, &(0x7f00000000c0)={<r2=>0x0, <r3=>0x0})
timer_settime(r1, 0x1, &(0x7f0000000100)={{r2, r3+60000000}}, &(0x7f0000000140))
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
[ 1878.715285] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1878.717305] Call Trace:
[ 1878.717926] dump_stack+0x107/0x167
[ 1878.718776] should_fail.cold+0x5/0xa
[ 1878.719646] ? copyin.part.0+0x112/0x140
[ 1878.720583] copy_page_from_iter+0x74d/0x900
[ 1878.721613] blk_rq_map_user_iov+0x138b/0x1a60
[ 1878.722665] ? copy_user_generic_string+0x2c/0x40
[ 1878.723778] ? iovec_from_user+0x104/0x400
[ 1878.724751] ? blk_rq_unmap_user+0x750/0x750
[ 1878.725759] ? __import_iovec+0x458/0x590
[ 1878.726723] ? import_iovec+0x83/0xb0
[ 1878.727604] sg_common_write.constprop.0+0xba7/0x1a30
[ 1878.728808] ? sg_build_indirect.isra.0+0x710/0x710
[ 1878.729951] ? __might_fault+0x73/0x180
[ 1878.730862] ? lock_downgrade+0x6d0/0x6d0
[ 1878.731314] FAULT_INJECTION: forcing a failure.
[ 1878.731314] name failslab, interval 1, probability 0, space 0, times 0
[ 1878.731816] ? cap_capable+0x1cd/0x230
[ 1878.731853] ? capable+0xe1/0x100
[ 1878.731880] sg_new_write.isra.0+0x529/0x770
[ 1878.731908] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1878.731929] ? lock_downgrade+0x6d0/0x6d0
[ 1878.731971] ? _cond_resched+0x12/0x80
[ 1878.731994] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1878.732015] ? scsi_check_sense+0x10f0/0x10f0
[ 1878.732038] ? perf_trace_lock+0xac/0x490
[ 1878.732057] ? SOFTIRQ_verbose+0x10/0x10
[ 1878.732092] sg_ioctl_common+0x828/0x2570
[ 1878.732117] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1878.732138] ? do_vfs_ioctl+0x283/0x10d0
[ 1878.732157] ? sg_write+0x120/0x120
[ 1878.732176] ? generic_block_fiemap+0x60/0x60
[ 1878.732195] ? lock_downgrade+0x6d0/0x6d0
[ 1878.732217] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1878.732245] ? wait_for_completion_io+0x270/0x270
[ 1878.732277] ? selinux_file_ioctl+0xb6/0x270
[ 1878.732296] ? sg_compat_ioctl+0x120/0x120
[ 1878.732318] sg_ioctl+0x8f/0x120
[ 1878.732342] __x64_sys_ioctl+0x19a/0x210
[ 1878.732365] do_syscall_64+0x33/0x40
[ 1878.732384] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1878.732405] RIP: 0033:0x7fde33c83b19
[ 1878.758111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1878.762742] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1878.764779] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1878.766485] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1878.768158] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1878.769799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1878.771431] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
[ 1878.773123] CPU: 1 PID: 9704 Comm: syz-executor.1 Not tainted 5.10.232 #1
[ 1878.774496] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1878.776090] Call Trace:
[ 1878.776582] dump_stack+0x107/0x167
[ 1878.777264] should_fail.cold+0x5/0xa
[ 1878.777961] ? create_object.isra.0+0x3a/0xa20
[ 1878.778798] should_failslab+0x5/0x20
[ 1878.779488] kmem_cache_alloc+0x5b/0x310
[ 1878.780229] ? mark_held_locks+0x9e/0xe0
[ 1878.780975] create_object.isra.0+0x3a/0xa20
[ 1878.781786] kmemleak_alloc_percpu+0xa0/0x100
[ 1878.782588] pcpu_alloc+0x4e2/0x1240
[ 1878.783301] fib_nh_init+0xc1/0x4d0
[ 1878.783983] fib_create_info+0x22b3/0x4a30
[ 1878.784822] ? find_held_lock+0x2c/0x110
[ 1878.785584] ? fib_result_prefsrc+0x4a0/0x4a0
[ 1878.786404] ? __inet_dev_addr_type+0x249/0x820
[ 1878.787257] ? lock_downgrade+0x6d0/0x6d0
[ 1878.788060] fib_table_insert+0x1ca/0x1af0
[ 1878.788882] ? __fib_validate_source+0xaa0/0xaa0
[ 1878.789767] ? fib_route_seq_show+0xeb0/0xeb0
[ 1878.790623] ? security_capable+0x95/0xc0
[ 1878.791389] ? fib_new_table+0xfb/0x460
[ 1878.792145] ip_rt_ioctl+0xb28/0x1490
[ 1878.793000] ? fib_validate_source+0x4f0/0x4f0
[ 1878.794370] inet_ioctl+0x2eb/0x390
[ 1878.795410] ? inet_dgram_connect+0x200/0x200
[ 1878.796737] ? __lock_acquire+0xbb1/0x5b00
[ 1878.797710] ? perf_trace_lock+0xac/0x490
[ 1878.798598] ? SOFTIRQ_verbose+0x10/0x10
[ 1878.799475] sock_do_ioctl+0xd3/0x300
[ 1878.800290] ? compat_ifr_data_ioctl+0x180/0x180
[ 1878.801312] ? ioctl_has_perm.constprop.0.isra.0+0x29a/0x410
[ 1878.802530] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1878.803624] ? do_vfs_ioctl+0x283/0x10d0
[ 1878.804482] ? selinux_bprm_creds_for_exec+0xb60/0xb60
[ 1878.805703] ? generic_block_fiemap+0x60/0x60
[ 1878.806796] ? lock_downgrade+0x6d0/0x6d0
[ 1878.807796] sock_ioctl+0x3ea/0x700
[ 1878.808680] ? dlci_ioctl_set+0x30/0x30
[ 1878.809567] ? selinux_file_ioctl+0xb6/0x270
[ 1878.810513] ? dlci_ioctl_set+0x30/0x30
[ 1878.811369] __x64_sys_ioctl+0x19a/0x210
[ 1878.812244] do_syscall_64+0x33/0x40
[ 1878.813058] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1878.814164] RIP: 0033:0x7f26989aab19
[ 1878.814958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1878.818893] RSP: 002b:00007f2695f20188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1878.820519] RAX: ffffffffffffffda RBX: 00007f2698abdf60 RCX: 00007f26989aab19
[ 1878.822036] RDX: 00000000200000c0 RSI: 000000000000890b RDI: 0000000000000004
[ 1878.823551] RBP: 00007f2695f201d0 R08: 0000000000000000 R09: 0000000000000000
[ 1878.825080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1878.826596] R13: 00007ffcea6521af R14: 00007f2695f20300 R15: 0000000000022000
04:12:34 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:12:34 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x38, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:12:34 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 92)
04:12:34 executing program 6:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000340)=<r2=>0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000080), 0x4)
ioctl$sock_SIOCDELRT(0xffffffffffffffff, 0x890c, 0x0)
r5 = open_tree(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x8000)
sendmsg$BATADV_CMD_SET_MESH(r5, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000900)={&(0x7f0000000200)=@can, 0x80, &(0x7f0000000840)=[{&(0x7f0000000300)="a63a85f508c53b74be1cc06a86829af818237d77a14f25", 0x17}], 0x107c}}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r6 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
connect$inet6(r4, &(0x7f0000000280)={0xa, 0x4e21, 0x7ff, @remote}, 0x1c)
r7 = fcntl$dupfd(r6, 0x0, r6)
ioctl$SG_IO(r7, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x4, 0x0})
io_uring_enter(r7, 0x13cc, 0x6b46, 0x3, &(0x7f00000000c0), 0x8)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
ioctl$BTRFS_IOC_SUBVOL_CREATE(0xffffffffffffffff, 0x5000940e, &(0x7f0000000940)={{r0}, "f655eb965aac33552421a7db7a4fa6b21f5aa1e515bd6318ebfc667699b9b47573091e7890db04eb1cc110551e7fabeaf1b4c445ac1590706adc557592f3dec24c13f295899dd5ce35b8f1042d27582dbba1e8367413acc14c5ef688c1abd4149887e740d69a3353c28b2d864dcc3d546f00e6c851635e4c8b01c4a67538f7bec2fc84526c51c73ccd92473695a8f0d27e9b6c746ec337359e745510d7b6ae16d29f97114db83ae32a00f26d1996c0c3d94e55a12c805e61947c842ab45bed72750cbab8b467735a99cf274d727f4f98c57546c5b3375421bbe7e259765ed62b75bdc69cad53878cd4d635759bb90b8ad6d49385a1246c5ac84162bce9482949d50e9c1d512c7de89309cd260431e74710dfa763be293ca4ffcc3e5483a0618f2e87524fc3aca6738231b36334affe6149e0ed2c5d62d9b58cf03ccbf0e7f8d0bec1c040f3e0a609af98ea9a7808505b5657cebb78c77a08065fd0e8d6ad31ee443fddde38f9d8fdcffa0191c3b3001d28eb79175aebe3643f4c03b64db25bbe2bb3cfe2feda0ecc46fc935561e693bdf806911a659cff3dfc311170e26cc29f798f65754577f3773c4790dc23a7908075d8622463d2dc3c7957ee1bcc9ec886aa2159a7257cd0159e36b59114c11103f487fff4970ca2050d9ff9fa21003fb9a5a15b97bbcc08cc5abdf6ce1d21a83534dbe94e807477f34e8eb3e96d44674705111f3a6943d38936a457b14aa95add1073a3b880a44842b1d633a75046fd6c53237d771eb67d39d56c4faaaaf6fb780e25ed2d65410aedecfcb761419d679d2963a6712f7501a32cd9e8a0ad5f35ada7b488d035762533caa502434b986746b042ee2968ab1d9f29ad3a4a377c605048e625f39c9b11c3f935709a4a78287426476309f35ed7ff2650a22136f99d4d73f0f97bf88e4b79a89b72264840a9dfd1eb9b1ab73a6b34f5ee353f973a997d4162c6d989f13940d633cf5287f7bb29075c1938bf97259fc7a7de3ce70af2388690eaaa0b84c95c1762dd2aca0c7fd3ff78d96c455f486f9754d68ea212d3bd541216c95af201a740afcecd85cb377bd5cbed3607ba57a1f340fbcd7f2d0741965bb24bbbc7a56706bace0b0c381bd0eaca2c581ff3ffe111d923a627a0dec3e299e831af73d73820b7c6c60981227136d4c19b80eccddec32172521b4c283d72bde947959cd0c9e58e95d2e9d6a90abc43d2d9fcb25fb83d98cc067532df782558a5ac53a54f1d6b6801bdea990c8fd79a36e89f420e94f4ad99a54949d972541473c06ccd1463f0621b92092fca5b0e3431ec5b9f98fa119336ea2e999bff37a0a714e132427193c5d60bedc828debd1e40fed361ee083ad7c493058814e41480747324a2fc65ebca5e2cef42c91eeb5573e9851a510f59aab83e115dc978da90933f09449c45a0a9c5b8fb64b14c4cb9885c414e6a3eeed18bf174164bad5337f05108e3f7d1f9e25cc86b47b4b263ef03d8c78cdc439dbb4ce2cd1e3c0f58eabfc364c1f90c800bd345a6665a84653d30a3fdb73f32f61686e3e8b1b7564d1f23420ff7e01c6d770bdf9683932d4f91f8528b6826066d3d3fe07b43b4b97e60fc527e45f5108f703f1d4c729f329ba3d0c462d0de248abb12abb4e5121bb4c5c89b2aa92ffb90ac0fda43b0e602d6fb85a3366d70403cd903c9f23edd72109604666380d362a013d7828296e04c4125c90fbfffd16c1ece0f0e884d1971c5e211dc9ae525e83dab720f0b2dfc3b2b788a68d2fba222b58dec94258c8f3c0fe4d06c77d093faabcbd1017eba3d9a6376ab4a7a74799233d6e95df294e2f2ae1393114d7a8e4072bd2313e83040530a6d70afe82d82be78d71f43d25d803b434e9a0e5d90e9f4a57be616ee4cf23c8831570422ad319161579a76577923ae977b078b96ff5e7fe2c4e40baf202d8c223a552afd6798d45d69458b0d9ec42a8902dcb31930d02cc03c484c1996149e84aab91b467d2606e9b21666be2b3681cc83d57f373a09fedc50821b2dd65748f076604888f788f31d03fe2a276bee58bfbf431b3f073756ced2abec9f9b489ab6e2700119c23910fa6d194cb4620e06a4e7d11db40f1c3cd41f8bfaa895dcf10cfbcab11ea9791a96d750bb58e4a0514f9f39f635e65e9285d120f6c4f0e89e7040d12c0c10cba58de1b6ff9a1aba743a0a8a8c7cbde50d570ae1d6261b739f11ef1266733c82c8173750299cfd1555d47fe09452e5926e89d7030e869b7c6b90b7371f28aea0429e5eb9f774b8c5cdcd1b716049bef2d23b260f95db09c670671fd749d9003d4d516db55922facd80c3138b5d0ef43892b7b931b0d3c25128198cdaa440f6746de70c1f156a55a66c89436e1edd3f8aa712bdf7bdcd18af9bbffd26d237766cff1562346acde42ca46813b870406814f56b28e295adbb993eeab811ce84660da5930eb226305455c7fab235ef460ed2c881398a66bf5495aaa975ab34ed9334a7f7e6cb3fe0bab091b6d497f45a4ea40ac6a5b2936c3ee7764cd4427064a5279b6c899a1234a162f93575a734acdf726bb8646339957a66fb9a041a4a8c4e2904db671969233f8d388223cbac4b9825c07489465c57993841cd5ee7b390f50848fb766c299b15d88b506123aeefbca84b0e705f38b1b15329437866ebd4c25126a82484022abdfb7484fb3125c36740af0a75819e89624ed7ed34c2748b90b2b169d6fc030e53fd9476b39a373529ea1ae9cd230d625d912f9ee04890cb0ed0ecfeac334f37f1c64717c788bcd296f64ec4fa6ee38afa704fdfbd3eb6d8d83d715eb0b3f03472e52240c76b2bff5492cee1dc5acbbd45f3da71b4cd7b6d6d15bc7a98a04991f6d5612d7ff4e36ff69211f87902f8163703a007171d1fece342c10dc4cfd9ff5b97a73590f082779bfcf56d17753aae7d3c18dba576c0f7e6f06cd8d2b1189ba4800be36c21cf5aa98afd236662c2fe003199344cd4ea55c5b2bb97c4459e40f7eb87e007551c99ef878d191b6c301983b348cc218d30bebb61362dc56ff9536b268d34ce05e3a8bacfa83189faaa1e9d5d0c649661a561453058e75b9e1d9c9fb72257cec9155a1efe3c886de5829f8abe8d4badd3c3e6d56b8978a2c597c6282a5e4b0f40914fbee00b120e410e58fd622e67ef1061bd0fe348bc795390de577b34626b1b4caa106af42a8f6087b2859bfeae1b6bab2274c27adb00f1c52164b17c1ddfd2abbaf714277a72566e614191955e54522c5adbf6a7732ce4d0dd42dc6bb4c0885d8800d8adeaf05a7d949899815f475e74e885408f04203ea68e044436cb1195bdcfcaae72a66338716c314e2a808fa00e628e5082e4efa6427daf91e86ecb412f39fad079604a58b2dd276d375c2378b9c2c18af316b32ea0d27c7de9be73563a103126199b90fe0573b967c0924e189131d1beaa104af31eeaabd6df303042ad3d8605a5e22db7f5b7d4e085813e81590a6266fab2f497809877160fef6f5cc27f8e207af9d7db774919516dd7b1fb1554a0e4883097106bcc5472e6299814d3c9fdbfeebd3e18ddf32d2f696925e0a6dd5cc1d4cb27936fdaaf1911b24953a0d50d8eab48fe0e5422b3944f5d65709db98be313d3adc28d5f2888a85ce61124c2502abaa2e2106ecb4e92bb29f2766036c571375e9ee18ef079bbda49cb725ec87b53216c5fecfceb81deb5eb998c022ae586290a47adc96742927ca975720f05f59f48fce6e8bc79804f98008bea2d127bbcde3d3023580e74cfa3c74ca5ef54beb7f80b8ceddd1d0e95588f34344e21009effeb4ca99aa9f4c44a2cb31d723abccfe211730df21e1b450a2c041b9872f0419d6a27ccf8eca25cc18cd65a1b4892f080151f24b1034cc0e2317d9f1b7ee1c54d3f69d12ee26fa7853bdc95a4cf234915122a412e092a61d67c8b3d7619fa56a7495b5cb47caa4f8637323a3ac5dc994942b0aa33f9993d65bf850d39764196064e0d96d47c4c12df5f9df7c05b9a97f62115bc1b8ac157ef976c48ce34a598e734f573efc64682f426453e2071a0ba9cc7bf2593138c786af5b47695d28bf52e225d240e609dfefc95bd4447fa3f0c009c61b60f0af9d7f1d0fba1ccebfc9d1374e0b7c5ff55ec035988e9732eeb29a6cf98aeb8f0a8f62eea26c18e74954ebb1949337ce16245606a24f10318cf73456324be16cbf81e45dacdc280018a3eb3d1b8b58aa1af03b4d66d3454924369a2e7c2daa9205adab9e404901cdcd386063444c0f62d80357e5587b8b04ca4fa60de3d6e44e84a2f39d3546dc6758ece5a6005482bdadf099107bf397bfc1fa038d4015113895d30d1c4b98b459c2cd64c3ed93042ab10a82cd41b488dc896bb90de2984dfeecdbae9915ab34b604023c78d3280886ffda78188ac4012ccf49356254dd2661cf6afec1907eb1b7d337585c35b2e00432d9e2ab349554ca260363e2d31b247c1f4ec5b62055bfed3dd52e0ae5fee153793a133d8e120631d16b63ff5854f8214911116f6d0e91f38a0238745b0269f32ab823ff95d858a09c8b7ba1a06461efec01730f9f6261be99ff97e8d10ed25595e74c8ba4cdcc875a1d33b9aba752e0bf1480340c19b46d04e21a7d20b1ae81eeffda20589f4e5db93cb91932221de05c2d9c4b38ad5d9b1eba4e6ac88d81839ad955cecf1c6a8824470e0cd6df7674720ea35952257ac6b3ebc0a60a0f93eb5e61ebda81fd4d4d78cacec6b628a348e6cf2d9aa7437c66e8de4fafaaf58674f9553f5c526fe826faa5535f2cf6189b2d1d4240dc622590d229bddb281014f116c7de71e5441b1f8167db7366e8e289980925dafc082cb8d3967844bc4052e93d3d44cf959c5b6986ad474f56a7a79d78f8239a021af5409b6fdeb34687416c89785385b34f15ac0f33cea476a44392baa1578f470f25715fff7d9183f14a6bbfcbcadee3e3d205bf59f96df431ff81f305045c45b19c8c412b4471c51807484f8f4a28c2934c932f9f5f03f81c30b90141de8c8c717697a294fe5dbc69e03404a2344e8a58eeea92430080a6b9ea31158f26f29af72c733c1f8429882f898164ad4c0a3ca77eaefd5e0a4cc3a4a19988f9f02c2383bb1a75e93e0302c59b8b5c4eb48616224846b69edc33868f440b17fce264a33ed74103e04b63a3afa3b69bc62dbe346411f78ad5a6fde03948bac413d42a0aa99deddce62bb9166b03a3841ad6779f84e4b6248c946aed0a3f4fc4ebd65a7aca526f6bb3262a776f3ea767f110be6e0347c489d0c223807cf910c78839f3f47506e8d35790046756a8766c9d5c9c149bc94b84b3d240acb86d69ba8571eb3493c10feadd64ef5cd59578bc0642827e4be36de7b51aacd6bd39406950eea7276486d6955813aa16520f6b7135417454d51213131e469eb22e59cc3587a1d3a0fc0778da2a2bd18f891f8028620acbc0677e76806fc92fc0db1038a5f4e14823e104738107cb3b0e72368089631a58cb61d164473f02702520a5e7b8f899ed2373bd56f0f509a4b10812ded47dbbb1810db6fb9811fd22332a1415b53f2f8fd3bf2ad5d35b7bb10d7424a71cafee561757e716a8abace1e1c9b3fa62b1a57dbb0bebcd84743c3f50637f2894f44828ca62f15d04cf1243108ffa6bb4aa41ed1083a419ee37abea43a56e0fd895fa1f380f848850bedaf6ed49d0408f927858a441549ce20cf88e810f91aaa70f5517878ffd57bd322cbb9704730e70efa054ad739c7eddb66861342819c2b8cce691f63d10860a640c8"})
syz_io_uring_submit(0x0, r2, &(0x7f00000002c0)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x80000001)
io_uring_enter(0xffffffffffffffff, 0x781b, 0x0, 0x3, 0x0, 0x0)
04:12:34 executing program 3:
gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x1, @thr={&(0x7f00000001c0)="33966579f7ef58e277c619ad6f6fba834e480d5c963555d6b11029c42f1f1be3936804776fcf7946cce814a39df700b6169fd6a303a83d94b5e56ef42f35817c7a26a651048f2f1e7a365f1c6f8aec96311c00955756f1b10972e2f127e3f6c8a9e883289f7b7e986cc0230c6666bc36ca2f61ea61157b774ecce5", &(0x7f0000000240)="caf9f0bc6d247adee690d91fad454f4968103a40235963f48e0bf7a2d436546c0004e41522dbc9fd39d0bf656063c7f94ca9af9e6ab955e4813911341a1bb0d41e86bb8d5f9d0384f819d02c649e666c21af9145a8b9ba9632583e9152e70829f81f65d179f5d6bae7a296ea693defd1ae1e8ca435ceee2c33fb6efa69c59d94b2bef4537ca8ebaf2615d4d09fad269c475359d9164829982bdcd0389890d55455a896cfd3e0d0ff68848da82eebefc1fca3ece0a2d51589cc4bad7c6e147197"}}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x6, 0x13, r0, 0x74907000)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000004c0)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r2=>r1, @ANYRES32, @ANYRES32=0xee01, @ANYBLOB="2e2f66696c65300058e7ed4694b56ec66d5f518d751af728e6a0ecf000eba81de884e6b68d5187b2cd5ff035837b4c58a1829154a66e18bf5d960ae7a7389229488e4d04664ed7142b8626a25e3caab7ba5b1c5c7f16f50fec6ed298e23de56586fa851ef03e67265cab028df2cb7d9aa081a93f44703df5378a138c6cd595aaa5eda3829010a3673b38f8cbdf5e0080e0d571a93eefc181d8540167482769b5c85fef787fab1911be5dc3913bcded0f2e0c58f9a4aa770aa45350c5c1420300000000"])
connect$bt_l2cap(r2, &(0x7f0000000100)={0x1f, 0x3f, @none, 0x6}, 0xe)
connect$inet6(r1, &(0x7f0000000600)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_udp_int(r1, 0x11, 0x1, &(0x7f0000000000)=0x8, 0x4)
sendmmsg$inet6(r1, &(0x7f0000004d00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000040), 0x4)
sendmsg$inet6(r1, &(0x7f0000000480)={&(0x7f0000000140)={0xa, 0x4e23, 0x3, @ipv4={'\x00', '\xff\xff', @empty}, 0x9}, 0x1c, &(0x7f0000000440)=[{&(0x7f0000000640)="af7b48089e5f40271e2bff6979623b8b16e2fa195539fad765109d00b440665028e3b4a742935a4bba7fb99507bb3a4b2088fb00abcaf59dea3666da359485f746d184da9bd5dd0a8040f6a849b5970c845b209513ffa8ea1aa99e8ed9a27ae27cb9663027c71b902068f435411f333b10ef719681c04c99d619e284968b48fbe40d0d7a9dd5d6ecd64c12592942a37854c35220c4b050d2c52f19cb521e2d5990b22a39c16e5c0ceb305ea45929efca68aefca8bcb112fd971182dd50541e22df298900a1708f76b71a111cf91b5f2113a4da6cde752b60cce98e9e5fb55771a52f462d4b2109ff62789736c4be66f49c7cffe60e44891a03948d5d3b444bad74696b62313ea72b0645e228f832c3de09ce972c9b0763b897eda446366176de280de3b130f5109ddb0e4d32b699ae5b7f5d6530216839ac504aaed80f3d1a56baab749131c7ca8af5402818e3a876771e29c84c84835805aafcbe8e140ad9a473ea1756604260924b2f2416dca588f4e13d846020e335400aff4e840f61cc798a5a5781d0c1e3a6fdcaa7ed7b38607e4f500e125fb2f8b1b6d386e3198fa3063f4e0ffbd0631a0928a9b153dc8639490a65d0b0f54fcef90f70287775868e8d30d5d0ab390259ccb82d43da1ce1a7062b0821a96572e9854d7201b4b2e3859d11e452f9f883abf94ff91d8a0c5a1e1d0e3ae105229e9eb2ea119fac0a955d141b39c3523fe85bd1449bc06a2d73dddb82c8be14f8011288fc06ae67b6a160afcecaca3a187ca938ce20b9eff3b3d08b50c0001424e6eb1c36e60307bf664382ffea391353c274dee0cb0e2c0a0f421308998e6a2c0038db1847874ab1fe8125f2673166acc5ab7631a96638f05095f0866d046d905b1ac6a2e930d95643f6b1d895e4c7f47a2ff0bfc494554049aded01865a034cc65fcddc64a5dd82002fa650d42ba9e73cbd78f2ac7bd098b09b276260e423fb784d35b3c6378af65669b5027095f77810dfef6203a56a97a8c19f7da16b516b869c2fe59ab1d96665dd8b133882bf7f3b5fc0d25fcc2af6555cda60630517a94955702969c46fa83ab3afcf3874a3747fab89e249b6f9d6f95fc6c318e1800352e6f2e2c67910be4c96bc040cc960848878caa20d22a78215c37453a936a9b043dc76225dbe19a44a2475ba97ee4b362ee54e95cd1cc8c6265ae0fefed04757dcdd77726e28497155bdb67d73fbbfa8d32c3e21fa6f807c75dd8af38994cd6e107d4264d5ef9c9a672fbefe6a1f3462a0f8f5d4ef1be672059e760f3dc5062f2d267f3a6d9ca4935aa0689876188ccb1651540e047c8985f8774ecf1820b02d3f426875b13b90da72540f127ab745665b0a9965d8dc14307f4a4af287d1b5dbad50eaeeb088b4cc64214cf9d4233c134f2c99fa8d882d12c6e42ddc214ae27277ed16935842e5b99a5c9b29705ed57bc4537d1adabca1f6e183bd149fe969f24279bbfa0bc02b7f6587909b93c41b825d1e9f2026a096f26652c1c426b62ed36e0dc53ca3c2d58b08b3d458a6a32f2d5c3d2b6f3fe7cb73c36732b09c9c10ead5e0cf5f357a265e233b7619c251102fb2ae211232d856bd4e30407e3b88f4c1ba5b2845cf622621dd24ab55bec4ac4918494b621ec5e34f6af3807efe7e431a4ebd2fdbd8f7db4cb5889e61485019c8a30c074b489aa6b4d56da80126e0448d03f2699c964f2e87071d6ab6017fcd75d8b67311dbe92ce07062db7c16e747a08022ac8295b13357273022dfd64ec5300a9d0faf8306c8fe795122d254d76f02731c09fe9f6a0a2d416c350108cb321e2ff0e0c20f29db9655c1befc0d94594dc9fa06445165b3f75f97862eaa97617ad232dbbe9f7558d44104043106e430a21e8c0339d20006fccff266fa47e5356a322edf2509cdb82be7e313375dbd4c7882cc679434af8f062772376b243f1090955ec318162e5020bee9fe8efb42546216a490e78c4397a3530b354d479c0d7c3985fd366777e43be55177558b6875f0268e6ca92137692d73e0ad176c49b572ff9c53fcf8a1bd02a795879c328fa7f6a51a7f7574920bfc728ceb1cfde68917b94213640c17cba3649111f44aceeeddf31a1a4901778393102e60459c4a4ae89976f79c9e7b2339f59d3f60a5dd7df2568ad87d4b2899229ee1ea99eae1a38654c72b0e7a28ef03a5903c4e22b8f87161976591fea0034dea64d338b352fab558625fdf2166963242a9890dff60720fcbbc218c475442bcf58dfed95543f87fcfb88790c2ff12cde0fcce87442957ad5848c23868ee875387830c8496333911cb00e74151d5a5718ae587d6548e31530a5059ced942aeb5a74e85915217c4b181b5c5b7872235fdf514d05c03766f7b8afec1a1f83c03edefb9a91df8bb95d12e51feac90edab2d95a69049b37d338a52cffc88761e00e13d1daf49ee42bf59a4c72db14eca4f5a2cb20a26a4f2a74473e287e3c63239a8c710e6cfb9f71806263f7d390ee4c6ee8690ac5ec4e06599a6c852d09479c8d9c194ff88b0bea521ff5ed52017f2dc6f9046e310792e6fa678bd64c15da9b0f62010463eceef2ed028d4a9407b2a8173b0c6e1e920fbf37bd805e5f49054bdbd626589605cc4907cacdb6ca4921052bb0e185f52b1c5466b9cd8b627fbcd2d543916fed6537748879e380bd2614384dd1446801918f081020bd24539a704cd05081013326eb6080385e50ff8443116efbaac808b7682b9e23e85ef98b78e1e05ef5c0f174239e1a1aa6923cb6fb167ebd003f007db4533189e95e6335b1ff3d39fcc11b588c40ec9e916e713b7c73ebecb3bacaa8c42a5d5fe35aeb9f5e56da26662ff52c2b26fe0c97118ef5bab6e1efa3e6572382fe73e9592e89e7078123ace34a719a879526535f9c54a71527b6f6f4931311857b44b3c7ed349b323ee4efb7b63e1f7024629e98c2270d8294c14883105900cbccc21eb431dabb8febe91a2100c7d346be48df2cfa28370b48eb35ba2c52f3ddab7e7068458b7cc2c33f19df8b14a34544c9a33c7e73150ead1d3e47664208f4be9a91f03c9097265916f41e87f336c13a6d9656ab1669f3d3610af921e1292e1c5d4c0a672564d86ee0b7cb885d5ce6f02899ac516b197c95bff02bee4534199e639ea6da28bb9f604ef6edc87873a1456ff1885d7370901917db827a36644ba17181942e4c055657ce60c50cdfec150f4278ac3ec36dc2be363b736be03c9322df9df8b12102c5e995dd7a45c5e2dcd00168f943e788c1ca5a8e05f7e5b96db03a43432823c697133b88d1e931f73d7b058136a302114027e1b0106a208d39e47ba0b716fe9a211d213256f01be8824c2f361687c2c907fed44214f6fd15d9a048b56459f36fc388d50475a2b75ede3fbb645dca56faaa99bc33880092b79a3fbc458978944da00e1f1e32ab4320fbd1c117ec9444433f3d9413523d19f2f608e7ede4b5f41bb5cfb997639f27ad7235d72af2c4a04679f41fc24dc0b369a15da9e6251ec117fc51d9516009537cb89218472f63f03cf3dd31835eef6a077bc1661d15dbe7f3cd7069a8ecc59121c4dbe9cfe293a29f26b5436928cdc44817b3333ac795ba3c5fb30d2bfc64d003caad4d863025681c194496960c8ab37a461e59fac76c89a9880f04575f214071fa4a5edbb1c453903a730fff439c91f6219adaf8ec124250782a5e47d015965ba427f102b2360ca941030cc528ae239ed6f6258864907eda4a3babb79c968174ab0ff39851b8f108878a8fd99788b43cda22f38341926599399f8973f9b61002ebfcce4517a07626e26156923e8bbc1efdcdf07549c75fd43f1857b5142a0060a14ed804d80cecff64910563c3b6830548e0a64f707e417319a91dff5d5263f8be7af0d6649823cfb5098010b7b212482b43241883cffb16960ac1500b42263b31d957bcb83c45ebc73e7b62cacdeebf3e1217f42708087afe077d0ef1862abb38304cef8c22bf36c20fb3391a41a8e9a23e4be45058e0f78c683b846e750e64cfa60fe2584aed19c2afda86c185859c237bdbf2f9fdd9a9e808e3c4fc2388b70564038727af80050eae65d1a3c042297e73c5e9b3d348c282d6d0870aee90f07ee86f2ecc5c29309494b9a1af824fff34e54346c0758f982bc30361c2d97ff1b7efa42a2653b3a5c11b5f99de2a3359e757ad755c063aa74403a3ad825a743e5b1cf406fd0c8057c3036a6cac013fea00e9f44c5ecb7cb08839957b167b1551350454f419c778fc1cc5dc95ffe019fe286ab07a4f08e5c3ddd427c2cc0ae30e29ec5b00acd8033a542a1e238d25452c3429b74c72bc57fbbb80d5def1f27b60f5154d0ac8d74e727f1dd9bacfa4efdc08e22661fe5d3abb989b6113326dbe517bca756b584095d4d4cdfb9a63d88c7a2625c325be303eaa9a2c48c74c62a75a680d3bbe86ac9cf06f3b720c92b07ba06a38aecb2ce1dbdfc81bda524683d41cd6bc09f60f1bff6207297cdd01ce68d71ec8d3268b45f5a13f98fc08d2fff44a4983b0f51b1415ba1b3bb2570e64cf919c82d8804c68a42bc01f533fbf6475d771d85a5fbb58bf8bba50d8cc5ba5f95b34809568977be6ca936ecb07033d75eaea048246055fd4043b18133d03daa7ef743897a6967f60a28b9649d64c1fe2f5faf6afc82ac53fc8352466664e8819d0dc2a61a4c7fcac4252abef324d9d95f67b1c3e8f495fbbbc8cb0e4999574f7c4419b64bd791a5a581b9d0d271d339dae46f9b89b0a122cffb518bc18d544b5e9a4afd3092b53672bdfa61df6dc9a03ce538de27b52042c05e9159f03853b21e57c700162b68f179b07dc4a6382bd7bb3e0b7183afddc289def7b44e4a3ff6d764b22a05a5ee0137bca42adeb521033288d1eab3b61786fb8411a2fbd9e688c17b61576baf2e4ce0dc2fef0be7a971bc505901a003fcc7db2da25f0f6fff19df45b47b21e32f42b42628ad7d3baeca66833a3bf61b4c0ac8b6f4d106a89532cbac03d5b52cb84f80fc74e79d60673cc6fdf2852cdfa4a1521bddb3017f08f69da4d986c0bde656c83dbd8c1f8b0c2c674fdd0215eb158547f55cd189b338d87a6e07f589d5ac61033f6223c0b14bac62cc8969f7e84e206772df8230d172721c60907740793efe5fac3ecdb8823b852efd5ffb08fd13e8dbb55fdc9ab2c21c647e80aca5537a9ffd786bee48106009c16fab97ada4a050196a8e1871a0872897496071906883887b139409e87525250e930c09df8aae4c4e849b5dd11b3ee8a595e4034696b9022f9e499d17c1045b2e424f1c3fd579fe52d39350b937ef637860da46b36f20bac35dea488477ac41e74b0553dc13a3266326bdf67e9a223c3b52116ca4aa7ba61ec246b55f36a8d9d763e81326666d14f033b8995783ad61568e2a7b8af36ae65e541010aef8c7656ebb2a7f827548df116d4b4951daeaa1e0b059338c8da9822e7ee10d41bc8b96861bb62b56dfd2eca5b5c095f3fd5ccaa4a55604d25ede594821d67de7f1cfa1d1cbca8dfaedcd3b81b1f3a432a103d992f0a3794888c8d80e05735201738c2183154269a13b4e3568c886b5889f5fdc4eda25f66f3e4a46d1d23b608944da610c07e5ea21328b5384cd9f56963dc083bf59903c9c94c0200a48e57bcb9bbb7acdde740cb866d97a60c0f73ad66a7322b3f6436648a8c7f2aed0973a88e40eaaa183d15df69031aa98ba123992c36e84a599760bf9cb14dbe207519bac9f9d55c40d3dc423bb30772b3064418f45be695538ba53c354b24df02022c38100f569", 0x1000}, {&(0x7f0000000300)="ca7e86ba461401b32080ae12a7aa22364b63b2b8fc053a1ac88500a451241aeb4f4fd89771382350e7b5d6ef56438af06b580e2e52e81a9c5ef55b3a22c7962b82e37700307426d4d8fdefe86d45ab518b4ae14395783e3e12303ecd6a2870f3b9655d0d0fcd6bd7fc06394c068f8a0bcb3e4d9d5174caeb4666d44cc2a8d8441cdebe5eb1b8b1556c31fcb6f6c19d", 0x8f}, {&(0x7f00000003c0)="6030eb00c29a58d8d2c3ef801e54983ab07d9cd56a25802e8db720f94e8a1a5f3306d6f2ccaf404a367435925e8df00ae8f8e05d3ce809db100da5f302f562c67919adbe2dc4fbaeb8e87d17b1a25596a717625f7e6423b6eb8743eba911835bddbd60", 0x63}], 0x3, &(0x7f0000001640)=[@dstopts={{0x40, 0x29, 0x37, {0x87, 0x4, '\x00', [@calipso={0x7, 0x18, {0x2, 0x4, 0x5, 0x5, [0x7fffffff, 0x3]}}, @pad1, @enc_lim={0x4, 0x1, 0x6}, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}]}}}, @pktinfo={{0x24, 0x29, 0x32, {@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x2}}, @rthdr_2292={{0x58, 0x29, 0x39, {0x0, 0x8, 0x0, 0xff, 0x0, [@remote, @dev={0xfe, 0x80, '\x00', 0xc}, @loopback, @remote]}}}, @rthdr={{0x48, 0x29, 0x39, {0x2f, 0x6, 0x1, 0x1, 0x0, [@local, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @dev={0xfe, 0x80, '\x00', 0x15}]}}}, @hopopts={{0x168, 0x29, 0x36, {0x2f, 0x2a, '\x00', [@padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @ra={0x5, 0x2, 0x9}, @ra={0x5, 0x2, 0x20}, @hao={0xc9, 0x10, @loopback}, @padn={0x1, 0x1, [0x0]}, @generic={0xa4, 0xd2, "8f2e3c5d019d88c18c2a7912319bb29df467cdf9dcab56df24989d2102888ca249bc26f4baae3b353cb82b56ad686e9e788137dfa912c30fb755fd2e552ecab3989d724db5711aacd9ed169552cd9d7a5e845a386f3ba7d7a8ee3eea57c822ab45fa2fbe7266552160b5caea34571e200eaea4e677b654e4ef0b9da2ef2f01d5b9bff8c0091b06f09beaecd36b4ada39b638dcfb07b0949268bc6fde73e1bb22755ede3700fd01ede0faab4b2b41abe698c068f4ddc706ff747f616c8513133fa86435f5d70c6f4041bc913c3094726038a6"}, @hao={0xc9, 0x10, @local}, @jumbo={0xc2, 0x4, 0x7}, @calipso={0x7, 0x30, {0x1, 0xa, 0x20, 0x7f, [0x3, 0xfffffffffffffffd, 0x1, 0xfb, 0x5]}}, @padn={0x1, 0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}]}}}, @dstopts_2292={{0x90, 0x29, 0x4, {0x84, 0xe, '\x00', [@jumbo={0xc2, 0x4, 0x86}, @ra={0x5, 0x2, 0xffff}, @enc_lim={0x4, 0x1, 0x8}, @jumbo={0xc2, 0x4, 0x8}, @jumbo={0xc2, 0x4, 0xbb8}, @padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @pad1, @calipso={0x7, 0x38, {0x3, 0xc, 0x2, 0x3f, [0x2d, 0xffffffffffff34b2, 0x7fff, 0x8, 0x5, 0x10001]}}, @hao={0xc9, 0x10, @local}, @jumbo={0xc2, 0x4, 0x7fff}]}}}, @hopopts_2292={{0x120, 0x29, 0x36, {0x88, 0x20, '\x00', [@generic={0x0, 0xfd, "f00a49eacf4ef9db5bac48b272df16869bd08c3ebec29a08ceae0f09e5feb165ed180807fdb1e794e385c84635be5216f6d6403a879814c9bf43e8aafe645688098b581fb414c4fb95ca73ab546ea89ebf8a3498af845fa65a45d6fc3684f6307eae3770aa703ee320dc5eb0ef721a945ed4b388c2b5f0b5cc710f3a5096cbbdd895b497398db48c9f6fa33ffb2984d493f8e9c4129876f8f70e96579949f60eebdb7211032a39f0809c96535ee718081cacc8d8786bf3b2ec7561556a52230cda6b9f04719100563013e2847ca3b308b3370611986903abaa1bd3ba786b4ff1d233d977aa4562d00c8d6dc0e1a611821278dac1c7e2b038d7523ee05f"}, @pad1, @padn={0x1, 0x2, [0x0, 0x0]}]}}}, @rthdr_2292={{0x58, 0x29, 0x39, {0x2c, 0x8, 0x0, 0xff, 0x0, [@private0, @private2={0xfc, 0x2, '\x00', 0x1}, @local, @private0]}}}, @pktinfo={{0x24, 0x29, 0x32, {@empty}}}], 0x4b8}, 0x4010)
connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:12:34 executing program 0:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x3, &(0x7f0000001440)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0xfffffffffffff6bb}, {&(0x7f0000001640)="027c78fe8b43a58d77493f75b23f350f222fab23015f506b80d8ea0fd9c78e053881cdc3d499e36d68dcd05e88d386af52157945c60cd55ac0f2d561f0db21e15952b2c9028c2c7da2e51e52892f7b619dd3aebb45ba578e87afcea5a99f965680ced0dbab61e9cb181d2f5fa059d2ff944cf020c7fc5c4f37f44d1c7745e989ad1af92260b85ba50b1cb307929f987d48bf1edd966ac9dfecfcf3cce91db7fcf2d05106000000000000004b286017f2f7c5f0fd9fa412fbc52d2b00f8ed0e515b3c0d05ba9326e9f8032fadc9dca6ef08d792604971f0db251d4b8b795dbd0045e71429237c5816cb", 0xe9}], 0x2a60c2, &(0x7f0000000240)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x101142, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
r4 = openat(0xffffffffffffffff, &(0x7f0000000280)='/proc/self/exe\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x100000001)
sendto$unix(r2, &(0x7f0000000300)="754696524a6d6933b89673963414755514ff66028aeb2fbd25dbc389c773d23c8726831f6f0b75e1342c1fd330120fe50c95d57dbb9e1d5f7e0a2081be7319be38e2dac5df174b763b24ddda5703618c42f04d2c13274771d153709088cceaa89607ff66876348ca2d4c38200a2b9bdb362e1c922ed5ff8f64f188c1339d20139ce9fa860b041177b440a6e49e44359b79f2450052738f785ce914750a20dddbb8855213f5bffdc1ae7e6e8c8ac5f17c64f4a6c86df04eae9622c10f6bcd92539afbd87386986f86405d13885f4e8ad78588bee01f453f8d16253e172b6fd7861a944ce07b426432ff488f58621df62f635e7d9c80a51d4bc67a300f1148d12a94712469252043509f0204516ea840690d43871192dfaab9f67eb2b048f0892e5d2ff40c9280f98a0c16cc0377f49107a1f9aa2231f1fb13ca130347de3a5662396bd1be20ad21db947116ae817a3bdee86f7ec7beed7b8c26aa564726b077681d3e1b2377f5d7e9728434ffa5ae0c84e4bd73f668611f94f59dedf79dbe32f98ce9a98bc557afbca1a3f457f43f67a991c449032224bd7aa55a768ae873cbe76c25358dd3bdf70a34ecbdb12e882703f1565096f4e689eb56252ae117615328f7e6d015d8eabd4be2e8025c0df671488bd27a7e94ba829f9d6c67ad6374f3a3308c8d6720e3e5da8faa7e931dc58f9ecb2137c388da24aedbdc429c3e921fb287426cf02db21438283bd62ec6d5e66429a9cdc30f418810fcbc6b79136a1320460160a6cf3eef45625f5cbe6d59bc2e5a75bee42d7a9e18fa0923bf6c6bff2bebc329d9629330564bd2b6c2ff9805bdda79f2a4e3e82677018c1b8060348cb1247fc2c934282134229a418b5c9b068b678340a60fa7b2fdc4360dfc7278eb93aa67dde302de4354c114701d09aca43f8e62666429e3b72dc6c124b3ca0dfe9f8c6c8a291a6d9af99e8335ce8e4aff0dd7b95249b51a2ec85ea57c457d1931be0bf0bcd8f93db1b7388e46340db33c89561478ffead87a213d6baa36fa2e0a0e3185598583a53136e0435106f2990f6c96768ddfdab05c42c4a42089b4faa148231d342c82859bd22d4969cc61300f84a72d0adae17b60aa5aea4b42fc5829805f011c545c7ec8c86e0f44cbc89d4198a805e180ec0ecc056aa077882d45dfd7c3a756392691ad9e608a6185dc629b6389685fa97f7fdff6d07be1c80ad0c2992fffe218c42739c57a05dd8a29a09e9af5ac9055a8dee218b2d54a8a7be5c963ba5c90d3270832be13903a85f0047f8c8d548a0fd5fdf10d67c55c4f585f0fdeaa5f2187124bbe4b9edd70a52d06ebe60f0a33491796f9c1a4f5cb5b7f05b21d4bf3ddc93e8c04a14d93a422f48a9d167c7fe7253a19d2a6552585e3f340acc97300a03e569a941bc531c29f7561d79bd37b897baa4020d79156cd3a79bd807b92cc03609cd2bb902f81564f12dcfe929e74b329120c71f2f8572b812eb558066a7843e3c59ec743935d4758386ea0b453da80b00ede1e6535d5bda83fbb417225366d0163d2e95cb0e834944dbde3aaf8fa6ade134a40897ba326a018fc1523a5f6598c5c93b80732a7aaa79ef035ec42fcc2f2594c373582e57ef0f53dc0e59b56536094982444780f93b7e3381324d97840bd4ec5202cc7374fa6f0f02f6b50b72eeda306533ddf1e885ce75d1ce9579d04056f38c2c0d7ba5ed1dabab71066d1d3687239ca1c5be58027f6859119a08c99ec70f18ac8d75b8f179adf1e487d5962e9037d6d94bbc6438e90977f3a2bd964c9210dc85bdde9e48cac740164075da5a4e94539bf5bc6255c8479ca5735e415b97bcb9b1a35acc7d368439a09835b4cad66c4c4a9803e8b38346b3faf1be3772ebb3fc004ae3e934186427cd23aac6003564015fea986dcaf424e27d7e8b21648b2c015ae00d172e88fef0506c82c26ed64af1d6dd2e57088d02780bc51b0d13a08bc3d12f27de9a600c77194ee5f511f702215a545c6b0468d37d569ea7cd63f6e609e8fe4f097c1fcc20fd6cb30b2664ffc6481b729bc2c088c53b9d4af61ad6c82fc24b9c1e6922daaf64be83ab5c92ca8fd3cc5b54588717855adbcf7277c4754517cf1a66ffc0cc0e94b753060c1f4a2b09d5811e07f1c1a6cab9c086938e7f58ad45918159bed9f762a9a4c607715e05867394e8f1292985b116f3ba6bc3ae207ddb42622a4623696164b12ae54467f6de8addacfbb5e065916886b8086c6396b19cf05227f78e034b2afbb21cdc8505b853670dd09a35ede4f4ec3270a447618a65577c0556cc2cabaa3ec13b21a6d51442f572084c48d82a37b7c5539f9d6a115c4fe669e3d282eea34949496d9d000d16f39d52115a17cc56f6e105ffe8f884a7b026fef01cea9fb9f587e3a1157bc4f781884e57edf6d07d0350ec6b18f85df25ddc9d4281eaff9af2d3cbd41248a2fcb6368848362973948ab2c0f1563de802144a53ac5325df0030f57bb146b99ca8b845d523420e4c3c4b6eeae8715cf77d5a8b7d1704b85bc62cbf50c3e3b3269f3e275fdf80a89cdc79f51d0afd7a13021981f69cd4aa8c1e343a318f604fe62c3354d182af35037a3e4ff1e45d04745433cf26a9b7c4ed770eb55840434cd27df1394b317f81b5f8b148543db91ac386f1bfd8a7da5c2e5acf36711507d35736d7ad344cf371a009eb9a58e7eb68886f1f72a89c75f9705ffc72abcfdbd7f215450369a097cd849ceacc34fd699d5ae0f027a5c649174b671cf72669f138d32d157b1b13e29a691adb5a031fa2605bd20ea0114d483e63634f7227375cefc58c4956599fba9da00aa8068457a7e377cacb50a694bf5f7859899ca9d312b092346d28b33719b9c486dd94fc51bb2fa7dba23465a1543f7b0f3761d3daaeb9686a091d4c05dc404596cc379628f3a5fec2bd975a2a7ef5671087c687e79ad1467e5672191e222f765b80abfea6d4881f00832315ad9143ec56803a5f3c1f66ea05624bc0e840827ebe0d9233c798e09273ff4ae82538d22b5acec8b9b2433f8e686fe2d9022d9b6312153b0a1f3575bea9a8f1f357b654e65134c0eeb0eeb9f3561c0b3888f21761f717f4ef1f569d74f2777cfaf7a3e2e8805ef798ca0311e0b1eed0c1dba42e1c37a99dab6ddb8bae2a992ac1e7409e3497dc168bb9f4b6b3514416ec6a1562762b38a301c4917e4c1562a34a3c229930f953e1741157a50a6b582d71f0bc8ba66f4a8f9c82dba768426b6c28d011a963ca0ec13601dd70173963f08c43a834bc8e6023ccecd30cbbb646a66fcde0cbeb486a881ba87196a2b4f935df9053e299f1d358b7ee1572d36ab8ba1e6c33f12fb750fc5d45606120d746685667bbed7027c56b22c09916d43480ef52d5a09c58ab6d6e66178acf8fc09b4f1a78cdc5be954febc3b72c664197ea668fadbcb9a9975c56ca7a6f2ba1e1fe7a74929cb9cf14a126b54bb5631e372542a4e05ddf9e60bc6045225c390b762bb2ae7a8959dba9c8b33551d4c6a8d261c778ac37c288db7e1aa2a34132b275d7dd67c558f098203224fe77127d25c2d3fca3625385c2729dd462edac93838118dc53d1f9b7361bc588eeddaea2860a930de3bb1807e2c36660f99dcbaec47dbd86800b6a8ac44f2411d0e872394225d9853dd4821b97fbf0876b29dca888f51c90362a5b90d6835eeeefb39be9516e15afda9eefcc4c139e7d3bda9eb7b740837be1382608880d4c4d5e0875184cd30bac19ba9726fcb7999945d18a0180ed51dcf53f15f63314e2f38759cd89823d67e579997e34e6366bd7c36e9872d4a81a0374a1cd23053a434b0d9ef27e2c3515142815d679105f4f0062c4a29f687072e62af572cc8d9c02e037de12fead0ac113d7e74ca4b4aa7282658891532f18c54ac996379ae49e167839e8290fdc5b67cb351e1a3f41cce110e5ed3105c331de0c859589b58cea778ce3c97b11860afe13d3f7b4e23795136e42e1ef9f6474db64e987d9243f8c6101ded51979d95d988f6dc099af12a055afcbc59f259a863cc5ef53370836d09f024bfc9828bdfba856cc68c39c9a2a64c30037689654b98b8790971a963b86a32b000771f6fa22bcac4c02e189c296ce825f2b889c41a0c387ffb1ef43b55ceb667628de35c7c783b1aae5faf13eadacfeabf8e0603e8b733775cd8c0826b99f23b5e8d17bdd9d52287fb8a2fcea663690806df01345729d7b7bd40356a0d5ba61d0fbeb76c3f96fd5bbdb81cb67fafa6907b29da2bf4849db8ca5ad0b4a0496464991eed2fb197f44f8764fe13230e4d0e29913caf1dad5ec5dc1d7e943f2f3965c9b404f3ce87482fcd3651826494abcaf4ff27697b1bdac9e5d51908c004858b027a88861d63c4401115a520fada703a52007dbefb13b0044c6c121cf54d55426ee42c4f86e82d02842e9097ad4a501eff8902ba9d6c7fc38c61009b85fb353a0aee9fea0f7b77f32a89f0d5991f7acc8dbb63664a7a93cb7a68da5c8f6a8af7ad164cab22b35f15c71dd874fa5d4468052c1573ad467c9dc0686d1748d9c8cb237e241de542b5dd66599c82bb536cafe449098cc6109435095b12b0a36a394a8f5863ce6412ea726130af01e4a6f00335afd6c6415c66504d1c1c4e04aee81c2d54c2fd0172dc3750aea9341b5dc69a4e204c38b051ce3f6b5a9552b858be26fe517300006ff0df2344ae83892f3666aff3aa8cfbfdeaf786f9ff2b42929828ac23eaf7158c59583eb02164b0e92bde1417ad791371105ea38bc4ef01625d0fbde3fe427477c602e5ef602fea075bb3167f40606c66b0875b1f875e3e25198cb6b0a1626a7fa9bf3eda8479edbbe0635903e5e737c5c90f71bccce89ca93d681d2458f940d27070d4155a0561ea6747519f6ff50fee12544938a0457eeb82033287b8f42e32b2422af93110be9509cc42ade470b69dbbbe4f0fbc55edee046c2603b8abb790d4556421f83b1c8c902b02181d7edb9d92e691566b04cf9a0e5291190b523f7d7614b0fc2f0628d499a8ab3458aab535ea3910103015cd0d99242865dd250ed3d8c9c99b283bb52161c505ff86cb29d827ae2059afbbdf304c4524675fe923f859a7afa2b07edbe9231452864fde7cb34524b30e64c2ad144dc4fd01465e1108c197c3a19ee7fd4e7187a0fa921cf0d33da31f6484a05f246d25671a730fe8b5957dbeaca1ebf3e9f00d8cde191d7e44488e9558e3447e7346e2dde28a024bfc05db2417dcc6c30ce48f699ae3530cf0d6bcdce7315052b72cd52b7deff5de3cf19683dacf4e90ce0a818c34425561adf53fa32a95b70bf3cf13bbe197f3ec2d91e6473fe5567468ba92278a6a03254b5b4fbe3e7e87a6a6833d424fc43f313ab35a0369ca66621302147fa78cb998bc1b367d1d1478dff1a0bd26d0523dec6b135192ad93ec693abc7d6e31f1a336a209e225db4bcba6ee6cf11d69ceebde144a88decf5a9362d03482f5fb2ea1468a49a6c4ccf0b52dc30551681483515159ea95d25d427f2073ae9be54a3af7b0df472df258f35640bc756fd913fa938ce1b261e8cee80ecf958b1d1812a76e0cd2ac1c77bdd8e47d8b129c3177d62fa9d89d863eb6bd932da9525bf98a5c9d745b5aa966e906de29211ba27367dd57cbd3f2bcac3d171c57ad6a42546bdd5c5c8ec44cb50a380e73a95bc0322e97add50a6d341a28a38373eb572817a0c8cfb8b63d03a314288100b1d0d8b68083aad596bb30651843e0710deed4ddb145d32d438ffd92a4af4952e417349b379bbaeb4bfe4530ae2dd30d", 0x1000, 0x4000, &(0x7f00000001c0)=@file={0x1, './file1\x00'}, 0x6e)
openat(r3, &(0x7f0000000100)='./file0\x00', 0x80001, 0x25)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000005e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r1, r2, 0x0, 0x100000001)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000340)={<r6=>0x0}, &(0x7f0000000380)=0xc)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001580)={0x0, 0x0, 0x0, 0x0, <r7=>0x0})
setresuid(0x0, 0x0, r7)
sendmsg$unix(r5, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001540)=[@rights={{0x18, 0x1, 0x1, [r5, r0]}}, @cred={{0x1c, 0x1, 0x2, {r6}}}], 0x38}, 0x0)
clone3(&(0x7f0000001e00)={0x21240400, &(0x7f00000001c0), &(0x7f0000001bc0)=<r8=>0x0, &(0x7f0000001b80), {0x1b}, &(0x7f0000001f00)=""/149, 0x95, &(0x7f0000001d00)=""/170, &(0x7f0000001dc0)=[0x0, r6, 0xffffffffffffffff], 0x53}, 0x58)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
clone3(&(0x7f00000014c0)={0x282011400, &(0x7f0000001400)=<r9=>0xffffffffffffffff, &(0x7f0000001300), &(0x7f0000001340), {0x2d}, &(0x7f0000001e00)=""/4096, 0x1000, &(0x7f0000001380)=""/83, &(0x7f0000000240)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r6, r8, r8, 0x0], 0x8, {r2}}, 0x58)
dup2(r3, r9)
04:12:34 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}}) (fail_nth: 6)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
[ 1879.121394] FAULT_INJECTION: forcing a failure.
[ 1879.121394] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1879.124393] CPU: 0 PID: 9722 Comm: syz-executor.5 Not tainted 5.10.232 #1
04:12:34 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
[ 1879.126101] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1879.128162] Call Trace:
[ 1879.128782] dump_stack+0x107/0x167
[ 1879.129626] should_fail.cold+0x5/0xa
[ 1879.130497] ? copyin.part.0+0x112/0x140
[ 1879.131431] copy_page_from_iter+0x74d/0x900
[ 1879.132459] blk_rq_map_user_iov+0x138b/0x1a60
[ 1879.133530] ? iovec_from_user+0x16b/0x400
[ 1879.134504] ? __sanitizer_cov_trace_pc+0x4/0x60
[ 1879.135605] ? iovec_from_user+0x104/0x400
[ 1879.136582] ? blk_rq_unmap_user+0x750/0x750
[ 1879.137609] ? __import_iovec+0x458/0x590
[ 1879.138581] ? import_iovec+0x83/0xb0
[ 1879.139468] sg_common_write.constprop.0+0xba7/0x1a30
[ 1879.140683] ? sg_build_indirect.isra.0+0x710/0x710
[ 1879.141837] ? __might_fault+0x73/0x180
[ 1879.142759] ? lock_downgrade+0x6d0/0x6d0
[ 1879.143724] ? cap_capable+0x1cd/0x230
[ 1879.144638] ? capable+0xe1/0x100
[ 1879.145452] sg_new_write.isra.0+0x529/0x770
[ 1879.146475] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1879.147721] ? lock_downgrade+0x6d0/0x6d0
[ 1879.148714] ? _cond_resched+0x12/0x80
[ 1879.149620] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1879.150951] ? scsi_check_sense+0x10f0/0x10f0
[ 1879.151990] ? perf_trace_lock+0xac/0x490
[ 1879.153151] ? SOFTIRQ_verbose+0x10/0x10
[ 1879.154006] sg_ioctl_common+0x828/0x2570
[ 1879.154741] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1879.155649] ? do_vfs_ioctl+0x283/0x10d0
[ 1879.156361] ? sg_write+0x120/0x120
[ 1879.157021] ? generic_block_fiemap+0x60/0x60
[ 1879.157813] ? lock_downgrade+0x6d0/0x6d0
[ 1879.158558] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1879.159420] ? wait_for_completion_io+0x270/0x270
[ 1879.160290] ? selinux_file_ioctl+0xb6/0x270
[ 1879.161081] ? sg_compat_ioctl+0x120/0x120
[ 1879.161835] sg_ioctl+0x8f/0x120
[ 1879.162440] __x64_sys_ioctl+0x19a/0x210
[ 1879.163163] do_syscall_64+0x33/0x40
[ 1879.163826] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1879.164748] RIP: 0033:0x7fde33c83b19
[ 1879.165413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1879.168704] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1879.170064] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1879.171333] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1879.172601] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1879.173878] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1879.175148] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
[ 1879.298665] FAULT_INJECTION: forcing a failure.
[ 1879.298665] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1879.301611] CPU: 0 PID: 9734 Comm: syz-executor.1 Not tainted 5.10.232 #1
[ 1879.303063] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1879.304780] Call Trace:
[ 1879.305325] dump_stack+0x107/0x167
[ 1879.306078] should_fail.cold+0x5/0xa
[ 1879.306869] _copy_to_user+0x2e/0x180
[ 1879.307665] simple_read_from_buffer+0xcc/0x160
[ 1879.308632] proc_fail_nth_read+0x198/0x230
[ 1879.309537] ? proc_sessionid_read+0x230/0x230
[ 1879.310479] ? security_file_permission+0xb1/0xe0
[ 1879.311478] ? proc_sessionid_read+0x230/0x230
[ 1879.312429] vfs_read+0x228/0x620
[ 1879.313162] ksys_read+0x12d/0x260
[ 1879.313894] ? vfs_write+0xb10/0xb10
[ 1879.314667] ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1879.315746] ? syscall_enter_from_user_mode+0x1d/0x50
[ 1879.316820] do_syscall_64+0x33/0x40
[ 1879.317585] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1879.318639] RIP: 0033:0x7f269895d69c
[ 1879.319403] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 fc ff ff 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 2f fd ff ff 48
[ 1879.323208] RSP: 002b:00007f2695f20170 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1879.324782] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 00007f269895d69c
[ 1879.326253] RDX: 000000000000000f RSI: 00007f2695f201e0 RDI: 0000000000000005
[ 1879.327718] RBP: 00007f2695f201d0 R08: 0000000000000000 R09: 0000000000000000
[ 1879.329197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1879.330662] R13: 00007ffcea6521af R14: 00007f2695f20300 R15: 0000000000022000
04:12:49 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 93)
04:12:49 executing program 3:
r0 = gettid()
r1 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$SG_IO(r2, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x4, 0x0})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000200)={<r3=>0x0}, &(0x7f0000000240)=0xc)
sendmsg$nl_generic(r2, &(0x7f0000001440)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000001400)={&(0x7f0000000280)={0x1178, 0x28, 0x400, 0x70bd29, 0x25dfdbff, {0x11}, [@generic="3b2ce9e2bc977c314b5669e27896ebaec86575b511c4d85b26f8056d64f904c9555f2bad7ef598cce1744258cecd5698e5d3230b49379ce0dce2da97178f32e11c88ddc43bfdc54d992d3680c79bdf1ecd75c3707103c640649efde0dcf27e2ccb7b3a712313a7c93a25c442ceb0dd3fc9aad6851a626e95e03b199d0aefc9e42581a73c8569ba4ad3ae41fe5b5682fa0d1edb9c6b56a8e129604eb27379058f8c775911e6a5bc72944f1e2b7323d6fe2dd69c53fe1659428914cffd238099d17ce55e01daf77e42d6be46cca9fc02a2458e931b4b0643c1266dcf4207a3151c792cd93467c51c0e702999fd1b0b47765cb2acad95353e8b47972ab6d64f18aed7abda35e8de647c5de01ab8b5ae3021462055777f5132e3c63cd357e3385b70ac5f90dba4a46b981c993a35da74e96c208e470874cc4575b59ec4fdb627353796d2c8327f746333247bd15433f2da05008977e61db47aabcd38ace2be18875b157e069c602549c3b604f2dc2f3ce92ace19acf7938efc27dc7eec54322a4805af7b997d08e30c228e101e8c7fa3452f031138a80ea5c86cb6305cfcdc3f8f6c462778748d628dc8db369c9486b95bcb9b82e8754439875e4437f5c217cdcb07815853423cbb39e354157c0f4b7e40bb6c45283a2f961f5c3a3d2e98d2b656edec3eb9b74b132553d4cc0bba71d2ee2c306925da74a8324e6627412e6eef529af1e3016c79f2ac69558fee8f7b795c0b8dcf1e8b368519b8e2e9a0dce8287b854aaca7e1fc37576dbd1acc30ef30ee70aa51645d7033d3fc7e84d3d43b94337be940bf163cce5026446921f48bd3eaa4b8e1433d600945bb7b51564c5388b91531e96b347e99e6c602371a2479aac750c08a33176039806fbbbc7157d533053f89fac72aec2c5bde9c1fd7ba2289c32ed9d286e3b4a4c4e80569a7351bb18461b7e1d674a6d3f26299edb12497bc5e5de10a98e97754a2f167d816788604e62746d5f40c89eb02c284097ac473f40c94b158dd6ea5aa501a1f6db386ff1462653c1481aea3eae1f30b7c3b89ee54b1640bc7da250ef4f54eb3227e7e3376617ba3897a0b7f311bc79e8452b55145ed80708e37ff83d234367e258c1210144ad8f0ecd1f882b5c8f07629b54ad9ebcbc113dec7f2e83ff87ddb8d5cd3d4044d689d8485cb238d4144261881efe0820b8f2d96ee544b7b5a97bd6f20f843a482c14f92162c1cc585a39b96090cfa84a9ff358760ea85b07dac02d58efe5dd51b73b05166d7bccbd19c09f6f14cccbf9f25cdd1023cf731a1117d611d8de257c05901a105065718d8e964d6bddb28f5b784eb2fc7f428217fbf9a45d0703d1f1773dbe8a7f80ec11858f65ab445b4702eb540f2cc889b8613df40715dadeebbf9bb104bd6e552b1ccdf2b3df932294444657775bd8f536c569824677818c97ec0f88c833c68879bbdd0844fb705388f42fcfe8cfebf44078f60fe934769821c4d6fd8c4d073babdb6884cfa35d89050cfb71d1926008ea211022da4c1880030d8b7ffcd9613050d93cc49e647cda5c3317dd1c25ffa7455dca86b6746f0de331cfc732f036746f8e5b026abff9b719fb00f916d1d4cb1367d688c3c73f2357609f3abdd685d21dd1e3ac7ce067d2f4c46c5c514afd70b8fc84f21dcca2ce1ff3a89668de73f0a4758e67a9f55a861ccfb783a44df650f9dd4533aba221163e10be96e5664458d0ee781f6b56a491a056fd8fe0f0007318e30d31467b28a79bab0b8af081db9b4f665afff172b8036b1ead28e962e8b8a169ad249d27315e4aea6fc464de9636346ceef85d58c10d527dba202246cb4bc298c25a99bc73e0a1eb688d2f29888ab47c914697957ba5d8fb1ffc7b533761d0bd7d5f6ff8134ecf2b50ccc9fc7caeb70961c7f692eb0ddb294e37fdaf2a407fa5c47efc8657b44073ed4064ccdde2b8f1c7a2cbe1d9736cbb38d8aab2e86397b2e63d5b3bd0fb0bc78a0fc6265a0027926f49142864cde00371dd173cf519d1a5af9c724a1da827cb4e34a4ae0d2644cd3ee68a3ccabafec8f682054e233bb65de15559b97994de38e4b0a5170fb2a94406fea44c71d960de14170cf41eaf60abbe95785b4c71e3579202964e6bcd3022b39ca06b37f4919df7e8ab24414eb5607e2101ca50ed7f60beb74939c86a362fffea807ae9b0b9c33912c0e411185e20669355545ca2fed9bb78baa1d7a75d482827f5ee07cae39d4f77a9e7a330ebe260985c7264676574bc14b9d9b8628eaeb0213ef32ab7931582c81892f1b374108ba84f882f72e9eaa2167bc427a3fc5cae196a6cd9d0a86043c60050b12e5bbf01b0e74289fb4843a8b525b1ee943ef047b5e0b8b4d5f7f7396ba2263f443147c549952cb877cb6b837eb6886d55e30e7a4df0ff2479db3f986a6a944542841f53f56ae93aadecbe9039723bb292ba01505c154360939fdf31fb9289e2232a8fdcdac5e36fc939f008c1ed92c63c7144583b85e03e31364fb3e35d83bf14c9b524c169533947f84a2460b72f14f5b433c818166c506dad26e462f53f8ac2377b63ab9cb18127d1685a1e89154cf206c64fc1e9f9f60cf9fc599c68bb14e09a5a897ea32e859365ef283ff97582f29736e2521b1475cf8602ad9587a28259cc2bc34d586051659202d9f7a6aed926205308e901108571e0a41ad46d370ffa4ccea747c5ee4d7bcc10fd62ff98db659afcf5995662f862f6683024186d23cf51bc5fb7bdf407840158b403582ed4e64d930fcbdc803a839119a3811de0c8ecfbb77d66c458a364edc8800d273886fe445bb21fe7346ca76925873aec6aaf5a55a04ebb87e64e6c5b19eef821ec9a09b589d8e1032aa14fdcbbdd2ffee2bc97d220d0ca759388660c848458815aba03e2089baefe240e2810eedc39aeda5adb43a58921d18ff12ea691e79979f4e234163e7a17e81e8ae1f5e58f6712a7b4ad9dc56bc82d267bd9548bfeffeac47855134df739d9eb1317216dd7c3644ac438531567e42c7bf1e53044c9e6cf500cc889cc1653b832210b28cb25aaebc7c7275686e65e4d6db3845bac1cc57634ee5d3264e6ad25ddb931191b88a75aa2d9c757fb95520bbada5dd7a28cea0dc0cfa27e01dd8eaad8ab9a999410dc9649d248f6c93b5f440bf3146e43301f453584c549a9c0e7d3ae394bd5319e905dd856e2ad561ca962613fb4eb11dabcfccb0eee5a9d563f644ccc36639475812e6130db418ad37e1dbba27cbb502a83a86c38afa64c6ed1b99a0d63a594eeeeecc6ad4e1335fdf69838d1fae6a1184e75617d14ec93f19e753223810de89d7a236c280cb3e3193ffb57d7b4e1fea77cf9d8d435f1e5f0e1a85b57b229186f4c83a9e9320a480f608d03330b6155ce8ef27930887c2b3d7e407ce9af1c14a7bf165a123433ed77b3054969f27382e9beb028b9ddfda658d058336aad80a53875709b1578b7cbd399cbab711f20315b822ced95710e3a5db076818a50607538048c802a9bde315f35ef0c4e4dad739bc77b7f7002ac0fb24c7fd97de3b879179d56552fd183e0e186d6212a056cd2a48e39394df1dfa2ef631c5ac4261d2b45e31a109a509aaa4504336bd0dd8f2797dda003477e6e5146affe483f43966ee138747159345723b3333a5d0efb3c25a2062763c4f199d555e53b04d04b107debf4b914cbc2b53b4f8984b3ae7eaaece0bf56bd75dd969cc41c6a9ca7b460bf2ea65fb670a656d2b0668530b15436ad60e0a73dbddb3aa5f70d948b3b43fa3d9f7d695d54742e055d0f0e41ab8030f3be21b4088e3872be056fc1803b5fd802e9fc5664d64793697e75f6c41ccf297fa52349f8e038b6bef5bd74eec2a27cf804bfcce115f886662e7a2c7866ba952a6bf7549958b457f495177810077708c31e778f42a6d689925dffaa336dd98fc54e9dc234a262367a9e17648f623310f57a0f210300a5ed6504fb2de6b8abc89a0543b3d9c308627838ffecef066a61aff43e17824c4e47a9b09abbe16cad96c67e367e093692ee180b86d163a8d43ccac60fee8e467247a68ec8466ab9cb6ceb2ae8cfb7f316501b6ab3d650fa0213107e1f109788b7686a0ae1c81d1963049b42d712985616f2c5a469f082a466f9259c5da7547bc11138ac9f46767611f5128c04ded66231182fa3c23121d2a978de6dd18ddc05421b8bedf0b7a9451d5e8f7fe3c52aaac83d944b16d15e7635d798cc28dd333afa80c62f82c0a7fa23f84b86f7390d699223b3d47ef7061782df4ce9724176cd9ca1dfa79a60d2028af9e271cea03910947cd262a62304d0ee7ec84acf28e7bd6a3e1a0469b2d59e82646c7796ecc6740ee04b158b7ca847192100ae91d3ee659149c1ae27fc2b2ca3edfd676fad9784f84df9e6207439c52526be53d48b9ddaca83dfaed1b7fb6915b6d148ff493c70261537099b131a90d6e6a2de35096a189dc0a52f9e1fa72e8939aaee2e126805f718bf1a092a0750afc1e5c3c7586bccad4aa5f8dec70f8dd08cab3bb3c17c5615a6671dd79426b1968fe11745299aa9276c67b92875efa07d96699dc49ef3b9abdeef98588d6f5db5dc7d35cf9a45c0f19aee0ac05792b2bce3487973668b0e759077d3b40dfbfbe46187b8f0548d71979770b2e2c0929658768d6ead7adfaf404aa73f792a9c21ea8dd3ded8337680a3fdeb58697a3fd40a6e13eb84c81910741933c7894875781b8a691c447802cefa750ec541f3e362ec438cf7f33b2c92cd85dee9263803922576fc64e6a2446e1e8aabf99053d20344fa754c26093e00113511e703611a2e7a0b20d079f249d25d8b2a322771cbb66970fbf6921ecc628b05f9a50c7d161180292de905b06ea65da0c959c5ea86b4e776401c31c08f0ebac5463cda427fd3ba9b42ab1a3207ee9dbc252f64425de22e81aac9d6fd2cb10932d71b8f897ff1b39e0478ae5c27bb2215e9c16065a6c262512f544867e06cc3c74f57fb52fbf9bbe28f9620c7e25c1fbe4d072a2a840de0f6ed9c87d6b6be99b73b32f404933c1f26e46efc798011cacc2897e7227fb97069fdc7a3f2de4ebe48490229b7f075aba32a4cb8b7f313913a48b6882142a9706711604541e194e2be598dbc481b6632292cff4979f8b9349d3d794a083a8e9c07e8cb052fc2e8eae0ed521c9534b0821d3534750dc6983e2b397b99d90fac92d682b7bd307658c2a8a0a5aedfb8e4d76a1f9dca80746dbc4cb411a13799c9ff8d909d86ad4556f45796f9cdffbfbbeb95da14a7dfab49828a6427e4d5ab858a9be441f456a23e03d4c5c0427ed334d8d16fefc34115ba71ae62753b36a7f92b5e8c229b16622ed3d12fe2fb77b656945814e6acb4348da769c02e2efae0cc76571e33679d2df7f286cc14ab40ec1a8dc20e22b6227fee2af17063b8d3b500c278c4b90df0332bf0aa64712556703585fd9fcd51f9c3dfe9ac431959bc7abd68f41cada333c678b4191dfcc4742d271b081001b4c2c3792c53613c4e4eee73eccf87da7a29293903dbccb693d62a250c6fe6c10e8ba076e6c63956cc5c794f1ea5f8c9fc8e2e3ab171e2b2c41f511b36fbf2c73fb00f60cdc16de2a992329538546212c8f71341f38b35da49a4d9cf30fbf2874fdb1b53e19041275d900304a650e1f02dd5dfbc8e946177890f041580bb6c5e343e390fb92e06fd321e254ca5c4c7f1fe9fb3a0b07b537ee251483822493781d309cccfcfad2af5dd822cadccd47456b73bb2ef42fd969a609edeab57c90238757f7bcbb427b6305709331aac389be52", @typed={0x4, 0x3c}, @generic="5bb5531ea7bd4e6cc28e286a541e825425687a738f44e6c55b6369fe89a4d75859fd626f120382748821e2df894a7d87b815d3067965540d18afdaac13e8443fa4ae4053c73b3d9139faa8efa379ab3ecda5", @generic="8631ebcd224e248e2b171ff91cf74fa287ae406c8c182485c48191154e22f174f1a3ab4f874ce6553bb8cc1b057df30f47fd2843365d729c707a702c3f634dee26dcc92508511db8556fde47e1dd7b8100b5088bb96fc0373299eba96fba869d3b5ccfb030ca6b552927262fd6ffd648cf4b68c1b37c5c2d6ce3f1850b1175696f8f58d3e084396f91c3652854569b7158b601c2469373c0af68f17ad7f9079e7f8af3a3e0bec0c186f36458d5527836748369521f0c72af98c8987448f3661cd674cad22bd3aab9bfe9c59c00df1675723495d123c9dae1bf1ea937d926cf305cb8913631fd03c2b5ada4859ac5ea0cb5f38f5e24d666f8a3c7487263", @typed={0x8, 0x94, 0x0, 0x0, @u32=0x9}, @typed={0x8, 0x6b, 0x0, 0x0, @pid=r3}]}, 0x1178}, 0x1, 0x0, 0x0, 0x800}, 0x20000000)
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040)=<r4=>0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r5, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
clock_gettime(0x3, &(0x7f00000000c0))
timer_settime(r4, 0x0, &(0x7f0000000100)={{0x0, 0x3938700}}, &(0x7f0000000140))
connect$bt_l2cap(r5, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:12:49 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:12:49 executing program 6:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$nl_generic(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000001a0011cd00000000fdff0000000000000002"], 0x1c}}, 0x0)
readv(r0, &(0x7f00000004c0)=[{&(0x7f0000001300)=""/4096, 0x1000}], 0x1)
readv(r0, &(0x7f0000005500)=[{&(0x7f00000042c0)=""/222, 0xde}], 0x1)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x400000, 0x0)
r2 = fork()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000340)={<r4=>0x0}, &(0x7f0000000380)=0xc)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
setresuid(0x0, 0x0, r5)
sendmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r4, r5}}}], 0x20}, 0x0)
clone3(&(0x7f0000001e00)={0x21240400, &(0x7f00000001c0), &(0x7f0000001bc0), &(0x7f0000001b80), {0x1b}, &(0x7f0000001f00)=""/149, 0x95, &(0x7f0000001d00)=""/170, &(0x7f0000001dc0)=[0x0, r4, 0xffffffffffffffff], 0x53}, 0x58)
sendmsg$nl_generic(r1, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000002c0)={&(0x7f0000000100)={0x198, 0x2f, 0x208, 0x70bd27, 0x25dfdbff, {0xe}, [@typed={0x8, 0x25, 0x0, 0x0, @fd=r0}, @generic="aebaee50ac748afeb9ee7d8662a3c9eac1a69b1b75d7cb9e226c1bf8dd39b1a85c0bedbb21d11499396e293561a10ba88031d96414caa1c1f00ee6e27271abf7951782cec7edcf8c503969e27158d7d6f1bf622d536f0119c166f4e4143e396f591dbaf1ab8788a86c628198281b891e8f36d89878ab9c3071d2527b7ae1d48208cde9f9490cc1f9e516f637d74a7e083bb280a9ba4baaae2a6e02a8b34b32fbb526b64d5c02bb3992ea11e6c2", @generic="b06a7952049a9ff5b770d6e403dbff773f052f9facef3fd57a1afe84c009f056417ae3c6", @nested={0xa5, 0x75, 0x0, 0x1, [@generic="f5d8bf2b16a27cf027343c0f5b364c0b5b679e7da2a33beeccc0fb90be2ad42da61efc7557a549e3c2e1555a59bd250f67ee23e61402b22f45ca8cc2bd47759efebd784466bea24ad5c980c2fc837eee844de04a7e5d436a19e66096ebb0455c2001c1bfc010f6943d0a79b0a77c69d470b8d178ced37d5f4497dd52c77f85f70e7d0d290659a33fa8295949f862911866", @typed={0x8, 0x26, 0x0, 0x0, @pid=r2}, @typed={0x8, 0x2f, 0x0, 0x0, @pid=r4}]}]}, 0x198}, 0x1, 0x0, 0x0, 0x24000040}, 0x1)
04:12:49 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:12:49 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:12:49 executing program 0:
syz_io_uring_setup(0x4d4f, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000000200)=<r0=>0x0, &(0x7f0000000140)=<r1=>0x0)
syz_io_uring_submit(r0, r1, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x9, 0xffffffff, &(0x7f00000008c0)=[{&(0x7f0000000340)=""/142, 0x8e}], 0x1}, 0x0)
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100), 0x240, 0x0)
syz_io_uring_submit(r0, 0x0, &(0x7f0000000140)=@IORING_OP_TEE={0x21, 0x5, 0x0, @fd=r2, 0x0, 0x0, 0x5, 0x3}, 0x791)
unshare(0x8000000)
semget$private(0x0, 0x1, 0x0)
r3 = semget(0x1, 0x2, 0x2)
semtimedop(r3, &(0x7f0000000080)=[{0x2, 0xe, 0x800}], 0x1, &(0x7f00000000c0)={0x0, 0x3938700})
semop(0x0, &(0x7f0000000040)=[{0x0, 0x0, 0x1800}], 0x1)
unshare(0x4040000)
r4 = accept$inet6(0xffffffffffffffff, 0x0, &(0x7f0000000180))
fcntl$dupfd(r2, 0x0, r4)
removexattr(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)=@random={'system.', '/dev/snapshot\x00'})
04:12:49 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x39, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
[ 1893.721057] FAULT_INJECTION: forcing a failure.
[ 1893.721057] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1893.723856] CPU: 0 PID: 9759 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1893.725440] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1893.727362] Call Trace:
[ 1893.727973] dump_stack+0x107/0x167
[ 1893.728810] should_fail.cold+0x5/0xa
[ 1893.729702] ? copyin.part.0+0x112/0x140
[ 1893.730655] copy_page_from_iter+0x74d/0x900
[ 1893.731687] blk_rq_map_user_iov+0x138b/0x1a60
[ 1893.732763] ? blk_rq_unmap_user+0x750/0x750
[ 1893.733791] ? __sanitizer_cov_trace_pc+0x52/0x60
[ 1893.734913] ? __import_iovec+0x458/0x590
[ 1893.735882] ? import_iovec+0x83/0xb0
[ 1893.736782] sg_common_write.constprop.0+0xba7/0x1a30
[ 1893.738038] ? sg_build_indirect.isra.0+0x710/0x710
[ 1893.739275] ? __might_fault+0x73/0x180
[ 1893.740288] ? lock_downgrade+0x6d0/0x6d0
[ 1893.741267] ? cap_capable+0x1cd/0x230
[ 1893.742204] ? capable+0xe1/0x100
[ 1893.743022] sg_new_write.isra.0+0x529/0x770
04:12:49 executing program 0:
openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0), 0x200, 0x0)
r0 = syz_io_uring_setup(0x3862, &(0x7f00000002c0), &(0x7f00000a0000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000200)=<r1=>0x0, &(0x7f0000000180)=<r2=>0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r4 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$SG_IO(r5, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x4, 0x0})
write$P9_ROPEN(r5, &(0x7f0000000140)={0x18, 0x71, 0x2, {{0x0, 0x4, 0x1}, 0xffff58b1}}, 0x18)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @remote, 'veth1\x00'}}}, 0x0)
r6 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
ioctl$INCFS_IOC_FILL_BLOCKS(0xffffffffffffffff, 0x80106720, &(0x7f0000000340)={0x1, &(0x7f0000000280)=[{0x8, 0x94, &(0x7f0000000640)="8bce7afc23e5a768e083e527d30340458250201a5919291518b76d2c45075c4fa153a3be5f7834621c9b3ffe0aabcbbc224aa6878074a050748d84ed8a61efe12905a37a417122481cc30589f6d52790ed6731eb7bddd5ee74f9a33bbd64af0b50c3b25e9f6cb4b638adaa16f92be2e38f188dff6fb6573c25fc1f0b63a79d2e1aa334d65221f3e821d38fbf1a0f336226a0827a"}]})
syz_io_uring_submit(r6, r2, &(0x7f0000000100)=@IORING_OP_ACCEPT={0xd, 0x3, 0x0, 0xffffffffffffffff, 0x0}, 0x8001)
syz_io_uring_submit(r1, 0x0, &(0x7f00000005c0)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x12345}, 0x6)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = memfd_create(&(0x7f0000000040)='\x00\'\'x\xe0\x1c\xaa\x00d\x88\xc4p\xb0\x89`\xe4\xc6O\xca\x1d\b6\xdd\xda\xacQB\xa7\x8d\xb7\x01Q\xc6\x0fG/\xf9\n', 0x6)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x2, 0x1f012, r7, 0x0)
r8 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r9 = fcntl$dupfd(r8, 0x0, r8)
ioctl$SG_IO(r9, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x4, 0x0})
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r9, 0x7, &(0x7f0000000240)=r5, 0x1)
io_uring_enter(r0, 0x96d, 0x0, 0x2, 0x0, 0x0)
[ 1893.744058] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1893.745482] ? lock_downgrade+0x6d0/0x6d0
[ 1893.746473] ? _cond_resched+0x12/0x80
[ 1893.747402] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1893.748720] ? scsi_check_sense+0x10f0/0x10f0
[ 1893.749801] ? perf_trace_lock+0xac/0x490
[ 1893.750783] ? SOFTIRQ_verbose+0x10/0x10
[ 1893.751788] sg_ioctl_common+0x828/0x2570
[ 1893.752916] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1893.754176] ? do_vfs_ioctl+0x283/0x10d0
[ 1893.755122] ? sg_write+0x120/0x120
[ 1893.755981] ? generic_block_fiemap+0x60/0x60
[ 1893.757026] ? lock_downgrade+0x6d0/0x6d0
[ 1893.758036] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1893.759192] ? wait_for_completion_io+0x270/0x270
[ 1893.760315] ? selinux_file_ioctl+0xb6/0x270
04:12:49 executing program 6:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$nl_generic(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000001a0011cd00000000fdff0000000000000002"], 0x1c}}, 0x0)
readv(r0, &(0x7f00000004c0)=[{&(0x7f0000001300)=""/4096, 0x1000}], 0x1)
readv(r0, &(0x7f0000005500)=[{&(0x7f00000042c0)=""/222, 0xde}], 0x1)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x400000, 0x0)
r2 = fork()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000340)={<r4=>0x0}, &(0x7f0000000380)=0xc)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
setresuid(0x0, 0x0, r5)
sendmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r4, r5}}}], 0x20}, 0x0)
clone3(&(0x7f0000001e00)={0x21240400, &(0x7f00000001c0), &(0x7f0000001bc0), &(0x7f0000001b80), {0x1b}, &(0x7f0000001f00)=""/149, 0x95, &(0x7f0000001d00)=""/170, &(0x7f0000001dc0)=[0x0, r4, 0xffffffffffffffff], 0x53}, 0x58)
sendmsg$nl_generic(r1, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000002c0)={&(0x7f0000000100)={0x198, 0x2f, 0x208, 0x70bd27, 0x25dfdbff, {0xe}, [@typed={0x8, 0x25, 0x0, 0x0, @fd=r0}, @generic="aebaee50ac748afeb9ee7d8662a3c9eac1a69b1b75d7cb9e226c1bf8dd39b1a85c0bedbb21d11499396e293561a10ba88031d96414caa1c1f00ee6e27271abf7951782cec7edcf8c503969e27158d7d6f1bf622d536f0119c166f4e4143e396f591dbaf1ab8788a86c628198281b891e8f36d89878ab9c3071d2527b7ae1d48208cde9f9490cc1f9e516f637d74a7e083bb280a9ba4baaae2a6e02a8b34b32fbb526b64d5c02bb3992ea11e6c2", @generic="b06a7952049a9ff5b770d6e403dbff773f052f9facef3fd57a1afe84c009f056417ae3c6", @nested={0xa5, 0x75, 0x0, 0x1, [@generic="f5d8bf2b16a27cf027343c0f5b364c0b5b679e7da2a33beeccc0fb90be2ad42da61efc7557a549e3c2e1555a59bd250f67ee23e61402b22f45ca8cc2bd47759efebd784466bea24ad5c980c2fc837eee844de04a7e5d436a19e66096ebb0455c2001c1bfc010f6943d0a79b0a77c69d470b8d178ced37d5f4497dd52c77f85f70e7d0d290659a33fa8295949f862911866", @typed={0x8, 0x26, 0x0, 0x0, @pid=r2}, @typed={0x8, 0x2f, 0x0, 0x0, @pid=r4}]}]}, 0x198}, 0x1, 0x0, 0x0, 0x24000040}, 0x1)
[ 1893.761373] ? sg_compat_ioctl+0x120/0x120
[ 1893.762421] sg_ioctl+0x8f/0x120
[ 1893.763237] __x64_sys_ioctl+0x19a/0x210
[ 1893.764203] do_syscall_64+0x33/0x40
[ 1893.765091] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1893.766334] RIP: 0033:0x7fde33c83b19
[ 1893.767221] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1893.771595] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1893.773401] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1893.775095] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1893.776778] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1893.778489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1893.780183] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:12:49 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x3a, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:12:49 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:12:49 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0x8001}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xbc535c8fb6408a30)
process_vm_readv(r0, &(0x7f0000000100)=[{&(0x7f00000001c0)=""/4096, 0x1000}, {&(0x7f00000011c0)=""/199, 0xc7}, {&(0x7f00000012c0)=""/4096, 0x1000}, {&(0x7f00000000c0)=""/22, 0x16}, {&(0x7f00000022c0)=""/169, 0xa9}], 0x5, &(0x7f0000004600)=[{&(0x7f0000002380)=""/243, 0xf3}, {&(0x7f0000002480)=""/167, 0xa7}, {&(0x7f0000002540)=""/170, 0xaa}, {&(0x7f0000002600)=""/4096, 0x1000}, {&(0x7f0000003600)=""/4096, 0x1000}], 0x5, 0x0)
04:12:49 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:12:49 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 94)
04:12:49 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x2, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:12:49 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x3b, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
[ 1893.996679] FAULT_INJECTION: forcing a failure.
[ 1893.996679] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1893.998066] CPU: 1 PID: 9785 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1893.998878] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1893.999849] Call Trace:
[ 1894.000170] dump_stack+0x107/0x167
[ 1894.000599] should_fail.cold+0x5/0xa
[ 1894.001054] ? copyin.part.0+0x112/0x140
[ 1894.001537] copy_page_from_iter+0x74d/0x900
[ 1894.002063] blk_rq_map_user_iov+0x138b/0x1a60
[ 1894.002604] ? copy_user_generic_string+0x2c/0x40
[ 1894.003174] ? iovec_from_user+0x104/0x400
[ 1894.003670] ? blk_rq_unmap_user+0x750/0x750
[ 1894.004188] ? __import_iovec+0x458/0x590
[ 1894.004682] ? import_iovec+0x83/0xb0
[ 1894.005136] sg_common_write.constprop.0+0xba7/0x1a30
[ 1894.005751] ? sg_build_indirect.isra.0+0x710/0x710
[ 1894.006344] ? __might_fault+0x73/0x180
[ 1894.006813] ? lock_downgrade+0x6d0/0x6d0
[ 1894.007301] ? cap_capable+0x1cd/0x230
[ 1894.007765] ? capable+0xe1/0x100
[ 1894.008174] sg_new_write.isra.0+0x529/0x770
[ 1894.008694] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1894.009409] ? lock_downgrade+0x6d0/0x6d0
[ 1894.009906] ? _cond_resched+0x12/0x80
[ 1894.010364] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1894.011035] ? scsi_check_sense+0x10f0/0x10f0
[ 1894.011622] ? perf_trace_lock+0xac/0x490
[ 1894.012140] ? perf_trace_lock+0xac/0x490
[ 1894.012660] sg_ioctl_common+0x828/0x2570
[ 1894.013179] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1894.013827] ? do_vfs_ioctl+0x283/0x10d0
[ 1894.014312] ? sg_write+0x120/0x120
[ 1894.014792] ? generic_block_fiemap+0x60/0x60
[ 1894.015312] ? lock_downgrade+0x6d0/0x6d0
[ 1894.015801] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1894.016372] ? wait_for_completion_io+0x270/0x270
[ 1894.016940] ? selinux_file_ioctl+0xb6/0x270
[ 1894.017466] ? sg_compat_ioctl+0x120/0x120
[ 1894.017962] sg_ioctl+0x8f/0x120
[ 1894.018357] __x64_sys_ioctl+0x19a/0x210
[ 1894.018837] do_syscall_64+0x33/0x40
[ 1894.019267] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1894.019864] RIP: 0033:0x7fde33c83b19
[ 1894.020299] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1894.022462] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1894.023390] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1894.024235] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1894.025083] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1894.025926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1894.026759] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:12:49 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:12:49 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_create(0x2, &(0x7f00000000c0)={0x0, 0x24, 0x2, @tid=r0}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
r2 = getpgrp(r0)
perf_event_open(&(0x7f00000001c0)={0x2, 0x80, 0x0, 0x1, 0x4, 0x7f, 0x0, 0xfa, 0x10, 0x4, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x4, 0x0, @perf_bp={&(0x7f0000000140), 0x3}, 0x1221, 0x0, 0x3, 0x6, 0x1, 0x6, 0x1, 0x0, 0x40c, 0x0, 0x3f}, r2, 0x7, 0xffffffffffffffff, 0x2)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:12:49 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 95)
[ 1894.241607] FAULT_INJECTION: forcing a failure.
[ 1894.241607] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1894.242963] CPU: 1 PID: 9802 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1894.243732] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1894.244718] Call Trace:
[ 1894.245037] dump_stack+0x107/0x167
[ 1894.245478] should_fail.cold+0x5/0xa
[ 1894.245926] ? copyin.part.0+0x112/0x140
[ 1894.246405] copy_page_from_iter+0x74d/0x900
[ 1894.246934] blk_rq_map_user_iov+0x138b/0x1a60
[ 1894.247493] ? copy_user_generic_string+0x2c/0x40
[ 1894.248068] ? iovec_from_user+0x104/0x400
[ 1894.248564] ? blk_rq_unmap_user+0x750/0x750
[ 1894.249082] ? __import_iovec+0x458/0x590
[ 1894.249582] ? import_iovec+0x83/0xb0
[ 1894.250037] sg_common_write.constprop.0+0xba7/0x1a30
[ 1894.250655] ? sg_build_indirect.isra.0+0x710/0x710
[ 1894.251243] ? __might_fault+0x73/0x180
[ 1894.251713] ? lock_downgrade+0x6d0/0x6d0
[ 1894.252205] ? cap_capable+0x1cd/0x230
[ 1894.252673] ? capable+0xe1/0x100
[ 1894.253083] sg_new_write.isra.0+0x529/0x770
[ 1894.253616] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1894.254254] ? lock_downgrade+0x6d0/0x6d0
[ 1894.254751] ? _cond_resched+0x12/0x80
[ 1894.255216] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1894.255888] ? scsi_check_sense+0x10f0/0x10f0
[ 1894.256417] ? perf_trace_lock+0xac/0x490
[ 1894.256902] ? SOFTIRQ_verbose+0x10/0x10
[ 1894.257395] sg_ioctl_common+0x828/0x2570
[ 1894.257889] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1894.258496] ? do_vfs_ioctl+0x283/0x10d0
[ 1894.258972] ? sg_write+0x120/0x120
[ 1894.259402] ? generic_block_fiemap+0x60/0x60
[ 1894.259929] ? lock_downgrade+0x6d0/0x6d0
[ 1894.260415] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1894.260988] ? wait_for_completion_io+0x270/0x270
[ 1894.261579] ? selinux_file_ioctl+0xb6/0x270
[ 1894.262098] ? sg_compat_ioctl+0x120/0x120
[ 1894.262595] sg_ioctl+0x8f/0x120
[ 1894.262996] __x64_sys_ioctl+0x19a/0x210
[ 1894.263473] do_syscall_64+0x33/0x40
[ 1894.263908] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1894.264508] RIP: 0033:0x7fde33c83b19
[ 1894.264944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1894.267119] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1894.268013] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1894.268861] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1894.269709] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1894.270548] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1894.271388] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:13:04 executing program 6:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$nl_generic(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000001a0011cd00000000fdff0000000000000002"], 0x1c}}, 0x0)
readv(r0, &(0x7f00000004c0)=[{&(0x7f0000001300)=""/4096, 0x1000}], 0x1)
readv(r0, &(0x7f0000005500)=[{&(0x7f00000042c0)=""/222, 0xde}], 0x1)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x400000, 0x0)
r2 = fork()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000340)={<r4=>0x0}, &(0x7f0000000380)=0xc)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
setresuid(0x0, 0x0, r5)
sendmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r4, r5}}}], 0x20}, 0x0)
clone3(&(0x7f0000001e00)={0x21240400, &(0x7f00000001c0), &(0x7f0000001bc0), &(0x7f0000001b80), {0x1b}, &(0x7f0000001f00)=""/149, 0x95, &(0x7f0000001d00)=""/170, &(0x7f0000001dc0)=[0x0, r4, 0xffffffffffffffff], 0x53}, 0x58)
sendmsg$nl_generic(r1, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000002c0)={&(0x7f0000000100)={0x198, 0x2f, 0x208, 0x70bd27, 0x25dfdbff, {0xe}, [@typed={0x8, 0x25, 0x0, 0x0, @fd=r0}, @generic="aebaee50ac748afeb9ee7d8662a3c9eac1a69b1b75d7cb9e226c1bf8dd39b1a85c0bedbb21d11499396e293561a10ba88031d96414caa1c1f00ee6e27271abf7951782cec7edcf8c503969e27158d7d6f1bf622d536f0119c166f4e4143e396f591dbaf1ab8788a86c628198281b891e8f36d89878ab9c3071d2527b7ae1d48208cde9f9490cc1f9e516f637d74a7e083bb280a9ba4baaae2a6e02a8b34b32fbb526b64d5c02bb3992ea11e6c2", @generic="b06a7952049a9ff5b770d6e403dbff773f052f9facef3fd57a1afe84c009f056417ae3c6", @nested={0xa5, 0x75, 0x0, 0x1, [@generic="f5d8bf2b16a27cf027343c0f5b364c0b5b679e7da2a33beeccc0fb90be2ad42da61efc7557a549e3c2e1555a59bd250f67ee23e61402b22f45ca8cc2bd47759efebd784466bea24ad5c980c2fc837eee844de04a7e5d436a19e66096ebb0455c2001c1bfc010f6943d0a79b0a77c69d470b8d178ced37d5f4497dd52c77f85f70e7d0d290659a33fa8295949f862911866", @typed={0x8, 0x26, 0x0, 0x0, @pid=r2}, @typed={0x8, 0x2f, 0x0, 0x0, @pid=r4}]}]}, 0x198}, 0x1, 0x0, 0x0, 0x24000040}, 0x1)
04:13:04 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:13:04 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 96)
04:13:04 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4e", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:13:04 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040)=<r1=>0x0)
timer_settime(r1, 0x1, &(0x7f0000000100)={{0x77359400}}, &(0x7f0000000140))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r2, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r2, 0x8983, &(0x7f00000000c0)={0x6, 'tunl0\x00', {0x1000}, 0x5})
04:13:04 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x3c, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:13:04 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x4b47, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:13:04 executing program 0:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x2, &(0x7f0000000200)=[{&(0x7f0000010000)="eb58906d6b66732e66617400028020000400000004f80000200040000300000000000000010000000000000002", 0x2d}, {&(0x7f0000010500)="f8ffff0fffffff0ff8ffff0f", 0xc, 0x4000}], 0x0, &(0x7f0000000140)={[{@utf8}]})
setresuid(0xffffffffffffffff, 0x0, 0x0)
sendfile(r0, 0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000340)={<r2=>0x0}, &(0x7f0000000380)=0xc)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
setresuid(0x0, 0x0, r3)
sendmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r2, r3}}}], 0x20}, 0x0)
clone3(&(0x7f0000001e00)={0x21240400, &(0x7f00000001c0), &(0x7f0000001bc0), &(0x7f0000001b80), {0x1b}, &(0x7f0000001f00)=""/149, 0x95, &(0x7f0000001d00)=""/170, &(0x7f0000000180)=[0x0, r2, 0xffffffffffffffff], 0x3}, 0x58)
kcmp$KCMP_EPOLL_TFD(r2, 0x0, 0x7, r0, &(0x7f00000000c0)={0xffffffffffffffff, r0})
[ 1908.781023] FAULT_INJECTION: forcing a failure.
[ 1908.781023] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1908.784368] CPU: 0 PID: 9813 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1908.786176] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1908.788205] Call Trace:
[ 1908.788819] dump_stack+0x107/0x167
[ 1908.789703] should_fail.cold+0x5/0xa
[ 1908.790662] ? copyin.part.0+0x112/0x140
[ 1908.791597] copy_page_from_iter+0x74d/0x900
[ 1908.792608] blk_rq_map_user_iov+0x138b/0x1a60
[ 1908.793714] ? blk_rq_unmap_user+0x750/0x750
[ 1908.794715] ? __sanitizer_cov_trace_pc+0x4/0x60
[ 1908.795775] ? __import_iovec+0x458/0x590
[ 1908.796715] ? import_iovec+0x83/0xb0
[ 1908.797623] sg_common_write.constprop.0+0xba7/0x1a30
[ 1908.798790] ? sg_build_indirect.isra.0+0x710/0x710
[ 1908.799907] ? __might_fault+0x73/0x180
[ 1908.800805] ? lock_downgrade+0x6d0/0x6d0
[ 1908.801790] ? cap_capable+0x1cd/0x230
[ 1908.802685] ? capable+0xe1/0x100
[ 1908.803467] sg_new_write.isra.0+0x529/0x770
[ 1908.804466] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1908.805705] ? lock_downgrade+0x6d0/0x6d0
[ 1908.806665] ? _cond_resched+0x12/0x80
[ 1908.807546] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1908.808828] ? scsi_check_sense+0x10f0/0x10f0
[ 1908.809875] ? perf_trace_lock+0xac/0x490
[ 1908.810804] ? perf_trace_lock+0xac/0x490
[ 1908.811740] sg_ioctl_common+0x828/0x2570
[ 1908.812672] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1908.813873] ? do_vfs_ioctl+0x283/0x10d0
[ 1908.814778] ? sg_write+0x120/0x120
[ 1908.815590] ? generic_block_fiemap+0x60/0x60
[ 1908.816592] ? lock_downgrade+0x6d0/0x6d0
[ 1908.817566] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1908.818668] ? wait_for_completion_io+0x270/0x270
[ 1908.819753] ? selinux_file_ioctl+0xb6/0x270
[ 1908.820779] ? sg_compat_ioctl+0x120/0x120
[ 1908.821736] sg_ioctl+0x8f/0x120
[ 1908.822547] __x64_sys_ioctl+0x19a/0x210
[ 1908.823482] do_syscall_64+0x33/0x40
[ 1908.824316] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1908.825591] RIP: 0033:0x7fde33c83b19
[ 1908.826651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1908.831779] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1908.833917] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1908.835912] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1908.837910] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1908.839909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1908.841908] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:13:17 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4e", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:13:17 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x3d, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:13:17 executing program 0:
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$FIONREAD(r0, 0x545d, &(0x7f0000000000))
04:13:17 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x4b49, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:13:17 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:13:17 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 97)
04:13:17 executing program 6:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$nl_generic(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000001a0011cd00000000fdff0000000000000002"], 0x1c}}, 0x0)
readv(r0, &(0x7f00000004c0)=[{&(0x7f0000001300)=""/4096, 0x1000}], 0x1)
readv(r0, &(0x7f0000005500)=[{&(0x7f00000042c0)=""/222, 0xde}], 0x1)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x400000, 0x0)
r2 = fork()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000340)={<r4=>0x0}, &(0x7f0000000380)=0xc)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
setresuid(0x0, 0x0, r5)
sendmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r4, r5}}}], 0x20}, 0x0)
clone3(&(0x7f0000001e00)={0x21240400, &(0x7f00000001c0), &(0x7f0000001bc0), &(0x7f0000001b80), {0x1b}, &(0x7f0000001f00)=""/149, 0x95, &(0x7f0000001d00)=""/170, &(0x7f0000001dc0)=[0x0, r4, 0xffffffffffffffff], 0x53}, 0x58)
sendmsg$nl_generic(r1, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000002c0)={&(0x7f0000000100)={0x198, 0x2f, 0x208, 0x70bd27, 0x25dfdbff, {0xe}, [@typed={0x8, 0x25, 0x0, 0x0, @fd=r0}, @generic="aebaee50ac748afeb9ee7d8662a3c9eac1a69b1b75d7cb9e226c1bf8dd39b1a85c0bedbb21d11499396e293561a10ba88031d96414caa1c1f00ee6e27271abf7951782cec7edcf8c503969e27158d7d6f1bf622d536f0119c166f4e4143e396f591dbaf1ab8788a86c628198281b891e8f36d89878ab9c3071d2527b7ae1d48208cde9f9490cc1f9e516f637d74a7e083bb280a9ba4baaae2a6e02a8b34b32fbb526b64d5c02bb3992ea11e6c2", @generic="b06a7952049a9ff5b770d6e403dbff773f052f9facef3fd57a1afe84c009f056417ae3c6", @nested={0xa5, 0x75, 0x0, 0x1, [@generic="f5d8bf2b16a27cf027343c0f5b364c0b5b679e7da2a33beeccc0fb90be2ad42da61efc7557a549e3c2e1555a59bd250f67ee23e61402b22f45ca8cc2bd47759efebd784466bea24ad5c980c2fc837eee844de04a7e5d436a19e66096ebb0455c2001c1bfc010f6943d0a79b0a77c69d470b8d178ced37d5f4497dd52c77f85f70e7d0d290659a33fa8295949f862911866", @typed={0x8, 0x26, 0x0, 0x0, @pid=r2}, @typed={0x8, 0x2f, 0x0, 0x0, @pid=r4}]}]}, 0x198}, 0x1, 0x0, 0x0, 0x24000040}, 0x1)
04:13:17 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f00000000c0)={0x1f, 0x7, @any, 0x0, 0x1}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
[ 1921.979228] FAULT_INJECTION: forcing a failure.
[ 1921.979228] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1921.981870] CPU: 0 PID: 9845 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1921.983416] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1921.985259] Call Trace:
[ 1921.986064] dump_stack+0x107/0x167
[ 1921.986891] should_fail.cold+0x5/0xa
[ 1921.987735] ? copyin.part.0+0x112/0x140
[ 1921.988652] copy_page_from_iter+0x74d/0x900
[ 1921.989655] blk_rq_map_user_iov+0x138b/0x1a60
[ 1921.990692] ? copy_user_generic_string+0x2c/0x40
[ 1921.991774] ? iovec_from_user+0x104/0x400
[ 1921.992724] ? blk_rq_unmap_user+0x750/0x750
[ 1921.993711] ? __import_iovec+0x458/0x590
[ 1921.994668] ? import_iovec+0x83/0xb0
[ 1921.995544] sg_common_write.constprop.0+0xba7/0x1a30
[ 1921.996732] ? sg_build_indirect.isra.0+0x710/0x710
[ 1921.997879] ? __might_fault+0x73/0x180
[ 1921.998787] ? lock_downgrade+0x6d0/0x6d0
[ 1921.999713] ? cap_capable+0x1cd/0x230
[ 1922.000599] ? capable+0xe1/0x100
[ 1922.001380] sg_new_write.isra.0+0x529/0x770
[ 1922.002390] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1922.003605] ? lock_downgrade+0x6d0/0x6d0
[ 1922.004554] ? _cond_resched+0x12/0x80
[ 1922.005433] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1922.006725] ? scsi_check_sense+0x10f0/0x10f0
[ 1922.007730] ? perf_trace_lock+0xac/0x490
[ 1922.008652] ? perf_trace_lock+0xac/0x490
[ 1922.009601] sg_ioctl_common+0x828/0x2570
[ 1922.010544] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1922.011708] ? do_vfs_ioctl+0x283/0x10d0
[ 1922.012619] ? sg_write+0x120/0x120
[ 1922.013440] ? generic_block_fiemap+0x60/0x60
[ 1922.014447] ? lock_downgrade+0x6d0/0x6d0
[ 1922.015379] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1922.016461] ? wait_for_completion_io+0x270/0x270
[ 1922.017556] ? selinux_file_ioctl+0xb6/0x270
[ 1922.018544] ? sg_compat_ioctl+0x120/0x120
[ 1922.019496] sg_ioctl+0x8f/0x120
[ 1922.020259] __x64_sys_ioctl+0x19a/0x210
[ 1922.021171] do_syscall_64+0x33/0x40
[ 1922.022004] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1922.023157] RIP: 0033:0x7fde33c83b19
[ 1922.023986] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1922.028114] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1922.029814] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1922.031411] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1922.033008] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1922.034606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1922.036199] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:13:17 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4e", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:13:17 executing program 6:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$nl_generic(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000001a0011cd00000000fdff0000000000000002"], 0x1c}}, 0x0)
readv(r0, &(0x7f00000004c0)=[{&(0x7f0000001300)=""/4096, 0x1000}], 0x1)
readv(r0, &(0x7f0000005500)=[{&(0x7f00000042c0)=""/222, 0xde}], 0x1)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x400000, 0x0)
fork()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000340)={<r2=>0x0}, &(0x7f0000000380)=0xc)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
setresuid(0x0, 0x0, r3)
sendmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r2, r3}}}], 0x20}, 0x0)
clone3(&(0x7f0000001e00)={0x21240400, &(0x7f00000001c0), &(0x7f0000001bc0), &(0x7f0000001b80), {0x1b}, &(0x7f0000001f00)=""/149, 0x95, &(0x7f0000001d00)=""/170, &(0x7f0000001dc0)=[0x0, r2, 0xffffffffffffffff], 0x53}, 0x58)
04:13:17 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x96, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), 0xffffffffffffffff)
ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, 0xffffffffffffffff)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000340)={<r3=>0x0}, &(0x7f0000000380)=0xc)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
sendmsg$NL80211_CMD_GET_KEY(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="74000000a01b4e084752010000000000000082a0c9", @ANYRES16=r1, @ANYBLOB="000028bd7000fedbdf25090000000c00990000000000250000000a000600080211000000000004000b0014006e80040002000400020004000100040002002c0050800500020002000000050002000200000018000880040002000400010004000100040001000400020004000b00"], 0x74}, 0x1, 0x0, 0x0, 0x40011}, 0x20044841)
setresuid(0x0, 0x0, r4)
sendmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r3, r4}}}], 0x20}, 0x0)
clone3(&(0x7f0000001e00)={0x21240400, &(0x7f00000001c0)=<r5=>0xffffffffffffffff, &(0x7f0000001bc0)=<r6=>0x0, &(0x7f0000001b80), {0x1b}, &(0x7f0000001f00)=""/149, 0x95, &(0x7f0000001d00)=""/170, &(0x7f0000001dc0)=[0x0, r3, 0xffffffffffffffff], 0x53}, 0x58)
clone3(&(0x7f00000005c0)={0x200, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000300)=<r7=>0x0, {0x25}, &(0x7f00000004c0)=""/161, 0xa1, &(0x7f0000000440)=""/58, &(0x7f0000000580)=[r3, r3, r3, r6, r3], 0x5}, 0x58)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000640)=<r8=>0x0)
r9 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r10 = fcntl$dupfd(r9, 0x0, r9)
ioctl$SG_IO(r10, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x4, 0x0})
kcmp(r7, r8, 0x2, r10, r5)
perf_event_open(&(0x7f0000000040)={0x4, 0x80, 0x0, 0x10, 0x7, 0x3, 0x0, 0x8, 0xa8400, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x4, @perf_bp={&(0x7f0000000000), 0x1}, 0x4080, 0x40, 0x4, 0x1, 0x5, 0x9, 0x800, 0x0, 0x20, 0x0, 0x100000001}, r3, 0xc, r0, 0x3)
utime(0x0, 0x0)
04:13:17 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x3e, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:13:17 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:13:17 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x4, 0x0)
timer_create(0x3, 0x0, &(0x7f0000000040)=<r3=>0x0)
timer_settime(r3, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
clock_gettime(0x0, &(0x7f00000000c0)={<r4=>0x0, <r5=>0x0})
timer_settime(r3, 0x0, &(0x7f0000000100)={{r4, r5+10000000}, {0x77359400}}, &(0x7f0000000140))
bind$bt_l2cap(r2, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb, 0x1}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:13:17 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 98)
04:13:17 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x541b, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
[ 1922.363336] FAULT_INJECTION: forcing a failure.
[ 1922.363336] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1922.366320] CPU: 1 PID: 9873 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1922.367761] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1922.369503] Call Trace:
[ 1922.370065] dump_stack+0x107/0x167
[ 1922.370848] should_fail.cold+0x5/0xa
[ 1922.371650] ? copyin.part.0+0x112/0x140
[ 1922.372511] copy_page_from_iter+0x74d/0x900
[ 1922.373452] blk_rq_map_user_iov+0x138b/0x1a60
[ 1922.374449] ? __sanitizer_cov_trace_const_cmp4+0x20/0x20
[ 1922.375606] ? iovec_from_user+0x104/0x400
[ 1922.376507] ? blk_rq_unmap_user+0x750/0x750
[ 1922.377438] ? __import_iovec+0x458/0x590
[ 1922.378335] ? import_iovec+0x83/0xb0
[ 1922.379148] sg_common_write.constprop.0+0xba7/0x1a30
[ 1922.380237] ? sg_build_indirect.isra.0+0x710/0x710
[ 1922.381288] ? __might_fault+0x73/0x180
[ 1922.382122] ? lock_downgrade+0x6d0/0x6d0
[ 1922.383007] ? cap_capable+0x1cd/0x230
[ 1922.383832] ? capable+0xe1/0x100
[ 1922.384567] sg_new_write.isra.0+0x529/0x770
[ 1922.385500] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1922.386637] ? lock_downgrade+0x6d0/0x6d0
[ 1922.387533] ? _cond_resched+0x12/0x80
[ 1922.388347] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1922.389555] ? scsi_check_sense+0x10f0/0x10f0
[ 1922.390503] ? perf_trace_lock+0xac/0x490
[ 1922.391370] ? perf_trace_lock+0xac/0x490
[ 1922.392302] sg_ioctl_common+0x828/0x2570
[ 1922.393174] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1922.394265] ? do_vfs_ioctl+0x283/0x10d0
[ 1922.395118] ? sg_write+0x120/0x120
[ 1922.395878] ? generic_block_fiemap+0x60/0x60
[ 1922.396819] ? lock_downgrade+0x6d0/0x6d0
[ 1922.397688] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1922.398709] ? wait_for_completion_io+0x270/0x270
[ 1922.399778] ? selinux_file_ioctl+0xb6/0x270
[ 1922.400961] ? sg_compat_ioctl+0x120/0x120
[ 1922.402067] sg_ioctl+0x8f/0x120
[ 1922.402799] __x64_sys_ioctl+0x19a/0x210
[ 1922.403657] do_syscall_64+0x33/0x40
[ 1922.404443] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1922.405521] RIP: 0033:0x7fde33c83b19
[ 1922.406308] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1922.410190] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1922.411818] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1922.413335] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1922.414839] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1922.416333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1922.417832] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:13:18 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:13:18 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x41, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:13:18 executing program 6:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$nl_generic(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000001a0011cd00000000fdff0000000000000002"], 0x1c}}, 0x0)
readv(r0, &(0x7f00000004c0)=[{&(0x7f0000001300)=""/4096, 0x1000}], 0x1)
readv(r0, &(0x7f0000005500)=[{&(0x7f00000042c0)=""/222, 0xde}], 0x1)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x400000, 0x0)
fork()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000340)={<r2=>0x0}, &(0x7f0000000380)=0xc)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
setresuid(0x0, 0x0, r3)
sendmsg$unix(r1, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r2, r3}}}], 0x20}, 0x0)
04:13:18 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:13:34 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x5421, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:13:34 executing program 6:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$nl_generic(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000001a0011cd00000000fdff0000000000000002"], 0x1c}}, 0x0)
readv(r0, &(0x7f00000004c0)=[{&(0x7f0000001300)=""/4096, 0x1000}], 0x1)
readv(r0, &(0x7f0000005500)=[{&(0x7f00000042c0)=""/222, 0xde}], 0x1)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x400000, 0x0)
fork()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000340), &(0x7f0000000380)=0xc)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setresuid(0x0, 0x0, r2)
04:13:34 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:13:34 executing program 0:
sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, 0x0, 0x80)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_WOL_GET(0xffffffffffffffff, 0x0, 0x24040101)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040), 0xc, 0x0}, 0x40000)
syz_mount_image$ext4(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0x200800, 0x0)
openat(r0, &(0x7f0000000080)='./file1\x00', 0x228802, 0x64)
mount$9p_tcp(0x0, &(0x7f00000000c0)='./file0/../file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={'trans=tcp,', {'port', 0x3d, 0x100000000000000}})
r1 = perf_event_open(&(0x7f0000000080)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r2=>0xffffffffffffffff, {0xee00, 0xee00}}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r2, 0xc018937b, &(0x7f00000005c0)=ANY=[])
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001000010000000000000000960000090005000000000000000500008048000000"], 0x24}}, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000100)={0x3000000a})
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x9, 0x0, 0x7, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r2, 0xc018937e, &(0x7f0000000600)=ANY=[@ANYBLOB="010000000100000018000000", @ANYRES32=<r4=>r2, @ANYBLOB="020000000000000000000000000029080f52b33d8d174a85aa0e450883b6eefcbb0a273ff678d96b1eb6bfe4f014a4a438a7d555aadfd9"])
sendmsg$AUDIT_GET_FEATURE(r4, &(0x7f0000000500)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x5008c00c}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x3fb, 0x10, 0x70bd2b, 0x25dfdbfb, "", ["", "", "", "", "", ""]}, 0x10}}, 0x8804)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = dup(r5)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
04:13:34 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x42, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:13:34 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 99)
04:13:34 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:13:34 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040)=<r1=>0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timer_settime(r1, 0x1, &(0x7f00000000c0)={{0x0, 0x3938700}, {0x77359400}}, &(0x7f0000000100))
clock_gettime(0x0, &(0x7f0000000140)={<r2=>0x0, <r3=>0x0})
timer_settime(0x0, 0x1, &(0x7f00000001c0)={{r2, r3+10000000}, {0x0, 0x3938700}}, &(0x7f0000000200))
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match', 0x0, 0x0)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/power/reserved_size', 0x22902, 0x0)
copy_file_range(r4, 0x0, r5, 0x0, 0xa1, 0x0)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r6, &(0x7f0000000240)={0x1f, 0x3, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0xfffb, 0x2}, 0xe)
connect$bt_l2cap(r6, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
getsockopt$bt_l2cap_L2CAP_OPTIONS(r4, 0x6, 0x1, &(0x7f0000000280), &(0x7f00000002c0)=0xc)
fcntl$setlease(r5, 0x400, 0x2)
[ 1938.784454] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[ 1938.795921] FAULT_INJECTION: forcing a failure.
[ 1938.795921] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1938.798421] CPU: 1 PID: 9905 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1938.799869] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1938.801610] Call Trace:
[ 1938.802164] dump_stack+0x107/0x167
[ 1938.802943] should_fail.cold+0x5/0xa
[ 1938.803733] ? copyin.part.0+0x112/0x140
[ 1938.804582] copy_page_from_iter+0x74d/0x900
[ 1938.805516] blk_rq_map_user_iov+0x138b/0x1a60
[ 1938.806476] ? copy_user_generic_string+0x2c/0x40
[ 1938.807495] ? iovec_from_user+0x104/0x400
[ 1938.808374] ? blk_rq_unmap_user+0x750/0x750
[ 1938.809298] ? __import_iovec+0x458/0x590
[ 1938.810175] ? import_iovec+0x83/0xb0
[ 1938.810985] sg_common_write.constprop.0+0xba7/0x1a30
[ 1938.812073] ? sg_build_indirect.isra.0+0x710/0x710
[ 1938.813114] ? __might_fault+0x73/0x180
[ 1938.813955] ? lock_downgrade+0x6d0/0x6d0
[ 1938.814844] ? cap_capable+0x1cd/0x230
[ 1938.815667] ? capable+0xe1/0x100
[ 1938.816396] sg_new_write.isra.0+0x529/0x770
[ 1938.817326] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1938.818454] ? lock_downgrade+0x6d0/0x6d0
[ 1938.819345] ? _cond_resched+0x12/0x80
[ 1938.820171] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1938.821379] ? scsi_check_sense+0x10f0/0x10f0
[ 1938.822306] ? perf_trace_lock+0xac/0x490
[ 1938.823181] ? perf_trace_lock+0xac/0x490
[ 1938.824064] sg_ioctl_common+0x828/0x2570
[ 1938.824930] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1938.826010] ? do_vfs_ioctl+0x283/0x10d0
[ 1938.826862] ? sg_write+0x120/0x120
[ 1938.827624] ? generic_block_fiemap+0x60/0x60
[ 1938.828565] ? lock_downgrade+0x6d0/0x6d0
[ 1938.829431] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1938.830439] ? wait_for_completion_io+0x270/0x270
[ 1938.831672] ? selinux_file_ioctl+0xb6/0x270
[ 1938.832756] ? sg_compat_ioctl+0x120/0x120
[ 1938.833815] sg_ioctl+0x8f/0x120
[ 1938.834667] __x64_sys_ioctl+0x19a/0x210
[ 1938.835719] do_syscall_64+0x33/0x40
[ 1938.836588] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1938.837733] RIP: 0033:0x7fde33c83b19
[ 1938.838625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1938.842978] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1938.844769] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1938.846455] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1938.848004] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1938.849492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1938.850984] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
[ 1938.892572] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
04:13:34 executing program 6:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$nl_generic(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000001a0011cd00000000fdff0000000000000002"], 0x1c}}, 0x0)
readv(r0, &(0x7f00000004c0)=[{&(0x7f0000001300)=""/4096, 0x1000}], 0x1)
readv(r0, &(0x7f0000005500)=[{&(0x7f00000042c0)=""/222, 0xde}], 0x1)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x400000, 0x0)
fork()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000340), &(0x7f0000000380)=0xc)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00))
04:13:34 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x43, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:13:34 executing program 0:
r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, 0x58, &(0x7f0000000180)=[{&(0x7f0000000140)="eb3c906d6b66732e66617400020801000470008400f801", 0x17}, {0x0, 0x0, 0x1001000a00}], 0x2800018, &(0x7f0000000240)=ANY=[])
chdir(&(0x7f0000000040)='./file0\x00')
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x105142, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/exe\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000100)='./file1\x00', 0x12040, 0x4c)
sendfile(r1, r2, 0x0, 0x100040c50)
04:13:34 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x5450, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:13:34 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0}) (fail_nth: 100)
04:13:34 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
timer_create(0x1, &(0x7f0000000140)={0x0, 0x3e, 0x1, @thr={&(0x7f00000000c0)="6589b5b9fe8922f61a345010a03e068c4277760f59f2d882b6fb8cfd40548f13c352b81dd2c9b93eb69785911e30c841bb53a6cbaba9ff048a3dfb48e8a9aa3ee098a3be2c5e5d3ecda6bae3cba4543bbf6f6e2d7644fca6251df2e0694891b8027acafa7a5fd390337e30a7faafe04afb1f1efbdfb7", &(0x7f00000001c0)="17f046cf3c86e04514d58b9d3c59bf9bf31a30d06e266cc9da107320d940feed7af3edcffbe10a43e49b0b81b46a8a0ffb9a85d559ba2345cf76bbf81e07c422974f9b43d107d00f0a98fffd987d64c0deeca5d773300144c8d486203036e191745fad02e0284e739d05a7ae498f1275e4d8b2d422f8fed57e30d4892c61c73d7a58d7b8dd9351f93776cb086a21f0b489339467e0cc7f0a6c43f034794e89b2bda9b28a9ffc"}}, &(0x7f0000000280))
04:13:34 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:13:34 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
[ 1939.369272] FAULT_INJECTION: forcing a failure.
[ 1939.369272] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1939.371793] CPU: 1 PID: 9938 Comm: syz-executor.5 Not tainted 5.10.232 #1
[ 1939.373466] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1939.375477] Call Trace:
[ 1939.376034] dump_stack+0x107/0x167
[ 1939.376818] should_fail.cold+0x5/0xa
[ 1939.377603] ? copyin.part.0+0x112/0x140
[ 1939.378458] copy_page_from_iter+0x74d/0x900
[ 1939.379392] blk_rq_map_user_iov+0x138b/0x1a60
[ 1939.380342] ? copy_user_generic_string+0x2c/0x40
[ 1939.381351] ? iovec_from_user+0x104/0x400
[ 1939.382218] ? blk_rq_unmap_user+0x750/0x750
[ 1939.383223] ? __import_iovec+0x458/0x590
[ 1939.384137] ? import_iovec+0x83/0xb0
[ 1939.385087] sg_common_write.constprop.0+0xba7/0x1a30
[ 1939.386244] ? sg_build_indirect.isra.0+0x710/0x710
[ 1939.387290] ? __might_fault+0x73/0x180
[ 1939.388114] ? lock_downgrade+0x6d0/0x6d0
[ 1939.388969] ? cap_capable+0x1cd/0x230
[ 1939.389780] ? capable+0xe1/0x100
[ 1939.390507] sg_new_write.isra.0+0x529/0x770
[ 1939.391422] ? sg_common_write.constprop.0+0x1a30/0x1a30
[ 1939.392532] ? lock_downgrade+0x6d0/0x6d0
[ 1939.393596] ? _cond_resched+0x12/0x80
[ 1939.394498] ? scsi_block_when_processing_errors+0x2a6/0x370
[ 1939.395895] ? scsi_check_sense+0x10f0/0x10f0
[ 1939.396821] ? perf_trace_lock+0xac/0x490
[ 1939.397674] ? perf_trace_lock+0xac/0x490
[ 1939.398543] sg_ioctl_common+0x828/0x2570
[ 1939.399414] ? __sanitizer_cov_trace_switch+0x45/0x80
[ 1939.400643] ? do_vfs_ioctl+0x283/0x10d0
[ 1939.401556] ? sg_write+0x120/0x120
[ 1939.402341] ? generic_block_fiemap+0x60/0x60
[ 1939.403524] ? lock_downgrade+0x6d0/0x6d0
[ 1939.404577] ? __mutex_unlock_slowpath+0xe1/0x600
[ 1939.405600] ? wait_for_completion_io+0x270/0x270
[ 1939.406676] ? selinux_file_ioctl+0xb6/0x270
[ 1939.407656] ? sg_compat_ioctl+0x120/0x120
[ 1939.408704] sg_ioctl+0x8f/0x120
[ 1939.409458] __x64_sys_ioctl+0x19a/0x210
[ 1939.410298] do_syscall_64+0x33/0x40
[ 1939.411207] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1939.412434] RIP: 0033:0x7fde33c83b19
[ 1939.413269] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1939.417572] RSP: 002b:00007fde311f9188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1939.419165] RAX: ffffffffffffffda RBX: 00007fde33d96f60 RCX: 00007fde33c83b19
[ 1939.420824] RDX: 00000000200003c0 RSI: 0000000000002285 RDI: 0000000000000005
[ 1939.422459] RBP: 00007fde311f91d0 R08: 0000000000000000 R09: 0000000000000000
[ 1939.423958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[ 1939.425428] R13: 00007ffff81f1dcf R14: 00007fde311f9300 R15: 0000000000022000
04:13:55 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:13:55 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x5451, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:13:55 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x44, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:13:55 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:13:55 executing program 6:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$nl_generic(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000001a0011cd00000000fdff0000000000000002"], 0x1c}}, 0x0)
readv(r0, &(0x7f00000004c0)=[{&(0x7f0000001300)=""/4096, 0x1000}], 0x1)
readv(r0, &(0x7f0000005500)=[{&(0x7f00000042c0)=""/222, 0xde}], 0x1)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x400000, 0x0)
fork()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000340), &(0x7f0000000380)=0xc)
04:13:55 executing program 0:
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000a00)=ANY=[@ANYBLOB="98000000200039040000000000000000020000000dc0c23671f1a964651e4d52c3dc9432e6af519d60c901a7ea83dce8f6a9c36adbbf7c23348ed7953cc124f0f2e2f1324bf1187b4e1f5a7bf5116e03f38056144e579e46004fbfb9ae80572129d57aa41a4c792b56978ebd2e72f57ca14145d7bcd879afed4e97abd691d56cf2d815f272170c0031000000000000000000bb3e3c7562af739c74b82fd57e7bd51e163e9c2394948632056b9357f234b64631cba457c59e6d0eae9098c89e3c7aa8b1cbc03bd65f9dbe493575381cd02ff835bb74263161cff69945516e14595dfad881c353d7fb9bbdc2fb19f3306b4f29f5ac8dddb9186aa055b9a9547a834f1d619073f3ccf4b3acda5d78a8cff254a2de72f20938d689ca4044e9b0a30200278183e00f05d56ee58c70cc78d1fe11e55c898d61e09dd9cc4bde7d952f33df697d06ffd93de78dd16ff6fabb99fb6b42eb449d317ff0f62c982878d984496c08a7a672102affbb245b18bb390e66298d7220110693dd4d00d4a7b9a75298857b75fa243b23c8cf9643bb00000000005fcbe43f062951cd61eb7fd89947c9213bca5dc0b89a2e850f5d485e58951dd7d1e27236dc52ce2c5ad9c73e0a6140224a516c41604d7981f0c5d28db9d69e06008070a1c8a29ab4b046f86a311abcd1aedb3726442528292ebb13fb2e320499e3d0ed0f624e2d941077db1120084174ca637e1c74bddecf39ecb482a0e075210ffa8c8a3f5cdf7889058aba7fbf979e986c22e25e82884240d5dc6aaab10fe2ee4df09527c6d9c18ef983eb5ffb44cdf9e7f785eb60881ee6632f2783fc485616db255f9b8730aff47c8629f4bf50f73351c37855a123b50000000000000000000000000000000000001771ea33507e40173d63aebdeadaa622c4e043e67452b3fc214773084722a9fd22ca264adf687c74e7374f9a3090e720b2fa91884c9140357f1a3a6c5058f90d7f99174f15784111a163c1b2af78456bcbb3b05c0f8021ac02afe219f68cdfb38e1375ff28bbb86adc01b826d042f884302dc0e7385e55558ae37b9f3132a87b1779518b43bf00"/781], 0x98}}, 0x0)
close_range(r1, r0, 0x0)
perf_event_open(&(0x7f0000000640)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, r0, 0x0)
fcntl$addseals(r1, 0x409, 0x8)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = add_key$keyring(0x0, &(0x7f0000000400)={'syz', 0x2}, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_WRITE={0x17, 0x2, 0x0, @fd_index=0x2, 0x8, &(0x7f0000000000)="ef3003e7d4d5730dd9bc0d2116cbd2ec2d4cef7a97c67262d0882d05da47c1147ab3a8e1b3dfac797791d00529f0be39c7c3024db4d3ec4b7b6dc1", 0x3b, 0xc, 0x1}, 0x9)
add_key$keyring(&(0x7f00000000c0), &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0x0)
r4 = add_key$keyring(&(0x7f0000000080), 0x0, 0x0, 0x0, r3)
r5 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000500)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffc)
sendmsg$NFT_MSG_GETSET(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000003c0)={&(0x7f00000006c0)={0x98, 0xa, 0xa, 0x401, 0x0, 0x0, {0x0, 0x0, 0x8}, [@NFTA_SET_OBJ_TYPE={0x8, 0xf, 0x1, 0x0, 0x4}, @NFTA_SET_HANDLE={0xc, 0x10, 0x1, 0x0, 0x1}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_DESC={0x24, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x40}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x2}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x31}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_OBJ_TYPE={0x8, 0xf, 0x1, 0x0, 0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_EXPR={0x14, 0x11, 0x0, 0x1, @payload={{0xc}, @val={0x4}}}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x28}]}, 0x98}, 0x1, 0x0, 0x0, 0x40004}, 0x80)
request_key(&(0x7f00000002c0)='id_legacy\x00', &(0x7f0000000340)={'syz', 0x2}, &(0x7f0000000380)='\x00', r4)
r6 = add_key(&(0x7f0000000200)='keyring\x00', &(0x7f00000004c0)={'syz', 0x1}, &(0x7f0000000540)="18726d0eed55eaa57fc580dc3a0b12e0a5ee08da294ac8119c4c73f93694f2a935d17a81959d084839f846dca8739131e4a9c45c6509af44529537eae3b5a4793a9a0aacfd7a75f2b566b874939829b82a35d20d1985a92c5d7ba971251e89286f64438db33a7f05fb0d1707fd3fa27a56032a79c1d09558fbbfcb2e5f36d3e7e1c749ad35c2064fa087cf6359507a36eb69853e0cdd920cbb7586aedf5a2e5a9a1a6b8d11c08a14918b01d07c92179dfae1ef58835b5fa4be28fbd3b3eac1c9f3cf74fbe25748c55d23902439133eecfafb2e0f", 0xd4, 0xfffffffffffffffa)
ioctl$KDSKBENT(r2, 0x4b47, &(0x7f0000000140)={0x6, 0x1, 0x200})
add_key(0x0, 0x0, 0x0, 0x0, r6)
add_key$keyring(&(0x7f0000000100), &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0, r5)
syz_open_procfs(0xffffffffffffffff, 0x0)
unshare(0x48020200)
04:13:55 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:13:55 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040)=<r1=>0x0)
timer_create(0x3, 0x0, &(0x7f0000000040)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timer_settime(r2, 0x0, &(0x7f00000000c0)={{0x0, 0x989680}}, &(0x7f0000000100))
timer_settime(r1, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timer_gettime(r2, &(0x7f0000000140))
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r3, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
[ 1960.296267] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.0'.
04:13:56 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:13:56 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:13:56 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f00000000c0)={0x1f, 0x3, @any, 0x1ff, 0x1}, 0xe)
04:13:56 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:13:56 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x45, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:13:56 executing program 6:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$nl_generic(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000001a0011cd00000000fdff0000000000000002"], 0x1c}}, 0x0)
readv(r0, &(0x7f00000004c0)=[{&(0x7f0000001300)=""/4096, 0x1000}], 0x1)
readv(r0, &(0x7f0000005500)=[{&(0x7f00000042c0)=""/222, 0xde}], 0x1)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x400000, 0x0)
fork()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480))
[ 1960.428062] netlink: 124 bytes leftover after parsing attributes in process `syz-executor.0'.
04:13:56 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x5452, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:13:56 executing program 0:
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000100), 0xf}, 0x1010, 0x84b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = pkey_alloc(0x0, 0x2)
pkey_mprotect(&(0x7f0000ff5000/0x4000)=nil, 0x4000, 0x1000000, 0xffffffffffffffff)
pkey_mprotect(&(0x7f0000ff6000/0x3000)=nil, 0x3000, 0x0, 0xffffffffffffffff)
pkey_mprotect(&(0x7f0000ff8000/0x3000)=nil, 0x3000, 0x2000002, 0xffffffffffffffff)
r2 = pkey_alloc(0x0, 0x5)
pkey_mprotect(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, r2)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, 0x0)
pkey_mprotect(&(0x7f0000fed000/0x13000)=nil, 0x13000, 0x0, r1)
pkey_mprotect(&(0x7f0000ff1000/0x1000)=nil, 0x1000, 0x9, r1)
pkey_mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000004, 0xffffffffffffffff)
pkey_free(r1)
r3 = gettid()
pkey_mprotect(&(0x7f0000ff3000/0x4000)=nil, 0x4000, 0x3000008, r2)
rt_tgsigqueueinfo(0x0, r3, 0x0, &(0x7f0000000000)={0x0, 0x0, 0xf9ffffff})
perf_event_open(&(0x7f0000000040)={0x0, 0x80, 0xdf, 0x3, 0x8, 0x0, 0x0, 0x4, 0x10010, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x3, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x800000, 0x2, @perf_bp={&(0x7f00000000c0), 0x1}, 0x33a5, 0x1, 0x6, 0x9, 0xc1dd, 0xa30, 0x8, 0x0, 0x9}, 0x0, 0xf, r0, 0x0)
munlock(&(0x7f0000ff2000/0x3000)=nil, 0x3000)
r4 = creat(&(0x7f0000000000)='./file1\x00', 0x0)
fallocate(r4, 0x0, 0x0, 0x10001)
04:13:56 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x1267, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:13:56 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:13:56 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x46, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:14:12 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a4000000", @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:14:12 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
04:14:12 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x47, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:14:12 executing program 0:
mlock2(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x8, 0x2000000000000000}, 0x11010, 0x84b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = pkey_alloc(0x0, 0x2)
r2 = pkey_alloc(0x0, 0x5)
mbind(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x3, &(0x7f00000000c0)=0x20, 0x100, 0x0)
pkey_mprotect(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, r2)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000019c0)=ANY=[@ANYBLOB="280000001a00210c00000000000000020ae6000008000000000000000a001c000101010101010000"], 0x28}}, 0x0)
pkey_mprotect(&(0x7f0000fed000/0x13000)=nil, 0x13000, 0x0, r1)
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x3)
pkey_mprotect(&(0x7f0000ff1000/0x1000)=nil, 0x1000, 0x9, r1)
gettid()
pkey_mprotect(&(0x7f0000ff3000/0x4000)=nil, 0x4000, 0x3000008, r2)
r4 = getpid()
perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0xdf, 0x3, 0x8, 0x0, 0x0, 0x4, 0x10010, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x3, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x800000, 0x2, @perf_config_ext={0x4000000000009e, 0x8}, 0x11a4, 0x1, 0x6, 0x9, 0xc1dd, 0xa30, 0x8, 0x0, 0x8}, r4, 0xf, r0, 0x0)
munlock(&(0x7f0000ff2000/0x3000)=nil, 0x3000)
r5 = creat(&(0x7f0000000000)='./file1\x00', 0x0)
fallocate(r5, 0x0, 0x0, 0x8800000)
04:14:12 executing program 6:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$nl_generic(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000001a0011cd00000000fdff0000000000000002"], 0x1c}}, 0x0)
readv(r0, &(0x7f00000004c0)=[{&(0x7f0000001300)=""/4096, 0x1000}], 0x1)
readv(r0, &(0x7f0000005500)=[{&(0x7f00000042c0)=""/222, 0xde}], 0x1)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x400000, 0x0)
fork()
04:14:12 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x1274, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:14:12 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040)=<r1=>0x0)
timer_create(0x0, &(0x7f0000000140)={0x0, 0x3f, 0x2, @tid=r0}, &(0x7f00000001c0)=<r2=>0x0)
clock_gettime(0x0, &(0x7f0000000200)={<r3=>0x0, <r4=>0x0})
timer_settime(r2, 0x1, &(0x7f0000000240)={{r3, r4+60000000}, {0x77359400}}, &(0x7f0000000280))
timer_settime(r1, 0x1, &(0x7f00000000c0), &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r5, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
timer_settime(r1, 0x1, &(0x7f00000002c0), 0x0)
timer_create(0x3, 0x0, &(0x7f0000000040)=<r6=>0x0)
timer_settime(r6, 0x0, &(0x7f0000000480)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timer_settime(r6, 0x0, &(0x7f0000000300)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000340))
connect$bt_l2cap(r5, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:14:12 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x5460, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
[ 1976.389244] netlink: 'syz-executor.0': attribute type 28 has an invalid length.
04:14:12 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:14:12 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
04:14:12 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x48, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:14:12 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x1275, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
[ 1976.458185] netlink: 'syz-executor.0': attribute type 28 has an invalid length.
04:14:12 executing program 6:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$nl_generic(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000001a0011cd00000000fdff0000000000000002"], 0x1c}}, 0x0)
readv(r0, &(0x7f00000004c0)=[{&(0x7f0000001300)=""/4096, 0x1000}], 0x1)
readv(r0, &(0x7f0000005500)=[{&(0x7f00000042c0)=""/222, 0xde}], 0x1)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000040), 0x400000, 0x0)
04:14:12 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x8901, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:14:12 executing program 0:
r0 = fcntl$getown(0xffffffffffffffff, 0x9)
wait4(r0, 0x0, 0x1000001, &(0x7f0000000000))
r1 = openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x9)
sendfile(r2, r1, 0x0, 0x4000007ffffffc)
04:14:12 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:14:12 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1)
syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
04:14:12 executing program 6:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$nl_generic(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000001a0011cd00000000fdff0000000000000002"], 0x1c}}, 0x0)
readv(r0, &(0x7f00000004c0)=[{&(0x7f0000001300)=""/4096, 0x1000}], 0x1)
readv(r0, &(0x7f0000005500)=[{&(0x7f00000042c0)=""/222, 0xde}], 0x1)
04:14:12 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x49, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:14:12 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x1276, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:14:12 executing program 0:
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4304, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_io_uring_setup(0x620e, &(0x7f0000000180), &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f00000000c0)='./file0\x00', 0x2, 0x200080, 0x23456}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000e, 0x13, r0, 0x0)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0xf, 0x13, r0, 0x8000000)
syz_io_uring_submit(r4, r2, &(0x7f0000000340)=@IORING_OP_RECVMSG={0xa, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x40012103, 0x1}, 0x80000001)
io_uring_enter(r0, 0x58ab, 0x8da1, 0x0, 0x0, 0x0)
04:14:12 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x8902, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:14:27 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
fcntl$getownex(r1, 0x10, &(0x7f00000000c0)={0x0, <r2=>0x0})
syz_open_procfs(r2, &(0x7f0000000100)='gid_map\x00')
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:14:27 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x4a, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:14:27 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2201, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:14:27 executing program 6:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$nl_generic(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000001a0011cd00000000fdff0000000000000002"], 0x1c}}, 0x0)
readv(r0, &(0x7f00000004c0)=[{&(0x7f0000001300)=""/4096, 0x1000}], 0x1)
04:14:27 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:14:27 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x8903, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:14:27 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1) (fail_nth: 1)
syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
04:14:27 executing program 0:
ftruncate(0xffffffffffffffff, 0x0)
statx(0xffffffffffffffff, &(0x7f00000001c0)='./file1\x00', 0x1000, 0x400, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0})
lstat(&(0x7f00000002c0)='./file1\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
lstat(&(0x7f0000000780)='./file1\x00', &(0x7f00000007c0))
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000004c0)={{{@in, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@multicast1}, 0x0, @in6=@loopback}}, &(0x7f0000000140)=0xe8)
ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, 0xffffffffffffffff)
mount$9p_fd(0x0, &(0x7f0000000040)='./file1\x00', &(0x7f00000000c0), 0x2, &(0x7f0000000840)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid={'dfltgid', 0x3d, r0}}, {@posixacl}, {@access_any}, {@version_u}, {@dfltgid={'dfltgid', 0x3d, r1}}, {@version_9p2000}], [{@fowner_eq={'fowner', 0x3d, r2}}, {@dont_hash}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@measure}, {@smackfshat={'smackfshat', 0x3d, '\',\'A'}}, {@seclabel}, {@pcr={'pcr', 0x3d, 0x33}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@appraise}]}})
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x105142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0xc, &(0x7f0000000100)=0x3f, 0x4)
sendmsg$nl_generic(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001c80)={0x20, 0x12, 0x1, 0x0, 0x0, {}, [@generic="8cbb4f357ef3cdd1d4"]}, 0x20}}, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x48, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x2c, 0xe, {@with_ht={{{}, {}, @broadcast, @broadcast, @random="dd0b7470fe16"}}, 0x0, @default, 0x0, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}]]}, 0x48}}, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000380)=@IORING_OP_POLL_ADD={0x6, 0x6, 0x0, @fd, 0x0, 0x0, 0x0, {0x44}, 0x1}, 0x100)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r3, 0x6612)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x10, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x5d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4307, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x5, 0x400, 0x0, 0x0, 0x800000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000080)={0x1c, 0x1d, 0xc21, 0x0, 0x0, {0x4, 0x0, 0x2}, [@typed={0x8, 0xc, 0x0, 0x0, @u32}]}, 0x1c}}, 0x0)
04:14:27 executing program 6:
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$nl_generic(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000001a0011cd00000000fdff0000000000000002"], 0x1c}}, 0x0)
[ 1992.236216] FAULT_INJECTION: forcing a failure.
[ 1992.236216] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1992.239087] CPU: 1 PID: 10096 Comm: syz-executor.2 Not tainted 5.10.232 #1
[ 1992.240823] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 1992.242560] Call Trace:
[ 1992.243118] dump_stack+0x107/0x167
[ 1992.243898] should_fail.cold+0x5/0xa
[ 1992.244722] _copy_from_user+0x2e/0x1b0
[ 1992.245575] iovec_from_user+0x141/0x400
[ 1992.246430] __import_iovec+0x67/0x590
[ 1992.247246] ? perf_trace_lock+0xac/0x490
[ 1992.248114] ? SOFTIRQ_verbose+0x10/0x10
[ 1992.248982] import_iovec+0x83/0xb0
[ 1992.249766] vfs_writev+0xc1/0x620
[ 1992.250523] ? vfs_iter_write+0xa0/0xa0
[ 1992.251370] ? __fget_files+0x2cf/0x520
[ 1992.252200] ? lock_downgrade+0x6d0/0x6d0
[ 1992.253084] ? find_held_lock+0x2c/0x110
[ 1992.253955] ? ksys_write+0x12d/0x260
[ 1992.254778] ? __fget_files+0x2f8/0x520
[ 1992.255623] ? __fget_light+0xea/0x290
[ 1992.256462] do_writev+0x139/0x300
[ 1992.257280] ? vfs_writev+0x620/0x620
[ 1992.258097] ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 1992.259191] ? syscall_enter_from_user_mode+0x1d/0x50
[ 1992.260281] do_syscall_64+0x33/0x40
[ 1992.261077] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 1992.262150] RIP: 0033:0x7f98d13d7b19
[ 1992.262930] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 1992.266877] RSP: 002b:00007f98ce94d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 1992.268486] RAX: ffffffffffffffda RBX: 00007f98d14eaf60 RCX: 00007f98d13d7b19
[ 1992.270530] RDX: 0000000000000001 RSI: 00000000200004c0 RDI: 0000000000000004
[ 1992.272754] RBP: 00007f98ce94d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 1992.274871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1992.277056] R13: 00007fff9809c20f R14: 00007f98ce94d300 R15: 0000000000022000
04:14:41 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timer_create(0x2, &(0x7f00000000c0)={0x0, 0x9, 0x2, @tid=r0}, &(0x7f0000000100)=<r1=>0x0)
timer_gettime(r1, &(0x7f0000000140))
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r2, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:14:41 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:14:41 executing program 0:
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$SG_IO(r2, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x4, 0x0})
ioctl$SG_IO(r2, 0x2285, &(0x7f0000000780)={0x0, 0xfffffffffffffffd, 0x1c, 0x6c, @scatter={0x6, 0x0, &(0x7f0000000580)=[{&(0x7f0000000100)=""/145, 0x91}, {&(0x7f00000002c0)=""/133, 0x85}, {&(0x7f00000001c0)=""/15, 0xf}, {&(0x7f0000000380)=""/69, 0x45}, {&(0x7f0000000400)=""/146, 0x92}, {&(0x7f00000004c0)=""/182, 0xb6}]}, &(0x7f0000000600)="9261eb32bf36e9618770ee1f26b83ae4b2fe17c04b955335a085491f", &(0x7f0000000640)=""/251, 0x1, 0x2, 0x0, &(0x7f0000000740)})
r3 = fcntl$dupfd(r0, 0x0, r0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0x3, 0x77, 0x7, 0x24}, {0x200, 0x0, 0x7, 0x1}, {0x9, 0x7f, 0x81, 0x1000005}, {0x6, 0x25, 0x6, 0x800}]})
r5 = fcntl$dupfd(r0, 0x0, r4)
ioctl$SCSI_IOCTL_GET_PCI(r0, 0x5387, &(0x7f00000000c0))
ioctl$TIOCVHANGUP(r3, 0x5437, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0x404c534a, &(0x7f0000000200)={0x0, 0x0, 0x0, 'queue1\x00'})
04:14:41 executing program 6:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000001a0011cd00000000fdff0000000000000002"], 0x1c}}, 0x0)
04:14:41 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2202, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:14:41 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x8904, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:14:41 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1) (fail_nth: 2)
syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
04:14:41 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x4b, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
[ 2005.667993] FAULT_INJECTION: forcing a failure.
[ 2005.667993] name failslab, interval 1, probability 0, space 0, times 0
[ 2005.670784] CPU: 0 PID: 10122 Comm: syz-executor.2 Not tainted 5.10.232 #1
[ 2005.672384] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2005.674132] Call Trace:
[ 2005.674701] dump_stack+0x107/0x167
[ 2005.675492] should_fail.cold+0x5/0xa
[ 2005.676305] ? file_tty_write.constprop.0+0x707/0x910
[ 2005.677413] should_failslab+0x5/0x20
[ 2005.678226] __kmalloc+0x72/0x390
[ 2005.679096] ? mutex_trylock+0x237/0x2b0
[ 2005.680232] ? file_tty_write.constprop.0+0x29f/0x910
[ 2005.681485] file_tty_write.constprop.0+0x707/0x910
[ 2005.682627] ? n_tty_receive_char_lnext+0x6f0/0x6f0
[ 2005.683834] do_iter_readv_writev+0x476/0x750
[ 2005.684810] ? new_sync_write+0x660/0x660
[ 2005.685735] ? avc_policy_seqno+0x9/0x70
[ 2005.686620] ? selinux_file_permission+0x92/0x520
[ 2005.687671] ? security_file_permission+0xb1/0xe0
[ 2005.688715] do_iter_write+0x191/0x700
[ 2005.689585] ? import_iovec+0x83/0xb0
[ 2005.690411] vfs_writev+0x1ae/0x620
[ 2005.691207] ? vfs_iter_write+0xa0/0xa0
[ 2005.692084] ? __fget_files+0x2cf/0x520
[ 2005.692960] ? lock_downgrade+0x6d0/0x6d0
[ 2005.693873] ? find_held_lock+0x2c/0x110
[ 2005.694779] ? ksys_write+0x12d/0x260
[ 2005.695633] ? __fget_files+0x2f8/0x520
[ 2005.696530] ? __fget_light+0xea/0x290
[ 2005.697417] do_writev+0x139/0x300
[ 2005.698204] ? vfs_writev+0x620/0x620
[ 2005.699050] ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2005.700201] ? syscall_enter_from_user_mode+0x1d/0x50
[ 2005.701352] do_syscall_64+0x33/0x40
[ 2005.702173] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2005.703299] RIP: 0033:0x7f98d13d7b19
[ 2005.704118] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2005.708172] RSP: 002b:00007f98ce94d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2005.709893] RAX: ffffffffffffffda RBX: 00007f98d14eaf60 RCX: 00007f98d13d7b19
[ 2005.711491] RDX: 0000000000000001 RSI: 00000000200004c0 RDI: 0000000000000004
[ 2005.713082] RBP: 00007f98ce94d1d0 R08: 0000000000000000 R09: 0000000000000000
04:14:41 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
[ 2005.714669] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2005.716425] R13: 00007fff9809c20f R14: 00007f98ce94d300 R15: 0000000000022000
04:14:41 executing program 6:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000001a0011cd00000000fdff0000000000000002"], 0x1c}}, 0x0)
04:14:41 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2203, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:14:41 executing program 0:
r0 = perf_event_open(&(0x7f0000000480)={0x3, 0x80, 0xf8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_config_ext, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x0, 0x5, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, 0x0)
r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
fcntl$lock(r1, 0x6, &(0x7f0000000600)={0x1})
openat$cgroup_procs(0xffffffffffffffff, &(0x7f00000000c0)='tasks\x00', 0x2, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0)
kcmp$KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, 0x0)
ptrace$getregset(0x4204, 0x0, 0x0, 0x0)
fcntl$lock(0xffffffffffffffff, 0x0, &(0x7f00000002c0)={0x2, 0x0, 0x1, 0x3})
io_uring_register$IORING_REGISTER_FILES_UPDATE(r1, 0x6, &(0x7f0000000240)={0xdd, 0x0, &(0x7f0000000100)=[r0, r0, r0]}, 0x3)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'lo\x00'})
r3 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000000)=0x2)
io_setup(0x3e3, &(0x7f0000000580)=<r4=>0x0)
io_submit(r4, 0x2, &(0x7f0000000540)=[&(0x7f0000000080)={0x4004800, 0x500, 0x0, 0x0, 0x0, r3, 0x0}, 0x0])
ioctl$TIOCVHANGUP(r3, 0x5437, 0x0)
[ 2005.972458] serio: Serial port tty20
[ 2006.036792] serio: Serial port tty20
04:14:59 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1) (fail_nth: 3)
syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
04:14:59 executing program 0:
chmod(&(0x7f0000000000)='./file0\x00', 0x63)
04:14:59 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2205, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:14:59 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x8906, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:14:59 executing program 6:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000001a0011cd00000000fdff0000000000000002"], 0x1c}}, 0x0)
04:14:59 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:14:59 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
timer_create(0x0, &(0x7f0000000100)={0x0, 0x40, 0x2, @thr={&(0x7f00000000c0), &(0x7f00000001c0)="c9bc2cbd801b6f07110615e6d362dd4b040bd39ab2d77787c51fe854e35d0d11bb44b96324f589d77dfb9e9e2347509c11d5ea0af1d0317911f035734cc4084af1729e557bc25aaf4a9f8910181e58e7b5f10bff86d5bddc61a74776529cd3b65d8413d30b61c00a62fefb6ac468b73c5c6634c54b5e200b89502287776b81c79396d42eb3be1be0acc1e43abbc1aa09e83723d131e23c1e58e707deaa64a0d72fb9830babdbb2a74492416bb12bfde8f53a8c4796be0dbc5d9e96a1090cae62a57566d3"}}, &(0x7f0000000140)=<r4=>0x0)
timer_gettime(r4, &(0x7f00000002c0))
ioctl$SG_IO(r3, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x4, 0x0})
bind$bt_l2cap(r3, &(0x7f0000000080)={0x1f, 0xfffd, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
openat$hpet(0xffffffffffffff9c, &(0x7f00000000c0), 0x405400, 0x0)
04:14:59 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x4c, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
[ 2023.446501] FAULT_INJECTION: forcing a failure.
[ 2023.446501] name failslab, interval 1, probability 0, space 0, times 0
[ 2023.449564] CPU: 0 PID: 10161 Comm: syz-executor.2 Not tainted 5.10.232 #1
[ 2023.451328] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2023.453217] Call Trace:
[ 2023.453846] dump_stack+0x107/0x167
[ 2023.454705] should_fail.cold+0x5/0xa
[ 2023.455602] ? create_object.isra.0+0x3a/0xa20
[ 2023.456667] should_failslab+0x5/0x20
[ 2023.457547] kmem_cache_alloc+0x5b/0x310
[ 2023.458529] create_object.isra.0+0x3a/0xa20
[ 2023.459538] ? __kasan_kmalloc.constprop.0+0xc9/0xd0
[ 2023.460705] __kmalloc+0x16e/0x390
[ 2023.461513] ? mutex_trylock+0x237/0x2b0
[ 2023.462454] file_tty_write.constprop.0+0x707/0x910
[ 2023.463586] ? n_tty_receive_char_lnext+0x6f0/0x6f0
[ 2023.464743] do_iter_readv_writev+0x476/0x750
[ 2023.465769] ? new_sync_write+0x660/0x660
[ 2023.466713] ? avc_policy_seqno+0x9/0x70
[ 2023.467637] ? selinux_file_permission+0x92/0x520
[ 2023.468737] ? security_file_permission+0xb1/0xe0
[ 2023.469861] do_iter_write+0x191/0x700
[ 2023.470762] ? import_iovec+0x83/0xb0
[ 2023.471641] vfs_writev+0x1ae/0x620
[ 2023.472477] ? vfs_iter_write+0xa0/0xa0
[ 2023.473375] ? __fget_files+0x2cf/0x520
[ 2023.474292] ? lock_downgrade+0x6d0/0x6d0
[ 2023.475224] ? find_held_lock+0x2c/0x110
[ 2023.476157] ? ksys_write+0x12d/0x260
[ 2023.477034] ? __fget_files+0x2f8/0x520
[ 2023.477980] ? __fget_light+0xea/0x290
[ 2023.478875] do_writev+0x139/0x300
[ 2023.479684] ? vfs_writev+0x620/0x620
[ 2023.480559] ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2023.481745] ? syscall_enter_from_user_mode+0x1d/0x50
[ 2023.482929] do_syscall_64+0x33/0x40
[ 2023.483777] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2023.485081] RIP: 0033:0x7f98d13d7b19
[ 2023.485934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2023.490073] RSP: 002b:00007f98ce94d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2023.491790] RAX: ffffffffffffffda RBX: 00007f98d14eaf60 RCX: 00007f98d13d7b19
[ 2023.493412] RDX: 0000000000000001 RSI: 00000000200004c0 RDI: 0000000000000004
[ 2023.495031] RBP: 00007f98ce94d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2023.496646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2023.498266] R13: 00007fff9809c20f R14: 00007f98ce94d300 R15: 0000000000022000
04:14:59 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x802c2, 0x0)
openat(r0, &(0x7f0000000080)='./file0\x00', 0x40000, 0x10)
r1 = creat(&(0x7f0000000100)='./file1\x00', 0x100)
r2 = open(&(0x7f0000000040)='./file0\x00', 0x1810c1, 0x0)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000200)="af", 0x1}], 0x1)
clone3(&(0x7f0000001380)={0x2002000, &(0x7f0000000140)=<r3=>0xffffffffffffffff, &(0x7f0000000180), &(0x7f00000001c0), {0x34}, &(0x7f0000000240)=""/251, 0xfb, &(0x7f0000000340)=""/4096, &(0x7f0000001340)=[0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xffffffffffffffff], 0x6, {r1}}, 0x58)
ioctl$TIOCGSID(r2, 0x5429, &(0x7f0000001400)=<r4=>0x0)
fcntl$lock(r3, 0x7, &(0x7f0000001440)={0x0, 0x1, 0x0, 0x2, r4})
r5 = creat(&(0x7f0000000040)='./file0\x00', 0x80)
fallocate(r5, 0x0, 0x0, 0x8000)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000040)={0x0, r2, 0x0, 0x0, 0xffffffff})
04:14:59 executing program 3:
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'team0\x00', <r0=>0x0})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000300)={'syztnl1\x00', &(0x7f0000000200)={'ip6_vti0\x00', <r1=>r0, 0x2b, 0xab, 0x81, 0x4, 0x1, @remote, @private0={0xfc, 0x0, '\x00', 0x1}, 0x700, 0x1, 0x2ad, 0x7ff}})
r2 = gettid()
timer_create(0x2, &(0x7f0000000080)={0x0, 0x32, 0x1, @tid=r2}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r3, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
r4 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$SG_IO(r5, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x4, 0x0})
bind$bt_l2cap(r5, &(0x7f00000002c0)={0x1f, 0x1b, @none, 0x3}, 0xe)
ioctl$sock_SIOCGPGRP(r3, 0x8904, &(0x7f0000000440)=<r6=>0x0)
timer_create(0x3, &(0x7f0000000480)={0x0, 0xd, 0x1, @tid=r6}, &(0x7f00000004c0))
ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, &(0x7f0000000280)={'syztnl1\x00', &(0x7f00000000c0)={'syztnl1\x00', r1, 0x29, 0xf, 0x7, 0x5, 0x0, @mcast2, @private2={0xfc, 0x2, '\x00', 0x1}, 0x700, 0x80, 0x3, 0x10000}})
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r5, 0xc0189373, &(0x7f0000000500)=ANY=[@ANYBLOB="0100992b086bf82b64944e88c695cb8e64d4", @ANYRES32=<r7=>r4, @ANYBLOB="82ca0000000000002e2f66696c653000"])
setsockopt$IP_VS_SO_SET_ADDDEST(r7, 0x0, 0x487, &(0x7f0000000340)={{0x52, @rand_addr=0x64010102, 0x4e20, 0x1, 'dh\x00', 0x12, 0x400, 0x5f}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4e24, 0x1, 0x2, 0x800, 0x80000000}}, 0x44)
connect$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:14:59 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x4d, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:14:59 executing program 6:
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000001a0011cd00000000fdff0000000000000002"], 0x1c}}, 0x0)
04:14:59 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2270, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:14:59 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a400", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:14:59 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x8907, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:14:59 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1) (fail_nth: 4)
syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
[ 2023.892454] FAULT_INJECTION: forcing a failure.
[ 2023.892454] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2023.895162] CPU: 0 PID: 10192 Comm: syz-executor.2 Not tainted 5.10.232 #1
[ 2023.896751] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2023.898634] Call Trace:
[ 2023.899251] dump_stack+0x107/0x167
[ 2023.900108] should_fail.cold+0x5/0xa
[ 2023.901004] _copy_from_iter+0x202/0xe80
[ 2023.901964] ? __virt_addr_valid+0x170/0x5d0
[ 2023.902980] ? __check_object_size+0x319/0x440
[ 2023.904047] file_tty_write.constprop.0+0x4d5/0x910
[ 2023.905208] ? n_tty_receive_char_lnext+0x6f0/0x6f0
[ 2023.906367] do_iter_readv_writev+0x476/0x750
[ 2023.907385] ? new_sync_write+0x660/0x660
[ 2023.908311] ? avc_policy_seqno+0x9/0x70
[ 2023.909241] ? selinux_file_permission+0x92/0x520
[ 2023.910363] ? security_file_permission+0xb1/0xe0
[ 2023.911497] do_iter_write+0x191/0x700
[ 2023.912394] ? import_iovec+0x83/0xb0
[ 2023.913268] vfs_writev+0x1ae/0x620
[ 2023.914113] ? vfs_iter_write+0xa0/0xa0
[ 2023.915013] ? __fget_files+0x2cf/0x520
[ 2023.915919] ? lock_downgrade+0x6d0/0x6d0
[ 2023.916862] ? trace_hardirqs_on+0x5b/0x180
[ 2023.917871] ? __fget_files+0x2f8/0x520
[ 2023.918803] ? __fget_light+0xea/0x290
[ 2023.919727] do_writev+0x139/0x300
[ 2023.920564] ? vfs_writev+0x620/0x620
[ 2023.921462] ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2023.922685] ? syscall_enter_from_user_mode+0x1d/0x50
[ 2023.923890] do_syscall_64+0x33/0x40
[ 2023.924758] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2023.925947] RIP: 0033:0x7f98d13d7b19
[ 2023.926809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2023.931047] RSP: 002b:00007f98ce94d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2023.932805] RAX: ffffffffffffffda RBX: 00007f98d14eaf60 RCX: 00007f98d13d7b19
[ 2023.934470] RDX: 0000000000000001 RSI: 00000000200004c0 RDI: 0000000000000004
[ 2023.936123] RBP: 00007f98ce94d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2023.937770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2023.939425] R13: 00007fff9809c20f R14: 00007f98ce94d300 R15: 0000000000022000
04:14:59 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2271, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:14:59 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x4e, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:14:59 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a400", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:15:14 executing program 6:
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000001a0011cd00000000fdff0000000000000002"], 0x1c}}, 0x0)
04:15:14 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040))
r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x109)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000340)={<r3=>0x0}, &(0x7f0000000380)=0xc)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setresuid(0x0, 0x0, r4)
sendmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@cred={{0x1c, 0x1, 0x2, {r3, r4}}}], 0x20}, 0x0)
clone3(&(0x7f0000001e00)={0x21240400, &(0x7f00000001c0), &(0x7f0000001bc0), &(0x7f0000001b80), {0x1b}, &(0x7f0000001f00)=""/149, 0x95, &(0x7f0000001d00)=""/170, &(0x7f0000001dc0)=[0x0, r3, 0xffffffffffffffff], 0x53}, 0x58)
mq_notify(r1, &(0x7f0000000100)={0x0, 0x2e, 0x0, @tid=r3})
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r5, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r5, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
04:15:14 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a400", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:15:14 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890c, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
04:15:14 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2272, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:15:14 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x4f, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:15:14 executing program 2:
timer_create(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x103002, 0x0)
writev(r0, &(0x7f00000004c0)=[{&(0x7f0000000080)="88", 0x1}], 0x1) (fail_nth: 5)
syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
connect$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
04:15:14 executing program 0:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0)
timer_delete(0x0)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x54600, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext={0x800}, 0xd00, 0x0, 0x0, 0x8, 0x0, 0x24c0, 0x0, 0x0, 0xfffffffc}, 0x0, 0x8, 0xffffffffffffffff, 0x0)
capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0)
r1 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0)
ioctl$DVD_READ_STRUCT(r1, 0x5327, &(0x7f0000000440)=@disckey={0x2, 0x0, "82ada47325d97f4913eab67f45f8051b13c07023b811c48ee40657e81cfe62cb92e604e9bcd55086db0a1a2e7095bad10c02b2cc36a07c6373d96b8e942b81021f372d7c9361f3aeb0d5dc6b6451d1bb8fcea706d4a74088b40178f4057a239ac0502a37c2376962cda551df057a61c78a2fd44cb5fd30c40f247d680857a97031e4885cc086f74ffa1e55144d240dde2fbd35e099a6b3761f1cc4e577676efe5f13094991f1ea1d6dcc219f56815a02e3e6427dba1d7cd5ed838575f3e98f353699c52cc4fdd515f4224df8d49d5f67be0a6a7d3b83722e9449133c82b886f742588119d0dc3fe6d69466a03f95d342e31699a6157f9d51e1b9c6542d6c5d60f41aee52512f20b99eae0b38067b9902654f02a0606860ff744f2ccdd5a0ca7c4e231cb65bd4445f4f69cb5bda24a729cfa93270cac3903fff4f77b1cf85cfd044025f61568580c07745860dba20f80d92af0b8f0409c6c9886e12488c56d5411aa0f5e8f6d4c3c14b73afa6934d3ae019bfcebcbf7e293cb79a7dcb588795d496ad2f6cd0a8209904e2ec46d5401f87369780d40be7c370d44da03687716be6dda73c62eeefe6cbe5e381b9716ae6d3ee1af560151b8d341a5f1b8685fca41957a99889eb0f3bd0f7de0ffea71e32a11d703c4783c64c5371034149005de778560f257aca78ec573686447facb7ec185b860be18e41944d1490306df1c953c0a3ffc975b090f219da1084c908907918226cf134faad8a5defe3aa3825df1b24f31275a98d23862b167ab8dc2f2435a284cad8a20e7673d783ad860c3ce5b4fdcf938e12df69c6de088dfe3e98a8270ec8aeb74b0188a8fe22cf6715142bf57aba362230698353dab43eee58419272e8028ac3aefaba63a7c8a25ccba5f519cdc61da88a910f040547d2c9ed601259a1d748d295cf51eaf1ece671807207423ebe64141336ff957445b1b90588582cfab585ae10092e789acd5ed886349404a6241851b8977e7e5ad96c3e2001e7c32f482cf64d871cd44af474471856518f6486a5ccfdcd7a164771c7188e6e0e3b17358befbe217eef0b73fa6cbbe61bb64b2c64d09dd3795e0119353086ef4bcc36abe57d83932c66df9d608678b297c5b0b1e899b532d0c37e7f3cdc7fd68446da2f5d90b02c00511a7429b73b95b51b78fb06e3a97f4e5c4a6bea4ec5a10f279814693aa4917dbba798cee12cabf6091c29b701097b224146ac2e076e90ad2e5acabdd78399ca83c829e00bc4f90b0ec00b1e411e823e1ab31193fe37ef4d1fe977f98e724e224f0354be8398722fe39da436aad0ea8cd70000007c2ba06a63d5edcaf3181dfcc91ee258f9455b5d9a479aaa6da4e5cdf0c40e7c056bd46f741d65f2d51136c0bb35f5573797a896bb5add7798c6f6a7b5d82de1bb1c5976d8c6fb067ad7e590ebea9412fe9f00d9f418be72edddae0749d5eff4b3dd25ccefa46522c5e5b960ad796035bcb582946424e0446f6992cefc5ebdac5f2e97e539e220ee2f1c7c7f233582c186dcddbdfc9ce954d85a29195788a3b8a964f281ce77ff06e771ea139b71da9b583f8ff4d4cb97dddfea34839695b81d97eabc250e2c891aecfbb60580312a57662d4eabd2226c406665a61ff59942e2bd3be82fae938be4c04f95f5159e6098dc1400579153fd1c419a3eac4c5b82ac58928a2f52410e915796e51e0b10fb5d9c70d67d5cd0b03ad8cd459cd15e58675f4875b9676b48aa61ed3c3b3b0e7d67203bc50207be4498aa013892a357dda413013c28479e612d739cb4972a0f19b0d77a04319b4d1786f82dd4a99e6d82f70c27a21733c77be8722a7313bcb7da5c6437bb87e59f56bd9c46c3ad50d691f6856719f1d305c5b57fea18d43228d813f9d91825ca830d748f80a9ccfadccfa4baeb4914b4a60b22478a5b2b7fb1156072179b6233f53e964a8182d6c01422d01ecc7983006d06d63cb19486017ffdf19265f83a6ac3fa1d52f003a7a9996e8e3f9ef23f8188ae5e414a443c5f58b7aa9deb97bc9925727fa9124ab667634d64fdcf9ad9375e5ab09f3e85f0b0dbe39395271f38005d6894aa45e68e51ba137ddba579fb864d65a337f881d6b434ca81cc89703f1ac18b56b7c88e9fdcc94d27c73120841522c4c90298d671a2611e2836ada099e789959372e392746e540b1268c5fdebb19339334f57e647d90691c9111d206db0de1d36fe5458a0a024e89d889e3a3f46d28e221e2c58ed45c502c5d08d837d5aa7fa3a50cedf3193a416b6c10123ed14bf36eb9a5c6f4d321ca1b55d1b98c275ea63c0a4dcef800bc3217ef34114f920e0556d2d30ba65f6ae443e4c9eefae05c1f4e2b3faae316f5658571aabbd80db226c5f10d3bf7ba6af81e0795239631a1de0eded351e10d43c38a1df20822d75b6bd5c3ccf21773f8250491b024fcb038ec487fe4b11a75df141483ab51db87be21aa37dd9f37a19367b6313d0bb175c1eeca0c0dc437053ba40385de089c7d06dbfa89851073aeb384bfa805abc50d756305520987ef57db25d7bc4a7841df5b83acf6b40292f46cdad7371b03ab7521cdce4953c932283e784f8ea4ce223746e23b6e100000080f7018db08ada6387e434bb95bae0ef1855dfb39c4b92b418a8bf81327da288cf01270ec2e9a33a21dc3a1f5dc4d0830aeaf7fe1a95d61fa81440205dea9f9cd0e25518035a5a06cc25a60aec547a79eee39941d6df6485aba011e8cdcccee0594769513133d18803e997fc543bcbc267ee0a253f287849619ec2e99daab97a83b622b44c08debfa5e18b62526f15958550390965013992d113275ae2d4ad32ef877b75006d9480809c1400"})
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f0000000280)=@v2={0x2, @aes128, 0x0, '\x00', @d})
write$hidraw(r1, &(0x7f0000000240), 0x0)
timer_create(0x7, &(0x7f0000000180)={0x0, 0x37, 0x1, @thr={&(0x7f0000000240)="6da7b92f9e8fbd41cd4f564e691f378132", &(0x7f0000000d80)="fb9b367de0a707712438c98f35b52b6bb55ab4df74510f653ec2ae47b27016af00f9a91e8882cb953b8382b8b0890b4bed3333fabae3daf019a2d074d24da371b1042f05000000000000002b897165ccd7afea48e680ba91c1bf0017eee18fc6ce88daf6cd4dd47e5c5b67dde21b31ec50282a9f27c0b1475085cf02cc4dae1d892ae4465985de7aa916227382e6373c0cf68bdef6b3ac34560933ddc5493e999099a70d57dba40e26850772eb95b2671cf9071fc3e32ee62a501057fad261f6202f6df0598bd3b4e44e0046344c6a11ff381a"}}, &(0x7f00000002c0))
timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=<r2=>0x0)
ioctl$CDROMSEEK(0xffffffffffffffff, 0x5316, &(0x7f0000000140)={0x81, 0x2, 0x1c, 0xff, 0x8})
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0)
timer_settime(r2, 0x0, &(0x7f0000000480), 0x0)
socket$netlink(0x10, 0x3, 0x0)
read(0xffffffffffffffff, &(0x7f0000000080)=""/65, 0x41)
timer_gettime(r2, &(0x7f0000000080))
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000c80)=ANY=[@ANYBLOB="010600000900000000000000758e99e8c58ac13a548deab865aecfe823e8d5545b6cf57aa85897db1b3350b8ed2547496c1442547a5d2ecd5d80bbb6b4f5acd6d7d2ca93a6e6d152aec8bd05c6981c5b", @ANYRES32=r0, @ANYRES32, @ANYBLOB="8859858e4b39ef61e3d75843b63b00bc0b3121a2d3cc0b63c07297580e4fa94cc832622a3f65c2afc08a04220435ee633791c9129bff7ac90ce5e0d979670c713a9d343c4efaa6fa2df5202cf91e67b6d00f773ab9565dbfe65e46735af248b5e4cdd53faa6354a3d669bc1f2c5d8d75fb49035be59e8f1fb3a5cd05ab2e92a35f809ff9605ae44f3313c38eb2fd9b82485495f1bb68cb4faf84736ea56e32d3"])
clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58)
[ 2039.260455] FAULT_INJECTION: forcing a failure.
[ 2039.260455] name failslab, interval 1, probability 0, space 0, times 0
[ 2039.263247] CPU: 0 PID: 10222 Comm: syz-executor.2 Not tainted 5.10.232 #1
[ 2039.264034] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2039.264978] Call Trace:
[ 2039.265280] dump_stack+0x107/0x167
[ 2039.265699] should_fail.cold+0x5/0xa
[ 2039.266145] ? tty_buffer_alloc+0x243/0x2b0
[ 2039.266666] should_failslab+0x5/0x20
[ 2039.267105] __kmalloc+0x72/0x390
[ 2039.267515] tty_buffer_alloc+0x243/0x2b0
[ 2039.267999] __tty_buffer_request_room+0x156/0x2a0
[ 2039.268568] tty_insert_flip_string_fixed_flag+0x91/0x250
[ 2039.269205] ? n_tty_write+0x1eb/0xfe0
[ 2039.269665] tty_insert_flip_string_and_push_buffer+0x3e/0x160
[ 2039.270371] pty_write+0xe6/0x110
[ 2039.270790] n_tty_write+0xa86/0xfe0
[ 2039.271247] ? n_tty_receive_char_lnext+0x6f0/0x6f0
[ 2039.271820] ? _copy_from_iter+0x37b/0xe80
[ 2039.272313] ? prepare_to_wait_exclusive+0x2a0/0x2a0
[ 2039.272902] ? __virt_addr_valid+0x170/0x5d0
[ 2039.273411] ? __check_object_size+0x319/0x440
[ 2039.273945] file_tty_write.constprop.0+0x529/0x910
[ 2039.274545] ? n_tty_receive_char_lnext+0x6f0/0x6f0
[ 2039.275129] do_iter_readv_writev+0x476/0x750
[ 2039.275653] ? new_sync_write+0x660/0x660
[ 2039.276132] ? avc_policy_seqno+0x9/0x70
[ 2039.276604] ? selinux_file_permission+0x92/0x520
[ 2039.277180] ? security_file_permission+0xb1/0xe0
[ 2039.277749] do_iter_write+0x191/0x700
[ 2039.278206] ? import_iovec+0x83/0xb0
[ 2039.278671] vfs_writev+0x1ae/0x620
[ 2039.279098] ? vfs_iter_write+0xa0/0xa0
[ 2039.279572] ? __fget_files+0x2cf/0x520
[ 2039.280040] ? lock_downgrade+0x6d0/0x6d0
[ 2039.280675] ? find_held_lock+0x2c/0x110
[ 2039.281198] ? ksys_write+0x12d/0x260
[ 2039.281644] ? __fget_files+0x2f8/0x520
[ 2039.282119] ? __fget_light+0xea/0x290
[ 2039.282613] do_writev+0x139/0x300
[ 2039.283027] ? vfs_writev+0x620/0x620
[ 2039.283473] ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2039.284086] ? syscall_enter_from_user_mode+0x1d/0x50
[ 2039.284686] do_syscall_64+0x33/0x40
[ 2039.285123] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2039.285721] RIP: 0033:0x7f98d13d7b19
[ 2039.286148] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2039.288273] RSP: 002b:00007f98ce94d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2039.289150] RAX: ffffffffffffffda RBX: 00007f98d14eaf60 RCX: 00007f98d13d7b19
[ 2039.289981] RDX: 0000000000000001 RSI: 00000000200004c0 RDI: 0000000000000004
[ 2039.290836] RBP: 00007f98ce94d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2039.291654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2039.292484] R13: 00007fff9809c20f R14: 00007f98ce94d300 R15: 0000000000022000
[ 2039.293357]
[ 2039.293362] ======================================================
[ 2039.293367] WARNING: possible circular locking dependency detected
[ 2039.293370] 5.10.232 #1 Not tainted
[ 2039.293375] ------------------------------------------------------
[ 2039.293380] syz-executor.2/10222 is trying to acquire lock:
[ 2039.293384] ffffffff84f0dca0 (console_owner){-.-.}-{0:0}, at: console_unlock+0x2e1/0xb40
[ 2039.293397]
[ 2039.293401] but task is already holding lock:
[ 2039.293404] ffff88801ab57958 (&port->lock){-.-.}-{2:2}, at: tty_insert_flip_string_and_push_buffer+0x2b/0x160
[ 2039.293418]
[ 2039.293422] which lock already depends on the new lock.
[ 2039.293424]
[ 2039.293427]
[ 2039.293431] the existing dependency chain (in reverse order) is:
[ 2039.293433]
[ 2039.293436] -> #2 (&port->lock){-.-.}-{2:2}:
[ 2039.293449] _raw_spin_lock_irqsave+0x36/0x60
[ 2039.293452] tty_port_tty_get+0x1f/0x100
[ 2039.293456] tty_port_default_wakeup+0x11/0x40
[ 2039.293460] serial8250_tx_chars+0x51f/0xb00
[ 2039.293464] serial8250_start_tx+0x695/0xa60
[ 2039.293468] __uart_start.isra.0+0x17c/0x1c0
[ 2039.293471] uart_write+0x2f2/0x580
[ 2039.293475] do_output_char+0x5e8/0x870
[ 2039.293478] n_tty_write+0x4c9/0xfe0
[ 2039.293483] file_tty_write.constprop.0+0x529/0x910
[ 2039.293487] redirected_tty_write+0xa5/0xd0
[ 2039.293490] do_iter_readv_writev+0x476/0x750
[ 2039.293494] do_iter_write+0x191/0x700
[ 2039.293498] vfs_writev+0x1ae/0x620
[ 2039.293501] do_writev+0x139/0x300
[ 2039.293504] do_syscall_64+0x33/0x40
[ 2039.293509] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2039.293511]
[ 2039.293513] -> #1 (&port_lock_key){-.-.}-{2:2}:
[ 2039.293527] _raw_spin_lock_irqsave+0x36/0x60
[ 2039.293531] serial8250_console_write+0x9f5/0xc60
[ 2039.293534] console_unlock+0x82a/0xb40
[ 2039.293538] register_console+0x40c/0x850
[ 2039.293542] univ8250_console_init+0x3a/0x4a
[ 2039.293546] console_init+0x24c/0x356
[ 2039.293549] start_kernel+0x2e6/0x489
[ 2039.293554] secondary_startup_64_no_verify+0xbe/0xcb
[ 2039.293556]
[ 2039.293558] -> #0 (console_owner){-.-.}-{0:0}:
[ 2039.293571] __lock_acquire+0x29e7/0x5b00
[ 2039.293575] lock_acquire+0x197/0x470
[ 2039.293578] console_unlock+0x360/0xb40
[ 2039.293582] vprintk_emit+0x1de/0x4e0
[ 2039.293586] vprintk_func+0x8b/0x140
[ 2039.293589] printk+0xba/0xf1
[ 2039.293592] should_fail+0x47a/0x5a0
[ 2039.293596] should_failslab+0x5/0x20
[ 2039.293599] __kmalloc+0x72/0x390
[ 2039.293603] tty_buffer_alloc+0x243/0x2b0
[ 2039.293607] __tty_buffer_request_room+0x156/0x2a0
[ 2039.293612] tty_insert_flip_string_fixed_flag+0x91/0x250
[ 2039.293617] tty_insert_flip_string_and_push_buffer+0x3e/0x160
[ 2039.293620] pty_write+0xe6/0x110
[ 2039.293624] n_tty_write+0xa86/0xfe0
[ 2039.293628] file_tty_write.constprop.0+0x529/0x910
[ 2039.293631] do_iter_readv_writev+0x476/0x750
[ 2039.293635] do_iter_write+0x191/0x700
[ 2039.293638] vfs_writev+0x1ae/0x620
[ 2039.293641] do_writev+0x139/0x300
[ 2039.293645] do_syscall_64+0x33/0x40
[ 2039.293649] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2039.293651]
[ 2039.293655] other info that might help us debug this:
[ 2039.293657]
[ 2039.293660] Chain exists of:
[ 2039.293662] console_owner --> &port_lock_key --> &port->lock
[ 2039.293678]
[ 2039.293682] Possible unsafe locking scenario:
[ 2039.293684]
[ 2039.293688] CPU0 CPU1
[ 2039.293691] ---- ----
[ 2039.293694] lock(&port->lock);
[ 2039.293702] lock(&port_lock_key);
[ 2039.293711] lock(&port->lock);
[ 2039.293718] lock(console_owner);
[ 2039.293725]
[ 2039.293727] *** DEADLOCK ***
[ 2039.293729]
[ 2039.293733] 6 locks held by syz-executor.2/10222:
[ 2039.293736] #0: ffff88801aafe098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x22/0x90
[ 2039.293752] #1: ffff88801aafe130 (&tty->atomic_write_lock){+.+.}-{3:3}, at: file_tty_write.constprop.0+0x29f/0x910
[ 2039.293769] #2: ffff88801aafe2e8 (&tty->termios_rwsem){++++}-{3:3}, at: n_tty_write+0x1bf/0xfe0
[ 2039.293785] #3: ffffc90011e2d378 (&ldata->output_lock){+.+.}-{3:3}, at: n_tty_write+0xa4d/0xfe0
[ 2039.293801] #4: ffff88801ab57958 (&port->lock){-.-.}-{2:2}, at: tty_insert_flip_string_and_push_buffer+0x2b/0x160
[ 2039.293818] #5: ffffffff84fee020 (console_lock){+.+.}-{0:0}, at: vprintk_func+0x8b/0x140
[ 2039.293833]
[ 2039.293836] stack backtrace:
[ 2039.293841] CPU: 0 PID: 10222 Comm: syz-executor.2 Not tainted 5.10.232 #1
[ 2039.293847] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014
[ 2039.293849] Call Trace:
[ 2039.293852] dump_stack+0x107/0x167
[ 2039.293856] check_noncircular+0x263/0x2e0
[ 2039.293860] ? stack_trace_consume_entry+0x160/0x160
[ 2039.293864] ? print_circular_bug+0x470/0x470
[ 2039.293867] ? memcpy+0x39/0x60
[ 2039.293871] ? alloc_chain_hlocks+0x342/0x5a0
[ 2039.293874] __lock_acquire+0x29e7/0x5b00
[ 2039.293878] ? lockdep_hardirqs_on_prepare+0x3e0/0x3e0
[ 2039.293882] ? SOFTIRQ_verbose+0x10/0x10
[ 2039.293885] ? __lockdep_reset_lock+0x180/0x180
[ 2039.293889] lock_acquire+0x197/0x470
[ 2039.293892] ? console_unlock+0x2e1/0xb40
[ 2039.293896] ? lock_release+0x680/0x680
[ 2039.293899] ? lock_downgrade+0x6d0/0x6d0
[ 2039.293903] ? do_raw_spin_lock+0x121/0x260
[ 2039.293906] ? rwlock_bug.part.0+0x90/0x90
[ 2039.293910] console_unlock+0x360/0xb40
[ 2039.293913] ? console_unlock+0x2e1/0xb40
[ 2039.293917] ? devkmsg_read+0x730/0x730
[ 2039.293920] ? lock_release+0x680/0x680
[ 2039.293924] ? do_raw_spin_unlock+0x4f/0x220
[ 2039.293927] ? vprintk_func+0x8b/0x140
[ 2039.293931] vprintk_emit+0x1de/0x4e0
[ 2039.293934] vprintk_func+0x8b/0x140
[ 2039.293936] printk+0xba/0xf1
[ 2039.293940] ? record_print_text.cold+0x16/0x16
[ 2039.293943] should_fail+0x47a/0x5a0
[ 2039.293946] ? tty_buffer_alloc+0x243/0x2b0
[ 2039.293950] should_failslab+0x5/0x20
[ 2039.293953] __kmalloc+0x72/0x390
[ 2039.293956] tty_buffer_alloc+0x243/0x2b0
[ 2039.293960] __tty_buffer_request_room+0x156/0x2a0
[ 2039.293964] tty_insert_flip_string_fixed_flag+0x91/0x250
[ 2039.293968] ? n_tty_write+0x1eb/0xfe0
[ 2039.293972] tty_insert_flip_string_and_push_buffer+0x3e/0x160
[ 2039.293975] pty_write+0xe6/0x110
[ 2039.293978] n_tty_write+0xa86/0xfe0
[ 2039.293982] ? n_tty_receive_char_lnext+0x6f0/0x6f0
[ 2039.293985] ? _copy_from_iter+0x37b/0xe80
[ 2039.293989] ? prepare_to_wait_exclusive+0x2a0/0x2a0
[ 2039.293993] ? __virt_addr_valid+0x170/0x5d0
[ 2039.293996] ? __check_object_size+0x319/0x440
[ 2039.294000] file_tty_write.constprop.0+0x529/0x910
[ 2039.294004] ? n_tty_receive_char_lnext+0x6f0/0x6f0
[ 2039.294008] do_iter_readv_writev+0x476/0x750
[ 2039.294011] ? new_sync_write+0x660/0x660
[ 2039.294015] ? avc_policy_seqno+0x9/0x70
[ 2039.294018] ? selinux_file_permission+0x92/0x520
[ 2039.294022] ? security_file_permission+0xb1/0xe0
[ 2039.294026] do_iter_write+0x191/0x700
[ 2039.294029] ? import_iovec+0x83/0xb0
[ 2039.294032] vfs_writev+0x1ae/0x620
[ 2039.294035] ? vfs_iter_write+0xa0/0xa0
[ 2039.294039] ? __fget_files+0x2cf/0x520
[ 2039.294042] ? lock_downgrade+0x6d0/0x6d0
[ 2039.294046] ? find_held_lock+0x2c/0x110
[ 2039.294049] ? ksys_write+0x12d/0x260
[ 2039.294052] ? __fget_files+0x2f8/0x520
[ 2039.294056] ? __fget_light+0xea/0x290
[ 2039.294059] do_writev+0x139/0x300
[ 2039.294062] ? vfs_writev+0x620/0x620
[ 2039.294066] ? lockdep_hardirqs_on_prepare+0x277/0x3e0
[ 2039.294070] ? syscall_enter_from_user_mode+0x1d/0x50
[ 2039.294073] do_syscall_64+0x33/0x40
[ 2039.294077] entry_SYSCALL_64_after_hwframe+0x67/0xd1
[ 2039.294081] RIP: 0033:0x7f98d13d7b19
[ 2039.294091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
[ 2039.294096] RSP: 002b:00007f98ce94d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 2039.294104] RAX: ffffffffffffffda RBX: 00007f98d14eaf60 RCX: 00007f98d13d7b19
[ 2039.294109] RDX: 0000000000000001 RSI: 00000000200004c0 RDI: 0000000000000004
[ 2039.294114] RBP: 00007f98ce94d1d0 R08: 0000000000000000 R09: 0000000000000000
[ 2039.294119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2039.294124] R13: 00007fff9809c20f R14: 00007f98ce94d300 R15: 0000000000022000
04:15:15 executing program 6:
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000000)=0x5, 0xff4d)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000001a0011cd00000000fdff0000000000000002"], 0x1c}}, 0x0)
04:15:15 executing program 4:
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xa)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001700)={0x68, 0x0, 0x1, 0x3, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @broadcast}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev}, {0x8, 0x2, @multicast1}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x68}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_generic(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000002c0)={0x1c, 0x20, 0xc21, 0x0, 0x0, {0x2}, [@generic="0000af0180"]}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="a40000", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fcdbdf251d00238008001a0002000000080017000300000006001b0080000000060400000008001a000300000005000e0003000000082003005988cd64f7de11468d4eb9d9", @ANYRES32=r2, @ANYBLOB="0c009900060000001b0000000c009900b708000079"], 0xa4}, 0x1, 0x0, 0x0, 0x10000015}, 0x8000)
sendmsg$IEEE802154_LLSEC_ADD_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x78, 0x0, 0x200, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "eed6d459c02ca459b7368c5943a3bf7104ae83a115359fcb90e9761aeae3a712"}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0xee}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_LLSEC_KEY_BYTES={0x14, 0x30, "62e65d3f37af0f30bf192cde166e2ffb"}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_FRAME_TYPES={0x5, 0x31, 0x3}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0002}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004004}, 0x4000080)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x14, 0x2, 0x1, 0x101}, 0x14}}, 0x0)
04:15:15 executing program 7:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
request_key(&(0x7f0000000580)='asymmetric\x00', 0x0, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f00000003c0)={0x53, 0x0, 0x6, 0x0, @buffer={0x50, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:15:15 executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0xb, 0x4, @tid=r0}, &(0x7f0000000040)=<r1=>0x0)
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
timer_settime(r1, 0x1, &(0x7f0000000c40)={{0x0, 0x989680}, {0x77359400}}, &(0x7f0000000c80))
timer_create(0x7, &(0x7f0000000d80)={0x0, 0x2b, 0x4, @thr={&(0x7f0000000cc0)="4d4cca91331575b87cb1354b3ea27ed8f61aa957bf9cc1c9a91b9543b0024a172f7753977b6c1fb17c51b4fc1decb851e7b48d5b00548520b675cf73f897550df53d18a82170646a7277da5fd3581604633eb91f3672c25daf99db24119f699508b590de", &(0x7f0000000d40)="f58b1f1b6135678c3bf81ca220cf6ee88e50d4dd9800c7297fd3929be567ad512e5cf926cd79b0a751f9256537"}}, &(0x7f0000000dc0))
bind$bt_l2cap(r2, &(0x7f0000000080)={0x1f, 0x0, @any, 0xfffb}, 0xe)
connect$bt_l2cap(r2, &(0x7f0000000000)={0x1f, 0x0, @fixed, 0x3}, 0xe)
r3 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x2285, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x4, 0x0})
r5 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
fcntl$dupfd(r5, 0x0, r5)
kcmp(r0, r0, 0x0, r4, r5)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000340), &(0x7f0000000380)=0xc)
stat(&(0x7f00000001c0)='.\x00', &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, <r7=>0x0})
setresuid(0x0, 0x0, r7)
sendmsg$unix(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0), 0x0, 0x8820}, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f00000000c0), &(0x7f0000000100)=0xc)
04:15:15 executing program 5:
perf_event_open(&(0x7f0000001d80)={0x2, 0x80, 0x13, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2275, &(0x7f00000003c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x300, 0xae, &(0x7f0000000580)=""/174}, &(0x7f0000000040)="4feb7dc9066b", 0x0, 0x0, 0x0, 0x0, 0x0})
04:15:15 executing program 0:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_usb_connect$cdc_ecm(0x0, 0x4d, 0x0, 0x0)
timer_delete(0x0)
r0 = perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x54600, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_config_ext={0x800}, 0xd00, 0x0, 0x0, 0x8, 0x0, 0x24c0, 0x0, 0x0, 0xfffffffc}, 0x0, 0x8, 0xffffffffffffffff, 0x0)
capset(&(0x7f0000000000)={0xc92bfb053a14a5a}, 0x0)
r1 = openat$sr(0xffffffffffffff9c, &(0x7f00000035c0), 0xe8b02, 0x0)
ioctl$DVD_READ_STRUCT(r1, 0x5327, &(0x7f0000000440)=@disckey={0x2, 0x0, "82ada47325d97f4913eab67f45f8051b13c07023b811c48ee40657e81cfe62cb92e604e9bcd55086db0a1a2e7095bad10c02b2cc36a07c6373d96b8e942b81021f372d7c9361f3aeb0d5dc6b6451d1bb8fcea706d4a74088b40178f4057a239ac0502a37c2376962cda551df057a61c78a2fd44cb5fd30c40f247d680857a97031e4885cc086f74ffa1e55144d240dde2fbd35e099a6b3761f1cc4e577676efe5f13094991f1ea1d6dcc219f56815a02e3e6427dba1d7cd5ed838575f3e98f353699c52cc4fdd515f4224df8d49d5f67be0a6a7d3b83722e9449133c82b886f742588119d0dc3fe6d69466a03f95d342e31699a6157f9d51e1b9c6542d6c5d60f41aee52512f20b99eae0b38067b9902654f02a0606860ff744f2ccdd5a0ca7c4e231cb65bd4445f4f69cb5bda24a729cfa93270cac3903fff4f77b1cf85cfd044025f61568580c07745860dba20f80d92af0b8f0409c6c9886e12488c56d5411aa0f5e8f6d4c3c14b73afa6934d3ae019bfcebcbf7e293cb79a7dcb588795d496ad2f6cd0a8209904e2ec46d5401f87369780d40be7c370d44da03687716be6dda73c62eeefe6cbe5e381b9716ae6d3ee1af560151b8d341a5f1b8685fca41957a99889eb0f3bd0f7de0ffea71e32a11d703c4783c64c5371034149005de778560f257aca78ec573686447facb7ec185b860be18e41944d1490306df1c953c0a3ffc975b090f219da1084c908907918226cf134faad8a5defe3aa3825df1b24f31275a98d23862b167ab8dc2f2435a284cad8a20e7673d783ad860c3ce5b4fdcf938e12df69c6de088dfe3e98a8270ec8aeb74b0188a8fe22cf6715142bf57aba362230698353dab43eee58419272e8028ac3aefaba63a7c8a25ccba5f519cdc61da88a910f040547d2c9ed601259a1d748d295cf51eaf1ece671807207423ebe64141336ff957445b1b90588582cfab585ae10092e789acd5ed886349404a6241851b8977e7e5ad96c3e2001e7c32f482cf64d871cd44af474471856518f6486a5ccfdcd7a164771c7188e6e0e3b17358befbe217eef0b73fa6cbbe61bb64b2c64d09dd3795e0119353086ef4bcc36abe57d83932c66df9d608678b297c5b0b1e899b532d0c37e7f3cdc7fd68446da2f5d90b02c00511a7429b73b95b51b78fb06e3a97f4e5c4a6bea4ec5a10f279814693aa4917dbba798cee12cabf6091c29b701097b224146ac2e076e90ad2e5acabdd78399ca83c829e00bc4f90b0ec00b1e411e823e1ab31193fe37ef4d1fe977f98e724e224f0354be8398722fe39da436aad0ea8cd70000007c2ba06a63d5edcaf3181dfcc91ee258f9455b5d9a479aaa6da4e5cdf0c40e7c056bd46f741d65f2d51136c0bb35f5573797a896bb5add7798c6f6a7b5d82de1bb1c5976d8c6fb067ad7e590ebea9412fe9f00d9f418be72edddae0749d5eff4b3dd25ccefa46522c5e5b960ad796035bcb582946424e0446f6992cefc5ebdac5f2e97e539e220ee2f1c7c7f233582c186dcddbdfc9ce954d85a29195788a3b8a964f281ce77ff06e771ea139b71da9b583f8ff4d4cb97dddfea34839695b81d97eabc250e2c891aecfbb60580312a57662d4eabd2226c406665a61ff59942e2bd3be82fae938be4c04f95f5159e6098dc1400579153fd1c419a3eac4c5b82ac58928a2f52410e915796e51e0b10fb5d9c70d67d5cd0b03ad8cd459cd15e58675f4875b9676b48aa61ed3c3b3b0e7d67203bc50207be4498aa013892a357dda413013c28479e612d739cb4972a0f19b0d77a04319b4d1786f82dd4a99e6d82f70c27a21733c77be8722a7313bcb7da5c6437bb87e59f56bd9c46c3ad50d691f6856719f1d305c5b57fea18d43228d813f9d91825ca830d748f80a9ccfadccfa4baeb4914b4a60b22478a5b2b7fb1156072179b6233f53e964a8182d6c01422d01ecc7983006d06d63cb19486017ffdf19265f83a6ac3fa1d52f003a7a9996e8e3f9ef23f8188ae5e414a443c5f58b7aa9deb97bc9925727fa9124ab667634d64fdcf9ad9375e5ab09f3e85f0b0dbe39395271f38005d6894aa45e68e51ba137ddba579fb864d65a337f881d6b434ca81cc89703f1ac18b56b7c88e9fdcc94d27c73120841522c4c90298d671a2611e2836ada099e789959372e392746e540b1268c5fdebb19339334f57e647d90691c9111d206db0de1d36fe5458a0a024e89d889e3a3f46d28e221e2c58ed45c502c5d08d837d5aa7fa3a50cedf3193a416b6c10123ed14bf36eb9a5c6f4d321ca1b55d1b98c275ea63c0a4dcef800bc3217ef34114f920e0556d2d30ba65f6ae443e4c9eefae05c1f4e2b3faae316f5658571aabbd80db226c5f10d3bf7ba6af81e0795239631a1de0eded351e10d43c38a1df20822d75b6bd5c3ccf21773f8250491b024fcb038ec487fe4b11a75df141483ab51db87be21aa37dd9f37a19367b6313d0bb175c1eeca0c0dc437053ba40385de089c7d06dbfa89851073aeb384bfa805abc50d756305520987ef57db25d7bc4a7841df5b83acf6b40292f46cdad7371b03ab7521cdce4953c932283e784f8ea4ce223746e23b6e100000080f7018db08ada6387e434bb95bae0ef1855dfb39c4b92b418a8bf81327da288cf01270ec2e9a33a21dc3a1f5dc4d0830aeaf7fe1a95d61fa81440205dea9f9cd0e25518035a5a06cc25a60aec547a79eee39941d6df6485aba011e8cdcccee0594769513133d18803e997fc543bcbc267ee0a253f287849619ec2e99daab97a83b622b44c08debfa5e18b62526f15958550390965013992d113275ae2d4ad32ef877b75006d9480809c1400"})
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f0000000280)=@v2={0x2, @aes128, 0x0, '\x00', @d})
write$hidraw(r1, &(0x7f0000000240), 0x0)
timer_create(0x7, &(0x7f0000000180)={0x0, 0x37, 0x1, @thr={&(0x7f0000000240)="6da7b92f9e8fbd41cd4f564e691f378132", &(0x7f0000000d80)="fb9b367de0a707712438c98f35b52b6bb55ab4df74510f653ec2ae47b27016af00f9a91e8882cb953b8382b8b0890b4bed3333fabae3daf019a2d074d24da371b1042f05000000000000002b897165ccd7afea48e680ba91c1bf0017eee18fc6ce88daf6cd4dd47e5c5b67dde21b31ec50282a9f27c0b1475085cf02cc4dae1d892ae4465985de7aa916227382e6373c0cf68bdef6b3ac34560933ddc5493e999099a70d57dba40e26850772eb95b2671cf9071fc3e32ee62a501057fad261f6202f6df0598bd3b4e44e0046344c6a11ff381a"}}, &(0x7f00000002c0))
timer_create(0x3, &(0x7f0000000000)={0x0, 0x1c, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000040)=<r2=>0x0)
ioctl$CDROMSEEK(0xffffffffffffffff, 0x5316, &(0x7f0000000140)={0x81, 0x2, 0x1c, 0xff, 0x8})
fcntl$setstatus(0xffffffffffffffff, 0x4, 0x0)
timer_settime(r2, 0x0, &(0x7f0000000480), 0x0)
socket$netlink(0x10, 0x3, 0x0)
read(0xffffffffffffffff, &(0x7f0000000080)=""/65, 0x41)
timer_gettime(r2, &(0x7f0000000080))
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r0, 0x40089413, &(0x7f0000000100)=0xfffffffffffff801)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000c80)=ANY=[@ANYBLOB="010600000900000000000000758e99e8c58ac13a548deab865aecfe823e8d5545b6cf57aa85897db1b3350b8ed2547496c1442547a5d2ecd5d80bbb6b4f5acd6d7d2ca93a6e6d152aec8bd05c6981c5b", @ANYRES32=r0, @ANYRES32, @ANYBLOB="8859858e4b39ef61e3d75843b63b00bc0b3121a2d3cc0b63c07297580e4fa94cc832622a3f65c2afc08a04220435ee633791c9129bff7ac90ce5e0d979670c713a9d343c4efaa6fa2df5202cf91e67b6d00f773ab9565dbfe65e46735af248b5e4cdd53faa6354a3d669bc1f2c5d8d75fb49035be59e8f1fb3a5cd05ab2e92a35f809ff9605ae44f3313c38eb2fd9b82485495f1bb68cb4faf84736ea56e32d3"])
clone3(&(0x7f00000001c0)={0x40182300, 0x0, 0x0, 0x0, {0x34}, 0x0, 0x0, 0x0, 0x0}, 0x58)
04:15:15 executing program 1:
ioctl$sock_inet_tcp_SIOCOUTQNSD(0xffffffffffffffff, 0x894b, &(0x7f0000000300))
pipe(0x0)
perf_event_open(&(0x7f0000001d80)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5e, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x800}, 0x0, 0x0, 0x1002, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890d, &(0x7f00000000c0)={0x0, {0x2, 0x0, @remote={0xac, 0x14, 0x15}}, {0x2, 0x0, @loopback}, {0x2, 0x0, @broadcast}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f00000003c0))
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'})
r2 = creat(&(0x7f0000000240)='./file0\x00', 0x49)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000140)={@in={{0x2, 0x0, @remote}}, 0x0, 0x0, 0x4f, 0x0, "3c1c2fd629c4af55a8680f7a892e0865c7fbba0cdfa184016bc00618cdb5732d900802764f98b1af0cd43f34e89ab87a13a460acbb4433cb8a7aaa5797c2f5b5cc15058fbbef4c13daa3094bf3e22ec6"}, 0xd8)
r3 = syz_io_uring_setup(0x40d2, &(0x7f0000000280)={0x0, 0x18d7, 0x20, 0x2001, 0xd2, 0x0, r2}, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000340), &(0x7f0000000380))
fcntl$setlease(r3, 0x400, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040), 0x4)
sendmmsg(r0, &(0x7f0000003bc0), 0x0, 0x20040080)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
fstatfs(r1, &(0x7f0000002e00)=""/4102)
r4 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f00000000c0)={0x0, 0xfffefffffffffffd})
VM DIAGNOSIS:
04:15:15 Registers:
info registers vcpu 0
RAX=dffffc0000000005 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9
RSI=ffffffff822dda4c RDI=ffffffff879f1140 RBP=ffffffff879f1100 RSP=ffff88806ce09cd8
R8 =0000000000000001 R9 =0000000000000003 R10=ffffed100d9c138c R11=0000000000000001
R12=0000000000000000 R13=0000000000000000 R14=0000000000000001 R15=ffffffff879f1150
RIP=ffffffff822ddaa0 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007f98ce94d700 00000000 00000000
GS =0000 ffff88806ce00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000001000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=00007f98ce94cf78 CR3=000000004d11a000 CR4=00350ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=ffffffffffffffffffffffffffffff00 XMM05=00000000000000000000000000000000
XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000
XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000
info registers vcpu 1
RAX=0000000000040000 RBX=0000000000000001 RCX=ffffc9000500f000 RDX=0000000000040000
RSI=ffffffff8135eb04 RDI=0000000000000005 RBP=ffff888048c7f798 RSP=ffff888048c7f6c0
R8 =0000000000000001 R9 =ffff88806ce3c207 R10=0000000000000000 R11=0000000000000001
R12=0000000000000000 R13=0000000000000200 R14=1ffff1100918fedc R15=0000000000000040
RIP=ffffffff8135eb06 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 00000000 00000000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA]
DS =0000 0000000000000000 00000000 00000000
FS =0000 00007fde311f9700 00000000 00000000
GS =0000 ffff88806cf00000 00000000 00000000
LDT=0000 fffffe0000000000 00000000 00000000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT= fffffe0000048000 0000007f
IDT= fffffe0000000000 00000fff
CR0=80050033 CR2=0000555571c84c58 CR3=000000001a9bc000 CR4=00350ee0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00000000000000000000000000000000 XMM01=ffffffffffffffffffffffffffffffff
XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000
XMM04=000000000000000000000000000000ff XMM05=00000000000000000000000000000000
XMM06=0000000000000000000000524f525245 XMM07=00000000000000000000000000000000
XMM08=000000000000000000524f5252450040 XMM09=00000000000000000000000000000000
XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000
XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000
XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000